internal PacketHandlerWrapper(NetworkMinerForm parentForm, System.IO.DirectoryInfo outputDirectory, List <PacketParser.Fingerprints.IOsFingerprinter> preloadedFingerprints)
{
this.parentForm = parentForm;
this.pcapWriter = null;
string exePath = System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath);
this.packetHandler = new PacketParser.PacketHandler(exePath, outputDirectory.FullName, preloadedFingerprints, false);
this.PacketHandler.AnomalyDetected += new PacketParser.AnomalyEventHandler(AnomalyDetected);
this.PacketHandler.BufferUsageChanged += new PacketParser.BufferUsageEventHandler(BufferUsageChanged);
this.packetHandler.CleartextWordsDetected += new PacketParser.CleartextWordsEventHandler(CleartextWordsDetected);
this.packetHandler.CredentialDetected += new PacketParser.CredentialEventHandler(CredentialDetected);
this.packetHandler.DnsRecordDetected += new PacketParser.DnsRecordEventHandler(packetHandler_DnsRecordDetected);
this.packetHandler.FileReconstructed += new PacketParser.FileEventHandler(packetHandler_FileReconstructed);
this.packetHandler.FrameDetected += new PacketParser.FrameEventHandler(packetHandler_FrameDetected);
this.packetHandler.KeywordDetected += new PacketParser.KeywordEventHandler(packetHandler_KeywordDetected);
this.packetHandler.NetworkHostDetected += new PacketParser.NetworkHostEventHandler(packetHandler_NetworkHostDetected);
this.packetHandler.HttpTransactionDetected += new PacketParser.HttpClientEventHandler(packetHandler_HttpTransactionDetected);
this.packetHandler.ParametersDetected += new PacketParser.ParameterEventHandler(packetHandler_ParametersDetected);
//this.packetHandler.ParametersDetected += new PacketParser.ParameterEventHandler()
//this.packetHandler.ParametersDetected += (s, pe) => parentForm.ParametersQueue.Enqueue(pe);
this.packetHandler.SessionDetected += new PacketParser.SessionEventHandler(packetHandler_SessionDetected);
this.packetHandler.MessageDetected += new PacketParser.MessageEventHandler(packetHandler_MessageDetected);
this.packetHandler.MessageAttachmentDetected += new PacketParser.FileTransfer.FileStreamAssembler.FileReconsructedEventHandler(parentForm.ShowMessageAttachment);
this.packetHandler.InsufficientWritePermissionsDetected += delegate(string path) {
parentForm.BeginInvoke((System.Windows.Forms.MethodInvoker) delegate {
System.Windows.Forms.MessageBox.Show(parentForm, "User is unauthorized to access the following file:" + System.Environment.NewLine + path + System.Environment.NewLine + System.Environment.NewLine + "File(s) will not be extracted!", "Insufficient Write Permissions");
});
};
}
static void Main(string[] args)
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
try {
NetworkMinerForm networkMinerForm = new NetworkMinerForm();
Application.Run(networkMinerForm);
}
catch (Exception e) {
MessageBox.Show(e.Message, "Unable to start NetworkMiner", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
internal PacketHandlerWrapper(NetworkMinerForm parentForm, System.IO.DirectoryInfo outputDirectory)
{
this.parentForm = parentForm;
this.pcapWriter = null;
string exePath = System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath);
this.packetHandler = new PacketParser.PacketHandler(exePath, outputDirectory.FullName);
this.PacketHandler.AnomalyDetected += new PacketParser.AnomalyEventHandler(AnomalyDetected);
this.PacketHandler.BufferUsageChanged += new PacketParser.BufferUsageEventHandler(BufferUsageChanged);
this.packetHandler.CleartextWordsDetected += new PacketParser.CleartextWordsEventHandler(CleartextWordsDetected);
this.packetHandler.CredentialDetected += new PacketParser.CredentialEventHandler(CredentialDetected);
this.packetHandler.DnsRecordDetected += new PacketParser.DnsRecordEventHandler(packetHandler_DnsRecordDetected);
this.packetHandler.FileReconstructed += new PacketParser.FileEventHandler(packetHandler_FileReconstructed);
this.packetHandler.FrameDetected += new PacketParser.FrameEventHandler(packetHandler_FrameDetected);
this.packetHandler.KeywordDetected += new PacketParser.KeywordEventHandler(packetHandler_KeywordDetected);
this.packetHandler.NetworkHostDetected += new PacketParser.NetworkHostEventHandler(packetHandler_NetworkHostDetected);
this.packetHandler.ParametersDetected += new PacketParser.ParameterEventHandler(packetHandler_ParametersDetected);
this.packetHandler.SessionDetected += new PacketParser.SessionEventHandler(packetHandler_SessionDetected);
this.packetHandler.MessageDetected += new PacketParser.MessageEventHandler(packetHandler_MessageDetected);
}
static void Main(string[] args)
{
SetupLogger("NetworkMiner");
bool legacyGui = false;
bool checkForUpdates = true;
foreach (string arg in Environment.GetCommandLineArgs())
{
if (arg.Equals("--legacygui", StringComparison.CurrentCultureIgnoreCase))
{
legacyGui = true;
}
else if (arg.Equals("--noupdatecheck", StringComparison.CurrentCultureIgnoreCase))
{
checkForUpdates = false;
}
}
if (!legacyGui)
{
Application.EnableVisualStyles();
}
//Application.SetCompatibleTextRenderingDefault(false);//causes mono on OSX to hang?
PacketParser.Utils.Logger.Log("Starting the application", System.Diagnostics.EventLogEntryType.Information);
try {
NetworkMinerForm networkMinerForm = new NetworkMinerForm();
if (checkForUpdates)
{
NetworkMiner.UpdateCheck.ShowNewVersionFormIfAvailableAsync(networkMinerForm, System.Reflection.Assembly.GetEntryAssembly().GetName().Version);
}
else
{
PacketParser.Utils.Logger.Log("Skipping update check", System.Diagnostics.EventLogEntryType.Information);
}
PacketParser.Utils.Logger.Log("GUI form object created, starting application message loop", System.Diagnostics.EventLogEntryType.Information);
Application.Run(networkMinerForm);
}
catch (System.IO.FileNotFoundException e) {
if (PacketParser.Utils.SystemHelper.IsRunningOnMono())
{
System.Text.StringBuilder sb = new System.Text.StringBuilder("Make sure you have installed the following Mono packages: ");
foreach (string p in NetworkMinerForm.RecommendedMonoPackages)
{
sb.Append(p);
sb.Append(" ");
}
sb.Append(Environment.NewLine);
PacketParser.Utils.Logger.ConsoleLog(sb.ToString());
}
PacketParser.Utils.Logger.Log("Error creating NetworkMiner GUI Form: " + e.Message, System.Diagnostics.EventLogEntryType.Error);
return;
}
#if !DEBUG
catch (Exception e) {
PacketParser.Utils.Logger.Log("Unable to start NetworkMiner: " + e.Message, System.Diagnostics.EventLogEntryType.Error);
MessageBox.Show(e.Message, "Unable to start NetworkMiner", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
#endif
}
internal PacketHandlerWrapper(NetworkMinerForm parentForm, bool useRelativePathIfAvailable, List <PacketParser.Fingerprints.IOsFingerprinter> preloadedFingerprints = null)
: this(parentForm, new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath))), useRelativePathIfAvailable, preloadedFingerprints)
{
}
internal PacketHandlerWrapper(NetworkMinerForm parentForm)
: this(parentForm, new System.IO.DirectoryInfo(System.IO.Path.GetDirectoryName(System.IO.Path.GetFullPath(System.Windows.Forms.Application.ExecutablePath))))
{
}
