public static void SendAuditResults(object obj) { ThreadPoolCommonClass common = (ThreadPoolCommonClass)obj; StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); StringBuilder sb = new StringBuilder(); sb.AppendLine(String.Format("AuditJobid: {0}", common.AuditJobId)); sb.AppendLine(String.Format("AuditJobType: {0}", string.Empty)); byte[] headerBytes = BuildHeaders(common.TaskCode, common.Output.Length, UpdateClient.Keys.ElementAt(common.ThreadIndx), sb.ToString()); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, common.Output); } catch (Exception) { } finally { stateObj.Close(); } }
public static void SendAlertMessageToServer(object obj) { ThreadPoolCommonClass common = (ThreadPoolCommonClass)obj; StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); if (common.Output.Length > 0) { byte[] headerBytes = BuildHeaders(common.TaskCode, common.Output.Length, UpdateClient.Keys.ElementAt(common.ThreadIndx)); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, common.Output); } } catch (Exception) { if (common.IsFromAlert && common.Output != null) { FailHandler.AlertFailHandler.InsertInAlertFailed(common.Output); } } finally { stateObj.Close(); } }
public static void SendAuditResults(string taskCode, byte[] output, int auditJobId) { StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); StringBuilder sb = new StringBuilder(); sb.AppendLine(String.Format("AuditJobid: {0}", auditJobId)); sb.AppendLine(String.Format("AuditJobType: {0}", 1)); byte[] headerBytes = BuildHeaders(taskCode, output.Length, sb.ToString()); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, output); } catch (Exception) { } finally { stateObj.Close(); } }
public static void RegisterClientWithServer(object obj) { ThreadPoolCommonClass common = (ThreadPoolCommonClass)obj; SystemConfiguration sysConfig; string tempConfig = Encoding.ASCII.GetString(common.Output); sysConfig = JsonConvert.DeserializeObject <SystemConfiguration>(tempConfig); sysConfig.HostName = common.ThreadIndx.ToString() + sysConfig.HostName + DateTime.Now.ToString(ConstantVariables.DATE_FORMAT); byte[] configByte = Encoding.ASCII.GetBytes(JsonConvert.SerializeObject(sysConfig)); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(common.TaskCode, configByte.Length, string.Empty); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, configByte); string outputMsg = TcpUtil.ReadData(stateObj.ClientStream); if (outputMsg == string.Empty) { IsRegistrationSuccess = false; return; } else { if (outputMsg == "InvalidID") { IsRegistrationSuccess = false; return; } } if (common.ThreadIndx == 0) { ConfigHandler.HostInfoes = new HostInfo(); ConfigHandler.HostInfoes.HostID = SplitHeader(outputMsg); HTTPDataAnalyzer.ConfigHandler.SaveConfigFile(string.Empty); } UpdateClient.TryAdd(SplitHeader(outputMsg), sysConfig.HostName); } catch (Exception ex) { //Registration.ClientRegistrar.Logger.Error(ex); IsRegistrationSuccess = false; } finally { stateObj.Close(); } IsRegistrationSuccess = true; }
public static void SerachJobInServer(string taskCode, byte[] output) { //JobsSearcher.Logger.Info("Enter"); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(taskCode, output.Length); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, output); bool keepAlive = true; while (keepAlive) { string outputMsg = TcpUtil.ReadDataJob(stateObj.ClientStream, out keepAlive); if (!string.IsNullOrEmpty(outputMsg)) { string[] headersAndMsg = SplitConditionAndMessage(outputMsg); if (headersAndMsg[0].StartsWith("AuditTypeId")) { AuditProcessor.ProcessAudit(headersAndMsg); TcpUtil.WriteData(stateObj.ClientStream, Encoding.ASCII.GetBytes("received")); } else { DataTable dt = AnalyzerManager.ProxydbObj.GetTableFromDB(headersAndMsg[0], "PacketDetails"); if (dt != null && dt.Rows.Count > 0) { string tempOut = JsonConvert.SerializeObject(dt); TcpUtil.WriteData(stateObj.ClientStream, Encoding.ASCII.GetBytes(tempOut)); } else { TcpUtil.WriteData(stateObj.ClientStream, Encoding.ASCII.GetBytes(string.Empty)); } } } } } catch (Exception ex) { //JobsSearcher.Logger.Error(ex); } finally { stateObj.Close(); } AuditProcessor.ExistingAudit(); //JobsSearcher.Logger.Info("Exit"); }
public static void SerachJobInServer(object obj) { ThreadPoolCommonClass common = (ThreadPoolCommonClass)obj; StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(common.TaskCode, common.Output.Length, UpdateClient.Keys.ElementAt(common.ThreadIndx)); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, common.Output); bool keepAlive = true; while (keepAlive) { string outputMsg = TcpUtil.ReadDataJob(stateObj.ClientStream, out keepAlive); if (!string.IsNullOrEmpty(outputMsg)) { string[] headersAndMsg = SplitConditionAndMessage(outputMsg); if (headersAndMsg[0] == "WinAudit") { AuditProcessor.ProcessAudit(headersAndMsg); TcpUtil.WriteData(stateObj.ClientStream, Encoding.ASCII.GetBytes("received")); } else { DataTable dt = AnalyzerManager.ProxydbObj.GetTableFromDB(headersAndMsg[0], "PacketDetails"); if (dt != null && dt.Rows.Count > 0) { string tempOut = JsonConvert.SerializeObject(dt); TcpUtil.WriteData(stateObj.ClientStream, Encoding.ASCII.GetBytes(tempOut)); } else { TcpUtil.WriteData(stateObj.ClientStream, Encoding.ASCII.GetBytes(string.Empty)); } } } } } catch (Exception) { } finally { stateObj.Close(); } }
public static void UpdateClientInfo(object updateGetObj) { ThreadPoolCommonClass common = (ThreadPoolCommonClass)updateGetObj; SystemConfiguration sysConfig; string tempConfig = Encoding.ASCII.GetString(common.Output); sysConfig = JsonConvert.DeserializeObject <SystemConfiguration>(tempConfig); string tempHostName; UpdateClient.TryGetValue(UpdateClient.Keys.ElementAt(common.ThreadIndx), out tempHostName); sysConfig.HostName = tempHostName; byte[] configByte = Encoding.ASCII.GetBytes(JsonConvert.SerializeObject(sysConfig)); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(common.TaskCode, configByte.Length, UpdateClient.Keys.ElementAt(common.ThreadIndx)); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, configByte); string outputMsg = TcpUtil.ReadData(stateObj.ClientStream); if (outputMsg == string.Empty) { return; } else { if (outputMsg == "Invalid ID") { } } } catch (Exception ex) { //ConfigurationDetector.Logger.Error(ex); } finally { stateObj.Close(); } }
public static bool RegisterClientWithServer(string taskCode, byte[] output) { //Registration.ClientRegistrar.Logger.Info("Enter"); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(taskCode, output.Length); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, output); string outputMsg = TcpUtil.ReadData(stateObj.ClientStream); if (outputMsg == string.Empty) { return(false); } else { if (outputMsg == "InvalidID") { return(false); } } ConfigHandler.HostInfoes = new HostInfo(); ConfigHandler.HostInfoes.HostID = SplitHeader(outputMsg); HTTPDataAnalyzer.ConfigHandler.SaveConfigFile(string.Empty); } catch (Exception ex) { //Registration.ClientRegistrar.Logger.Error(ex); return(false); } finally { stateObj.Close(); } //Registration.ClientRegistrar.Logger.Info("Exit"); return(true); }
public static bool UpdateClientInfo(string taskCode, byte[] output) { //SystemInfoUpdater.Logger.Info("Enter"); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(taskCode, output.Length); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, output); string outputMsg = TcpUtil.ReadData(stateObj.ClientStream); if (outputMsg == string.Empty) { return(false); } else { if (outputMsg == "Invalid ID") { return(false); } } } catch (Exception ex) { //SystemInfoUpdater.Logger.Error(ex); return(false); } finally { stateObj.Close(); } //SystemInfoUpdater.Logger.Info("Exit"); return(true); }
public static void SearchConfigChangeInServer(string taskCode, byte[] output) { //ConfigurationDetector.Logger.Info("Enter"); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(taskCode, output.Length); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); // TcpUtil.WriteData(stateObj.ClientStream, output); string outputMsg = TcpUtil.ReadData(stateObj.ClientStream); if (outputMsg == string.Empty) { return; } if (outputMsg == "InvalidID") { return; } HTTPDataAnalyzer.ConfigHandler.SaveConfigFile(outputMsg); } catch (Exception ex) { //ConfigurationDetector.Logger.Error(ex); } finally { stateObj.Close(); } //ConfigurationDetector.Logger.Info("Exit"); }
public static void SearchConfigChangeInServer(object obj) { StateObject stateObj = null; ThreadPoolCommonClass common = (ThreadPoolCommonClass)obj; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); byte[] headerBytes = BuildHeaders(common.TaskCode, common.Output.Length, UpdateClient.Keys.ElementAt(common.ThreadIndx)); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, common.Output); string outputMsg = TcpUtil.ReadData(stateObj.ClientStream); if (outputMsg == string.Empty) { return; } if (outputMsg == "InvalidID") { return; } HTTPDataAnalyzer.ConfigHandler.SaveConfigFile(outputMsg); } catch (Exception ex) { //ConfigurationDetector.Logger.Error(ex); } finally { stateObj.Close(); } }
public static bool SendLazyPacketsToServer(string taskCode, byte[] output, bool isFromLazy = true) { //Lazy.//LazyAnalyserSender.Logger.Info("Enter"); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); if (output.Length > 0) { byte[] headerBytes = BuildHeaders(taskCode, output.Length); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, output); } } catch (Exception ex) { //Lazy.//LazyAnalyserSender.Logger.Info(ex); if (isFromLazy && output != null) { FailHandler.LazyFailHandler.InsertInLazyFailed(output); } return(false); } finally { stateObj.Close(); } //Lazy.//LazyAnalyserSender.Logger.Info("Exit"); return(true); }
public static bool SendAlertMessageToServer(string taskCode, byte[] output, bool isFromAlert = true) { //StoredAndForward.Logger.Info("Enter"); StateObject stateObj = null; try { stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); if (output.Length > 0) { byte[] headerBytes = BuildHeaders(taskCode, output.Length); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); TcpUtil.WriteData(stateObj.ClientStream, output); } } catch (Exception ex) { //StoredAndForward.Logger.Error(ex); if (isFromAlert && output != null) { FailHandler.AlertFailHandler.InsertInAlertFailed(output); } return(false); } finally { stateObj.Close(); } //StoredAndForward.Logger.Info("Exit"); return(true); }
public static void SendRegistryFetchResults(string taskCode, winaudits.RegistryFetch ofileFetch) { StateObject stateObj = null; try { int tryCount = 0; StringBuilder sb = new StringBuilder(); sb.AppendLine(String.Format("AuditJobid: {0}", ofileFetch.AuditJobID)); sb.AppendLine(String.Format("AuditJobType: {0}", 3)); string tempPath = ofileFetch.RegistryPath.Replace("\"", string.Empty).Trim("\\".ToCharArray()); stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); while (tryCount < 5) { try { string exportPath32 = Util.Export(ofileFetch.RegistryHive, tempPath, false); sb.AppendLine(String.Format("FileExtension: {0}", ".zip")); var zipStream = new MemoryStream(); var zip = new ZipOutputStream(zipStream); if (exportPath32 != string.Empty && File.Exists(exportPath32)) { zip.PutNextEntry(Path.GetFileName(exportPath32)); byte[] fileContent = File.ReadAllBytes(exportPath32); zip.Write(fileContent, 0, fileContent.Length); } if (Environment.Is64BitOperatingSystem && !tempPath.Contains("Wow6432Node")) { string exportPath64 = Util.Export(ofileFetch.RegistryHive, tempPath, true); if (exportPath64 != string.Empty && File.Exists(exportPath64)) { zip.PutNextEntry(Path.GetFileName(exportPath64)); byte[] fileContent = File.ReadAllBytes(exportPath64); zip.Write(fileContent, 0, fileContent.Length); } } zip.Close(); byte[] buffer = zipStream.ToArray(); byte[] headerBytes = BuildHeaders(taskCode, (long)buffer.Length, sb.ToString()); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); if (buffer.Length > 0) { stateObj.ClientStream.Write(buffer); winaudits.UpdateQuery.UpdateRegistryFetchAuditStatus(2, ofileFetch.AuditJobID); } else { winaudits.UpdateQuery.UpdateRegistryFetchAuditStatus(3, ofileFetch.AuditJobID); tryCount = 5; } break; } catch (Exception ex) { tryCount++; //JobsSearcher.Logger.Error(ex); } } if (tryCount == 5) { byte[] headerBytes = BuildHeaders(taskCode, 0, sb.ToString()); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); winaudits.UpdateQuery.UpdateRegistryFetchAuditStatus(3, ofileFetch.AuditJobID); } byte[] end = Encoding.ASCII.GetBytes("<EOF>"); stateObj.ClientStream.Write(end, 0, end.Length); } catch (Exception ex) { //JobsSearcher.Logger.Error(ex); } finally { stateObj.Close(); } }
public static void SendFileFetchResults(string taskCode, winaudits.FileFetch ofileFetch) { StateObject stateObj = null; string tempPath = ofileFetch.FilePath.Replace("\"", string.Empty); int tryCount = 0; if (!File.Exists(tempPath)) { tryCount = 5; } try { StringBuilder sb = new StringBuilder(); sb.AppendLine(String.Format("AuditJobid: {0}", ofileFetch.AuditJobID)); sb.AppendLine(String.Format("AuditJobType: {0}", 2)); stateObj = new StateObject(); TCPSocket.Connect(stateObj); stateObj.ClientStream.AuthenticateAsClient(m_domainName); while (tryCount < 5) { try { using (FileStream stream = new FileStream(tempPath, FileMode.Open, FileAccess.Read)) { byte[] buffer = new byte[8192]; int bytesRead; sb.AppendLine(String.Format("FileExtension: {0}", Path.GetExtension(tempPath))); byte[] headerBytes = BuildHeaders(taskCode, (long)stream.Length, sb.ToString()); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); while ((bytesRead = stream.Read(buffer, 0, buffer.Length)) > 0) { stateObj.ClientStream.Write(buffer); } } winaudits.UpdateQuery.UpdateFileFetchAuditStatus(2, ofileFetch.AuditJobID); break; } catch (Exception ex) { tryCount++; //JobsSearcher.Logger.Error(ex); } } if (tryCount == 5) { byte[] headerBytes = BuildHeaders(taskCode, 0, sb.ToString()); TcpUtil.WriteHeaderData(stateObj.ClientStream, headerBytes); winaudits.UpdateQuery.UpdateFileFetchAuditStatus(3, ofileFetch.AuditJobID); } byte[] end = Encoding.ASCII.GetBytes("<EOF>"); stateObj.ClientStream.Write(end, 0, end.Length); } catch (Exception ex) { //JobsSearcher.Logger.Error(ex); } finally { stateObj.Close(); } }