mirror of https://github.com/infosecn1nja/C3.git
Merge branch 'OsVersion' into 'master'
Os version Closes #2 See merge request C3/C3!175dependabot/npm_and_yarn/Src/WebController/UI/websocket-extensions-0.1.4
Pawel Kurowski
commit
12cf67a5b8
|
|
@ -733,9 +733,6 @@
|
|||
<ClInclude Include="PeUtils.h" />
|
||||
<ClInclude Include="WindowsVersion.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Manifest Include="..\Common\FSecure\WinTools\OsVersion.manifest" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ResourceCompile Include="CebuLoader.rc" />
|
||||
</ItemGroup>
|
||||
|
|
|
|||
|
|
@ -605,9 +605,6 @@
|
|||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='ClangRwdi|x64'">Create</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Manifest Include="..\Common\FSecure\WinTools\OsVersion.manifest" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
|
|
|
|||
|
|
@ -1,8 +1,5 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
|
||||
<ItemGroup>
|
||||
<Manifest Include="..\Common\FSecure\WinTools\OsVersion.manifest" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<ClCompile Include="Form.cpp" />
|
||||
<ClCompile Include="StdAfx.cpp" />
|
||||
|
|
|
|||
|
|
@ -37,46 +37,46 @@ namespace FSecure
|
|||
}
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
||||
HostInfo::HostInfo()
|
||||
: m_OsVersionInfo{ sizeof(m_OsVersionInfo) }
|
||||
HostInfo HostInfo::Gather()
|
||||
{
|
||||
// Reserve buffers for winapi calls.
|
||||
DWORD computerNameBufferLength = MAX_COMPUTERNAME_LENGTH + 1, userNameBufferLength = UNLEN + 1;
|
||||
m_ComputerName.resize(computerNameBufferLength);
|
||||
m_UserName.resize(userNameBufferLength);
|
||||
std::string computerName(computerNameBufferLength, '\0');
|
||||
std::string userName(userNameBufferLength, '\0');
|
||||
|
||||
// Get name of the computer.
|
||||
if (::GetComputerNameA(m_ComputerName.data(), &computerNameBufferLength))
|
||||
m_ComputerName.resize(computerNameBufferLength);
|
||||
if (::GetComputerNameA(computerName.data(), &computerNameBufferLength))
|
||||
computerName.resize(computerNameBufferLength);
|
||||
else
|
||||
m_ComputerName.resize(0);
|
||||
computerName.resize(0);
|
||||
|
||||
// Get the user name.
|
||||
if (::GetUserNameA(m_UserName.data(), &userNameBufferLength))
|
||||
m_UserName.resize(userNameBufferLength - 1);
|
||||
if (::GetUserNameA(userName.data(), &userNameBufferLength))
|
||||
userName.resize(userNameBufferLength - 1);
|
||||
else
|
||||
m_UserName.resize(0);
|
||||
userName.resize(0);
|
||||
|
||||
#pragma warning( push )
|
||||
#pragma warning(disable : 4996) // disable deprecation warning
|
||||
// Retrieve Operating system version.
|
||||
::GetVersionExA(reinterpret_cast<LPOSVERSIONINFOA>(&m_OsVersionInfo));
|
||||
#pragma warning( pop )
|
||||
RTL_OSVERSIONINFOEXW osVersionInfo{ sizeof(osVersionInfo) };
|
||||
using fnRtlGetVersion = NTSTATUS(NTAPI*)(PRTL_OSVERSIONINFOEXW lpVersionInformation);
|
||||
auto RtlGetVersion = (fnRtlGetVersion)GetProcAddress(GetModuleHandleW(OBF(L"ntdll.dll")), OBF("RtlGetVersion"));
|
||||
if (RtlGetVersion)
|
||||
RtlGetVersion(&osVersionInfo);
|
||||
|
||||
m_ProcessId = ::GetCurrentProcessId();
|
||||
|
||||
m_IsElevated = IsElevated();
|
||||
DWORD processId = ::GetCurrentProcessId();
|
||||
|
||||
std::string domain;
|
||||
LPWSTR buf = nullptr;
|
||||
if (NETSETUP_JOIN_STATUS status; NERR_Success == ::NetGetJoinInformation(nullptr, &buf, &status))
|
||||
{
|
||||
SCOPE_GUARD( ::NetApiBufferFree(buf); );
|
||||
if(status == NetSetupDomainName)
|
||||
m_Domain = WidestringToString(buf);
|
||||
domain = WidestringToString(buf);
|
||||
}
|
||||
|
||||
return HostInfo(std::move(computerName), std::move(userName), std::move(domain), std::move(osVersionInfo), processId, IsElevated());
|
||||
}
|
||||
|
||||
HostInfo::HostInfo(std::string computerName, std::string userName, std::string domain, OSVERSIONINFOEXA osVersionInfo, DWORD processId, bool isElevated)
|
||||
HostInfo::HostInfo(std::string computerName, std::string userName, std::string domain, RTL_OSVERSIONINFOEXW osVersionInfo, DWORD processId, bool isElevated)
|
||||
: m_ComputerName{ std::move(computerName) }
|
||||
, m_UserName{ std::move(userName) }
|
||||
, m_Domain{ std::move(domain) }
|
||||
|
|
@ -84,7 +84,6 @@ namespace FSecure
|
|||
, m_ProcessId(processId)
|
||||
, m_IsElevated(isElevated)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
HostInfo::HostInfo(const json& json)
|
||||
|
|
@ -102,19 +101,6 @@ namespace FSecure
|
|||
json.at("IsElevated").get_to(m_IsElevated);
|
||||
}
|
||||
|
||||
std::ostream& operator<<(std::ostream& os, HostInfo const& hi)
|
||||
{
|
||||
return os << "Computer name:\t" << hi.m_ComputerName << '\n'
|
||||
<< "Domain: \t" << hi.m_Domain << '\n'
|
||||
<< "User name:\t" << hi.m_UserName << '\n'
|
||||
<< "Is Elevated:\t" << std::boolalpha << hi.m_IsElevated << '\n'
|
||||
<< "Os version:\t" << "Windows "s << hi.m_OsVersionInfo.dwMajorVersion << '.' << hi.m_OsVersionInfo.dwMinorVersion
|
||||
<< (VER_NT_WORKSTATION == hi.m_OsVersionInfo.wProductType ? " Workstation SP: " : " Server SP: ")
|
||||
<< hi.m_OsVersionInfo.wServicePackMajor << '.' << hi.m_OsVersionInfo.wServicePackMinor
|
||||
<< " Build " << hi.m_OsVersionInfo.dwBuildNumber << '\n'
|
||||
<< "Process Id:\t" << hi.m_ProcessId << '\n';
|
||||
}
|
||||
|
||||
void to_json(json& j, const HostInfo& hi)
|
||||
{
|
||||
j = json
|
||||
|
|
|
|||
|
|
@ -14,39 +14,34 @@ namespace FSecure
|
|||
std::string m_ComputerName; ///< Host name.
|
||||
std::string m_UserName; ///< Currently logged user name.
|
||||
std::string m_Domain; ///< Domain name
|
||||
OSVERSIONINFOEXA m_OsVersionInfo; ///< MS windows version info
|
||||
RTL_OSVERSIONINFOEXW m_OsVersionInfo; ///< MS windows version info
|
||||
DWORD m_ProcessId; ///< Process Id
|
||||
bool m_IsElevated; ///< Is process run with elevated rights
|
||||
|
||||
/// Gather info about host.
|
||||
HostInfo();
|
||||
static HostInfo Gather();
|
||||
|
||||
/// Aggregate constructor.
|
||||
HostInfo(std::string computerName, std::string userName, std::string domain, OSVERSIONINFOEXA osVersionInfo, DWORD processId, bool isElevated);
|
||||
HostInfo(std::string computerName, std::string userName, std::string domain, RTL_OSVERSIONINFOEXW osVersionInfo, DWORD processId, bool isElevated);
|
||||
|
||||
/// Constructor from json
|
||||
/// @param json to read from
|
||||
HostInfo(const json& json);
|
||||
};
|
||||
|
||||
/// Overload ostream operator << for HostInfo
|
||||
/// @param ostream to write to
|
||||
/// @param host info to write
|
||||
std::ostream& operator <<(std::ostream& os, HostInfo const& hi);
|
||||
|
||||
/// overload to_json for HostInfo
|
||||
/// @param json to write to
|
||||
/// @param host info to write
|
||||
void to_json(json& j, const HostInfo& hi);
|
||||
|
||||
/// overload ByteConverter for OSVERSIONINFOEXA. szCSDVersion and wSuiteMask are omitted.
|
||||
/// overload ByteConverter for RTL_OSVERSIONINFOEXW. szCSDVersion and wSuiteMask are omitted.
|
||||
template<>
|
||||
struct ByteConverter<OSVERSIONINFOEXA>
|
||||
struct ByteConverter<RTL_OSVERSIONINFOEXW>
|
||||
{
|
||||
/// Serialize HostInfo type to ByteVector.
|
||||
/// @param obj. Object to be serialized.
|
||||
/// @param bv. ByteVector to be expanded.
|
||||
static void To(OSVERSIONINFOEXA const& obj, ByteVector& bv)
|
||||
static void To(RTL_OSVERSIONINFOEXW const& obj, ByteVector& bv)
|
||||
{
|
||||
bv.Store(obj.dwOSVersionInfoSize, obj.dwMajorVersion, obj.dwMinorVersion, obj.dwBuildNumber, obj.dwPlatformId, obj.wServicePackMajor, obj.wServicePackMinor, obj.wProductType);
|
||||
}
|
||||
|
|
@ -56,16 +51,16 @@ namespace FSecure
|
|||
/// @return size_t. Number of bytes used after serialization.
|
||||
static size_t Size()
|
||||
{
|
||||
OSVERSIONINFOEXA* p = nullptr;
|
||||
RTL_OSVERSIONINFOEXW* p = nullptr;
|
||||
return ByteVector::Size(p->dwOSVersionInfoSize, p->dwMajorVersion, p->dwMinorVersion, p->dwBuildNumber, p->dwPlatformId, p->wServicePackMajor, p->wServicePackMinor, p->wProductType);
|
||||
}
|
||||
|
||||
/// Deserialize from ByteView.
|
||||
/// @param bv. Buffer with serialized data.
|
||||
/// @return OSVERSIONINFOEXA.
|
||||
static OSVERSIONINFOEXA From(ByteView& bv)
|
||||
/// @return RTL_OSVERSIONINFOEXW.
|
||||
static RTL_OSVERSIONINFOEXW From(ByteView& bv)
|
||||
{
|
||||
OSVERSIONINFOEXA obj = {0,};
|
||||
RTL_OSVERSIONINFOEXW obj = {0,};
|
||||
ByteReader{ bv }.Read(obj.dwOSVersionInfoSize, obj.dwMajorVersion, obj.dwMinorVersion, obj.dwBuildNumber, obj.dwPlatformId, obj.wServicePackMajor, obj.wServicePackMinor, obj.wProductType);
|
||||
return obj;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,17 +0,0 @@
|
|||
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
|
||||
<assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">
|
||||
<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
|
||||
<application>
|
||||
<!-- Windows 10 -->
|
||||
<supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
|
||||
<!-- Windows 8.1 -->
|
||||
<supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
|
||||
<!-- Windows Vista -->
|
||||
<supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
|
||||
<!-- Windows 7 -->
|
||||
<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
|
||||
<!-- Windows 8 -->
|
||||
<supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
|
||||
</application>
|
||||
</compatibility>
|
||||
</assembly>
|
||||
|
|
@ -135,7 +135,7 @@ namespace FSecure::C3::Core
|
|||
static std::unique_ptr<InitializeRouteQuery> Create(RouteId sendersRid, BuildId buildId, Crypto::PublicKey gatewayEncryptionKey, Crypto::PublicKey agentsPublicEncryptionKey, HashT grcHash, int32_t timestamp, ResponseType responseType = ResponseType::None)
|
||||
{
|
||||
auto query = std::make_unique<InitializeRouteQuery>(sendersRid, responseType);
|
||||
query->m_QueryPacketBody = Crypto::EncryptAnonymously(ByteVector::Create(buildId, agentsPublicEncryptionKey.ToByteVector(), grcHash, timestamp, HostInfo()), gatewayEncryptionKey);
|
||||
query->m_QueryPacketBody = Crypto::EncryptAnonymously(ByteVector::Create(buildId, agentsPublicEncryptionKey.ToByteVector(), grcHash, timestamp, HostInfo::Gather()), gatewayEncryptionKey);
|
||||
return query;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -593,9 +593,6 @@
|
|||
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='ClangRwdi|x64'">Create</PrecompiledHeader>
|
||||
</ClCompile>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Manifest Include="..\Common\FSecure\WinTools\OsVersion.manifest" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
|
|
|
|||
|
|
@ -629,9 +629,6 @@
|
|||
<ItemGroup>
|
||||
<ClInclude Include="Stdafx.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Manifest Include="..\Common\FSecure\WinTools\OsVersion.manifest" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
|
|
|
|||
|
|
@ -609,9 +609,6 @@
|
|||
<ItemGroup>
|
||||
<ClInclude Include="Stdafx.h" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Manifest Include="..\Common\FSecure\WinTools\OsVersion.manifest" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
|
||||
<ImportGroup Label="ExtensionTargets">
|
||||
</ImportGroup>
|
||||
|
|
|
|||
Loading…
Reference in New Issue