internal static void WRITE_Default_SWELF_Reg_Keys() { Microsoft.Win32.RegistryKey key; key = Microsoft.Win32.Registry.LocalMachine.CreateSubKey("Software\\SWELF"); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.First_Run].ToString(), Crypto_Operation.Protect_Data_Value("true")); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.LogCollecter].ToString(), Crypto_Operation.Protect_Data_Value("127.0.0.1")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.LogCollecter_1].ToString(), Encryptions.Protect_Data_Value("127.0.0.1")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.LogCollecter_2].ToString(), Encryptions.Protect_Data_Value("127.0.0.1")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.LogCollecter_3].ToString(), Encryptions.Protect_Data_Value("127.0.0.1")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.LogCollecter_4].ToString(), Encryptions.Protect_Data_Value("127.0.0.1")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.LogCollecter_5].ToString(), Encryptions.Protect_Data_Value("127.0.0.1")); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.Encryption].ToString(), Crypto_Operation.Protect_Data_Value(Crypto_Operation.Generate_Decrypt())); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.logging_level].ToString(), Crypto_Operation.Protect_Data_Value(Settings.Logging_Level_To_Report)); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.output_format].ToString(), Crypto_Operation.Protect_Data_Value("keyvalue")); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.SWELF_Current_Version].ToString(), Crypto_Operation.Protect_Data_Value(Settings.SWELF_Version)); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.SWELF_CWD].ToString(), Crypto_Operation.Protect_Data_Value(Settings.SWELF_CWD)); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.SWELF_FAILED_SEC_CHECK].ToString(), Crypto_Operation.Protect_Data_Value("false")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.central_app_config].ToString(), Crypto_Operation.Protect_Data_Value("")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.central_plugin_search_config].ToString(), Crypto_Operation.Protect_Data_Value("")); // BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.central_search_config].ToString(), Crypto_Operation.Protect_Data_Value("")); //BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.central_whitelist_search_config].ToString(),Crypto_Operation.Protect_Data_Value("")); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.ConsoleAppConfig_CreationDate].ToString(), Crypto_Operation.Protect_Data_Value(File_Operation.GET_CreationTime(Settings.GET_AppConfigFile_Path))); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.ConsoleAppConfig_Contents], Crypto_Operation.Protect_Data_Value(File_Operation.READ_AllText(Settings.GET_AppConfigFile_Path))); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.SearchTerms_File_Contents], Crypto_Operation.Protect_Data_Value(File_Operation.READ_AllText(Settings.GET_SearchTermsFile_Path))); BASE_SWELF_KEY.SetValue(SWELF_Keys[(int)REG_KEY.Logs_Last_Sent], Crypto_Operation.Protect_Data_Value(DateTime.Now.ToString())); }
internal static void ErrorLogging_Level() { try { if (Reg_Operation.CHECK_SWELF_Reg_Key_Exists(Reg_Operation.REG_KEY.logging_level) == false) { Reg_Operation.ADD_or_CHANGE_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level, Settings.AppConfig_File_Args[Settings.SWELF_AppConfig_Args[17]]); } else if (string.IsNullOrEmpty(Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level))) { if (File_Operation.CHECK_File_Encrypted(Settings.GET_AppConfigFile_Path) && File_Operation.GET_CreationTime(Settings.GET_AppConfigFile_Path) == Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.ConsoleAppConfig_CreationDate)) { Reg_Operation.ADD_or_CHANGE_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level, Settings.AppConfig_File_Args[Settings.SWELF_AppConfig_Args[17]]); } else { //error in logic here } } else if (Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level) != Settings.AppConfig_File_Args[Settings.SWELF_AppConfig_Args[17]]) { if (File_Operation.CHECK_File_Encrypted(Settings.GET_AppConfigFile_Path) && File_Operation.GET_CreationTime(Settings.GET_AppConfigFile_Path) == Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.ConsoleAppConfig_CreationDate)) { Reg_Operation.ADD_or_CHANGE_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level, Settings.AppConfig_File_Args[Settings.SWELF_AppConfig_Args[17]]); } else { ErrorsLog.Add("ErrorLogging_Level()" + "Possible Tampering (Reg.Reg_Keys_and_Values[\"logging_level\"] != Settings.AppConfig_File_Args[\"logging_level\"] settings changed to match."); Reg_Operation.ADD_or_CHANGE_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level, Settings.AppConfig_File_Args[Settings.SWELF_AppConfig_Args[17]]); } } else { Settings.Logging_Level_To_Report = Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level); } int index = Array.FindIndex(Severity_Levels, row => row == Settings.Logging_Level_To_Report); Logging_Level_To_Report = Convert.ToInt32(index); } catch (Exception e) { if (Reg_Operation.CHECK_SWELF_Reg_Key_Exists(Reg_Operation.REG_KEY.logging_level)) { Settings.Logging_Level_To_Report = Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level); } else { Settings.Logging_Level_To_Report = Reg_Operation.READ_SWELF_Reg_Key(Reg_Operation.REG_KEY.logging_level); Logging_Level_To_Report = 1; } } }