protected override void Produce(object sender, DoWorkEventArgs e)
{
while (!BackgroundThread.CancellationPending)
{
IRequest request;
if (RequestsToExecute.TryDequeue(out request))
{
request.ExecuteSynchronously();
if (request.ReceivedResponseFromServer)
{
ExecutedMultiHashRequestEvent requestEvent =
new ExecutedMultiHashRequestEvent(request);
EventConduit.SendEvent(requestEvent);
System.Diagnostics.Debug.WriteLine(
"Executed request. Result: " + request.GetServerResponse());
}
else
{
RequestsToExecute.Enqueue(request);
System.Diagnostics.Debug.WriteLine(
"Failed to receive response from server. Request requeued.");
}
}
// VirusTotal API request limit is 4 requests per minute,
// which means we must wait at least 15 seconds.
Thread.Sleep(15000);
}
e.Cancel = true;
}
protected override void Produce(object sender, DoWorkEventArgs e)
{
while (!BackgroundThread.CancellationPending)
{
Thread.Sleep(1000);
if (!RequestFactory.IsApiKeyValid)
{
Log.Error("VirusTotal API key is invalid. Please set the API key");
Thread.Sleep(5000);
continue;
}
if (!PendingApplications.IsEmpty)
{
MultiHashRequest multiHashRequest = RequestFactory.GetMultiHashRequest();
foreach (var item in PendingApplications)
{
if (BackgroundThread.CancellationPending)
{
break;
}
else
{
IApplication application;
if (PendingApplications.TryDequeue(out application))
{
if (multiHashRequest.AddApplication(application))
{
Log.Info("Added '" + application.Name + "' to the request");
}
else
{
Log.Debug("Requeued application because the request is full: "
+ application.Name);
// Requeue the application if the hash request is full.
PendingApplications.Enqueue(application);
break;
}
}
}
}
if (BackgroundThread.CancellationPending)
{
break;
}
else
{
Log.Info("Building multi hash request...");
multiHashRequest.Build();
IEvent multiHashRequestEvent = new MultiHashRequestEvent(multiHashRequest);
EventConduit.SendEvent(multiHashRequestEvent);
}
}
}
e.Cancel = true;
}
public override void OnEvent(IEvent _event)
{
EventType eventType = _event.GetEventType();
switch (eventType)
{
case EventType.Connection:
ConnectionEvent connectionEvent = (ConnectionEvent)_event;
IApplication application = new WindowsApplication(connectionEvent.Connection);
EventConduit.SendEvent(new WindowsApplicationEvent(application));
break;
}
}
protected override void Produce(object sender, DoWorkEventArgs e)
{
Netstat.Daemon netstatDaemon = new Netstat.Daemon();
if (netstatDaemon.Start())
{
while (!BackgroundThread.CancellationPending && !netstatDaemon.HasExited)
{
IConnection connection = netstatDaemon.TryGetConnection();
if (connection == null)
{
Thread.Sleep(1000);
continue;
}
else
{
ConnectionEvent connectionEvent = new ConnectionEvent(connection);
EventConduit.SendEvent(connectionEvent);
}
}
}
netstatDaemon.Stop();
e.Cancel = true;
}