public static void StopResearch(string id)
{
Int32 researchId = Convert.ToInt32(id);
//Приведение таблтцы [dbo].[events] в актуальное состояние
//int res1 = ResearchManager.UpdateEnents(researchId);
if (ResearchManager.GetResearch(researchId).State == (Int32)ResearchState.EXECUTING)
{
SandBox.Db.Research research = ResearchManager.GetResearch(researchId);
MLogger.LogTo(Level.TRACE, false, "Stop research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by stop event '");
ResearchManager.UpdateResearchState(researchId, ResearchState.COMPLETING);
//Останаливаем виртуалку
String machineName = VmManager.GetVmName(research.VmId);
Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
SendPacket(packet.ToByteArray());
//Добавил---
ResearchManager.UpdateResearchStopTime(research.Id);
ResearchManager.UpdateResearchState(research.Id, ResearchState.COMPLETED);
//----------
int res1 = ResearchManager.UpdateEnents(researchId);
}
else
{
MLogger.LogTo(Level.TRACE, false, "Unsuccessful attempt to stop research '" /*+ ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "' , research already stopped"*/);
}
//Приведение таблтцы [dbo].[events] в актуальное состояние
int res = ResearchManager.UpdateEnents(researchId);
}
private void GetVmStatus(Int32 id)
{
String machineName = VmManager.GetVmName(id);
Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
_client.Send(packet.ToByteArray());
}
private static void GetVmStatus(String machineName)
{
MLogger.LogTo(Level.TRACE, false, "Get status for " + machineName);
Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
_client.Send(packet.ToByteArray());
}
protected void BtnCreateClick(object sender, EventArgs e)
{
LValidation.Visible = false;
if (tbLir.Text != String.Empty)
{
String newName = (tbLir.Text).Replace(" ", "_");
if (!IsNameInBase(newName))
{
Vm etalon = VmManager.GetVm(Convert.ToInt32(cbEtalon.Value));
String etalonName = etalon.Name;
Int32 etalonEnvType = Convert.ToInt32(etalon.EnvType);
VmManager.AddVm(newName, 2, etalon.System, UserId, etalonEnvType);
Packet packet = new Packet { Type = PacketType.CMD_VM_CREATE, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(etalonName));
packet.AddParameter(Encoding.UTF8.GetBytes(newName));
SendPacket(packet.ToByteArray());
//Vm newVm = VmManager.GetVm(newName);
VmManager.UpdateVmState(newName, (int)VmManager.State.UNAVAILABLE);
Response.Redirect("~/Pages/Information/Resources.aspx");
}
else
{
LValidation.Visible = true;
LValidation.ForeColor = System.Drawing.Color.Red;
LValidation.Text = "Такое имя уже сущеcтвует!";
}
}
else
{
LValidation.Visible = true;
LValidation.ForeColor = System.Drawing.Color.Red;
LValidation.Text = "Имя не может быть пустым!";
}
}
public static void StartVm(Int32 id)
{
String machineName = VmManager.GetVmName(id);
Debug.Print("Start vm: " + machineName);
Packet packet = new Packet { Type = PacketType.CMD_VM_START, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
SendPacket(packet.ToByteArray());
}
public static void FolowMalware(string id)
{
Int32 malwareId = Convert.ToInt32(id);
String malwarePath = MlwrManager.GetPath(malwareId);
Packet packet = new Packet { Type = PacketType.OBJECT_FOLLOW, Direction = PacketDirection.REQUEST };
packet.AddParameter(new byte[] { 0x02 });
packet.AddParameter(Encoding.UTF8.GetBytes(malwarePath));
_client.Send(packet.ToByteArray());
}
protected void BtnLoadClick(object sender, EventArgs e)
{
Int32 malwareId = Convert.ToInt32(Session["malwareId"]);
if (malwareId == 0) return;
String malwarePath = MlwrManager.GetPath(malwareId);
Packet packet = new Packet { Type = PacketType.MALWARE_LOAD, Direction = PacketDirection.REQUEST };
packet.AddParameter(new byte[] { 0x02 });
packet.AddParameter(Encoding.UTF8.GetBytes(malwarePath));
_client.Send(packet.ToByteArray());
}
protected void ASPxButton2_Click(object sender, EventArgs e)
{
var mlwr = MlwrManager.GetMlwr(mlwrID);
string outFileName = String.Format("{0}_inetCheck.report", mlwrID);
Packet packet = new Packet { Type = PacketType.CDM_MLWR_NETCHECK, Direction = PacketDirection.REQUEST };//CDM_MLWR_NETCHECK = 0xD8 Отправить впо на проверку в инет
packet.AddParameter(Encoding.UTF8.GetBytes(String.Format("{0}",mlwrID)));
packet.AddParameter(Encoding.UTF8.GetBytes(outFileName));
packet.AddParameter(Encoding.UTF8.GetBytes(mlwr.Name));
SendPacket(packet.ToByteArray());
Timer1.Enabled = true;
ASPxButton2.Enabled = false;
}
public static void StopVm(Int32 id)
{
Vm vm = VmManager.GetVm(id);
if (vm != null)
{
Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(vm.Name));
SendPacket(packet.ToByteArray());
if (vm.EnvType == 0)
TryDeleteVm(vm.Id);
}
}
public static void StopVm(Int32 id)
{
Vm vm = VmManager.GetVm(id);
if (vm != null)
{
if (vm.EnvType == (int)VmManager.LIRType.LIR)
{
Packet packet = new Packet { Type = PacketType.CMD_VM_STOP_LIR, Direction = PacketDirection.REQUEST };
byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
packet.AddParameter(new[] { envIdBytes[0] });
SendPacket(packet.ToByteArray());
}
else
{
Packet packet = new Packet { Type = PacketType.CMD_VM_STOP, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(vm.Name));
SendPacket(packet.ToByteArray());
if (vm.EnvType == 0) TryDeleteVm(vm.Id);
}
}
}
private void CreateVm(String etalonName, String newName, Int32 type, Int32 system, Int32 userId)
{
VmManager.AddVm(newName, type, system, userId);
UpdateTable();
Packet packet = new Packet { Type = PacketType.VM_CREATE, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(etalonName));
packet.AddParameter(Encoding.UTF8.GetBytes(newName));
SendPacket(packet.ToByteArray());
}
/// <summary>
/// Отправка пакета с запросом для исследования на начало списка файлов в базу
/// </summary>
/// <param name="id">идентификатор исследования</param>
/// <param name="root">начальный каталог для получения списка файлов</param>
protected static void SendGetFiles(int id, String root = "c:\\windows\\*")
{
Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_FILES, Direction = PacketDirection.REQUEST };
packet1.AddParameter(new[] { envIdBytes[0] });
packet1.AddParameter(Encoding.UTF8.GetBytes(root));
SendPacket(packet1.ToByteArray());
}
/// <summary>
/// Отправка пакета с запросом для исследования на начало записи списка процессов в базу
/// </summary>
/// <param name="id">идентификатор исследования</param>
protected static void SendGetProcess(int id)
{
Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_PROCESSES, Direction = PacketDirection.REQUEST };
packet1.AddParameter(new[] { envIdBytes[0] });
SendPacket(packet1.ToByteArray());
}
/// <summary>
/// Отправка пакета с запросом для исследования на начало списка записей реестра в базу
/// </summary>
/// <param name="id">идентификатор исследования</param>
/// <param name="subkey">подветка реестра (здесь уже если надо указать нужно писать строкой к примеру "Software")</param>
/// <param name="rowStartKeyBytes">ветка реестра (0 - HKEY_CLASSES_ROOT, 1- HKEY_CURRENT_USER, 2 - HKEY_LOCAL_MACHINE, 3 - HKEY_USERS, 4 -HKEY_CURRENT_CONFIG;)</param>
protected static void SendGetRegs(int id, String subkey = "",int rowStartKeyBytes = 2)
{
Vm vm = VmManager.GetVm(ResearchManager.GetResearch(id).VmId);
byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
byte[] startKeyBytes = BitConverter.GetBytes(rowStartKeyBytes);
Packet packet1 = new Packet { Type = PacketType.CDM_LOAD_REGS, Direction = PacketDirection.REQUEST };
packet1.AddParameter(new[] { envIdBytes[0] });
packet1.AddParameter(new[] { startKeyBytes[0] });
packet1.AddParameter(Encoding.UTF8.GetBytes(subkey));
SendPacket(packet1.ToByteArray());
}
private void GetVmStatus(Int32 id)
{
String machineName = VmManager.GetVmName(id);
MLogger.LogTo(Level.TRACE, false, "Get status for " + machineName);
VmManager.UpdateVmState(id, (Int32)VmManager.State.UPDATING);
Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
SendPacket(packet.ToByteArray());
}
private static void TryDeleteVm(Int32 id)
{
String machineName = VmManager.GetVmName(id);
Packet packet = new Packet { Type = PacketType.CMD_VM_DELETE, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(machineName));
SendPacket(packet.ToByteArray());
VmManager.DeleteVm(id);
}
/// <summary>
/// Отправка пакета с информацией о паре id исследования и id среды
/// </summary>
/// <param name="rschId">id исследования</param>
/// <param name="envId">id среды</param>
protected static void SendInfoRschIdEnvId(int rschId, int envId)
{
Packet packet = new Packet { Type = PacketType.INF_RSCHID_ENVID, Direction = PacketDirection.REQUEST };
byte[] rschIdBytes = BitConverter.GetBytes(rschId);
byte[] envIdBytes = BitConverter.GetBytes(envId);
packet.AddParameter(new[] { rschIdBytes[0] });
packet.AddParameter(new[] { envIdBytes[0] });
SendPacket(packet.ToByteArray());
}
public static void StartResearch(string id)
{
Int32 researchId = Convert.ToInt32(id);
if (ResearchManager.GetResearch(researchId).State == (Int32)ResearchState.READY)
{
MLogger.LogTo(Level.TRACE, false, "Start research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "'");
ResearchManager.UpdateResearchState(researchId, ResearchState.STARTING);
//**---------------------------------------
Vm vm = VmManager.GetVm(ResearchManager.GetResearch(researchId).VmId);
byte[] envIdBytes = BitConverter.GetBytes(vm.EnvId);
Mlwr mlwr = MlwrManager.GetMlwr(ResearchManager.GetResearch(researchId).MlwrId);
Packet packet1 = new Packet { Type = PacketType.CMD_SET_TARGET, Direction = PacketDirection.REQUEST };
packet1.AddParameter(new[] { envIdBytes[0] });
packet1.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
SendPacket(packet1.ToByteArray());
Packet packet2 = new Packet { Type = PacketType.CMD_SET_OBJECT, Direction = PacketDirection.REQUEST };
packet2.AddParameter(new[] { envIdBytes[0] });
packet2.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
SendPacket(packet2.ToByteArray());
//***********************Посылаем пакет с иформацей о соответствии идентификатора среды и исследования
//SendInfoRschIdEnvId(researchId, vm.EnvId);
//****Установка дополнительных параметров
IQueryable<Task> tasks = TaskManager.GetTasks(researchId);
foreach (var task in tasks)
{
Packet packet = new Packet {Direction = PacketDirection.REQUEST};
switch (task.Type)
{
case (Int32)TaskState.HIDE_FILE:
packet.Type = PacketType.CMD_HIDE_AND_LOCK;
packet.AddParameter(new[] { envIdBytes[0] });
packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.LOCK_FILE:
packet.Type = PacketType.CMD_LOCK_DELETE;
packet.AddParameter(new[] { envIdBytes[0] });
packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.HIDE_REGISTRY:
packet.Type = PacketType.CMD_HIDE_REGISTRY;
packet.AddParameter(new[] { envIdBytes[0] });
packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.HIDE_PROCESS:
packet.Type = PacketType.CMD_HIDE_PROCESS;
packet.AddParameter(new[] { envIdBytes[0] });
packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.SET_SIGNATURE:
packet.Type = PacketType.CMD_SET_SIGNATURE;
packet.AddParameter(new[] { envIdBytes[0] });
packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.SET_EXTENSION:
packet.Type = PacketType.CMD_SET_EXTENSION;
packet.AddParameter(new[] { envIdBytes[0] });
packet.AddParameter(Encoding.UTF8.GetBytes(task.Value));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.SET_BANDWIDTH:
String ip = vm.EnvIp;
Int32 bandwidth = Convert.ToInt32(task.Value);
packet.Type = PacketType.CMD_SET_BANDWIDTH;
packet.AddParameter(Encoding.UTF8.GetBytes(ip));
packet.AddParameter(BitConverter.GetBytes(bandwidth));
SendPacket(packet.ToByteArray());
break;
case (Int32)TaskState.GET_PROCESS:
{
SendGetProcess(researchId);
break;
}
case (Int32)TaskState.GET_FILES:
{
SendGetFiles(researchId, task.Value);
break;
}
case (Int32)TaskState.GET_REGS:
{
Int32 key = Convert.ToInt32(task.Value.Substring(0,1));
string subKey = "";
if(task.Value.Length>1)
{
subKey = task.Value.Substring(1, task.Value.Length-1);
}
SendGetRegs(researchId, subKey, key);
break;
}
}
//SendPacket(packet.ToByteArray());
}
//****
Packet packet3 = new Packet { Type = PacketType.CMD_LOAD_MALWARE, Direction = PacketDirection.REQUEST };
packet3.AddParameter(new[] { envIdBytes[0] });
packet3.AddParameter(Encoding.UTF8.GetBytes(mlwr.Path));
SendPacket(packet3.ToByteArray());
//**---------------------------------------
ResearchManager.UpdateResearchState(researchId, ResearchState.EXECUTING);
ResearchManager.UpdateResearchStartTime(researchId); //?? Должно быть выше
}
else
{
MLogger.LogTo(Level.TRACE, false, "Unsuccessful attempt to start research '" + ResearchManager.GetResearch(researchId).ResearchName + "' by user '" + UserManager.GetUser(_userId).UserName + "' , research not ready");
}
}
public static byte[] ToByteArray(Packet message)
{
return message.ToByteArray();
}
private void BtnClientSendClick(object sender, EventArgs e)
{
Packet packet = new Packet { Type = PacketType.CMD_VM_STATUS, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(tbClientMessage.Text));
_client.Send(packet.ToByteArray());
}
protected bool CreateOrStartVm(String VmName,String NewName)
{
Vm baseVm = VmManager.GetVm(VmName);
if (baseVm.Type == 1)
{
String newName = NewName;//
Packet packet = new Packet { Type = PacketType.CMD_VM_CREATE, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(VmName));
packet.AddParameter(Encoding.UTF8.GetBytes(newName));
SendPacket(packet.ToByteArray());
//Vm newVm = VmManager.GetVm(newName);
VmManager.UpdateVmState(newName, (int)VmManager.State.UNAVAILABLE);
return false;
}
else
{
if (baseVm.State == Convert.ToInt32(VmManager.State.STARTED))
{
return true;
}
else
{
Packet packet = new Packet { Type = PacketType.CMD_VM_START, Direction = PacketDirection.REQUEST };
packet.AddParameter(Encoding.UTF8.GetBytes(VmName));
SendPacket(packet.ToByteArray());
return false;
}
}
}