public static bool RequestCommand(SslStream sslStream, String command_requested, String nonce) { byte[] message = Encoding.UTF8.GetBytes(command_requested + ";" + Environment.UserName + ";" + nonce + "<EOF>"); // Send command request sslStream.Write(message); sslStream.Flush(); // Read response from the server. string serverResponseCommand = ReadMessage(sslStream).Replace("<EOF>", ""); switch (serverResponseCommand) { case "Unauthorized": Console.WriteLine("Unauthorized command for this user or bad authentication."); CloseConnection(client); return(false); case "Password": Console.WriteLine("Command needs administrator password."); CloseConnection(client); RunPowershell.RunAsAdmin(command_requested); return(false); case "OK": return(true); default: CloseConnection(client); return(false); } }
private static bool IsGroupExist(String groupName) { List <String> isGroupExist = RunPowershell.RunCommand("(Get-LocalGroup -Name \"" + groupName + "\").Name", false); if (isGroupExist[0] == groupName) { return(true); } else { return(false); } }
private static bool IsGroupMember(String username, String groupName) { List <String> isGroupMember = RunPowershell.RunCommand("(Get-LocalGroupMember -Group \"" + groupName + "\" -Member \"" + username + "\").Name", false); if (isGroupMember.Count > 0 && isGroupMember[0].Split("\\").Length > 1 && isGroupMember[0].Split("\\")[1] == username) { return(true); } else { return(false); } }
private static List <String> GetListUsers() { List <String> listUser = RunPowershell.RunCommand("Get-LocalUser", true); List <String> users = new List <String>(); foreach (String line in listUser) { if (line.Split(";").Length == 14 && line.Split(";")[10].Replace("\"", "") != "Name") { users.Add(line.Split(";")[10].Replace("\"", "")); } } return(users); }
private static void RunMain() { while (true) { // start listening while (true) { TcpListener listener = SslTcpServer.RunServer(); TcpClient client = listener.AcceptTcpClient(); SslStream sslStream = SslTcpServer.ProcessClient(client); // get nonce request from client String clientUsername = SslTcpServer.GetNonceRequest(sslStream); // verify nonce request if (clientUsername == null) { SslTcpServer.AnswerNonceRequest(sslStream, "Error during nonce sending"); client.Close(); listener.Stop(); break; } // verify username if (!GetUserInfo.IsUserSystemMember(clientUsername)) { SslTcpServer.AnswerNonceRequest(sslStream, "Error during nonce sending"); client.Close(); listener.Stop(); break; } String clientNonce = Security.SendNonce(clientUsername); // answer nonce request if (clientNonce != null) { SslTcpServer.AnswerNonceRequest(sslStream, "Nonce send"); } // wait for command request String[] clientCommandRequest = SslTcpServer.GetCommandRequest(sslStream); // verify command request if (clientCommandRequest == null) { SslTcpServer.AnswerCommandRequest(sslStream, "Error during command execution"); client.Close(); listener.Stop(); break; } String clientCommand = clientCommandRequest[0]; String clientUsernameCommand = clientCommandRequest[1]; String clientNonceCommand = clientCommandRequest[2]; // verify username if (clientUsernameCommand != clientUsername || !GetUserInfo.IsUserSystemMember(clientUsernameCommand)) { SslTcpServer.AnswerCommandRequest(sslStream, "Unauthorized"); client.Close(); listener.Stop(); break; } // verify nonce if (clientNonceCommand != clientNonce) { SslTcpServer.AnswerCommandRequest(sslStream, "Unauthorized"); client.Close(); listener.Stop(); break; } // verify access to command int retAuth = GetAuthorization.IsUserGranted(clientUsernameCommand, clientCommand); if (retAuth == 2) { SslTcpServer.AnswerCommandRequest(sslStream, "Unauthorized"); client.Close(); listener.Stop(); break; } else if (retAuth == 1) { SslTcpServer.AnswerCommandRequest(sslStream, "Password"); client.Close(); listener.Stop(); break; } // answer command request SslTcpServer.AnswerCommandRequest(sslStream, "OK"); String commandResult = RunPowershell.RunSudoersCommand(clientCommand); // send command result SslTcpServer.SendCommandResult(sslStream, commandResult); client.Close(); listener.Stop(); } } }