Changeset 1765
- Timestamp:
- 08/25/08 16:39:01 (3 months ago)
- Files:
-
- capture-mod/trunk/Analyzer.cpp (modified) (1 diff)
- capture-mod/trunk/Analyzer.h (modified) (1 diff)
- capture-mod/trunk/CaptureClient.cpp (modified) (3 diffs)
- capture-mod/trunk/CaptureSoapServer.cpp (modified) (4 diffs)
- capture-mod/trunk/CaptureSoapServer.h (modified) (2 diffs)
- capture-mod/trunk/install/CaptureBAT.exe (modified) (previous)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
capture-mod/trunk/Analyzer.cpp
r1764 r1765 1 1 #include "Analyzer.h" 2 2 3 Analyzer::Analyzer(Visitor* v, Server* s )4 { 5 processMonitor = new ProcessMonitor();6 registryMonitor = new RegistryMonitor();7 fileMonitor = new FileMonitor();3 Analyzer::Analyzer(Visitor* v, Server* s, ProcessMonitor * p, RegistryMonitor * r, FileMonitor * f) 4 { 5 processMonitor = p; 6 registryMonitor = r; 7 fileMonitor = f; 8 8 collectModifiedFiles = false; 9 9 captureNetworkPackets = false; capture-mod/trunk/Analyzer.h
r1586 r1765 56 56 { 57 57 public: 58 Analyzer(Visitor* v, Server* s );58 Analyzer(Visitor* v, Server* s, ProcessMonitor * p, RegistryMonitor * r, FileMonitor * f); 59 59 ~Analyzer(void); 60 60 capture-mod/trunk/CaptureClient.cpp
r1726 r1765 61 61 /* Start running the Capture Client */ 62 62 visitor = new Visitor(); 63 //Moved these out of Analyzer, so that the soap server could access the same ones. 64 ProcessMonitor * p = new ProcessMonitor(); 65 RegistryMonitor * r = new RegistryMonitor(); 66 FileMonitor * f = new FileMonitor(); 63 67 //Set up the standalone SOAP server 64 CaptureSoapServer a = CaptureSoapServer(visitor);65 analyzer = new Analyzer(visitor, server );68 soapSrv = new CaptureSoapServer(visitor, r); 69 analyzer = new Analyzer(visitor, server, p, r, f); 66 70 Thread* captureClientThread = new Thread(this); 67 71 captureClientThread->start("CaptureClient"); … … 76 80 delete visitor; 77 81 delete server; 78 82 delete soapSrv; 79 83 80 84 Logger::getInstance()->closeLogFile(); … … 258 262 Visitor* visitor; 259 263 Analyzer* analyzer; 264 CaptureSoapServer * soapSrv; 260 265 261 266 boost::signals::connection onServerConnectEventConnection; capture-mod/trunk/CaptureSoapServer.cpp
r1764 r1765 1 /*This file can be renamed later, but just plain "soapserver.cpp" 2 **is already created automatically by the soapcpp2 tool 1 /* 3 2 **Created by Xeno Kovah of the MITRE HoneyClient Project 5/20/2008 4 3 */ 5 4 6 5 #include "CaptureSoapServer.h" 7 #include "soapH.h" 6 #include "soapH.h" 8 7 #include "capture.nsmap" 9 8 #include "Visitor.h" 10 9 #include "b64.h" //nice small 3rd party lib for base64 encode/decode 11 10 12 CaptureSoapServer::CaptureSoapServer(Visitor* v){ 11 struct soap soap; 12 13 CaptureSoapServer::CaptureSoapServer(Visitor* v, RegistryMonitor *r){ 14 registryMonitor = r; 13 15 CaptureSoapServerThread = new Thread(this); 14 16 CaptureSoapServerThread->start("CaptureSoapServer"); 15 17 } 16 18 17 CaptureSoapServer::~CaptureSoapServer(){} 19 CaptureSoapServer::~CaptureSoapServer(){ 20 //FIXME: I have no idea if these are appropriate here 21 soap_destroy(&soap); 22 soap_end(&soap); 23 soap_done(&soap); 24 } 18 25 19 26 void … … 21 28 22 29 char debug = 0; 23 //The below code is taken verbatim from the gsoap standalone server example page24 struct soap soap;25 30 SOCKET m, s; // master and slave sockets 26 31 32 onRegistryEventConnection = registryMonitor->connect_onRegistryEvent(boost::bind(&CaptureSoapServer::onRegistryEvent, this, _1, _2, _3, _4, _5)); 33 34 //The below code is taken mostly from the gsoap standalone server example page 27 35 soap_init(&soap); 28 // TODO: This needs to be configurable36 //FIXME TODO: This needs to be configurable 29 37 m = soap_bind(&soap, "192.168.0.131", 1234, 100); 30 38 if (m < 0) … … 53 61 } 54 62 63 void CaptureSoapServer::onRegistryEvent (wstring registryEventType, wstring time, 64 wstring processPath, wstring registryEventPath, 65 vector<wstring> extra) 66 { 67 wprintf(L"CaptureSoapServer::onRegistryEvent got an event for time = %hs\n", time); 68 } 69 70 55 71 int ns__ping(struct soap *soap, char * a, char ** result) 56 72 { … … 61 77 } 62 78 79 //Give it a url to browse to 63 80 int ns__visitURL(struct soap *soap, char * url, char ** result){ 64 81 wchar_t xURL[1024]; 65 82 wsprintf(xURL, L"%hs", url); 66 //Build my own new-fangled Element to pass to Visitor:onServerEvent which I think will open83 //Build my own new-fangled Element to pass to Visitor:onServerEvent 67 84 typedef boost::signal<void (Element*)> signal_serverEvent; 68 85 Attribute att; 69 86 att.name = L"url"; 70 att.value = xURL; //Now expecting you to pass the URL87 att.value = xURL; 71 88 Element e; 72 89 e.name = L"visit"; capture-mod/trunk/CaptureSoapServer.h
r1764 r1765 6 6 #include "CaptureGlobal.h" //This needs to be first, due to a macro it defines 7 7 #include "Visitor.h" 8 #include "RegistryMonitor.h" 8 9 9 10 using namespace std; … … 14 15 public: 15 16 typedef boost::signal<void (DWORD, DWORD, wstring, wstring)> signal_visitEvent; 17 boost::signals::connection onRegistryEventConnection; 16 18 17 CaptureSoapServer(Visitor * );19 CaptureSoapServer(Visitor *, RegistryMonitor *); 18 20 ~CaptureSoapServer(); 21 void run(); 22 void onRegistryEvent (wstring registryEventType, wstring time, wstring processPath, 23 wstring registryEventPath, vector<wstring> extra); 19 24 20 void run();21 25 Thread * CaptureSoapServerThread; 22 26 static Visitor * myVisitor; 23 27 RegistryMonitor* registryMonitor; 24 28 };
