示例#1
0
 public static bool IsUnicode(byte[] bytes)
 {
     // helper that users the IsTextUnicode() API call to determine if a byte array is likely unicode text
     Interop.IsTextUnicodeFlags flags = Interop.IsTextUnicodeFlags.IS_TEXT_UNICODE_STATISTICS;
     return(Interop.IsTextUnicode(bytes, bytes.Length, ref flags));
 }
示例#2
0
        public static void TriageRDCManFile(Dictionary <string, string> MasterKeys, string rdcManFile, bool unprotect = false)
        {
            // triage a specific RDCMan.settings file

            if (System.IO.File.Exists(rdcManFile))
            {
                DateTime lastAccessed = System.IO.File.GetLastAccessTime(rdcManFile);
                DateTime lastModified = System.IO.File.GetLastWriteTime(rdcManFile);

                XmlDocument xmlDoc = new XmlDocument();
                xmlDoc.Load(rdcManFile);

                Console.WriteLine("    RDCManFile    : {0}", rdcManFile);
                Console.WriteLine("    Accessed      : {0}", lastAccessed);
                Console.WriteLine("    Modified      : {0}", lastModified);


                // show any recently used servers
                XmlNodeList recentlyUsed = xmlDoc.GetElementsByTagName("recentlyUsed");
                if (recentlyUsed[0]["server"] != null)
                {
                    string recentlyUsedServer = recentlyUsed[0]["server"].InnerText;
                    Console.WriteLine("    Recent Server : {0}", recentlyUsedServer);
                }


                // see if there are any credential profiles
                XmlNodeList credProfileNodes = xmlDoc.GetElementsByTagName("credentialsProfile");

                if ((credProfileNodes != null) && (credProfileNodes.Count != 0))
                {
                    Console.WriteLine("\r\n        Cred Profiles");
                }
                foreach (XmlNode credProfileNode in credProfileNodes)
                {
                    Console.WriteLine();
                    DisplayCredProfile(MasterKeys, credProfileNode, unprotect);
                }


                // check default logonCredentials stuff
                XmlNodeList logonCredNodes = xmlDoc.GetElementsByTagName("logonCredentials");

                if ((logonCredNodes != null) && (logonCredNodes.Count != 0))
                {
                    Console.WriteLine("\r\n        Default Logon Credentials");
                }
                foreach (XmlNode logonCredNode in logonCredNodes)
                {
                    Console.WriteLine();
                    DisplayCredProfile(MasterKeys, logonCredNode, unprotect);
                }


                // grab the recent RDG files
                XmlNodeList filesToOpen = xmlDoc.GetElementsByTagName("FilesToOpen");
                XmlNodeList items       = filesToOpen[0].ChildNodes;

                // triage recently used RDG files
                foreach (XmlNode rdgFile in items)
                {
                    if (Interop.PathIsUNC(rdcManFile))
                    {
                        // If the RDCMan.settings file is a \\UNC path (so /server:X was used),
                        //  check if the .RDG file is local or also a \\UNC path.
                        if (!Interop.PathIsUNC(rdgFile.InnerText))
                        {
                            // If the file .RDG file is local, try to translate it to the server \\UNC path
                            string computerName = rdcManFile.Split(new[] { '\\' }, StringSplitOptions.RemoveEmptyEntries)[0];
                            string rdgUncPath   = Helpers.ConvertLocalPathToUNCPath(computerName, rdgFile.InnerText);
                            TriageRDGFile(MasterKeys, rdgUncPath, unprotect);
                        }
                        else
                        {
                            TriageRDGFile(MasterKeys, rdgFile.InnerText, unprotect);
                        }
                    }
                    else
                    {
                        TriageRDGFile(MasterKeys, rdgFile.InnerText, unprotect);
                    }
                }
                Console.WriteLine();
            }
            else
            {
                // Console.WriteLine("\r\n      [X] RDCMan.settings file '{0}' is not accessible or doesn't exist!", rdcManFile);
            }
        }