//New-EventLog -Source "VindicateService" -LogName "Vindicate" //sc.exe create "VindicateService" DisplayName="Vindicate" start=auto binPath="D:\src\VindicateTool\VindicateService\bin\Debug\VindicateService.exe" obj="NT Authority\NetworkService" //sc.exe start "VindicateService" protected override void OnStart(String[] args) { var logger = new Logger(LogMode.EventLog, Assembly.GetExecutingAssembly().GetName().Name, false); var parser = new Parser(); var options = new Options(); Boolean validArgs = parser.ParseArguments(args, options); if (!validArgs) { logger.LogMessage("Command line arguments failed to validate.", EventLogEntryType.Error, (Int32)LogEvents.InvalidArguments, (Int16)LogCategories.FatalError); Stop(); return; } var settings = new DetectorSettings { UseLLMNR = options.UseLLMNR, UseNBNS = options.UseNBNS, UsemDNS = options.UsemDNS, Verbose = options.Verbose, LLMNRTarget = options.LLMNRTarget, NBNSTarget = options.NBNSTarget, mDNSTarget = options.mDNSTarget, LLMNRPort = options.LLMNRPort, NBNSPort = options.NBNSPort, NTLMUsername = options.NTLMUsername, NTLMPassword = options.NTLMPassword, NTLMDomain = options.NTLMDomain, PreferredIPv4Address = options.PreferredIPv4Address, UseWPADProbes = options.UseWPADProbes, UseSMBProbes = options.UseSMBProbes, SendRequestFrequency = options.Frequency }; if (!settings.SanityCheck()) { logger.LogMessage("Invalid arguments (ports out of range or missing critical argument).", EventLogEntryType.Error, (Int32)LogEvents.InvalidArguments, (Int16)LogCategories.FatalError); Stop(); return; } if (new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator)) { logger.LogMessage( "It appears the application is running as an elevated administrator! This is not required and isn't a good idea. Seriously." , EventLogEntryType.Warning, (Int32)LogEvents.RunningAsAdmin, (Int16)LogCategories.SecurityWarning); } //Create detector _detector = new Detector(logger, settings); //Check that all services are still enabled after initialisation if (!_detector.IsReady()) { logger.LogMessage("No network services could be created", EventLogEntryType.Error, (Int32)LogEvents.NoValidServices, (Int16)LogCategories.FatalError); Stop(); return; } _detector.BeginSendingAndListening(); }
//New-EventLog -Source "VindicateCLI" -LogName "Vindicate" private static Int32 Main(String[] args) { Console.WriteLine("Vindicate - Copyright (C) 2017 Danny Moules"); Console.WriteLine("This program comes with ABSOLUTELY NO WARRANTY."); Console.WriteLine("This is free software, and you are welcome to redistribute it"); Console.WriteLine("under certain conditions; see LICENSE for details."); Console.WriteLine(""); var parser = new Parser(); var options = new Options(); Boolean validArgs = parser.ParseArguments(args, options); if (!validArgs) { Console.WriteLine("Command line arguments failed to validate."); Console.WriteLine(HelpText.AutoBuild(options)); Console.WriteLine("Press any key to continue."); Console.ReadKey(); return(0xA0); //ERROR_BAD_ARGUMENTS } var logger = new Logger(options.Logging ? LogMode.EventLog : LogMode.Silent, Assembly.GetExecutingAssembly().GetName().Name, true); var settings = new DetectorSettings { UseLLMNR = options.UseLLMNR, UseNBNS = options.UseNBNS, UsemDNS = options.UsemDNS, Verbose = options.Verbose, LLMNRTarget = options.LLMNRTarget, NBNSTarget = options.NBNSTarget, mDNSTarget = options.mDNSTarget, LLMNRPort = options.LLMNRPort, NBNSPort = options.NBNSPort, NTLMUsername = options.NTLMUsername, NTLMPassword = options.NTLMPassword, NTLMDomain = options.NTLMDomain, PreferredIPv4Address = options.PreferredIPv4Address, UseWPADProbes = options.UseWPADProbes, UseSMBProbes = options.UseSMBProbes, SendRequestFrequency = options.Frequency }; if (!settings.SanityCheck()) { Console.WriteLine("Invalid arguments (ports out of range or missing critical argument)."); Console.WriteLine(HelpText.AutoBuild(options)); Console.WriteLine("Press any key to continue."); Console.ReadKey(); return(0xA0); //ERROR_BAD_ARGUMENTS } if (new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator)) { logger.LogMessage( "It appears the application is running as an elevated administrator! This is not required and isn't a good idea. Seriously." , EventLogEntryType.Warning, (Int32)LogEvents.RunningAsAdmin, (Int16)LogCategories.SecurityWarning); } //Create detector using (var detector = new Detector(logger, settings)) { //Check that all services are still enabled after initialisation if (!detector.IsReady()) { logger.LogMessage("No network services could be created", EventLogEntryType.Error, (Int32)LogEvents.NoValidServices, (Int16)LogCategories.FatalError); return(0x41); //ERROR_NETWORK_ACCESS_DENIED } detector.MessagesSent += DetectorMessagesSent; detector.BeginSendingAndListening(); while (Console.ReadKey(true).Key != ConsoleKey.Escape) { Thread.Yield(); } detector.EndSendingAndListening(); } return(0); }