|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512 |
-
-
-
-
- #include <wx/app.h>
- #include <wx/window.h>
- #include <wx/dialog.h>
- #include <wx/toplevel.h>
- #include "dialogapp.h"
- #include "configdialog.h"
- #include <winsock2.h>
- #include <windows.h>
- #include "mdconfiguration.hpp"
- #include "SNFMulti/SNFMulti.hpp"
-
-
- #ifndef _UNICODE
- #define _UNICODE
- #endif
- #ifndef UNICODE
- #define UNICODE
- #endif
-
-
- #define GX_STANDARD_CALL __attribute__((stdcall))
- #define _stdcall __attribute__((stdcall))
-
-
-
-
-
-
-
-
- const int MDPLUGIN_MSG = 22000;
- const int MDPLUGIN_DISPLAY = 22001;
-
- const char* PLUGIN_VERSION_INFO = "SNF MDaemon Plugin Version 4.0 Build: " __DATE__ " " __TIME__;
-
-
-
-
-
- extern "C" {
-
- BOOL APIENTRY DllMain ( HINSTANCE hInst, DWORD wDataSeg, LPVOID lpvReserved );
-
- void _stdcall StartupFunc(HWND Parent);
- void _stdcall ConfigFunc(HWND Parent);
- void _stdcall PostMessageFun(HWND Parent, const char* File);
- void _stdcall SMTPMessageFunc(HWND Parent, const char* File);
- void _stdcall ShutdownFunc(HWND Parent);
-
- }
-
- BOOL APIENTRY DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved) {
- switch (fdwReason) {
- case DLL_PROCESS_ATTACH:
-
- return true;
- break;
-
- case DLL_PROCESS_DETACH:
-
- return true;
- break;
-
- case DLL_THREAD_ATTACH:
- break;
-
- case DLL_THREAD_DETACH:
- break;
- }
- return true;
- }
-
-
-
-
-
-
-
- HWND LatestParent = 0;
-
- void sayToScreen(const string StuffToSay) {
-
- MessageBox (
- GetFocus(),
- (LPCWSTR) StuffToSay.c_str(),
- (LPCWSTR) "Message Sniffer Plug-In",
- MB_OK|MB_SYSTEMMODAL );
- }
-
- void sayToLog(const string Msg) {
-
- if(0 != LatestParent) {
-
- COPYDATASTRUCT Packet;
- Packet.dwData = MDPLUGIN_DISPLAY;
- Packet.cbData = Msg.length();
- Packet.lpData = reinterpret_cast<void*>(
- const_cast<char*>(Msg.c_str()));
-
- SendMessage(LatestParent, MDPLUGIN_MSG, MDPLUGIN_DISPLAY,
- (LPARAM)(PCOPYDATASTRUCT)&Packet);
- }
- }
-
-
-
-
-
-
-
- string ConfigurationFilePath() {
- std::wstring install_pathW;
- HKEY hKey;
- WCHAR szBuffer[512];
- DWORD dwBufferSize = sizeof(szBuffer);
- std::wstring regValue = L"";
-
- if (ERROR_SUCCESS == RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Alt-N Technologies\\MDaemon", 0, KEY_READ, &hKey)){
- if(ERROR_SUCCESS == RegQueryValueEx(hKey, (LPCWSTR) L"AppPath", NULL, NULL, (LPBYTE) &szBuffer, &dwBufferSize)){
- RegCloseKey(hKey);
- regValue = std::wstring(szBuffer);
- std::wstring termCheck;
- for(auto val: regValue){
- if(val != L'\0'){
- termCheck += val;
- }
- }
- if(termCheck.size() == 512){
- regValue = L"";
- }
- else{
- int PathEnd = regValue.length();
- if(PathEnd > 0) { regValue.erase(PathEnd-1,1); }
- PathEnd = regValue.find_last_of(L"\\");
- int PathLength = regValue.length();
- int EraseSpan = PathLength - (PathEnd+1);
- regValue.erase(PathEnd+1,EraseSpan);
- regValue.append(L"SNF\\snfmdplugin.xml");
- }
- }
- }
-
-
- size_t buffer_size = WideCharToMultiByte(CP_UTF8, 0, ®Value[0], (int)regValue.size(), NULL, 0, NULL, NULL);
- std::string strFilePath(buffer_size, '\0');
- WideCharToMultiByte(CP_UTF8, 0, ®Value[0], (int)regValue.size(), &strFilePath[0], buffer_size, NULL, NULL);
-
-
-
- return strFilePath;
- }
-
-
-
-
-
-
-
-
-
- volatile bool EngineIsGood = false;
- snf_RulebaseHandler* Rulebase = 0;
- snf_EngineHandler* ScanEngine = 0;
- int Generation = -1;
- string Configuration;
- MDConfiguration* PlatformConfig = 0;
-
-
- extern "C" void _stdcall StartupFunc(HWND Parent){
- LatestParent = Parent;
- EngineIsGood = false;
- try {
- Rulebase = new snf_RulebaseHandler();
- ScanEngine = new snf_EngineHandler();
- Configuration = ConfigurationFilePath();
- PlatformConfig = new MDConfiguration(*Rulebase, Configuration);
- Rulebase->open(Configuration.c_str(), "", "");
- Rulebase->PlatformVersion(PLUGIN_VERSION_INFO);
- ScanEngine->open(Rulebase);
- EngineIsGood = true;
- sayToLog(Rulebase->EngineVersion());
- sayToLog(Rulebase->PlatformVersion());
- string ConfigInfo = "SNF Config: ";
- ConfigInfo.append(Configuration);
- sayToLog(ConfigInfo);
- }
- catch(snf_RulebaseHandler::ConfigurationError) {
- string ErrorMessage = "Unable to Configure with: ";
- ErrorMessage.append(Configuration);
- sayToScreen(ErrorMessage);
- }
- catch(snf_RulebaseHandler::FileError) {
- string ErrorMessage = "Unable to Load Rulebase in: ";
- ErrorMessage.append(Configuration);
- sayToScreen(ErrorMessage);
- }
- catch(snf_RulebaseHandler::AllocationError) {
- sayToScreen("Unable to Allocate Enough Memory!");
- }
- catch(snf_RulebaseHandler::IgnoreListError) {
- sayToScreen("Unable to Load Ingore List!");
- }
- catch(snf_RulebaseHandler::AuthenticationError) {
- sayToScreen("Unable to Authenticate Rulebase!");
- }
- catch(snf_RulebaseHandler::Busy) {
- sayToScreen("Busy Exception?!!");
- }
- catch(snf_RulebaseHandler::Panic) {
- sayToScreen("Panic Exception?!!");
- }
- catch(exception& e) {
- sayToScreen(e.what());
- }
- catch(...) {
- sayToScreen("Unexpected Exception!");
- }
-
- return;
- }
-
-
-
-
-
- extern "C" void _stdcall ShutdownFunc(HWND Parent){
- LatestParent = Parent;
- if(EngineIsGood) {
- try {
- EngineIsGood = false;
- LatestParent = 0;
- if(ScanEngine) {
- ScanEngine->close();
- delete ScanEngine;
- ScanEngine = 0;
- }
- if(Rulebase) {
- Rulebase->close();
- delete Rulebase;
- Rulebase = 0;
- }
- if(PlatformConfig) {
- delete PlatformConfig;
- PlatformConfig = 0;
- }
- Generation = -1;
- sayToLog("SNF: Plugin Shutdown.");
- }
- catch(exception& e) {
- string InShutdown = "SNF, Shutdown: ";
- InShutdown.append(e.what());
- sayToScreen(InShutdown);
- }
- catch(...) {
- sayToScreen("SNF, Shutdown: Unknown Exception");
- }
- }
- return;
- }
-
-
-
-
-
-
-
- extern "C" void _stdcall ConfigFunc(HWND Parent) {
-
- wxApp::SetInstance(new dialogapp());
- wxEntryStart(0, NULL);
- wxTheApp->CallOnInit();
- wxTheApp->OnRun();
- wxTheApp->OnExit();
- wxEntryCleanup();
- }
-
-
-
- extern "C" void _stdcall PostMessageFun(HWND Parent, const char* File){
- LatestParent = Parent;
- string LogMessage = "SNF MessageScan: ";
- LogMessage.append(File);
-
- if(false == EngineIsGood) {
- LogMessage.append(", Engine Not Ready!");
- sayToLog(LogMessage);
- return;
- }
-
-
-
- int ResultCode = 0;
-
- try {
- ResultCode = ScanEngine->scanMessageFile(File);
- }
- catch(snf_EngineHandler::FileError& e) {
- LogMessage.append(", File Error!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(snf_EngineHandler::XHDRError& e) {
- LogMessage.append(", X-Header Error!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(snf_EngineHandler::BadMatrix& e) {
- LogMessage.append(", Bad Matrix!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(snf_EngineHandler::MaxEvals& e) {
- LogMessage.append(", Too Many Evaluators!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(snf_EngineHandler::AllocationError& e) {
- LogMessage.append(", Allocation Error!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(snf_EngineHandler::Busy& e) {
- LogMessage.append(", Engine Busy!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(snf_EngineHandler::Panic& e) {
- LogMessage.append(", Engine Panic!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(exception& e) {
- LogMessage.append(", Unexpected Exception!");
- sayToLog(LogMessage);
- string DebugData = "SNF Debug: ";
- DebugData.append(e.what());
- sayToLog(DebugData);
- return;
- }
- catch(...) {
- LogMessage.append(", Non-Std Exception!");
- sayToLog(LogMessage);
- return;
- }
-
-
-
- ostringstream O;
- O << LogMessage << ", Result=" << ResultCode;
- sayToLog(O.str());
- }
-
-
-
- string ControlFilePath(string MessageFilePath) {
- const string ControlFileExt(".ctl");
- const string EmptyString("");
- string ControlFilePath(MessageFilePath);
- string::size_type CFExtPosition = ControlFilePath.find_last_of('.');
- if(string::npos == CFExtPosition) return EmptyString;
- ControlFilePath.replace(
- CFExtPosition, ControlFileExt.length(),
- ControlFileExt
- );
- return ControlFilePath;
- }
-
-
-
-
- extern "C" void _stdcall SMTPMessageFunc(HWND Parent, const char* File){
- LatestParent = Parent;
- if(false == PlatformConfig->MessageIPFuncOn()) {
- return;
- }
-
- string LogMessage = "SNF IPScan: ";
- LogMessage.append(File);
-
- if(false == EngineIsGood) {
- LogMessage.append(", Engine Not Ready!");
- sayToLog(LogMessage);
- return;
- }
-
-
-
- const string CtlRemoteIP("RemoteIP=");
- string RemoteIP = "";
- try {
- ifstream ControlFile(ControlFilePath(File).c_str());
- while(ControlFile) {
- string Line;
- getline(ControlFile, Line);
- string::size_type TagPos = Line.find(CtlRemoteIP);
- if(string::npos != TagPos) {
- RemoteIP = Line.substr(TagPos + CtlRemoteIP.length());
- break;
- }
- }
- ControlFile.close();
- }
- catch(...) {}
-
- if(0 == RemoteIP.length()) {
- LogMessage.append(", Didn't Get Remote IP!");
- sayToLog(LogMessage);
- return;
- }
-
-
-
- LogMessage.append(", "); LogMessage.append(RemoteIP);
- IPTestRecord IPAnalysis(RemoteIP);
-
- try {
- Rulebase->performIPTest(IPAnalysis);
- }
- catch(...) {
- LogMessage.append(", Analysis Failed!");
- sayToLog(LogMessage);
- return;
- }
-
-
-
-
- ostringstream Happy;
- Happy << LogMessage << ", {";
-
- switch(IPAnalysis.G.Flag()) {
- case Good: Happy << "Good, "; break;
- case Bad: Happy << "Bad, "; break;
- case Ugly: Happy << "Ugly, "; break;
- case Ignore: Happy << "Ignore, "; break;
- }
-
- Happy << "p=" << IPAnalysis.G.Probability() << ", "
- << "c=" << IPAnalysis.G.Confidence() << ", ";
-
- switch(IPAnalysis.R) {
- case snfIPRange::Unknown: { Happy << " Unknown}"; break; }
- case snfIPRange::White: { Happy << " White}"; break; }
- case snfIPRange::Normal: { Happy << " Normal}"; break; }
- case snfIPRange::New: { Happy << " New}"; break; }
- case snfIPRange::Caution: { Happy << " Caution}"; break; }
- case snfIPRange::Black: { Happy << " Black}"; break; }
- case snfIPRange::Truncate: { Happy << " Truncate}"; break; }
- }
-
- string WhatWeDid;
- if(
- (snfIPRange::Truncate == IPAnalysis.R && Ugly == IPAnalysis.G.Flag()) ||
- Bad == IPAnalysis.G.Flag()
- ) {
- Happy << " Rejected!"; WhatWeDid = "Rejected";
- remove(File);
- } else {
- Happy << " Allowed."; WhatWeDid = "Allowed";
- }
-
- Rulebase->logThisIPTest(IPAnalysis, WhatWeDid);
-
- sayToLog(Happy.str());
- }
|