public ActionResult StartCollection(string Id, bool File, bool Port, bool Service, bool User, bool Registry, bool Certificates, bool Com, bool Firewall, bool Log)
{
CollectCommandOptions opts = new CollectCommandOptions();
opts.RunId = Id.Trim();
opts.EnableFileSystemCollector = File;
opts.EnableNetworkPortCollector = Port;
opts.EnableServiceCollector = Service;
opts.EnableRegistryCollector = Registry;
opts.EnableUserCollector = User;
opts.EnableCertificateCollector = Certificates;
opts.EnableComObjectCollector = Com;
opts.EnableFirewallCollector = Firewall;
opts.EnableEventLogCollector = Log;
opts.DatabaseFilename = DatabaseManager.SqliteFilename;
opts.FilterLocation = "Use embedded filters.";
foreach (BaseCollector c in AttackSurfaceAnalyzerClient.GetCollectors())
{
// The GUI *should* prevent us from getting here. But this is extra protection.
// We won't start new collections while existing ones are ongoing.
if (c.IsRunning() == RUN_STATUS.RUNNING)
{
return(Json(GUI_ERROR.ALREADY_RUNNING));
}
}
AttackSurfaceAnalyzerClient.ClearCollectors();
string Select_Runs = "select run_id from runs where run_id=@run_id";
using (var cmd = new SqliteCommand(Select_Runs, DatabaseManager.Connection, DatabaseManager.Transaction))
{
cmd.Parameters.AddWithValue("@run_id", Id);
using (var reader = cmd.ExecuteReader())
{
while (reader.Read())
{
return(Json(GUI_ERROR.UNIQUE_ID));
}
}
}
Task.Factory.StartNew <int>(() => AttackSurfaceAnalyzerClient.RunCollectCommand(opts));
return(Json(GUI_ERROR.NONE));
}
public ActionResult StartCollection(string Id, bool File, bool Port, bool Service, bool User, bool Registry, bool Certificates, bool Com, bool Firewall, bool Log)
{
CollectCommandOptions opts = new CollectCommandOptions();
opts.RunId = Id?.Trim();
opts.EnableFileSystemCollector = File;
opts.EnableNetworkPortCollector = Port;
opts.EnableServiceCollector = Service;
opts.EnableRegistryCollector = Registry;
opts.EnableUserCollector = User;
opts.EnableCertificateCollector = Certificates;
opts.EnableComObjectCollector = Com;
opts.EnableFirewallCollector = Firewall;
opts.EnableEventLogCollector = Log;
opts.Verbose = Logger.Verbose;
opts.Debug = Logger.Debug;
opts.Quiet = Logger.Quiet;
opts.DatabaseFilename = DatabaseManager.SqliteFilename;
foreach (BaseCollector c in AttackSurfaceAnalyzerClient.GetCollectors())
{
// The GUI *should* prevent us from getting here. But this is extra protection.
// We won't start new collections while existing ones are ongoing.
if (c.RunStatus == RUN_STATUS.RUNNING)
{
return(Json(ASA_ERROR.ALREADY_RUNNING));
}
}
AttackSurfaceAnalyzerClient.ClearCollectors();
if (Id is null)
{
return(Json(ASA_ERROR.INVALID_ID));
}
if (DatabaseManager.GetRun(Id) != null)
{
return(Json(ASA_ERROR.UNIQUE_ID));
}
_ = Task.Factory.StartNew(() => AttackSurfaceAnalyzerClient.RunCollectCommand(opts));
return(Json(ASA_ERROR.NONE));
}