mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-25 12:55:28 +00:00
f2ac1ece55
add
290 lines
9.0 KiB
C#
290 lines
9.0 KiB
C#
// Decompiled with JetBrains decompiler
|
|
// Type: Bmc.Broker.Activation
|
|
// Assembly: ticketservice, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
|
|
// MVID: 3DFB8186-7053-43AF-8B45-70866071B1F2
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Trojan.Win32.Patched.mf-fd200e64412b6be5c177c3cfa7b94e83e807ff04211ce324f12e2ffa5537eb36.exe
|
|
|
|
using Bmc.Broker.Config;
|
|
using Bmc.RegistryAccess;
|
|
using Bmc.Services.Ticket;
|
|
using Net.LShift.SPKI;
|
|
using Net.LShift.Utilities;
|
|
using System;
|
|
using System.Collections;
|
|
using System.Collections.Specialized;
|
|
using System.Runtime.Remoting.Channels;
|
|
using System.Runtime.Remoting.Channels.Tcp;
|
|
|
|
namespace Bmc.Broker
|
|
{
|
|
public class Activation
|
|
{
|
|
public static readonly TimeSpan MAX_TICKET_AGE = TimeSpan.FromMilliseconds(1000.0);
|
|
private ITicket _ticketService;
|
|
private SPKISexp _ticket = (SPKISexp) null;
|
|
private DateTime _ticketTimestamp = DateTime.MinValue;
|
|
|
|
public static Activation Instance => SingletonFactory.GetInstance(typeof (Activation)) as Activation;
|
|
|
|
public event SimpleDelegate OnSuccessfulFetch;
|
|
|
|
private ITicket TicketService
|
|
{
|
|
get
|
|
{
|
|
lock (this)
|
|
{
|
|
if (this._ticketService == null)
|
|
{
|
|
try
|
|
{
|
|
ChannelServices.RegisterChannel((IChannel) new TcpChannel());
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
}
|
|
string url = "tcp://localhost:" + ConfigurationManager.Instance[(FIELD) 6] + "/" + Constants.URI;
|
|
try
|
|
{
|
|
this._ticketService = (ITicket) Activator.GetObject(typeof (ITicket), url);
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
throw ex;
|
|
}
|
|
}
|
|
return this._ticketService;
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool TicketOK
|
|
{
|
|
get
|
|
{
|
|
try
|
|
{
|
|
SPKISexp ticket = this.Ticket;
|
|
return true;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
public bool StateOK
|
|
{
|
|
get
|
|
{
|
|
try
|
|
{
|
|
this.TicketService.GetTime();
|
|
return true;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
public void FetchTicket()
|
|
{
|
|
this.TicketService.FetchTicket();
|
|
this._ticketTimestamp = DateTime.MinValue;
|
|
if (this.OnSuccessfulFetch == null)
|
|
return;
|
|
this.OnSuccessfulFetch.Invoke();
|
|
}
|
|
|
|
public void WipeState() => this.TicketService.WipeState();
|
|
|
|
public void RegisterInstance(int port, string auth) => this.TicketService.RegisterInstance(port, auth);
|
|
|
|
public SPKISexp Ticket
|
|
{
|
|
get
|
|
{
|
|
lock (this)
|
|
{
|
|
try
|
|
{
|
|
this._ticket = (SPKISexp) null;
|
|
this._ticket = this.TicketService.GetTicket();
|
|
return this._ticket;
|
|
}
|
|
finally
|
|
{
|
|
SPKISexp ticket = this._ticket;
|
|
this._ticketTimestamp = DateTime.Now;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
public SPKISexp LazyTicket
|
|
{
|
|
get
|
|
{
|
|
try
|
|
{
|
|
lock (this)
|
|
return DateTime.Now - this._ticketTimestamp > Activation.MAX_TICKET_AGE ? this.Ticket : this._ticket;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
return (SPKISexp) null;
|
|
}
|
|
}
|
|
}
|
|
|
|
public TicketState GetState() => Activation.GetState(this.Ticket, this.TicketService.GetTime());
|
|
|
|
public string Version
|
|
{
|
|
get
|
|
{
|
|
SPKISexp lazyTicket = this.LazyTicket;
|
|
return lazyTicket != null ? Activation.GetState(lazyTicket, DateTime.Now).GetProperty("bbm", "softwareversion") : (string) null;
|
|
}
|
|
}
|
|
|
|
public static TicketState GetState(SPKISexp ticket, DateTime now)
|
|
{
|
|
try
|
|
{
|
|
IDictionary states = (IDictionary) new Hashtable();
|
|
SPKISexp spkiSexp1 = ticket[nameof (ticket)]["packages"];
|
|
for (int index1 = 1; index1 < spkiSexp1.Length; ++index1)
|
|
{
|
|
SPKISexp spkiSexp2 = spkiSexp1[index1];
|
|
if (!spkiSexp2.IsLeaf && spkiSexp2.SexpName == "package")
|
|
{
|
|
PackageState packageState = new PackageState();
|
|
packageState.Permissions = new StringCollection();
|
|
packageState.Products = (IDictionary) new Hashtable();
|
|
packageState.Package = spkiSexp2.Get("name").Name;
|
|
states.Add((object) packageState.Package, (object) packageState);
|
|
SPKISexp spkiSexp3 = spkiSexp2["transitions"];
|
|
if (spkiSexp3.Length % 2 != 0)
|
|
throw new BadTicketException("Odd number of members in transitions");
|
|
int num = 2;
|
|
while (num < spkiSexp3.Length && !(spkiSexp3[num].ToDateTime() > now))
|
|
num += 2;
|
|
packageState.CurrentState = spkiSexp3[num - 1].Name;
|
|
packageState.LastTransition = num - 2 >= 2 ? spkiSexp3[num - 2].ToDateTime() - now : TimeSpan.MinValue;
|
|
if (num + 1 >= spkiSexp3.Length)
|
|
{
|
|
packageState.NextTransition = TimeSpan.MaxValue;
|
|
packageState.NextState = (string) null;
|
|
}
|
|
else
|
|
{
|
|
packageState.NextTransition = spkiSexp3[num].ToDateTime() - now;
|
|
packageState.NextTransitionDate = spkiSexp3[num].ToDateTime();
|
|
packageState.NextState = spkiSexp3[num + 1].Name;
|
|
}
|
|
SPKISexp spkiSexp4 = spkiSexp2["states"];
|
|
SPKISexp spkiSexp5 = (SPKISexp) null;
|
|
for (int index2 = 1; index2 < spkiSexp4.Length; ++index2)
|
|
{
|
|
SPKISexp spkiSexp6 = spkiSexp4[index2];
|
|
if (spkiSexp6.SexpName.Equals("state") && spkiSexp6[1].Name.Equals(packageState.CurrentState))
|
|
{
|
|
spkiSexp5 = spkiSexp6;
|
|
break;
|
|
}
|
|
}
|
|
if (spkiSexp5 != null)
|
|
{
|
|
try
|
|
{
|
|
SPKISexp spkiSexp7 = spkiSexp5["permissions"];
|
|
for (int index3 = 1; index3 < spkiSexp7.Length; ++index3)
|
|
packageState.Permissions.Add(spkiSexp7[index3].Name);
|
|
}
|
|
catch (AccessException ex)
|
|
{
|
|
}
|
|
try
|
|
{
|
|
SPKISexp spkiSexp8 = spkiSexp5["products"];
|
|
for (int index4 = 1; index4 < spkiSexp8.Length; ++index4)
|
|
{
|
|
SPKISexp spkiSexp9 = spkiSexp8[index4];
|
|
if (!spkiSexp9.IsLeaf)
|
|
{
|
|
if (spkiSexp9.SexpName == "product")
|
|
{
|
|
try
|
|
{
|
|
string name1 = spkiSexp9[1].Name;
|
|
ProductState productState = new ProductState();
|
|
productState.Product = name1;
|
|
packageState.Products[(object) name1] = (object) productState;
|
|
productState.Properties = (IDictionary) new Hashtable();
|
|
productState.Permissions = new StringCollection();
|
|
SPKISexp spkiSexp10 = spkiSexp9["properties"];
|
|
for (int index5 = 1; index5 < spkiSexp10.Length; ++index5)
|
|
{
|
|
SPKISexp spkiSexp11 = spkiSexp10[index5];
|
|
if (!spkiSexp11.IsLeaf && spkiSexp11.SexpName == "property")
|
|
{
|
|
string name2 = spkiSexp11[1].Name;
|
|
string name3 = spkiSexp11[2].Name;
|
|
productState.Properties[(object) name2] = (object) name3;
|
|
}
|
|
}
|
|
SPKISexp spkiSexp12 = spkiSexp9["permissions"];
|
|
for (int index6 = 1; index6 < spkiSexp12.Length; ++index6)
|
|
productState.Permissions.Add(spkiSexp12[index6].Name);
|
|
}
|
|
catch (AccessException ex)
|
|
{
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
catch (AccessException ex)
|
|
{
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return new TicketState(states);
|
|
}
|
|
catch (AccessException ex)
|
|
{
|
|
throw new BadTicketException("missing fields", (Exception) ex);
|
|
}
|
|
}
|
|
|
|
public void CheckForPermission(string product, string permission)
|
|
{
|
|
if (!this.GetState().HasPermission(product, permission))
|
|
throw new PermissionDeniedException();
|
|
}
|
|
|
|
public bool GetPermission(string product, string permission)
|
|
{
|
|
try
|
|
{
|
|
return this.GetState().HasPermission(product, permission);
|
|
}
|
|
catch (NoTicketException ex)
|
|
{
|
|
return false;
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public string GetProperty(string prodId, string propName) => this.GetState().GetProperty(prodId, propName);
|
|
}
|
|
}
|