static void Main(string [] args)
{
settings st1 = new settings();
functions fn1 = new functions();
results rs1 = new results();
st1.baseKey = "SOFTWARE\\OLPL";
st1.appKey = "PC-Sec";
fn1.regCreateKeys(st1);
st1 = fn1.getSettings(st1);
st1.logFile = @"c:\temp\log.txt";
st1.mode = 1;
st1.resultURL = "https://api.olpl.org/api/sec";
if (args.Length > 0)
{
if (args[0].ToUpper() == "ADMIN")
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
Application.Run(new Form1());
}
}
else
{
Console.WriteLine("Run application on client");
rs1 = fn1.checkMaintUser(st1,rs1);
rs1.Result_Admin_User = fn1.checkAdministrator(st1, "Administrator");
rs1.Result_Admin_Group = fn1.checkAdministrators(st1);
fn1.sendResults(st1, rs1);
Thread.Sleep(6000);
Application.Exit();
}
}
public string checkAdministrators(settings st1)
{
string str1 = "";
try
{
DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
DirectoryEntry admGroup = localMachine.Children.Find("administrators", "group");
object members = admGroup.Invoke("members", null);
foreach (object groupMember in (IEnumerable)members)
{
DirectoryEntry member = new DirectoryEntry(groupMember);
str1 = str1 + " " + member.Name + " ; ";
}
}
catch (Exception e)
{
writeToFile(e.Message, st1);
return "Error";
}
return str1;
}
public string checkAdministrator(settings st1,string userName)
{
try
{
PrincipalContext ctx = new PrincipalContext(ContextType.Machine);
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, userName);
if ((bool)user.Enabled)
{
user.Enabled = false;
user.Save();
DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
DirectoryEntry HostedUser = AD.Children.Find(userName, "user");
HostedUser.Invoke("SetPassword", new object[] { decryptByte(st1.adminPass) });
HostedUser.Close();
AD.Close();
return "Warning -- " + userName + " is Enabled -- Fixed";
}
else
{
DirectoryEntry AD = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
DirectoryEntry HostedUser = AD.Children.Find(userName, "user");
HostedUser.Invoke("SetPassword", new object[] { decryptByte(st1.adminPass) });
HostedUser.Close();
AD.Close();
return "OK";
}
}
catch (Exception e)
{
writeToFile(e.Message, st1);
return "Error";
}
}
public results checkMaintUser(settings st1, results rs1)
{
PrincipalContext ctx = new PrincipalContext(ContextType.Machine);
string str1 = "";
bool changePass = true;
// find a user
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, decryptByte(st1.adminName));
if (user == null)
{
changePass = false;
PrincipalContext systemContext = null;
systemContext = new PrincipalContext(ContextType.Machine, null);
UserPrincipal userPrincipal = new UserPrincipal(systemContext);
userPrincipal.Name = decryptByte(st1.adminName);
userPrincipal.DisplayName = "IT Administrative User";
userPrincipal.PasswordNeverExpires = true;
userPrincipal.SetPassword(decryptByte(st1.adminPass));
userPrincipal.Enabled = true;
userPrincipal.Save();
GroupPrincipal groupPrincipal = null;
groupPrincipal = GroupPrincipal.FindByIdentity(systemContext, "Administrators");
groupPrincipal.Members.Add(userPrincipal);
groupPrincipal.Save();
RegistryKey rk = Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey, true);
rk.SetValue("p1-1", st1.adminPass, RegistryValueKind.Binary);
rk.SetValue("pC", DateTime.Now.ToString(),RegistryValueKind.String);
rs1.Resutl_User_Pass_Changed = DateTime.Now.ToString();
str1 =str1+ " not found Created";
}
else
{
str1 = str1 + " Found";
PrincipalContext systemContext = null;
systemContext = new PrincipalContext(ContextType.Machine, null);
GroupPrincipal groupPrincipal = null;
groupPrincipal = GroupPrincipal.FindByIdentity(systemContext, "Administrators");
if (groupPrincipal.Members.Contains(systemContext, IdentityType.SamAccountName, decryptByte(st1.adminName)))
{
str1 = str1 + " Administrator";
}
else
{
UserPrincipal usr = UserPrincipal.FindByIdentity(systemContext, decryptByte(st1.adminName));
groupPrincipal.Members.Add(usr);
groupPrincipal.Save();
str1 = str1 + " not Administrator";
}
}
if (ByteArrayCompare(st1.adminPass,st1.adminPass1)!=true && changePass==true)
{
try
{
str1 = str1 + " Password does not match";
PrincipalContext systemContext = null;
systemContext = new PrincipalContext(ContextType.Machine, null);
UserPrincipal usr = UserPrincipal.FindByIdentity(systemContext, decryptByte(st1.adminName));
usr.ChangePassword(decryptByte(st1.adminPass1), decryptByte(st1.adminPass));
RegistryKey rk = Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey, true);
rk.SetValue("p1-1", st1.adminPass, RegistryValueKind.Binary);
rk.SetValue("pC", DateTime.Now.ToString(), RegistryValueKind.String);
rs1.Resutl_User_Pass_Changed = DateTime.Now.ToString();
}
catch(Exception e)
{
str1 = e.Message;
}
}
else { str1 = str1 + " Password OK"; }
rs1.Result_Maint_User = str1;
return rs1;
}
public bool writeToFile(string str1,settings st1)
{
File.WriteAllText(st1.logFile, str1);
return true;
}
public bool sendResults(settings st1,results rs1)
{
try
{
using (WebClient client = new WebClient())
{
if (rs1.Result_Admin_Group == null) { rs1.Result_Admin_Group = "Not Reported"; }
if (rs1.Result_Admin_User == null) { rs1.Result_Admin_User = "******"; }
if(rs1.Resutl_User_Pass_Changed == null){ rs1.Resutl_User_Pass_Changed = st1.timeChanged; }
NameValueCollection vals = new NameValueCollection();
vals.Add("CPUName", Environment.MachineName);
vals.Add("Result_Admin_Group", rs1.Result_Admin_Group);
vals.Add("Result_Admin_User", rs1.Result_Admin_User);
vals.Add("Result_Maint_User", rs1.Result_Maint_User);
vals.Add("Result_User_Pass_Changed", rs1.Resutl_User_Pass_Changed);
client.Credentials = new NetworkCredential(decryptByte(st1.connectUser), decryptByte(st1.connectPass), "olpl");
client.UploadValues(st1.resultURL, vals);
}
}
catch (Exception e)
{
writeToFile(e.Message, st1);
return false;
}
return true;
}
public bool regCreateKeys(settings st1)
{
try
{
if (Registry.LocalMachine.OpenSubKey(st1.baseKey) == null)
{
Registry.LocalMachine.CreateSubKey(st1.baseKey);
}
if (Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey) == null)
{
Registry.LocalMachine.CreateSubKey(st1.baseKey + "\\" + st1.appKey);
}
}
catch(Exception e)
{
writeToFile(e.Message, st1);
}
return true;
}
public settings getSettings(settings st1)
{
try
{
RegistryKey rk = Registry.LocalMachine.OpenSubKey(st1.baseKey + "\\" + st1.appKey, false);
st1.adminName = (byte[])rk.GetValue("u1");
st1.adminPass = (byte[])rk.GetValue("p1");
st1.connectPass = (byte[])rk.GetValue("p2");
st1.connectUser = (byte[])rk.GetValue("u2");
st1.adminPass1 = (byte[])rk.GetValue("p1-1");
st1.timeChanged= (string)rk.GetValue("pC");
}
catch (Exception e)
{
writeToFile(e.Message, st1);
}
return st1;
}