private void Update_Rule(object sender, RoutedEventArgs e)
{
//checks if changes were made
if (!string.Equals(txt_1.Text, initialvalues[0]) || !string.Equals(txt_2.Text, initialvalues[1]) || !string.Equals(txt_2.Text, initialvalues[2]))
{
string Name = rule.GetName();
string Type = "0";
switch (rule.GetRuleType())
{
case "ProcessSpawn":
Type = "2";
break;
case "DllLoad":
Type = "3";
break;
case "CommandLine":
Type = "4";
break;
default:
break;
}
Delete(Name, Type);
if (rule is ProcessSpawnRule)
{
if (string.Equals(txt_3.Text, String.Empty))
{
new ProcessSpawnRule(txt_1.Text, txt_2.Text, null).createRule();
}
else
{
new ProcessSpawnRule(txt_1.Text, txt_2.Text, txt_3.Text.Split(',')).createRule();
}
}
else if (rule is DllLoadRule)
{
if (string.Equals(txt_3.Text, String.Empty))
{
new DllLoadRule(txt_1.Text, txt_2.Text, null).createRule();
}
else
{
new DllLoadRule(txt_1.Text, txt_2.Text, txt_3.Text.Split(',')).createRule();
}
}
else if (rule is CommandArgRule)
{
new CommandArgRule(txt_1.Text, txt_2.Text, txt_3.Text).createRule();
}
}
MessageBox.Show("Updated Rule");
this.Close();
}
public UpdateRule(DetectionRule input_rule)
{
rule = input_rule;
InitializeComponent();
txt_1.Text = rule.GetName();
switch (rule.GetRuleType())
{
case "ProcessSpawn":
ProcessSpawnRule procrule = (ProcessSpawnRule)rule;
Label_2.Content = "Process Name";
txt_2.Text = procrule.GetProcessName();
Label_3.Content = "Parent Processs";
txt_3.Text = procrule.GetParentProcess();
break;
case "DllLoad":
DllLoadRule dllrule = (DllLoadRule)rule;
Label_2.Content = "DLL Name";
txt_2.Text = dllrule.GetDllName();
Label_3.Content = "Allowed Processes";
txt_3.Text = dllrule.GetAllowedProcess();
break;
case "CommandLine":
CommandArgRule cmdrule = (CommandArgRule)rule;
Label_2.Content = "Process Name";
txt_2.Text = cmdrule.GetProcessName();
Label_3.Content = "Arguements";
txt_3.Text = cmdrule.GetArguement();
break;
default:
break;
}
initialvalues = new string[] { txt_1.Text, txt_2.Text, txt_3.Text };
}