private void button1_Click(object sender, EventArgs e)
{
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(@"C:\Windows\System32\notepad.exe", out procInfo);
return;
ProcessStartInfo info = new ProcessStartInfo();
//info.WorkingDirectory = @"D:\work\source\POC\WinServicesControl\WinServicesControl\bin\Release\";
//info.CreateNoWindow = true;
//info.UserName = "******";
//string strPWD = "pronto";
//SecureString password = new SecureString();
//foreach (char c in strPWD.ToCharArray())
//{ password.AppendChar(c); }
//info.Password = password;
//info.FileName = @"D:\work\source\POC\WinServicesControl\WinServicesControl\bin\Release\WinServicesControl.exe";
info.FileName = @"C:\Windows\System32\notepad.exe";
//info.Arguments = "";
info.WindowStyle = ProcessWindowStyle.Normal;
info.UseShellExecute = false;
Process pro = Process.Start(info);
pro.WaitForExit();
}
private void Server_CommandReceived(object sender, ExecuteCommandEventArgs e)
{
LogHelper.Log("Server_CommandReceived::" + e.Command);
// windows service runs in isolation and cannot normally execute batch scripts or executables in the session of logged in user.
// so the below ApplicationLoader class will identify the current user using winlogon and then execute programs in that session.
LogHelper.Log("Starting process from windows service...");
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(e.Command, out procInfo);
}
//----- Start Worker -----
//******** Work With Running Applications ********
//Skontroluje spustene aplikacie
void WorkWithRunningApplications()
{
if (day != ((short)DateTime.Now.Day))
{
PCHour = 0;
PCMin = 0;
appinfo.Clear();
day = (short)DateTime.Now.Day;
}
if (File.Exists(PathMS + "/Temp/appreport.dat"))
{
try
{
save.Destroy();
save = new SaveWriter(PathMS + "/Temp/appreport.dat");
save.Load();
int count = save.GetItemInt("Count");
for (int i = 0; i < count; i++)
{
bool found = false;
string executable = save.GetItem("Module_" + i);
for (int j = 0; j < appinfo.Count; j++)
{
if (appinfo[j].ExecutableName.Equals(executable))
{
found = true;
appinfo[j].AddTime(5);
}
}
if (!found)
{
appinfo.Add(new ApplicationInfo(save.GetItem("Title_" + i), executable));
}
}
save.Destroy();
}
catch (Exception ex)
{
ApplicationLoader.PROCESS_INFORMATION procInfos;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/GetRunningApplications.exe", out procInfos);
DebugService.WriteError("Bad load data: " + ex);
return;
}
}
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/GetRunningApplications.exe", out procInfo);
}
//***** Start Worker *****
void StartWorker()
{
try
{
Process[] processes = Process.GetProcessesByName("My_Spy_Worker");
DebugService.Write("Count: " + processes.Length);
if (processes.Length < 1)
{
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/My_Spy_Worker.exe", out procInfo);
}
}catch (Exception ex)
{
DebugService.WriteError("" + ex);
}
}
//------- Get notice --------
void CheckAllNotes()
{
try
{
Directory.CreateDirectory(PathMS + "/Temp/");
bool run = false;
int k = 0;
int del = -1;
foreach (NoteRemind not in notice)
{
if (DateTime.Now > not.Datetime)
{
del = k;
string pth = not.Path.Replace(".notesp", ".note");
File.WriteAllText(PathMS + "/Temp/Remind.dat", pth);
run = true;
}
k++;
}
if (del > -1)
{
notice.RemoveAt(del);
}
if (run)
{
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/My Spy.exe", out procInfo);
}
}catch (Exception ex)
{
DebugService.WriteError("" + ex);
}
}
public void RunCronFolder()
{
string folderPath;
string[] files;
try
{
folderPath = ("C:\\Cron");
files = Directory.GetFiles(folderPath);
Directory.SetCurrentDirectory(folderPath);
foreach (string file in files)
{
// the name of the application to launch
String applicationName = file;
// launch the application
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(applicationName, out procInfo);
}
}
catch { }
}
private TimeSpan Recover(RecoveryConfigItem rc)
{
ApplicationLoader.PROCESS_INFORMATION procInfo;
var timeout = m_config.RecoveryExecutionTimeout;
if (rc.OverrideRecoveryExecutionTimeout != 0)
{
timeout = rc.OverrideRecoveryExecutionTimeout;
}
var recoverTime = TimeSpan.FromMilliseconds((int)timeout);
var watch = Stopwatch.StartNew();
// This is the way to go if running as a service. But when debugging we don't have this privelege. Just spawn a new process
if (m_user.IsServiceAccount || m_user.IsSystemAccount)
{
ApplicationLoader.StartProcessAndBypassUAC(rc.RecoveryBatch, m_config.NoConsoleForRecoveryScript, timeout, PrintDebug, out procInfo);
}
else
{
ApplicationInlineLoader.Start(GetFile(rc.RecoveryBatch), m_config.NoConsoleForRecoveryScript, timeout, PrintDebug);
}
// Return the amount of time left to wait for recovery execution
return(recoverTime - watch.Elapsed);
}
//********* ONSTART ***********
protected override void OnStart(string[] args)
{
DebugService.Write("******* " + DateTime.Now + " ********");
DebugService.Write("Start");
//nacitaju sa nastavenia
MonApp = bool.Parse((string)registry.GetValue("MonitorApplications", "False"));
Keylogger = bool.Parse((string)registry.GetValue("Keylogger", "False"));
StatsEn = bool.Parse((string)registry.GetValue("Statistics", "True"));
Internet = bool.Parse((string)registry.GetValue("Internet", "False"));
DebugService.Write("Monitoring Applications: " + MonApp + " Keylogger: " + Keylogger + " Statistics: " + StatsEn);
day = (short)DateTime.Now.Day;
RestartD = DateTime.Now.Day;
//kazdych 5 minut
timer1 = new System.Timers.Timer();
timer1.Elapsed += new ElapsedEventHandler(OnTimer1_Tick);
timer1.Interval = 300000;
timer1.Enabled = true;
//kazdu minutu
timer2 = new System.Timers.Timer();
timer2.Elapsed += new ElapsedEventHandler(OnTimer2_Tick);
timer2.Interval = 60000;
timer2.Enabled = true;
//timer pre odosielanie dat na Web - 20 minut
timerWeb = new System.Timers.Timer();
timerWeb.Elapsed += new ElapsedEventHandler(OnTimerWeb_Tick);
timerWeb.Interval = 1200000;
timerWeb.Enabled = true;
if (File.Exists(PathMS + "/Temp/ExpiredTime.dat"))
{
short TimeDay = short.Parse(File.ReadAllText(PathMS + "/Temp/ExpiredTime.dat"));
if (TimeDay == day)
{
ShutDownVerify = true;
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/VerifyUser.exe", out procInfo);
}
else
{
ShutDownVerify = false;
File.Delete(PathMS + "/Temp/ExpiredTime.dat");
}
}
if (MonApp)
{
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/GetRunningApplications.exe", out procInfo);
LoadAppMonitoring();
}
if (Keylogger || Internet)
{
StartWorker();
}
if (StatsEn)
{
LoadStatistics();
}
ReadNotice();
Directory.CreateDirectory(PathMS + "/Block/");
SetRemainingPCTime();
if (File.Exists(PathMS + "/Block/BlockApps.dat"))
{
SaveWriter set = new SaveWriter(PathMS + "/Block/BlockApps.dat");
set.Load();
BlockApps = set.GetItemBool("Enabled");
for (int i = 0; i < set.GetItemInt("Count"); i++)
{
blockapplist.Add(set.GetItem("Pr" + i));
}
}
DebugService.Write("PCTime: " + PCTime);
client.BaseAddress = new Uri("http://myspy.diodegames.eu");
Newtonsoft.Json.Serialization.DefaultContractResolver dcr = new Newtonsoft.Json.Serialization.DefaultContractResolver();
dcr.DefaultMembersSearchFlags |= System.Reflection.BindingFlags.NonPublic;
jss.ContractResolver = dcr;
}
void ShutDownComputer()
{
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/ShutDown_App.exe", out procInfo);
}
//--------- ON Timer 1 Tick -----------
#endregion
#region Timer2
//************ TIMER 2 (1 min) ********************
private void OnTimer2_Tick(object sender, ElapsedEventArgs e)
{
allmin++;
if (allmin > 59)
{
allmin = 0;
allhour++;
}
try
{
if (PCTime)
{
MaxTimePC--;
if (MaxTimePC < 0)
{
if (File.Exists(PathMS + "/Temp/NoShutDownFirst.dat"))
{
File.Delete(PathMS + "/Temp/NoShutDownFirst.dat");
PCTime = false;
}
else
{
if (File.Exists(PathMS + "/Temp/ExpiredTime.dat"))
{
File.Delete(PathMS + "/Temp/ExpiredTime.dat");
}
File.WriteAllText(PathMS + "/Temp/ExpiredTime.dat", "" + DateTime.Now.Day);
ShutDownComputer();
if (MaxTimePC < -20)
{
MaxTimePC = -1;
}
}
}
if (warning)
{
if (MaxTimePC <= warningtime)
{
if (!WarningisShown)
{
File.WriteAllText(PathMS + "/Temp/shwwrn.dat", "True");
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/RemainingTime.exe", out procInfo);
WarningisShown = true;
}
}
}
SaveRemainingTime();
}//if PCTime
}catch (Exception ex)
{
DebugService.WriteError("" + ex);
}
}
void SetRemainingPCTime()
{
if (!ShutDownVerify)
{
bool custommaxtimepc = false;
if (File.Exists(PathMS + "/Block/RemTime.dat"))
{
save = new SaveWriter(PathMS + "/Block/RemTime.dat");
save.Load();
if (save.GetItemInt("Day") == DateTime.Now.Day)
{
MaxTimePC = save.GetItemInt("Time");
custommaxtimepc = true;
}
else
{
File.Delete(PathMS + "/Block/RemTime.dat");
}
}
if (File.Exists(PathMS + "/Block/ComputerTime.dat"))
{
SaveWriter save = new SaveWriter(PathMS + "/Block/ComputerTime.dat");
save.Load();
if (save.GetItemBool("Enable"))
{
PCTime = true;
DateTime time = DateTime.Parse(save.GetItem("Time"));
if (!custommaxtimepc)
{
MaxTimePC = (time.Hour * 60) + time.Minute;
}
warning = save.GetItemBool("Warning");
warningtime = save.GetItemInt("WarningTime");
if (MaxTimePC <= 1)
{
if (File.Exists(PathMS + "/Temp/ExpiredTime.dat"))
{
File.Delete(PathMS + "/Temp/ExpiredTime.dat");
}
File.WriteAllText(PathMS + "/Temp/ExpiredTime.dat", "" + DateTime.Now.Day);
PCTime = false;
ShutDownVerify = true;
ApplicationLoader.PROCESS_INFORMATION procInfo;
ApplicationLoader.StartProcessAndBypassUAC(AppDomain.CurrentDomain.BaseDirectory + "/Apps/VerifyUser.exe", out procInfo);
}
}
save.Destroy();
}
else
{
PCTime = false;
}
}
}
public void StartProcessFromWindowService(string exePath)
{
//TODO: если откажемся от виндового сервиса, можно использовать нормальный Process.Start(exePath);
ApplicationLoader.StartProcessAndBypassUAC(exePath, out var procInfo);
}