示例#1
0
        //New-EventLog -Source "VindicateService" -LogName "Vindicate"
        //sc.exe create "VindicateService" DisplayName="Vindicate" start=auto binPath="D:\src\VindicateTool\VindicateService\bin\Debug\VindicateService.exe" obj="NT Authority\NetworkService"
        //sc.exe start "VindicateService"
        protected override void OnStart(String[] args)
        {
            var logger = new Logger(LogMode.EventLog, Assembly.GetExecutingAssembly().GetName().Name, false);

            var     parser    = new Parser();
            var     options   = new Options();
            Boolean validArgs = parser.ParseArguments(args, options);

            if (!validArgs)
            {
                logger.LogMessage("Command line arguments failed to validate.", EventLogEntryType.Error, (Int32)LogEvents.InvalidArguments, (Int16)LogCategories.FatalError);
                Stop();
                return;
            }

            var settings = new DetectorSettings
            {
                UseLLMNR             = options.UseLLMNR,
                UseNBNS              = options.UseNBNS,
                UsemDNS              = options.UsemDNS,
                Verbose              = options.Verbose,
                LLMNRTarget          = options.LLMNRTarget,
                NBNSTarget           = options.NBNSTarget,
                mDNSTarget           = options.mDNSTarget,
                LLMNRPort            = options.LLMNRPort,
                NBNSPort             = options.NBNSPort,
                NTLMUsername         = options.NTLMUsername,
                NTLMPassword         = options.NTLMPassword,
                NTLMDomain           = options.NTLMDomain,
                PreferredIPv4Address = options.PreferredIPv4Address,
                UseWPADProbes        = options.UseWPADProbes,
                UseSMBProbes         = options.UseSMBProbes,
                SendRequestFrequency = options.Frequency
            };

            if (!settings.SanityCheck())
            {
                logger.LogMessage("Invalid arguments (ports out of range or missing critical argument).", EventLogEntryType.Error, (Int32)LogEvents.InvalidArguments, (Int16)LogCategories.FatalError);
                Stop();
                return;
            }

            if (new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator))
            {
                logger.LogMessage(
                    "It appears the application is running as an elevated administrator! This is not required and isn't a good idea. Seriously."
                    , EventLogEntryType.Warning, (Int32)LogEvents.RunningAsAdmin,
                    (Int16)LogCategories.SecurityWarning);
            }

            //Create detector
            _detector = new Detector(logger, settings);

            //Check that all services are still enabled after initialisation
            if (!_detector.IsReady())
            {
                logger.LogMessage("No network services could be created", EventLogEntryType.Error, (Int32)LogEvents.NoValidServices, (Int16)LogCategories.FatalError);
                Stop();
                return;
            }
            _detector.BeginSendingAndListening();
        }
示例#2
0
        //New-EventLog -Source "VindicateCLI" -LogName "Vindicate"
        private static Int32 Main(String[] args)
        {
            Console.WriteLine("Vindicate - Copyright (C) 2017 Danny Moules");
            Console.WriteLine("This program comes with ABSOLUTELY NO WARRANTY.");
            Console.WriteLine("This is free software, and you are welcome to redistribute it");
            Console.WriteLine("under certain conditions; see LICENSE for details.");
            Console.WriteLine("");

            var     parser    = new Parser();
            var     options   = new Options();
            Boolean validArgs = parser.ParseArguments(args, options);

            if (!validArgs)
            {
                Console.WriteLine("Command line arguments failed to validate.");
                Console.WriteLine(HelpText.AutoBuild(options));
                Console.WriteLine("Press any key to continue.");
                Console.ReadKey();
                return(0xA0); //ERROR_BAD_ARGUMENTS
            }

            var logger   = new Logger(options.Logging ? LogMode.EventLog : LogMode.Silent, Assembly.GetExecutingAssembly().GetName().Name, true);
            var settings = new DetectorSettings
            {
                UseLLMNR             = options.UseLLMNR,
                UseNBNS              = options.UseNBNS,
                UsemDNS              = options.UsemDNS,
                Verbose              = options.Verbose,
                LLMNRTarget          = options.LLMNRTarget,
                NBNSTarget           = options.NBNSTarget,
                mDNSTarget           = options.mDNSTarget,
                LLMNRPort            = options.LLMNRPort,
                NBNSPort             = options.NBNSPort,
                NTLMUsername         = options.NTLMUsername,
                NTLMPassword         = options.NTLMPassword,
                NTLMDomain           = options.NTLMDomain,
                PreferredIPv4Address = options.PreferredIPv4Address,
                UseWPADProbes        = options.UseWPADProbes,
                UseSMBProbes         = options.UseSMBProbes,
                SendRequestFrequency = options.Frequency
            };

            if (!settings.SanityCheck())
            {
                Console.WriteLine("Invalid arguments (ports out of range or missing critical argument).");
                Console.WriteLine(HelpText.AutoBuild(options));
                Console.WriteLine("Press any key to continue.");
                Console.ReadKey();
                return(0xA0); //ERROR_BAD_ARGUMENTS
            }

            if (new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator))
            {
                logger.LogMessage(
                    "It appears the application is running as an elevated administrator! This is not required and isn't a good idea. Seriously."
                    , EventLogEntryType.Warning, (Int32)LogEvents.RunningAsAdmin,
                    (Int16)LogCategories.SecurityWarning);
            }

            //Create detector
            using (var detector = new Detector(logger, settings))
            {
                //Check that all services are still enabled after initialisation
                if (!detector.IsReady())
                {
                    logger.LogMessage("No network services could be created", EventLogEntryType.Error,
                                      (Int32)LogEvents.NoValidServices, (Int16)LogCategories.FatalError);
                    return(0x41); //ERROR_NETWORK_ACCESS_DENIED
                }

                detector.MessagesSent += DetectorMessagesSent;
                detector.BeginSendingAndListening();
                while (Console.ReadKey(true).Key != ConsoleKey.Escape)
                {
                    Thread.Yield();
                }
                detector.EndSendingAndListening();
            }

            return(0);
        }