/// <summary> /// Return if are WER file /// </summary> /// <param name="socket">Socket</param> /// <param name="zipCrashData">Crash data</param> /// <param name="isAlive">IsAlive</param> public override bool IsCrashed(TuringSocket socket, out byte[] zipCrashData, out EExploitableResult exploitResult, ITuringMachineAgent.delItsAlive isAlive, TuringAgentArgs e) { zipCrashData = null; if (_Process == null) { exploitResult = EExploitableResult.NOT_DUMP_FOUND; return(false); } // Wait for exit bool isBreak = false; if (_Process != null) { TimeSpan miniwait = TimeSpan.FromMilliseconds(100); foreach (iProcess p in _Process) { try { TimeSpan ts = TimeSpan.FromMilliseconds(p.StartInfo.ExitTimeout.TotalMilliseconds); while (ts.TotalMilliseconds > 0 && (isAlive == null || isAlive.Invoke(socket, e)) && !p.HasExited) { p.WaitForExit((int)miniwait.TotalMilliseconds); ts = ts.Subtract(miniwait); } } catch { } // Check store location for changes if (!isBreak && p.ItsChangedStoreLocation()) { isBreak = true; } } } // Courtesy wait Thread.Sleep(500); // Search logs List <ILogFile> fileAppend = new List <ILogFile>(); if (_FileNames != null) { foreach (string f in _FileNames) { LogFile l = new LogFile(f); if (l.TryLoadFile(TimeSpan.FromSeconds(isBreak ? 5 : 2))) { fileAppend.Add(l); } } } // If its alive kill them if (_Process != null) { foreach (iProcess p in _Process) { try { p.KillProcess(); } catch { } } } // Check exploitability exploitResult = EExploitableResult.NOT_DUMP_FOUND; for (int x = 0, m = fileAppend.Count; x < m; x++) { LogFile dump = (LogFile)fileAppend[x]; if (dump.FileName.ToLowerInvariant().EndsWith(".dmp")) { string log; exploitResult = WinDbgHelper.CheckMemoryDump(dump.Path, out log); if (!string.IsNullOrEmpty(log)) { fileAppend.Add(new MemoryLogFile("exploitable.log", Encoding.UTF8.GetBytes(log))); } } } // Compress to zip byte[] zip = null; if (ZipHelper.AppendOrCreateZip(ref zip, fileAppend.Select(u => u.GetZipEntry())) > 0 && zip != null && zip.Length > 0) { zipCrashData = zip; } return(zipCrashData != null && zipCrashData.Length > 0); }
/// <summary> /// Return crashed data /// </summary> /// <param name="socket">Socket</param> /// <param name="zipCrashData">Crash data</param> /// <param name="exploitResult">Explotation result</param> /// <param name="isAlive">Its alive</param> /// <param name="e">Arguments</param> public virtual bool IsCrashed(TuringSocket socket, out byte[] zipCrashData, out EExploitableResult exploitResult, ITuringMachineAgent.delItsAlive isAlive, TuringAgentArgs e) { throw new NotImplementedException(); }