public void RegisterAgent(String agentid, IAgentInstance agent) { agentList.Add(agentid, agent); AgentInstance agentInstance = dbcontext.Agents.FirstOrDefault <AgentInstance>(s => s.agentid.Equals(agentid)); if (agentInstance == null) { AgentInstance agentinstance = new AgentInstance { agentid = agentid, address = ((AgentInstanceHttp)agent).GetAddress(), port = ((AgentInstanceHttp)agent).GetPort(), profileid = ((AgentInstanceHttp)agent).GetProfileid(), framework = ((AgentInstanceHttp)agent).TargetFramework, sessionkey = ((AgentInstanceHttp)agent).AesManager.Key, sessioniv = ((AgentInstanceHttp)agent).AesManager.IV }; if (agent.Pivoter != null) { agentinstance.agentPivotid = agent.Pivoter.AgentId; } dbcontext.Agents.Add(agentinstance); dbcontext.SaveChanges(); } }
private void loadEndPoints() { List<string> endPoints = XMLUtils.DeSerilize<List<string>>(m_EndPointsFilePath); IRestartService restartService = null; AgentInstance agentInstance = null; Stopwatch sw = new Stopwatch(); sw.Start(); string fullEndPoint = string.Empty; LogManager.Instance.WriteInfo("CreateChannel operation on endpoints started"); foreach (string endpoint in endPoints) { try { fullEndPoint = "http://" + endpoint + ":5050/RestartService"; restartService = WCFUtils.ServiceFactory<IRestartService>.GetService(fullEndPoint); agentInstance = new AgentInstance(restartService); agentInstance.UpdateInstanceInfo(); m_Agents.Add(agentInstance.IP, agentInstance); LogManager.Instance.WriteInfo("[Endpoint]: " + fullEndPoint + " Added"); } catch (Exception ex) { SystemLogManager.Instance.Log(eLogType.Error, "TryingCreateChannel", fullEndPoint, string.Empty, ex.Message, string.Empty); LogManager.Instance.WriteError("Error while trying to CreateChannel , [Endpoint]: " + fullEndPoint + " [Exception]: " + ex.Message); } } sw.Stop(); LogManager.Instance.WriteInfo("CreateChannel operation on endpoints ended, elapsed: " + sw.Elapsed); }
public void Log(eLogType i_LogType, AgentInstance i_AgentInstance, string i_Info, string i_Elapsed) { string machineName = i_AgentInstance.ComputerName; string IP = i_AgentInstance.IP; Log(i_LogType, machineName, IP, string.Empty, i_Info, i_Elapsed); }
public static void StopAgentInstanceRemoveResources(AgentInstance agentInstance, IDictionary <string, object> terminationProperties, EPServicesContext servicesContext, bool isStatementStop, bool leaveLocksAcquired) { if (terminationProperties != null) { var contextProperties = (MappedEventBean)agentInstance.AgentInstanceContext.ContextProperties; contextProperties.Properties.PutAll(terminationProperties); } StatementAgentInstanceUtil.Stop(agentInstance.StopCallback, agentInstance.AgentInstanceContext, agentInstance.FinalView, servicesContext, isStatementStop, leaveLocksAcquired, true); }
private void Start() { try { agent = GetComponent <AgentInstance>(); } catch { throw new Exception("AgentDebug: Error while fetching required components for debugging."); } }
private static void Process( AgentInstance agentInstance, EPServicesContext servicesContext, IEnumerable <FilterHandle> callbacks, EventBean theEvent) { var agentInstanceContext = agentInstance.AgentInstanceContext; using (agentInstanceContext.AgentInstanceLock.AcquireWriteLock()) { try { servicesContext.VariableService.SetLocalVersion(); // sub-selects always go first foreach (var handle in callbacks) { var callback = (EPStatementHandleCallback)handle; if (callback.AgentInstanceHandle != agentInstanceContext.EpStatementAgentInstanceHandle) { continue; } callback.FilterCallback.MatchFound(theEvent, null); } agentInstanceContext.EpStatementAgentInstanceHandle.InternalDispatch(); } catch (Exception ex) { servicesContext.ExceptionHandlingService.HandleException( ex, agentInstanceContext.EpStatementAgentInstanceHandle, ExceptionHandlerExceptionType.PROCESS, theEvent); } finally { if (agentInstanceContext.StatementContext.EpStatementHandle.HasTableAccess) { agentInstanceContext.TableExprEvaluatorContext.ReleaseAcquiredLocks(); } } } }
public void TakeActionOnAllAgents(eOperationType i_OperationType) { Stopwatch sw = new Stopwatch(); sw.Start(); ThreadPool.SetMaxThreads(5, 5); LogManager.Instance.WriteInfo(Enum.GetName(i_OperationType.GetType(),i_OperationType)+" action on all agents started."); AgentInstance agent = null; bool finalResult = false; int numOfOperations = 0; int faultedOperations = 0; Task task = null; List<Task> tasks = new List<Task>(); foreach (var keyvalueAgent in m_Agents) { task = new Task(() => { AgentInstance agente = keyvalueAgent.Value; foreach (var service in agente.Services) { numOfOperations++; finalResult = TakeAction(agente.ComputerName, agente.IP, service.Value, service.Key, i_OperationType); if (!finalResult) { faultedOperations++; } } }); task.Start(); tasks.Add(task); } Task.WaitAll(tasks.ToArray()); LogManager.Instance.WriteInfo(Enum.GetName(i_OperationType.GetType(),i_OperationType)+" action on all agents ended, elapsed: " + sw.Elapsed); LogManager.Instance.WriteInfo("Results : " + faultedOperations + " out of " + numOfOperations + " operations failed"); }
public ActionResult <string> Post() { //Console.WriteLine("[*] Post request"); //Step 1 agent if (string.IsNullOrEmpty(GetCookieValue("sessionid"))) { StreamReader reader = new StreamReader(Request.Body, System.Text.Encoding.UTF8); return(StepOne(reader)); } else { // Request has a cookie // Must be RC4 encrypted with serverkey // No other sec check over the cookie // Body must be entrcypted with session shared key iv pair try { string decriptedAgentid = DecryptMessage(RedPeanutC2.server.GetServerKey(), GetCookieValue("sessionid")); //Check if agentid exists in any state IAgentInstance agent = null; if (RedPeanutC2.server.GetAgents().ContainsKey(decriptedAgentid)) { // Agent registered as active check message type Response, AgentIdReqMsg, StreamReader reader = new StreamReader(Request.Body, System.Text.Encoding.UTF8); agent = RedPeanutC2.server.GetAgents().GetValueOrDefault(decriptedAgentid); return(PostResponse(reader, agent)); } else { if (RedPeanutC2.server.GetInboundAgents().ContainsKey(decriptedAgentid)) { // Cookie present and agent is in inboud queue post need to be Aes ChekIn StreamReader reader = new StreamReader(Request.Body, System.Text.Encoding.UTF8); agent = RedPeanutC2.server.GetInboundAgents().GetValueOrDefault(decriptedAgentid); return(CheckIn(reader, agent)); } else { //Check if agent is orfaned AgentInstance agentInstance = dbContext.Agents.FirstOrDefault <AgentInstance>(s => s.agentid.Equals(decriptedAgentid)); if (agentInstance != null) { // agent = CreateAgentInstance(RedPeanutC2.server, agentInstance.agentid, agentInstance.agentPivotid, RedPeanutC2.server.GetServerKey(), agentInstance.address, agentInstance.port, agentInstance.framework, Profileid, agentInstance.sessionkey, agentInstance.sessioniv); AgentInstanceHttp agenthttp = (AgentInstanceHttp)agent; agenthttp.Cookie = GetCookieValue("sessionid"); StreamReader reader = new StreamReader(Request.Body, System.Text.Encoding.UTF8); return(CheckIn(reader, agenthttp)); } else { // Agent does not exeists corrupted session or request not legitimate Console.WriteLine("[x] Agent does not exeists corrupted session or request not legitimate"); Program.GetMenuStack().Peek().RePrintCLI(); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } } } } catch (Exception e) { // Operation error Console.WriteLine("[x] Operation error {0}", e.Message); Program.GetMenuStack().Peek().RePrintCLI(); httpContextAccessor.HttpContext.Response.Headers.Add("Connection", "Close"); return(NotFound()); } } }
private static void EvaluateEventForStatementInternal(EPServicesContext servicesContext, EventBean theEvent, IList <AgentInstance> agentInstances) { // context was created - reevaluate for the given event var callbacks = new ArrayDeque <FilterHandle>(2); servicesContext.FilterService.Evaluate(theEvent, callbacks); // evaluates for ALL statements if (callbacks.IsEmpty()) { return; } // there is a single callback and a single context, if they match we are done if (agentInstances.Count == 1 && callbacks.Count == 1) { var agentInstance = agentInstances[0]; if (agentInstance.AgentInstanceContext.StatementId == callbacks.First.StatementId) { Process(agentInstance, servicesContext, callbacks, theEvent); } return; } // use the right sorted/unsorted Map keyed by AgentInstance to sort var isPrioritized = servicesContext.ConfigSnapshot.EngineDefaults.Execution.IsPrioritized; IDictionary <AgentInstance, object> stmtCallbacks; if (!isPrioritized) { stmtCallbacks = new Dictionary <AgentInstance, object>(); } else { stmtCallbacks = new SortedDictionary <AgentInstance, object>(AgentInstanceComparator.INSTANCE); } // process all callbacks foreach (var filterHandle in callbacks) { // determine if this filter entry applies to any of the affected agent instances var statementId = filterHandle.StatementId; AgentInstance agentInstanceFound = null; foreach (var agentInstance in agentInstances) { if (agentInstance.AgentInstanceContext.StatementId == statementId) { agentInstanceFound = agentInstance; break; } } if (agentInstanceFound == null) { // when the callback is for some other stmt continue; } var handleCallback = (EPStatementHandleCallback)filterHandle; var handle = handleCallback.AgentInstanceHandle; // Self-joins require that the internal dispatch happens after all streams are evaluated. // Priority or preemptive settings also require special ordering. if (handle.CanSelfJoin || isPrioritized) { var stmtCallback = stmtCallbacks.Get(agentInstanceFound); if (stmtCallback == null) { stmtCallbacks.Put(agentInstanceFound, handleCallback); } else if (stmtCallback is ICollection <FilterHandle> ) { var collection = (ICollection <FilterHandle>)stmtCallback; if (!collection.Contains(handleCallback)) // De-duplicate for Filter OR expression paths { collection.Add(handleCallback); } } else { var deque = new ArrayDeque <FilterHandle>(4); deque.Add((EPStatementHandleCallback)stmtCallback); if (stmtCallback != handleCallback) // De-duplicate for Filter OR expression paths { deque.Add(handleCallback); } stmtCallbacks.Put(agentInstanceFound, deque); } continue; } // no need to be sorted, process Process(agentInstanceFound, servicesContext, Collections.SingletonList <FilterHandle>(handleCallback), theEvent); } if (stmtCallbacks.IsEmpty()) { return; } // Process self-join or sorted prioritized callbacks foreach (var entry in stmtCallbacks) { var agentInstance = entry.Key; var callbackList = entry.Value; if (callbackList is ICollection <FilterHandle> ) { Process(agentInstance, servicesContext, (ICollection <FilterHandle>)callbackList, theEvent); } else { Process(agentInstance, servicesContext, Collections.SingletonList <FilterHandle>((FilterHandle)callbackList), theEvent); } if (agentInstance.AgentInstanceContext.EpStatementAgentInstanceHandle.IsPreemptive) { return; } } }
public void EvaluateEventForStatement( EventBean theEvent, IList<AgentInstance> agentInstances, AgentInstanceContext agentInstanceContextCreate) { // context was created - reevaluate for the given event ArrayDeque<FilterHandle> callbacks = new ArrayDeque<FilterHandle>(2); agentInstanceContextCreate.FilterService.Evaluate(theEvent, callbacks, agentInstanceContextCreate); // evaluates for ALL statements if (callbacks.IsEmpty()) { return; } // there is a single callback and a single context, if they match we are done if (agentInstances.Count == 1 && callbacks.Count == 1) { AgentInstance agentInstance = agentInstances[0]; AgentInstanceContext agentInstanceContext = agentInstance.AgentInstanceContext; FilterHandle callback = callbacks.First; if (agentInstanceContext.StatementId == callback.StatementId && agentInstanceContext.AgentInstanceId == callback.AgentInstanceId) { Process(agentInstance, callbacks, theEvent); } return; } // use the right sorted/unsorted Map keyed by AgentInstance to sort bool isPrioritized = agentInstanceContextCreate.RuntimeSettingsService.ConfigurationRuntime.Execution .IsPrioritized; IDictionary<AgentInstance, object> stmtCallbacks; if (!isPrioritized) { stmtCallbacks = new Dictionary<AgentInstance, object>(); } else { stmtCallbacks = new OrderedListDictionary<AgentInstance, object>(AgentInstanceComparator.INSTANCE); } // process all callbacks foreach (FilterHandle filterHandle in callbacks) { EPStatementHandleCallbackFilter handleCallback = (EPStatementHandleCallbackFilter) filterHandle; // determine if this filter entry applies to any of the affected agent instances int statementId = filterHandle.StatementId; AgentInstance agentInstanceFound = null; foreach (AgentInstance agentInstance in agentInstances) { AgentInstanceContext agentInstanceContext = agentInstance.AgentInstanceContext; if (agentInstanceContext.StatementId == statementId && agentInstanceContext.AgentInstanceId == handleCallback.AgentInstanceId) { agentInstanceFound = agentInstance; break; } } if (agentInstanceFound == null) { // when the callback is for some other stmt continue; } EPStatementAgentInstanceHandle handle = handleCallback.AgentInstanceHandle; // Self-joins require that the internal dispatch happens after all streams are evaluated. // Priority or preemptive settings also require special ordering. if (handle.IsCanSelfJoin || isPrioritized) { var stmtCallback = stmtCallbacks.Get(agentInstanceFound); if (stmtCallback == null) { stmtCallbacks.Put(agentInstanceFound, handleCallback); } else if (stmtCallback is ArrayDeque<FilterHandle> callbackFilterDeque) { if (!callbackFilterDeque.Contains(handleCallback)) { // De-duplicate for Filter OR expression paths callbackFilterDeque.Add(handleCallback); } } else { var filterDeque = new ArrayDeque<FilterHandle>(4); filterDeque.Add((FilterHandle) stmtCallback); if (stmtCallback != handleCallback) { // De-duplicate for Filter OR expression paths filterDeque.Add(handleCallback); } stmtCallbacks.Put(agentInstanceFound, filterDeque); } continue; } // no need to be sorted, process Process(agentInstanceFound, Collections.SingletonList<FilterHandle>(handleCallback), theEvent); } if (stmtCallbacks.IsEmpty()) { return; } // Process self-join or sorted prioritized callbacks foreach (KeyValuePair<AgentInstance, object> entry in stmtCallbacks) { AgentInstance agentInstance = entry.Key; object callbackList = entry.Value; if (callbackList is ICollection<FilterHandle> filterHandleCollection) { Process(agentInstance, filterHandleCollection, theEvent); } else { Process( agentInstance, Collections.SingletonList<FilterHandle>((FilterHandle) callbackList), theEvent); } if (agentInstance.AgentInstanceContext.EpStatementAgentInstanceHandle.IsPreemptive) { return; } } }