public static List <Dictionary <string, string> > GetSavedRDPConnections() { List <Dictionary <string, string> > results = new List <Dictionary <string, string> >(); //shows saved RDP connections, including username hints (if present) if (MyUtils.IsHighIntegrity()) { string[] SIDs = Registry.Users.GetSubKeyNames(); foreach (string SID in SIDs) { if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes")) { string[] subkeys = RegistryHelper.GetRegSubkeys("HKU", string.Format("{0}\\Software\\Microsoft\\Terminal Server Client\\Servers", SID)); if (subkeys != null) { //Console.WriteLine("\r\n\r\n=== Saved RDP Connection Information ({0}) ===", SID); foreach (string host in subkeys) { string usernameHint = RegistryHelper.GetRegValue("HKCU", string.Format("Software\\Microsoft\\Terminal Server Client\\Servers\\{0}", host), "UsernameHint"); Dictionary <string, string> rdp_info = new Dictionary <string, string>() { { "SID", SID }, { "Host", host }, { "Username Hint", usernameHint }, }; results.Add(rdp_info); } } } } } else { string[] subkeys = RegistryHelper.GetRegSubkeys("HKCU", "Software\\Microsoft\\Terminal Server Client\\Servers"); if (subkeys != null) { foreach (string host in subkeys) { string usernameHint = RegistryHelper.GetRegValue("HKCU", string.Format("Software\\Microsoft\\Terminal Server Client\\Servers\\{0}", host), "UsernameHint"); Dictionary <string, string> rdp_info = new Dictionary <string, string>() { { "SID", "" }, { "Host", host }, { "Username Hint", usernameHint }, }; results.Add(rdp_info); } } } return(results); }
private static List <Dictionary <string, string> > ListPuttySSHHostKeys() { List <Dictionary <string, string> > results = new List <Dictionary <string, string> >(); // extracts saved putty host keys (via the registry) if (MyUtils.IsHighIntegrity()) { Console.WriteLine("\r\n\r\n=== Putty SSH Host Hosts (All Users) ===\r\n"); string[] SIDs = Registry.Users.GetSubKeyNames(); foreach (string SID in SIDs) { if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes")) { Dictionary <string, object> hostKeys = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\SshHostKeys\\", SID)); if ((hostKeys != null) && (hostKeys.Count != 0)) { Dictionary <string, string> putty_ssh = new Dictionary <string, string>(); putty_ssh["UserSID"] = SID; foreach (KeyValuePair <string, object> kvp in hostKeys) { putty_ssh[kvp.Key] = ""; //Looks like only matters the key name, not the value } results.Add(putty_ssh); } } } } else { Dictionary <string, object> hostKeys = RegistryHelper.GetRegValues("HKCU", "Software\\SimonTatham\\PuTTY\\SshHostKeys\\"); if ((hostKeys != null) && (hostKeys.Count != 0)) { Dictionary <string, string> putty_ssh = new Dictionary <string, string>(); foreach (KeyValuePair <string, object> kvp in hostKeys) { putty_ssh[kvp.Key] = ""; //Looks like only matters the key name, not the value } results.Add(putty_ssh); } } return(results); }
public static Dictionary <string, object> GetRecentRunCommands() { Dictionary <string, object> results = new Dictionary <string, object>(); // lists recently run commands via the RunMRU registry key if (MyUtils.IsHighIntegrity()) { string[] SIDs = Registry.Users.GetSubKeyNames(); foreach (string SID in SIDs) { if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes")) { results = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU", SID)); } } } else { results = RegistryHelper.GetRegValues("HKCU", "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU"); } return(results); }
public static void ListSavedRDPConnections() { string[] SIDs = Registry.Users.GetSubKeyNames(); foreach (string SID in SIDs) { if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes")) { string[] subkeys = GetRegSubkeys("HKU", String.Format("{0}\\Software\\Microsoft\\Terminal Server Client\\Servers", SID)); if (subkeys != null) { string sid = ("\r\n\r\n=== Saved RDP Connection Information (" + SID + ") ==="); foreach (string host in subkeys) { string username = GetRegValue("HKCU", String.Format("Software\\Microsoft\\Terminal Server Client\\Servers\\{0}", host), "UsernameHint"); if (username != "") { string RDPConnections = sid + "\r\n" + username + "\r\n" + host + "\r\n"; BasisInfo.TxtWriter(RDPConnections, "SavedRDPConnections"); } } } } } }
private static Dictionary <string, List <string> > GetIEHistFav() { int lastDays = 90; Dictionary <string, List <string> > results = new Dictionary <string, List <string> >() { { "history", new List <string>() }, { "favorites", new List <string>() }, }; DateTime startTime = System.DateTime.Now.AddDays(-lastDays); try { if (MyUtils.IsHighIntegrity()) { string[] SIDs = Registry.Users.GetSubKeyNames(); foreach (string SID in SIDs) { if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes")) { Dictionary <string, object> settings = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLs", SID)); if ((settings != null) && (settings.Count > 1)) { foreach (KeyValuePair <string, object> kvp in settings) { byte[] timeBytes = RegistryHelper.GetRegValueBytes("HKU", string.Format("{0}\\SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLsTime", SID), kvp.Key.ToString().Trim()); if (timeBytes != null) { long timeLong = (long)(BitConverter.ToInt64(timeBytes, 0)); DateTime urlTime = DateTime.FromFileTime(timeLong); if (urlTime > startTime) { results["history"].Add(kvp.Value.ToString().Trim()); } } } } } } string userFolder = string.Format("{0}\\Users\\", Environment.GetEnvironmentVariable("SystemDrive")); var dirs = Directory.EnumerateDirectories(userFolder); foreach (var dir in dirs) { string[] parts = dir.Split('\\'); string userName = parts[parts.Length - 1]; if (!(dir.EndsWith("Public") || dir.EndsWith("Default") || dir.EndsWith("Default User") || dir.EndsWith("All Users"))) { string userIEBookmarkPath = string.Format("{0}\\Favorites\\", dir); if (Directory.Exists(userIEBookmarkPath)) { string[] bookmarkPaths = Directory.EnumerateFiles(userIEBookmarkPath, "*.url", SearchOption.AllDirectories).ToArray(); if (bookmarkPaths.Length != 0) { foreach (string bookmarkPath in bookmarkPaths) { using (StreamReader rdr = new StreamReader(bookmarkPath)) { string line; string url = ""; while ((line = rdr.ReadLine()) != null) { if (line.StartsWith("URL=", StringComparison.InvariantCultureIgnoreCase)) { if (line.Length > 4) { url = line.Substring(4); } break; } } results["history"].Add(url.ToString().Trim()); } } } } } } } else { Dictionary <string, object> settings = RegistryHelper.GetRegValues("HKCU", "SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLs"); if ((settings != null) && (settings.Count != 0)) { foreach (KeyValuePair <string, object> kvp in settings) { byte[] timeBytes = RegistryHelper.GetRegValueBytes("HKCU", "SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLsTime", kvp.Key.ToString().Trim()); if (timeBytes != null) { long timeLong = (long)(BitConverter.ToInt64(timeBytes, 0)); DateTime urlTime = DateTime.FromFileTime(timeLong); if (urlTime > startTime) { results["history"].Add(kvp.Value.ToString().Trim()); } } } } string userIEBookmarkPath = string.Format("{0}\\Favorites\\", System.Environment.GetEnvironmentVariable("USERPROFILE")); string[] bookmarkPaths = Directory.EnumerateFiles(userIEBookmarkPath, "*.url", SearchOption.AllDirectories).ToArray(); foreach (string bookmarkPath in bookmarkPaths) { using (StreamReader rdr = new StreamReader(bookmarkPath)) { string line; string url = ""; while ((line = rdr.ReadLine()) != null) { if (line.StartsWith("URL=", StringComparison.InvariantCultureIgnoreCase)) { if (line.Length > 4) { url = line.Substring(4); } break; } } results["favorites"].Add(url.ToString().Trim()); } } } } catch (Exception ex) { Beaprint.GrayPrint(string.Format(" [X] Exception: {0}", ex)); } return(results); }
private static List <Dictionary <string, string> > GetPuttySessions() { List <Dictionary <string, string> > results = new List <Dictionary <string, string> >(); // extracts saved putty sessions and basic configs (via the registry) if (MyUtils.IsHighIntegrity()) { Console.WriteLine("\r\n\r\n=== Putty Saved Session Information (All Users) ===\r\n"); string[] SIDs = Registry.Users.GetSubKeyNames(); foreach (string SID in SIDs) { if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes")) { string[] subKeys = RegistryHelper.GetRegSubkeys("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\Sessions\\", SID)); foreach (string sessionName in subKeys) { Dictionary <string, string> putty_sess = new Dictionary <string, string>() { { "User SID", SID }, { "SessionName", sessionName }, { "HostName", "" }, { "PortNumber", "" }, { "UserName", "" }, { "PublicKeyFile", "" }, { "PortForwardings", "" }, { "ConnectionSharing", "" }, { "ProxyPassword", "" }, { "ProxyUsername", "" }, }; string[] keys = { "HostName", "PortNumber", "UserName", "PublicKeyFile", "PortForwardings", "ConnectionSharing", "AgentFwd", "ProxyPassword", "ProxyUsername", }; foreach (string key in keys) { putty_sess[key] = RegistryHelper.GetRegValue("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\Sessions\\{1}", SID, sessionName), key); } results.Add(putty_sess); } } } } else { string[] subKeys = RegistryHelper.GetRegSubkeys("HKCU", "Software\\SimonTatham\\PuTTY\\Sessions\\"); foreach (string sessionName in subKeys) { Dictionary <string, string> putty_sess = new Dictionary <string, string>() { { "SessionName", sessionName }, { "HostName", "" }, { "PortNumber", "" }, { "UserName", "" }, { "PublicKeyFile", "" }, { "PortForwardings", "" }, { "ConnectionSharing", "" }, { "ProxyPassword", "" }, { "ProxyUsername", "" }, }; string[] keys = { "HostName", "PortNumber", "UserName", "PublicKeyFile", "PortForwardings", "ConnectionSharing", "AgentFwd", "ProxyPassword", "ProxyUsername", }; foreach (string key in keys) { putty_sess[key] = RegistryHelper.GetRegValue("HKCU", string.Format("Software\\SimonTatham\\PuTTY\\Sessions\\{0}", sessionName), key); } results.Add(putty_sess); } } return(results); }