Exemplo n.º 1
0
        private void PrintFirewallRules()
        {
            try
            {
                Beaprint.MainPrint("Firewall Rules");
                Beaprint.LinkPrint("", "Showing only DENY rules (too many ALLOW rules always)");
                Dictionary <string, string> colorsN = new Dictionary <string, string>()
                {
                    { Globals.StrFalse, Beaprint.ansi_color_bad },
                    { Globals.StrTrue, Beaprint.ansi_color_good },
                };

                Beaprint.AnsiPrint("    Current Profiles: " + Firewall.GetFirewallProfiles(), colorsN);
                foreach (KeyValuePair <string, string> entry in Firewall.GetFirewallBooleans())
                {
                    Beaprint.AnsiPrint(string.Format("    {0,-23}:    {1}", entry.Key, entry.Value), colorsN);
                }

                Beaprint.GrayPrint("    DENY rules:");
                foreach (Dictionary <string, string> rule in Firewall.GetFirewallRules())
                {
                    string filePerms   = string.Join(", ", PermissionsHelper.GetPermissionsFile(rule["AppName"], winPEAS.Checks.Checks.CurrentUserSiDs));
                    string folderPerms = string.Join(", ", PermissionsHelper.GetPermissionsFolder(rule["AppName"], winPEAS.Checks.Checks.CurrentUserSiDs));
                    string formString  = "    ({0}){1}[{2}]: {3} {4} {5} from {6} --> {7}";
                    if (filePerms.Length > 0)
                    {
                        formString += "\n    File Permissions: {8}";
                    }
                    if (folderPerms.Length > 0)
                    {
                        formString += "\n    Folder Permissions: {9}";
                    }
                    formString += "\n    {10}";

                    colorsN = new Dictionary <string, string>
                    {
                        { Globals.StrFalse, Beaprint.ansi_color_bad },
                        { Globals.StrTrue, Beaprint.ansi_color_good },
                        { "File Permissions.*|Folder Permissions.*", Beaprint.ansi_color_bad },
                        { rule["AppName"].Replace("\\", "\\\\").Replace("(", "\\(").Replace(")", "\\)").Replace("]", "\\]").Replace("[", "\\[").Replace("?", "\\?").Replace("+", "\\+"), (filePerms.Length > 0 || folderPerms.Length > 0) ? Beaprint.ansi_color_bad : Beaprint.ansi_color_good },
                    };

                    Beaprint.AnsiPrint(string.Format(formString, rule["Profiles"], rule["Name"], rule["AppName"], rule["Action"], rule["Protocol"], rule["Direction"], rule["Direction"] == "IN" ? rule["Local"] : rule["Remote"], rule["Direction"] == "IN" ? rule["Remote"] : rule["Local"], filePerms, folderPerms, rule["Description"]), colorsN);
                }
            }
            catch (Exception ex)
            {
                Beaprint.PrintException(ex.Message);
            }
        }