public static List <Dictionary <string, string> > GetSavedRDPConnections()
{
List <Dictionary <string, string> > results = new List <Dictionary <string, string> >();
//shows saved RDP connections, including username hints (if present)
if (MyUtils.IsHighIntegrity())
{
string[] SIDs = Registry.Users.GetSubKeyNames();
foreach (string SID in SIDs)
{
if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
{
string[] subkeys = RegistryHelper.GetRegSubkeys("HKU", string.Format("{0}\\Software\\Microsoft\\Terminal Server Client\\Servers", SID));
if (subkeys != null)
{
//Console.WriteLine("\r\n\r\n=== Saved RDP Connection Information ({0}) ===", SID);
foreach (string host in subkeys)
{
string usernameHint = RegistryHelper.GetRegValue("HKCU", string.Format("Software\\Microsoft\\Terminal Server Client\\Servers\\{0}", host), "UsernameHint");
Dictionary <string, string> rdp_info = new Dictionary <string, string>()
{
{ "SID", SID },
{ "Host", host },
{ "Username Hint", usernameHint },
};
results.Add(rdp_info);
}
}
}
}
}
else
{
string[] subkeys = RegistryHelper.GetRegSubkeys("HKCU", "Software\\Microsoft\\Terminal Server Client\\Servers");
if (subkeys != null)
{
foreach (string host in subkeys)
{
string usernameHint = RegistryHelper.GetRegValue("HKCU", string.Format("Software\\Microsoft\\Terminal Server Client\\Servers\\{0}", host), "UsernameHint");
Dictionary <string, string> rdp_info = new Dictionary <string, string>()
{
{ "SID", "" },
{ "Host", host },
{ "Username Hint", usernameHint },
};
results.Add(rdp_info);
}
}
}
return(results);
}
private static List <Dictionary <string, string> > ListPuttySSHHostKeys()
{
List <Dictionary <string, string> > results = new List <Dictionary <string, string> >();
// extracts saved putty host keys (via the registry)
if (MyUtils.IsHighIntegrity())
{
Console.WriteLine("\r\n\r\n=== Putty SSH Host Hosts (All Users) ===\r\n");
string[] SIDs = Registry.Users.GetSubKeyNames();
foreach (string SID in SIDs)
{
if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
{
Dictionary <string, object> hostKeys = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\SshHostKeys\\", SID));
if ((hostKeys != null) && (hostKeys.Count != 0))
{
Dictionary <string, string> putty_ssh = new Dictionary <string, string>();
putty_ssh["UserSID"] = SID;
foreach (KeyValuePair <string, object> kvp in hostKeys)
{
putty_ssh[kvp.Key] = ""; //Looks like only matters the key name, not the value
}
results.Add(putty_ssh);
}
}
}
}
else
{
Dictionary <string, object> hostKeys = RegistryHelper.GetRegValues("HKCU", "Software\\SimonTatham\\PuTTY\\SshHostKeys\\");
if ((hostKeys != null) && (hostKeys.Count != 0))
{
Dictionary <string, string> putty_ssh = new Dictionary <string, string>();
foreach (KeyValuePair <string, object> kvp in hostKeys)
{
putty_ssh[kvp.Key] = ""; //Looks like only matters the key name, not the value
}
results.Add(putty_ssh);
}
}
return(results);
}
public static Dictionary <string, object> GetRecentRunCommands()
{
Dictionary <string, object> results = new Dictionary <string, object>();
// lists recently run commands via the RunMRU registry key
if (MyUtils.IsHighIntegrity())
{
string[] SIDs = Registry.Users.GetSubKeyNames();
foreach (string SID in SIDs)
{
if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
{
results = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU", SID));
}
}
}
else
{
results = RegistryHelper.GetRegValues("HKCU", "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU");
}
return(results);
}
public static void ListSavedRDPConnections()
{
string[] SIDs = Registry.Users.GetSubKeyNames();
foreach (string SID in SIDs)
{
if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
{
string[] subkeys = GetRegSubkeys("HKU", String.Format("{0}\\Software\\Microsoft\\Terminal Server Client\\Servers", SID));
if (subkeys != null)
{
string sid = ("\r\n\r\n=== Saved RDP Connection Information (" + SID + ") ===");
foreach (string host in subkeys)
{
string username = GetRegValue("HKCU", String.Format("Software\\Microsoft\\Terminal Server Client\\Servers\\{0}", host), "UsernameHint");
if (username != "")
{
string RDPConnections = sid + "\r\n" + username + "\r\n" + host + "\r\n";
BasisInfo.TxtWriter(RDPConnections, "SavedRDPConnections");
}
}
}
}
}
}
private static Dictionary <string, List <string> > GetIEHistFav()
{
int lastDays = 90;
Dictionary <string, List <string> > results = new Dictionary <string, List <string> >()
{
{ "history", new List <string>() },
{ "favorites", new List <string>() },
};
DateTime startTime = System.DateTime.Now.AddDays(-lastDays);
try
{
if (MyUtils.IsHighIntegrity())
{
string[] SIDs = Registry.Users.GetSubKeyNames();
foreach (string SID in SIDs)
{
if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
{
Dictionary <string, object> settings = RegistryHelper.GetRegValues("HKU", string.Format("{0}\\SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLs", SID));
if ((settings != null) && (settings.Count > 1))
{
foreach (KeyValuePair <string, object> kvp in settings)
{
byte[] timeBytes = RegistryHelper.GetRegValueBytes("HKU", string.Format("{0}\\SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLsTime", SID), kvp.Key.ToString().Trim());
if (timeBytes != null)
{
long timeLong = (long)(BitConverter.ToInt64(timeBytes, 0));
DateTime urlTime = DateTime.FromFileTime(timeLong);
if (urlTime > startTime)
{
results["history"].Add(kvp.Value.ToString().Trim());
}
}
}
}
}
}
string userFolder = string.Format("{0}\\Users\\", Environment.GetEnvironmentVariable("SystemDrive"));
var dirs = Directory.EnumerateDirectories(userFolder);
foreach (var dir in dirs)
{
string[] parts = dir.Split('\\');
string userName = parts[parts.Length - 1];
if (!(dir.EndsWith("Public") || dir.EndsWith("Default") || dir.EndsWith("Default User") || dir.EndsWith("All Users")))
{
string userIEBookmarkPath = string.Format("{0}\\Favorites\\", dir);
if (Directory.Exists(userIEBookmarkPath))
{
string[] bookmarkPaths = Directory.EnumerateFiles(userIEBookmarkPath, "*.url", SearchOption.AllDirectories).ToArray();
if (bookmarkPaths.Length != 0)
{
foreach (string bookmarkPath in bookmarkPaths)
{
using (StreamReader rdr = new StreamReader(bookmarkPath))
{
string line;
string url = "";
while ((line = rdr.ReadLine()) != null)
{
if (line.StartsWith("URL=", StringComparison.InvariantCultureIgnoreCase))
{
if (line.Length > 4)
{
url = line.Substring(4);
}
break;
}
}
results["history"].Add(url.ToString().Trim());
}
}
}
}
}
}
}
else
{
Dictionary <string, object> settings = RegistryHelper.GetRegValues("HKCU", "SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLs");
if ((settings != null) && (settings.Count != 0))
{
foreach (KeyValuePair <string, object> kvp in settings)
{
byte[] timeBytes = RegistryHelper.GetRegValueBytes("HKCU", "SOFTWARE\\Microsoft\\Internet Explorer\\TypedURLsTime", kvp.Key.ToString().Trim());
if (timeBytes != null)
{
long timeLong = (long)(BitConverter.ToInt64(timeBytes, 0));
DateTime urlTime = DateTime.FromFileTime(timeLong);
if (urlTime > startTime)
{
results["history"].Add(kvp.Value.ToString().Trim());
}
}
}
}
string userIEBookmarkPath = string.Format("{0}\\Favorites\\", System.Environment.GetEnvironmentVariable("USERPROFILE"));
string[] bookmarkPaths = Directory.EnumerateFiles(userIEBookmarkPath, "*.url", SearchOption.AllDirectories).ToArray();
foreach (string bookmarkPath in bookmarkPaths)
{
using (StreamReader rdr = new StreamReader(bookmarkPath))
{
string line;
string url = "";
while ((line = rdr.ReadLine()) != null)
{
if (line.StartsWith("URL=", StringComparison.InvariantCultureIgnoreCase))
{
if (line.Length > 4)
{
url = line.Substring(4);
}
break;
}
}
results["favorites"].Add(url.ToString().Trim());
}
}
}
}
catch (Exception ex)
{
Beaprint.GrayPrint(string.Format(" [X] Exception: {0}", ex));
}
return(results);
}
private static List <Dictionary <string, string> > GetPuttySessions()
{
List <Dictionary <string, string> > results = new List <Dictionary <string, string> >();
// extracts saved putty sessions and basic configs (via the registry)
if (MyUtils.IsHighIntegrity())
{
Console.WriteLine("\r\n\r\n=== Putty Saved Session Information (All Users) ===\r\n");
string[] SIDs = Registry.Users.GetSubKeyNames();
foreach (string SID in SIDs)
{
if (SID.StartsWith("S-1-5") && !SID.EndsWith("_Classes"))
{
string[] subKeys = RegistryHelper.GetRegSubkeys("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\Sessions\\", SID));
foreach (string sessionName in subKeys)
{
Dictionary <string, string> putty_sess = new Dictionary <string, string>()
{
{ "User SID", SID },
{ "SessionName", sessionName },
{ "HostName", "" },
{ "PortNumber", "" },
{ "UserName", "" },
{ "PublicKeyFile", "" },
{ "PortForwardings", "" },
{ "ConnectionSharing", "" },
{ "ProxyPassword", "" },
{ "ProxyUsername", "" },
};
string[] keys =
{
"HostName",
"PortNumber",
"UserName",
"PublicKeyFile",
"PortForwardings",
"ConnectionSharing",
"AgentFwd",
"ProxyPassword",
"ProxyUsername",
};
foreach (string key in keys)
{
putty_sess[key] = RegistryHelper.GetRegValue("HKU", string.Format("{0}\\Software\\SimonTatham\\PuTTY\\Sessions\\{1}", SID, sessionName), key);
}
results.Add(putty_sess);
}
}
}
}
else
{
string[] subKeys = RegistryHelper.GetRegSubkeys("HKCU", "Software\\SimonTatham\\PuTTY\\Sessions\\");
foreach (string sessionName in subKeys)
{
Dictionary <string, string> putty_sess = new Dictionary <string, string>()
{
{ "SessionName", sessionName },
{ "HostName", "" },
{ "PortNumber", "" },
{ "UserName", "" },
{ "PublicKeyFile", "" },
{ "PortForwardings", "" },
{ "ConnectionSharing", "" },
{ "ProxyPassword", "" },
{ "ProxyUsername", "" },
};
string[] keys =
{
"HostName",
"PortNumber",
"UserName",
"PublicKeyFile",
"PortForwardings",
"ConnectionSharing",
"AgentFwd",
"ProxyPassword",
"ProxyUsername",
};
foreach (string key in keys)
{
putty_sess[key] = RegistryHelper.GetRegValue("HKCU", string.Format("Software\\SimonTatham\\PuTTY\\Sessions\\{0}", sessionName), key);
}
results.Add(putty_sess);
}
}
return(results);
}
