public Appointment(DateTime schedule, Triage urgency, Specialty reason, string reasonDesc)
{
this.schedule = schedule;
this.urgency = urgency;
this.reason = reason;
this.reasonDesc = reasonDesc;
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Machine DPAPI Certificate Triage\r\n");
if (!Helpers.IsHighIntegrity())
{
Console.WriteLine("[X] Must be elevated to triage SYSTEM DPAPI Credentials!");
}
else
{
Dictionary <string, string> mappings = Triage.TriageSystemMasterKeys();
Console.WriteLine("\r\n[*] SYSTEM master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
Console.WriteLine("[*] Target Certificate File: {0}\r\n", target);
Triage.TriageCertFile(target, mappings, true);
}
else
{
Triage.TriageSystemCerts(mappings);
}
Console.WriteLine("[*] Hint: openssl pkcs12 -in cert.pem -keyex -CSP \"Microsoft Enhanced Cryptographic Provider v1.0\" -export -out cert.pfx");
}
}
static void Main(string[] args)
{
// Triage > Doctor > Consultant.
Triage triage = new Triage();
Doctor doctor = new Doctor();
Consultant consultant = new Consultant();
AdmissionsWard ward = new AdmissionsWard();
Surgery surgery = new Surgery();
triage.SetSuccessor(doctor);
doctor.SetSuccessor(consultant);
consultant.SetSuccessor(ward);
consultant.SetSuccessor(surgery);
Patient p1 = new Patient("Alison", Condition.HeadTrauma);
Patient p2 = new Patient("Brian", Condition.Infection);
Patient p3 = new Patient("Charlie", Condition.GeneralPain);
Patient p4 = new Patient("Diana", Condition.Other);
Patient p5 = new Patient("Edward", Condition.ChestPain);
Patient p6 = new Patient("Frankie", Condition.Injury);
triage.HandlePatient(p1);
Console.WriteLine();
triage.HandlePatient(p2);
Console.WriteLine();
triage.HandlePatient(p3);
Console.WriteLine();
triage.HandlePatient(p4);
Console.WriteLine();
triage.HandlePatient(p5);
Console.WriteLine();
triage.HandlePatient(p6);
Console.ReadKey();
}
public PreMed()
{
health = 16; maxHP = 16; strength = 4; power = 0; charge = 0; defense = 0; guard = 0;
baseAccuracy = 16; accuracy = 16; dexterity = 2; evasion = 0; type = "Pre-Med Student"; passive = new Precision(this);
quirk = Quirk.GetQuirk(this); special = new Triage(); special2 = new Prescribe();
player = false; champion = false; recruitable = true; CreateDrops(); attackEffect = "pierce defense";
}
public void OnPostDiagnostics()
{
if (!CheckPatient)
{
newTriage = (Triage)Enum.Parse(typeof(Triage), Request.Form[nameof(newTriage)].ToString());
}
else
{
Newtonsoft.Json.Linq.JArray tempData = (Newtonsoft.Json.Linq.JArray)JsonConvert.DeserializeObject((string)TempData["attention"]);
patientsAttention = tempData.ToObject <List <ConsultoryPatients> >();
var patientRecovered = new Patient
{
Id = patientsAttention[0].Id,
Name = patientsAttention[0].Name,
Age = patientsAttention[0].Age,
Document = patientsAttention[0].Document,
Gender = patientsAttention[0].Gender,
State = State.Recuperado
};
patientsAttention.RemoveAt(0);
TempData["attention"] = JsonConvert.SerializeObject(patientsAttention);
patientsRecovered.Add(patientRecovered);
GetConsultories();
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Cert Triage");
arguments.Remove("cert");
string server = ""; // used for remote server specification
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
if (arguments.ContainsKey("/server"))
{
masterkeys = Triage.TriageUserMasterKeys(null, true, arguments["/server"], password);
}
else
{
masterkeys = Triage.TriageUserMasterKeys(null, true, "", password);
}
}
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging Certificates from remote server: {0}\r\n", server);
Triage.TriageUserCerts(masterkeys, server);
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
Console.WriteLine("[*] Target Certificate File: {0}\r\n", target);
Triage.TriageCertFile(target, masterkeys);
}
else
{
Triage.TriageUserCerts(masterkeys);
}
Console.WriteLine("[*] Hint: openssl pkcs12 -in cert.pem -keyex -CSP \"Microsoft Enhanced Cryptographic Provider v1.0\" -export -out cert.pfx");
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Machine DPAPI Credential, Vault, and Certificate Triage\r\n");
arguments.Remove("triage");
if (!Helpers.IsHighIntegrity())
{
Console.WriteLine("[X] Must be elevated to triage SYSTEM DPAPI Credentials!");
}
else
{
Dictionary <string, string> mappings = Triage.TriageSystemMasterKeys();
Console.WriteLine("\r\n[*] SYSTEM master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
Triage.TriageSystemCreds(mappings);
Triage.TriageSystemVaults(mappings);
Triage.TriageSystemCerts(mappings);
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: User DPAPI Credential and Vault Triage\r\n");
arguments.Remove("triage");
string server = ""; // used for remote server specification
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
}
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
masterkeys = Triage.TriageUserMasterKeysWithPass(password);
}
if (arguments.ContainsKey("/server") && !arguments.ContainsKey("/pvk"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' !");
}
else
{
Triage.TriageUserCreds(masterkeys, server);
Triage.TriageUserVaults(masterkeys, server);
Console.WriteLine();
if (masterkeys.Count == 0)
{
// try to use CryptUnprotectData if no GUID lookups supplied
Triage.TriageRDCMan(masterkeys, server, true);
}
else
{
Triage.TriageRDCMan(masterkeys, server, false);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Describe PSCredential .xml");
string target = "";
bool unprotect = false; // whether to force CryptUnprotectData()
if (arguments.ContainsKey("/unprotect"))
{
Console.WriteLine("\r\n[*] Using CryptUnprotectData() for decryption.");
unprotect = true;
}
Console.WriteLine();
if (arguments.ContainsKey("/target"))
{
target = arguments["/target"];
}
else
{
Console.WriteLine("[X] A /target:<BASE64 | file.bin> must be supplied!");
return;
}
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
if (arguments.ContainsKey("/server"))
{
masterkeys = Triage.TriageUserMasterKeys(null, true, arguments["/server"], password);
}
else
{
masterkeys = Triage.TriageUserMasterKeys(null, true, "", password);
}
}
Triage.TriagePSCredFile(masterkeys, target, unprotect);
}
public Appointment(DateTime schedule, Specialty reason, Triage urgency, Patient patient, string details)
{
apptSchedule = schedule;
this.reason = reason;
this.urgency = urgency;
this.patient = patient;
this.detailedReason = details;
}
public PatientDashboardTriageViewModel()
{
queue = new Queue();
pq = new PatientQueue();
triage = new Triage();
lmp = "";
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: User DPAPI Vault Triage\r\n");
arguments.Remove("vaults");
string server = ""; // used for remote server specification
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
}
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
if (Directory.Exists(target))
{
Triage.TriageVaultFolder(target, masterkeys);
}
else
{
Console.WriteLine("\r\n[X] '{0}' is not a valid Vault directory.", target);
}
}
else
{
if (arguments.ContainsKey("/server") && !arguments.ContainsKey("/pvk"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' !");
}
else
{
Triage.TriageUserVaults(masterkeys, server);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: User DPAPI Masterkey File Triage\r\n");
byte[] backupKeyBytes;
string password;
Dictionary <string, string> mappings = new Dictionary <string, string>();
if (arguments.ContainsKey("/pvk"))
{
string pvk64 = arguments["/pvk"];
if (File.Exists(pvk64))
{
backupKeyBytes = File.ReadAllBytes(pvk64);
}
else
{
backupKeyBytes = Convert.FromBase64String(pvk64);
}
if (arguments.ContainsKey("/server"))
{
Console.WriteLine("[*] Triaging remote server: {0}\r\n", arguments["/server"]);
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, true, arguments["/server"]);
}
else
{
Console.WriteLine();
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, true);
}
}
else if (arguments.ContainsKey("/password"))
{
password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
mappings = Triage.TriageUserMasterKeysWithPass(password);
}
else
{
Console.WriteLine("[X] A /pvk:BASE64 domain DPAPI backup key or /password must be supplied!");
return;
}
if (mappings.Count == 0)
{
Console.WriteLine("\r\n[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("\r\n[*] User master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Machine DPAPI Credential and Vault Triage\r\n");
arguments.Remove("triage");
Dictionary <string, string> mappings = Triage.TriageSystemMasterKeys();
Triage.TriageSystemCreds(mappings);
Triage.TriageSystemVaults(mappings);
}
public Triage SaveTriage(Triage triage)
{
SqlServerConnection conn = new SqlServerConnection();
triage.Id = conn.SqlServerUpdate("DECLARE @idnt INT=" + triage.Id + ", @queue INT=" + triage.Queue.Id + ", @visit INT=" + triage.Visit.Id + ", @temp NVARCHAR(10)='" + triage.Temparature.Value + "', @systolic NVARCHAR(10)='" + triage.BpSystolic.Value + "', @diastolic NVARCHAR(10)='" + triage.BpDiastolic.Value + "', @resp NVARCHAR(10)='" + triage.RespiratoryRate.Value + "', @pulse NVARCHAR(10)='" + triage.PulseRate.Value + "', @oxygen NVARCHAR(10)='" + triage.OxygenSaturation.Value + "', @weight NVARCHAR(10)='" + triage.Weight.Value + "', @height NVARCHAR(10)='" + triage.Height.Value + "', @muac NVARCHAR(10)='" + triage.MUAC.Value + "', @chest NVARCHAR(10)='" + triage.Chest.Value + "', @abdominal NVARCHAR(10)='" + triage.Abdominal.Value + "', @mobility NVARCHAR(10)='" + triage.Mobility.Value + "', @trauma NVARCHAR(10)='" + triage.Trauma.Value + "', @avpu NVARCHAR(10)='" + triage.AVPU.Value + "', @pain NVARCHAR(10)='" + triage.PainScale.Value + "', @situation NVARCHAR(MAX)='" + triage.Situation.Value + "', @background NVARCHAR(MAX)='" + triage.Background.Value + "', @assessment NVARCHAR(MAX)='" + triage.Assessment.Value + "', @recommendation NVARCHAR(MAX)='" + triage.Recommendation.Value + "', @notes NVARCHAR(MAX)='" + triage.Notes + "', @user INT=" + triage.CreatedBy.Id + "; " +
"IF NOT EXISTS (SELECT tg_idnt FROM Triage WHERE tg_idnt=@idnt) " +
"BEGIN INSERT INTO Triage (tg_queue, tg_visit, tg_temp, tg_systolic_bp, tg_diastolic_bp, tg_respiratory_rate, tg_pulse_rate, tg_oxygen_saturation, tg_weight, th_height, tg_muac, tg_chest, tg_abdominal, tg_mobility, tg_trauma, tg_avpu, tg_pain, tg_situation, tg_background, tg_assessment, tg_recommendation, tg_created_by, tg_notes) output INSERTED.tg_idnt VALUES (@queue, @visit, @temp, @systolic, @diastolic, @resp, @pulse, @oxygen, @weight, @height, @muac, @chest, @abdominal, @mobility, @trauma, @avpu, @pain, @situation, @background, @assessment, @recommendation, @user, @notes) END " +
"ELSE " +
"BEGIN UPDATE Triage SET tg_temp=@temp, tg_systolic_bp=@systolic, tg_diastolic_bp=@diastolic, tg_respiratory_rate=@resp, tg_pulse_rate=@pulse, tg_oxygen_saturation=@oxygen, tg_weight=@weight, th_height=@height, tg_muac=@muac, tg_chest=@chest, tg_abdominal=@abdominal, tg_mobility=@mobility, tg_trauma=@trauma, tg_avpu=@avpu, tg_pain=@pain, tg_situation=@situation, tg_background=@background, tg_assessment=@assessment, tg_recommendation=@recommendation, tg_notes=@notes output INSERTED.tg_idnt WHERE tg_idnt=@idnt END");
return(triage);
}
public IActionResult SaveTriage()
{
Users user = new Users {
Id = long.Parse(HttpContext.User.FindFirst(ClaimTypes.Actor).Value)
};
Queues queue = IOutpatientService.GetQueue(TriageModel.Queue.Id);
Triage triage = TriageModel.Triage;
triage.Visit = queue.Visit;
triage.Queue = queue;
//Test::Mobility/Trauma/Avpu && convert to int
if (string.IsNullOrEmpty(triage.Mobility.Value))
{
triage.Mobility.Value = "0";
}
if (string.IsNullOrEmpty(triage.Trauma.Value))
{
triage.Trauma.Value = "0";
}
if (string.IsNullOrEmpty(triage.AVPU.Value))
{
triage.AVPU.Value = "0";
}
//Sanitize TextAreas
triage.Situation.Value = triage.Situation.Value.ToValidString();
triage.Background.Value = triage.Background.Value.ToValidString();
triage.Assessment.Value = triage.Assessment.Value.ToValidString();
triage.Recommendation.Value = triage.Recommendation.Value.ToValidString();
triage.Notes = triage.Notes.ToValidString();
//Save Triage
triage.CreatedBy = user;
triage.Save();
if (!queue.StartOn.HasValue)
{
queue.SeenBy = user;
queue.StartEncounter();
}
queue.CompleteEncounter();
var dest = TriageModel.SendTo;
dest.Visit = queue.Visit;
dest.CreatedBy = user;
dest.Save();
return(LocalRedirect("/outpatient/triage.queue" + (queue.CreatedOn.Date.Equals(DateTime.Now.Date) ? "" : "?date=" + TriageModel.Queue.Date)));
}
public OutpatientTriageViewVModel()
{
Patient = new Patient();
Queue = new Queues();
SendTo = new Queues();
Triage = new Triage();
MobilityOpts = new List <SelectListItem>();
AvpuOpts = new List <SelectListItem>();
TraumaOpts = new List <SelectListItem>();
Rooms = new List <SelectListItem>();
Types = new List <SelectListItem>();
Priority = new List <SelectListItem>();
}
public Triage SaveTriage(Triage triage)
{
using (var context = new DataAccess.registroclinicoEntities())
{
var efTriages = context.triages.Where(m => m.id == triage.id).FirstOrDefault();
if (efTriages == null)
{
efTriages = new DataAccess.triage();
efTriages.createdDate = DateTime.UtcNow;
efTriages.deleted = false;// BitConverter.GetBytes(false);
context.triages.Add(efTriages);
}
efTriages.abdominalPerimeter = triage.abdominalPerimeter;
efTriages.bmi = triage.bmi;
efTriages.breathingRate = triage.breathingRate;
efTriages.createdBy = triage.createdBy;
efTriages.deposition = triage.deposition;
efTriages.diastolicBloodPressure = triage.diastolicBloodPressure;
efTriages.glycemia = triage.glycemia;
efTriages.hdlCholesterol = triage.hdlCholesterol;
efTriages.heartRate = triage.heartRate;
efTriages.heartRisk = triage.heartRisk;
efTriages.hunger = triage.hunger;
efTriages.hypertensionRisk = triage.hypertensionRisk;
efTriages.ldlCholesterol = triage.ldlCholesterol;
efTriages.modifiedBy = triage.modifiedBy;
efTriages.modifiedDate = triage.modifiedDate;
efTriages.patient_id = triage.patientId;
efTriages.size = triage.size;
efTriages.sleep = triage.sleep;
efTriages.systolicBloodPressure = triage.systolicBloodPressure;
efTriages.temperature = triage.temperature;
efTriages.thirst = triage.thirst;
efTriages.ticket_id = triage.ticketId;
efTriages.totalCholesterol = triage.totalCholesterol;
efTriages.urine = triage.urine;
efTriages.weight = triage.weight;
efTriages.weightEvolution = triage.weightEvolution;
context.SaveChanges();
triage.id = efTriages.id;
}
return(triage);
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Machine DPAPI Masterkey File Triage\r\n");
Dictionary <string, string> mappings = Triage.TriageSystemMasterKeys(false);
if (mappings.Count == 0)
{
Console.WriteLine("\r\n[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("\r\n[*] SYSTEM master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
}
}
/// <summary>
/// Set up the manager
/// </summary>
private void ManagerInitialize()
{
//Initialize the ABG class and prepare all the diagnoses
abg = new ABG("NursingInterventions");
listWaitingChairs = new List<WaitingChair>();
listExamRooms = new List<ExamRoom>();
//listPatients = new List<Patient>();
//Populate the list of waiting chairs.
GameObject[] wc = GameObject.FindGameObjectsWithTag("WaitingChair");
foreach (GameObject w in wc)
{
listWaitingChairs.Add(w.GetComponent<WaitingChair>());
}
//Populate the list of exam rooms.
GameObject[] er = GameObject.FindGameObjectsWithTag("ExamRoom");
foreach (GameObject e in er)
{
listExamRooms.Add(e.GetComponent<ExamRoom>());
}
//Find the triage
triage = GameObject.FindGameObjectWithTag("Triage").GetComponent<Triage>();
//Find the nurse
nurse = GameObject.FindGameObjectWithTag("Nurse").GetComponent<Nurse>();
//Find the Sink
sink = GameObject.FindGameObjectWithTag("Sink").GetComponent<Sink>();
//prepare the patients.
for (int i = 0; i < prefabPatients.Length; i++)
{
GameObject temp = prefabPatients[i];
int rand = Random.Range(0, prefabPatients.Length);
prefabPatients[i] = prefabPatients[rand];
prefabPatients[rand] = temp;
}
//Reset the score
scorePatientsSeen = 0;
scoreAngryPatients = 0;
scoreCorrectDiagnoses = 0;
scoreCorrectInitialAssessment = 0;
scoreSatisfaction = 100f;
currentPatients = 0;
//reset the spawn timer
timerSpawnUsed = 0.1f;
//set the manager
_manager = this;
gameplayUI.satisfaction.SatisfactionUpdate(scoreSatisfaction);
UpdatePatientsTreated();
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: RDG Triage");
arguments.Remove("rdg");
string server = ""; // used for remote server specification
bool unprotect = false; // whether to force CryptUnprotectData()
if (arguments.ContainsKey("/unprotect"))
{
Console.WriteLine("\r\n[*] Using CryptUnprotectData() for decryption.");
unprotect = true;
}
Console.WriteLine("");
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
}
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
if (arguments.ContainsKey("/server"))
{
masterkeys = Triage.TriageUserMasterKeys(null, true, arguments["/server"], password);
}
else
{
masterkeys = Triage.TriageUserMasterKeys(null, true, "", password);
}
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
if (target.EndsWith(".rdg"))
{
Console.WriteLine("[*] Target .RDG File: {0}\r\n", target);
Triage.TriageRDGFile(masterkeys, target, unprotect);
}
else if (target.EndsWith(".settings"))
{
Console.WriteLine("[*] Target RDCMan.settings File: {0}\r\n", target);
Triage.TriageRDCManFile(masterkeys, target, unprotect);
}
else
{
Console.WriteLine("[X] Target must be .RDG or RDCMan.settings file: {0}\r\n", target);
}
}
else
{
if (arguments.ContainsKey("/server") && !arguments.ContainsKey("/pvk") && !arguments.ContainsKey("/password"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' or '/password:X' !");
}
else
{
Triage.TriageRDCMan(masterkeys, server, unprotect);
}
}
}
public override void OnNavigatedTo(INavigationParameters parameters)
{
var specialty = parameters["Major"] as string;
Major = specialty;
DocsWithMajor = new ObservableCollection <DoctorsAndSpecializationsModel>(Triage.Where(x => x.Specialization.Equals(specialty)));
}
public Triage SaveTriage(Triage triage)
{
return(triageRepository.SaveTriage(triage));
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: User DPAPI Vault Triage\r\n");
arguments.Remove("vaults");
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"];
arguments.Remove("/target");
if (arguments.ContainsKey("/pvk"))
{
// using a domain backup key to decrypt everything
string pvk64 = arguments["/pvk"];
byte[] backupKeyBytes;
if (File.Exists(pvk64))
{
backupKeyBytes = File.ReadAllBytes(pvk64);
}
else
{
backupKeyBytes = Convert.FromBase64String(pvk64);
}
Console.WriteLine("[*] Using a domain DPAPI backup key to triage masterkeys for decryption key mappings!\r\n");
// build a {GUID}:SHA1 masterkey mappings
Dictionary <string, string> mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false);
if (mappings.Count == 0)
{
Console.WriteLine("[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("[*] User master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
}
arguments = mappings;
}
if (Directory.Exists(target))
{
Console.WriteLine("[*] Target Vault Folder: {0}\r\n", target);
Triage.TriageVaultFolder(target, arguments);
}
else
{
Console.WriteLine("\r\n[X] '{0}' is not a valid Vault directory.", target);
}
}
else if (arguments.ContainsKey("/pvk"))
{
// using a domain backup key to decrypt everything
string pvk64 = arguments["/pvk"];
string server = "";
byte[] backupKeyBytes;
if (File.Exists(pvk64))
{
backupKeyBytes = File.ReadAllBytes(pvk64);
}
else
{
backupKeyBytes = Convert.FromBase64String(pvk64);
}
Console.WriteLine("[*] Using a domain DPAPI backup key to triage masterkeys for decryption key mappings!");
// build a {GUID}:SHA1 masterkey mappings
Dictionary <string, string> mappings = new Dictionary <string, string>();
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false, server);
}
else
{
Console.WriteLine("");
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false);
}
if (mappings.Count == 0)
{
Console.WriteLine("[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("[*] User master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
}
Triage.TriageUserVaults(mappings, server);
}
else
{
if (arguments.ContainsKey("/server"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' !");
}
else
{
Triage.TriageUserVaults(arguments);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: User DPAPI Credential and Vault Triage\r\n");
arguments.Remove("triage");
string server = "";
if (arguments.ContainsKey("/pvk"))
{
// using a domain backup key to decrypt everything
string pvk64 = arguments["/pvk"];
byte[] backupKeyBytes = Convert.FromBase64String(pvk64);
Console.WriteLine("[*] Using a domain DPAPI backup key to triage masterkeys for decryption key mappings!");
// build a {GUID}:SHA1 masterkey mappings
Dictionary <string, string> mappings = new Dictionary <string, string>();
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false, server);
}
else
{
Console.WriteLine("");
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false);
}
if (mappings.Count == 0)
{
Console.WriteLine("[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("[*] Master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
}
Triage.TriageUserCreds(mappings, server);
Triage.TriageUserVaults(mappings);
return;
}
else
{
if (arguments.ContainsKey("/server"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' !");
return;
}
else
{
Triage.TriageUserCreds(arguments);
Triage.TriageUserVaults(arguments);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Describe DPAPI blob\r\n");
byte[] blobBytes;
if (arguments.ContainsKey("/in"))
{
string blob = arguments["/in"];
if (File.Exists(blob))
{
blobBytes = File.ReadAllBytes(blob);
}
else
{
blobBytes = Convert.FromBase64String(blob);
}
arguments.Remove("in");
}
else
{
Console.WriteLine("[X] An /in:<BASE64 | file> must be supplied!");
return;
}
if (arguments.ContainsKey("/pvk"))
{
// using a domain backup key to decrypt everything
string pvk64 = arguments["/pvk"];
byte[] backupKeyBytes;
if (File.Exists(pvk64))
{
backupKeyBytes = File.ReadAllBytes(pvk64);
}
else
{
backupKeyBytes = Convert.FromBase64String(pvk64);
}
Console.WriteLine("[*] Using a domain DPAPI backup key to triage masterkeys for decryption key mappings!");
// build a {GUID}:SHA1 masterkey mappings
Dictionary <string, string> mappings = new Dictionary <string, string>();
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false);
if (mappings.Count == 0)
{
Console.WriteLine("[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("[*] User master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
}
byte[] decBytes = Dpapi.DescribeDPAPIBlob(blobBytes, mappings, "blob");
if (decBytes.Length != 0)
{
if (Helpers.IsUnicode(decBytes))
{
Console.WriteLine(" dec(blob) : {0}", System.Text.Encoding.Unicode.GetString(decBytes));
}
else
{
string b64DecBytesString = BitConverter.ToString(decBytes).Replace("-", " ");
Console.WriteLine(" dec(blob) : {0}", b64DecBytesString);
}
}
}
else
{
byte[] decBytes = Dpapi.DescribeDPAPIBlob(blobBytes, arguments, "blob");
if (decBytes.Length != 0)
{
if (Helpers.IsUnicode(decBytes))
{
Console.WriteLine(" dec(blob) : {0}", System.Text.Encoding.Unicode.GetString(decBytes));
}
else
{
string b64DecBytesString = BitConverter.ToString(decBytes).Replace("-", " ");
Console.WriteLine(" dec(blob) : {0}", b64DecBytesString);
}
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: User DPAPI Credential Triage\r\n");
arguments.Remove("credentials");
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
string server = ""; // used for remote server specification
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
}
// {GUID}:SHA1 keys are the only ones that don't start with /
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
if (arguments.ContainsKey("/server"))
{
masterkeys = Triage.TriageUserMasterKeys(null, true, arguments["/server"], password);
}
else
{
masterkeys = Triage.TriageUserMasterKeys(null, true, "", password);
}
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
if (File.Exists(target))
{
Console.WriteLine("[*] Target Credential File: {0}\r\n", target);
Triage.TriageCredFile(target, masterkeys);
}
else if (Directory.Exists(target))
{
Console.WriteLine("[*] Target Credential Folder: {0}\r\n", target);
Triage.TriageCredFolder(target, masterkeys);
}
else
{
Console.WriteLine("\r\n[X] '{0}' is not a valid file or directory.", target);
}
}
else
{
if (arguments.ContainsKey("/server") && !arguments.ContainsKey("/pvk") && !arguments.ContainsKey("/password"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' or '/password:X' !");
}
else
{
Triage.TriageUserCreds(masterkeys, server);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: RDG Triage\r\n");
arguments.Remove("rdg");
// whether to use CryptUnprotectData() instead of masterkeys
bool unprotect = false;
if (arguments.ContainsKey("/unprotect"))
{
unprotect = true;
arguments.Remove("/unprotect");
Console.WriteLine("[*] Using CryptUnprotectData() to decrypt RDG passwords\r\n");
if (arguments.ContainsKey("/server"))
{
Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' !");
return;
}
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"];
arguments.Remove("/target");
if (arguments.ContainsKey("/pvk"))
{
// using a domain backup key to decrypt everything
string pvk64 = arguments["/pvk"];
byte[] backupKeyBytes;
if (File.Exists(pvk64))
{
backupKeyBytes = File.ReadAllBytes(pvk64);
}
else
{
backupKeyBytes = Convert.FromBase64String(pvk64);
}
// build a {GUID}:SHA1 masterkey mappings
Dictionary <string, string> mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false);
if (mappings.Count == 0)
{
Console.WriteLine("\r\n[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("\r\n[*] User master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
}
Console.WriteLine("\r\n[*] Using a domain DPAPI backup key to triage masterkeys for decryption key mappings!\r\n");
arguments = mappings;
}
if (File.Exists(target))
{
if (target.EndsWith(".rdg"))
{
Console.WriteLine("[*] Target .RDG File: {0}\r\n", target);
Triage.TriageRDGFile(arguments, target, unprotect);
}
else if (target.EndsWith(".settings"))
{
Console.WriteLine("[*] Target RDCMan.settings File: {0}\r\n", target);
Triage.TriageRDCManFile(arguments, target, unprotect);
}
else
{
Console.WriteLine("[X] Target must be .RDG or RDCMan.settings file: {0}\r\n", target);
}
}
else if (Directory.Exists(target))
{
Console.WriteLine("[*] Target RDG Folder: {0}\r\n", target);
Triage.TriageRDGFolder(arguments, target, unprotect);
}
else
{
Console.WriteLine("\r\n[X] '{0}' is not a valid file or directory.", target);
}
}
else if (arguments.ContainsKey("/pvk"))
{
// using a domain backup key to decrypt everything
string pvk64 = arguments["/pvk"];
string server = "";
byte[] backupKeyBytes;
if (File.Exists(pvk64))
{
backupKeyBytes = File.ReadAllBytes(pvk64);
}
else
{
backupKeyBytes = Convert.FromBase64String(pvk64);
}
Console.WriteLine("[*] Using a domain DPAPI backup key to triage masterkeys for decryption key mappings!");
// build a {GUID}:SHA1 masterkey mappings
Dictionary <string, string> mappings = new Dictionary <string, string>();
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging remote server: {0}\r\n", server);
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false, server);
}
else
{
Console.WriteLine("");
mappings = Triage.TriageUserMasterKeys(backupKeyBytes, false);
}
if (mappings.Count == 0)
{
Console.WriteLine("[!] No master keys decrypted!\r\n");
}
else
{
Console.WriteLine("[*] User master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in mappings)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
}
Triage.TriageRDCMan(mappings, server, unprotect);
}
else
{
if (arguments.ContainsKey("/server"))
{
//Console.WriteLine("[X] The '/server:X' argument must be used with '/pvk:BASE64...' !");
Console.WriteLine("[X] /server:X option not currently supported for this function!");
}
else
{
Triage.TriageRDCMan(arguments, "", unprotect);
}
}
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Certificate Triage");
arguments.Remove("certificates");
string server = ""; // used for remote server specification
bool cng = false; // used for CNG certs
bool showall = false; // used for CNG certs
bool machineStore = false; // use the machine store instead of the personal certificate store
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/cng"))
{
cng = true;
}
if (arguments.ContainsKey("/showall"))
{
showall = true;
}
if (arguments.ContainsKey("/machine"))
{
// machine certificate triage
machineStore = true;
if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
if (masterkeys.Count == 0)
{
Console.WriteLine("\r\n[X] Either a '/mkfile:X' or {GUID}:key needs to be passed in order to use '/target' for machine masterkeys");
}
else
{
if (File.Exists(target))
{
Console.WriteLine("[*] Target Certificate File: {0}\r\n", target);
Triage.TriageCertFile(target, masterkeys, cng, showall);
}
else if (Directory.Exists(target))
{
Console.WriteLine("[*] Target Certificate Folder: {0}\r\n", target);
Triage.TriageCertFolder(target, masterkeys, cng, showall);
}
else
{
Console.WriteLine("\r\n[X] '{0}' is not a valid file or directory.", target);
}
}
}
else
{
if (masterkeys.Count == 0)
{
// if no /target and no masterkeys, try to extract the SYSTEM DPAPI creds
if (!Helpers.IsHighIntegrity())
{
Console.WriteLine("[X] Must be elevated to triage SYSTEM DPAPI Credentials!");
}
else
{
masterkeys = Triage.TriageSystemMasterKeys();
Console.WriteLine("\r\n[*] SYSTEM master key cache:\r\n");
foreach (KeyValuePair <string, string> kvp in masterkeys)
{
Console.WriteLine("{0}:{1}", kvp.Key, kvp.Value);
}
Console.WriteLine();
Triage.TriageSystemCerts(masterkeys);
}
}
else
{
// if we got machine masterkeys somehow else
Console.WriteLine(masterkeys.Count);
Triage.TriageSystemCerts(masterkeys);
}
}
}
else
{
// user triage
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
if (arguments.ContainsKey("/server"))
{
masterkeys = Triage.TriageUserMasterKeys(null, true, arguments["/server"], password);
}
else
{
masterkeys = Triage.TriageUserMasterKeys(null, true, "", password);
}
}
if (arguments.ContainsKey("/server"))
{
server = arguments["/server"];
Console.WriteLine("[*] Triaging Certificates from remote server: {0}\r\n", server);
Triage.TriageUserCerts(masterkeys, server, showall);
}
if (arguments.ContainsKey("/target"))
{
string target = arguments["/target"].Trim('"').Trim('\'');
if (File.Exists(target))
{
Console.WriteLine("[*] Target Certificate File: {0}\r\n", target);
Triage.TriageCertFile(target, masterkeys, cng, showall);
}
else if (Directory.Exists(target))
{
Console.WriteLine("[*] Target Certificate Folder: {0}\r\n", target);
Triage.TriageCertFolder(target, masterkeys, cng, showall);
}
else
{
Console.WriteLine("\r\n[X] '{0}' is not a valid file or directory.", target);
}
}
else
{
Triage.TriageUserCerts(masterkeys, "", showall);
}
}
Console.WriteLine("\r\n[*] Hint: openssl pkcs12 -in cert.pem -keyex -CSP \"Microsoft Enhanced Cryptographic Provider v1.0\" -export -out cert.pfx");
}
public Triage SaveTriage(Triage triage)
{
return(triage);
}
public void Execute(Dictionary <string, string> arguments)
{
Console.WriteLine("\r\n[*] Action: Describe DPAPI blob");
byte[] blobBytes;
bool unprotect = false; // whether to force CryptUnprotectData()
byte[] entropy = null;
if (arguments.ContainsKey("/unprotect"))
{
Console.WriteLine("\r\n[*] Using CryptUnprotectData() for decryption.");
unprotect = true;
}
Console.WriteLine();
if (arguments.ContainsKey("/target"))
{
string blob = arguments["/target"].Trim('"').Trim('\'');
if (File.Exists(blob))
{
blobBytes = File.ReadAllBytes(blob);
}
else
{
blobBytes = Convert.FromBase64String(blob);
}
}
else
{
Console.WriteLine("[X] A /target:<BASE64 | file.bin> must be supplied!");
return;
}
// {GUID}:SHA1 keys are the only ones that don't start with /
Dictionary <string, string> masterkeys = new Dictionary <string, string>();
foreach (KeyValuePair <string, string> entry in arguments)
{
if (!entry.Key.StartsWith("/"))
{
masterkeys.Add(entry.Key, entry.Value);
}
}
if (arguments.ContainsKey("/pvk"))
{
// use a domain DPAPI backup key to triage masterkeys
masterkeys = SharpDPAPI.Dpapi.PVKTriage(arguments);
}
else if (arguments.ContainsKey("/mkfile"))
{
masterkeys = SharpDPAPI.Helpers.ParseMasterKeyFile(arguments["/mkfile"]);
}
else if (arguments.ContainsKey("/password"))
{
string password = arguments["/password"];
Console.WriteLine("[*] Will decrypt user masterkeys with password: {0}\r\n", password);
if (arguments.ContainsKey("/server"))
{
masterkeys = Triage.TriageUserMasterKeys(null, true, arguments["/server"], password);
}
else
{
masterkeys = Triage.TriageUserMasterKeys(null, true, "", password);
}
}
if (arguments.ContainsKey("/entropy"))
{
entropy = Helpers.ConvertHexStringToByteArray(arguments["/entropy"]);
}
if (blobBytes.Length > 0)
{
byte[] decBytesRaw = Dpapi.DescribeDPAPIBlob(blobBytes, masterkeys, "blob", unprotect, entropy);
if ((decBytesRaw != null) && (decBytesRaw.Length != 0))
{
if (Helpers.IsUnicode(decBytesRaw))
{
string data = "";
int finalIndex = Array.LastIndexOf(decBytesRaw, (byte)0);
if (finalIndex > 1)
{
byte[] decBytes = new byte[finalIndex + 1];
Array.Copy(decBytesRaw, 0, decBytes, 0, finalIndex);
data = Encoding.Unicode.GetString(decBytes);
}
else
{
data = Encoding.ASCII.GetString(decBytesRaw);
}
Console.WriteLine(" dec(blob) : {0}", data);
}
else
{
string hexData = BitConverter.ToString(decBytesRaw).Replace("-", " ");
Console.WriteLine(" dec(blob) : {0}", hexData);
}
}
}
}