/// <summary>
/// Register this agent with the server. Receives new System UUID.
/// </summary>
/// <returns>True when we've received a new System UUID</returns>
public static bool RegisterWithServer()
{
Log.Info("Registering with the server");
// Register yourself in order to get a System GUID
RegistrationEventPost registration = new RegistrationEventPost();
registration.CustomerUUID = SRSvc.conf.GroupUUID;
registration.AgentVersion = SRSvc.conf.Version;
registration.OSHumanName = GetOSFriendlyName();
registration.OSVersion = Environment.OSVersion.ToString();
registration.Arch = (Environment.Is64BitOperatingSystem ? "64-bit" : "32-bit");
registration.MachineName = Environment.MachineName;
ManufacturerData md = GetManufacturerData();
registration.Manufacturer = md.Manufacturer;
registration.Model = md.Model;
registration.MachineGUID = GetWindowsMachineGUID();
string postMessage = Helpers.SerializeToJson(registration, typeof(RegistrationEventPost));
string response = Beacon.PostToServer(postMessage, "/api/v1/Register");
if (response == "")
{
// Likely we were unable to contact the server
return(false);
}
dynamic serverMsg = Json.Decode(response);
if (serverMsg.Command == "SetSystemUUID")
{
Command.SetSystemUUID(serverMsg);
}
else
{
throw new Exception("Registration response command not in correct format");
}
return(true);
}
public static bool PostCatalogFile(CatalogFile catalogFile)
{
CatalogFilePost catalogFilePost = new CatalogFilePost();
catalogFilePost.TimeOfEvent = Helpers.ConvertToUnixTime(catalogFile.FirstAccessTime);
catalogFilePost.Path = catalogFile.FilePath;
catalogFilePost.Size = catalogFile.Size;
catalogFilePost.Sha256 = Helpers.ByteArrayToHexString(catalogFile.Sha256);
string postMessage = Helpers.SerializeToJson(catalogFilePost, typeof(CatalogFilePost));
string response = Beacon.PostToServer(postMessage, "/api/v1/CatalogFileEvent");
if (response == "")
{
// Remote server could not be reached or encountered an error
return(false);
}
CatalogFileResponse processEventResponse = (CatalogFileResponse)Helpers.DeserializeFromJson(response, typeof(CatalogFileResponse));
return(true);
}
/// <summary>
/// Update this agent
/// </summary>
/// <param name="serverMsg">Ignored, but provides what the new version will be</param>
/// <returns></returns>
public static dynamic Update(dynamic serverMsg)
{
// Tell the server what version we currently have and it will return an exe that will update this agent to the next version
GetUpdatePost getUpdatePost = new GetUpdatePost(SRSvc.conf.Version);
string postMessage = Helpers.SerializeToJson(getUpdatePost, typeof(GetUpdatePost));
byte[] filedata = Beacon.PostForm(Encoding.UTF8.GetBytes(postMessage), "/api/v1/GetUpdate", "text/json");
//string updateName = String.Format("srepp_update-{0}.exe", SRSvc.conf.Version);
string updateFilePath = Path.GetTempFileName();
try
{
using (FileStream fs = File.Create(updateFilePath))
{
using (System.IO.BinaryWriter file = new System.IO.BinaryWriter(fs))
{
file.Write(filedata);
}
}
Log.Info("Update file written to: {0}", updateFilePath);
// Check it
List <Signer> signers = null;
bool isVerified = WinTrustVerify.WinTrust.Verify(updateFilePath, out signers);
if (!isVerified)
{
Log.Error("Update file could not be verified");
return(null);
}
// File is signed and can be verified, but make sure it's signed by me
string SignerName = "";
byte[] SerialNumber = null;
if (signers != null && signers.Count >= 1 && signers[0] != null)
{
SignerName = signers[0].Name;
SerialNumber = signers[0].SigningCert.SerialNumber;
}
else
{
Log.Error("Could not extract signer info from file");
return(null);
}
bool isSignedByMe = false;
// TODO Should also check the chain (the root) and some other info, in case a rogue CA granted someone a cert with my info
#if DEBUG
byte[] TestSerialNumber = new byte[] { 0x4c, 0x18, 0xd9, 0xaa, 0x26, 0x83, 0x36, 0x95, 0x4c, 0xc4, 0x35, 0x6d, 0xaa, 0xbe, 0x82, 0xc9 };
if (SignerName == "SR_Test" && Helpers.ByteArrayAreEqual(SerialNumber, TestSerialNumber))
{
isSignedByMe = true;
}
#endif
// TODO MUST Check Relase build requirements
byte[] ReleaseSerialNumber = new byte[] { 0x4c, 0x18, 0xd9, 0xaa, 0x26, 0x83, 0x36, 0x95, 0x4c, 0xc4, 0x35, 0x6d, 0xaa, 0xbe, 0x82, 0xc9 };
if (SignerName == "SR_Test" && Helpers.ByteArrayAreEqual(SerialNumber, ReleaseSerialNumber))
{
isSignedByMe = true;
}
if (!isSignedByMe)
{
Log.Error("Update file was not signed by the correct issuer! Bailing on update. Was signed by {0}, with serial number {1}", SignerName, Helpers.ByteArrayToHexString(SerialNumber));
return(null);
}
// TODO Check the new file is a greater version than this file, or at least the date the file was signed is more recent
// Execute it
Process myProcess = new Process();
try
{
myProcess.StartInfo.UseShellExecute = false;
myProcess.StartInfo.FileName = updateFilePath;
myProcess.StartInfo.CreateNoWindow = true;
myProcess.Start();
// TODO Should I kill this parent process so the child isn't trying kill it?
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
finally
{
// Delete file, especially in case of errors. In theory an update should occcur.
File.Delete(updateFilePath);
}
return(null);
}
