2009-08-21 14:13:36 +02:00
|
|
|
/*
|
|
|
|
|
2020-11-27 13:52:35 +01:00
|
|
|
Copyright (c) 2009-2021 Artica ST.
|
2009-08-21 14:13:36 +02:00
|
|
|
Written by Ramon Novoa
|
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation; either version 2, or (at your option)
|
|
|
|
any later version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License along
|
|
|
|
with this program; if not, write to the Free Software Foundation,
|
|
|
|
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*/
|
|
|
|
|
2008-12-11 11:20:07 +01:00
|
|
|
#include <stdlib.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <string.h>
|
2009-09-22 Ramon Novoa <rnovoa@artica.es>
* debug_new.h, fast_mutex.h,
debug_new.cpp, static_assert.h: Added to repository. Wu Yongwei's
memory leak detection tool (part of Nvwa). Only compiled when
debugging is enabled.
* bin/util/tentacle_client.exe: Added to repository. Tentacle client
needed to build the installer.
* installer/pandora_2.0.mpi: moved to installer/pandora.mpi. Updated.
The installer can now be built directly from the installer
subdirectory.
* configure.in, Makefile.am, autogen.sh: Created a proper
configure.in and Makefile.am. The agent can now be cross-compiled
from Linux :-D
* bin/pandora_agent.conf: Fixed. A local configuration had been
uploaded.
* pandora_windows_service.h,pandora_windows_service.cc,
udp_server/udp_server.cc, udp_server/udp_server.h: Properly shutdown
the UDP server.
* modules/pandora_module_regexp.cc,
modules/pandora_module_inventory.cc,
modules/pandora_module_factory.cc,
modules/pandora_module.cc, pandora_strutils.cc,
pandora.h, pandora.cc: Fixed a couple of memory leaks. Small changes
to avoid compile warnings when cross-compiling from Linux.
* windows_service.cc: Removed the interactive service flag to avoid
'black windows'.
* main.cc: Include the memory leak detection tool if debugging is
enabled.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1966 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-09-22 13:48:25 +02:00
|
|
|
#include <winsock2.h>
|
2008-12-11 11:20:07 +01:00
|
|
|
|
|
|
|
#include "udp_server.h"
|
|
|
|
#include "../pandora.h"
|
|
|
|
#include "../windows/pandora_wmi.h"
|
|
|
|
|
|
|
|
using namespace Pandora;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the address of the server.
|
|
|
|
*
|
|
|
|
* @return Server address.
|
|
|
|
*/
|
|
|
|
unsigned long UDP_Server::getAddress () {
|
2009-03-24 15:06:23 +01:00
|
|
|
return this->address;
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the port of the server.
|
|
|
|
*
|
|
|
|
* @return Server port.
|
|
|
|
*/
|
|
|
|
unsigned long UDP_Server::getPort () {
|
2009-03-24 15:06:23 +01:00
|
|
|
return this->port;
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the windows service associated to the server.
|
|
|
|
*
|
|
|
|
* @return Windows service associated to the server.
|
|
|
|
*/
|
|
|
|
Pandora_Windows_Service *UDP_Server::getService () {
|
2009-03-24 15:06:23 +01:00
|
|
|
return this->service;
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns the state of the server.
|
|
|
|
*
|
|
|
|
* @return 1 if the server is running, 0 if not.
|
|
|
|
*/
|
|
|
|
unsigned char UDP_Server::isRunning () {
|
2009-03-24 15:06:23 +01:00
|
|
|
return this->running;
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* UDP_Server constructor.
|
|
|
|
*
|
|
|
|
* @param service Service associated to the server.
|
|
|
|
* @param address Server address.
|
|
|
|
* @param auth_address Authorized address.
|
|
|
|
* @param port Server port.
|
|
|
|
*/
|
|
|
|
UDP_Server::UDP_Server (Pandora_Windows_Service *service, string address, string auth_address, unsigned int port) {
|
|
|
|
if (address.empty ()) {
|
|
|
|
this->address = INADDR_ANY;
|
|
|
|
} else {
|
2009-03-24 15:06:23 +01:00
|
|
|
this->address = inet_addr (address.c_str ());
|
|
|
|
}
|
|
|
|
if (auth_address.empty ()) {
|
2015-09-22 14:54:48 +02:00
|
|
|
this->auth_address.push_front(INADDR_ANY);
|
2009-03-24 15:06:23 +01:00
|
|
|
} else {
|
2015-09-22 14:54:48 +02:00
|
|
|
splitAuthAddress (auth_address);
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
this->port = port;
|
|
|
|
this->running = 0;
|
|
|
|
this->service = service;
|
|
|
|
}
|
|
|
|
|
2009-09-22 Ramon Novoa <rnovoa@artica.es>
* debug_new.h, fast_mutex.h,
debug_new.cpp, static_assert.h: Added to repository. Wu Yongwei's
memory leak detection tool (part of Nvwa). Only compiled when
debugging is enabled.
* bin/util/tentacle_client.exe: Added to repository. Tentacle client
needed to build the installer.
* installer/pandora_2.0.mpi: moved to installer/pandora.mpi. Updated.
The installer can now be built directly from the installer
subdirectory.
* configure.in, Makefile.am, autogen.sh: Created a proper
configure.in and Makefile.am. The agent can now be cross-compiled
from Linux :-D
* bin/pandora_agent.conf: Fixed. A local configuration had been
uploaded.
* pandora_windows_service.h,pandora_windows_service.cc,
udp_server/udp_server.cc, udp_server/udp_server.h: Properly shutdown
the UDP server.
* modules/pandora_module_regexp.cc,
modules/pandora_module_inventory.cc,
modules/pandora_module_factory.cc,
modules/pandora_module.cc, pandora_strutils.cc,
pandora.h, pandora.cc: Fixed a couple of memory leaks. Small changes
to avoid compile warnings when cross-compiling from Linux.
* windows_service.cc: Removed the interactive service flag to avoid
'black windows'.
* main.cc: Include the memory leak detection tool if debugging is
enabled.
git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1966 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-09-22 13:48:25 +02:00
|
|
|
/**
|
|
|
|
* UDP_Server destructor.
|
|
|
|
*/
|
|
|
|
UDP_Server::~UDP_Server () {};
|
|
|
|
|
2008-12-11 11:20:07 +01:00
|
|
|
/**
|
|
|
|
* Starts the server.
|
|
|
|
*
|
|
|
|
* @return 1 on error, 0 otherwise.
|
|
|
|
*/
|
|
|
|
int UDP_Server::start () {
|
|
|
|
if (this->running != 0) {
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Run in a new thread */
|
|
|
|
this->running = 1;
|
|
|
|
if (CreateThread (NULL, 0, (LPTHREAD_START_ROUTINE) listen, this, 0, NULL) == NULL) {
|
2009-03-24 15:06:23 +01:00
|
|
|
this->running = 0;
|
2008-12-11 11:20:07 +01:00
|
|
|
pandoraLog ("UDP Server: Error starting UDP Server thread");
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
pandoraLog ("UDP Server: UDP Server started on port %d", this->port);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Stops the server.
|
|
|
|
*
|
|
|
|
* @return 1 on error, 0 otherwise.
|
|
|
|
*/
|
|
|
|
int UDP_Server::stop () {
|
|
|
|
if (this->running != 0) {
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
this->running = 0;
|
|
|
|
pandoraLog ("UDP Server: UDP Server going down");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Listens for incoming packets.
|
|
|
|
*
|
|
|
|
* @param server UDP Server.
|
|
|
|
*/
|
|
|
|
void Pandora::listen (UDP_Server *server) {
|
2009-03-24 15:06:23 +01:00
|
|
|
int sockfd,n;
|
|
|
|
struct sockaddr_in servaddr, cliaddr;
|
|
|
|
int len, err;
|
|
|
|
char mesg[MAX_PACKET_SIZE];
|
|
|
|
unsigned long auth_addr;
|
|
|
|
WSADATA wsa;
|
|
|
|
|
|
|
|
err = WSAStartup (MAKEWORD (2,0), &wsa);
|
|
|
|
if (err != 0) {
|
|
|
|
/* Could not find a usable Winsock DLL */
|
|
|
|
printf("UDP Server: WSAStartup failed with error: %d\n", err);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
sockfd = socket (AF_INET, SOCK_DGRAM, 0);
|
|
|
|
|
|
|
|
memset (&servaddr, 0, sizeof(servaddr));
|
|
|
|
servaddr.sin_family = AF_INET;
|
|
|
|
servaddr.sin_addr.s_addr = htonl (server->getAddress ());
|
|
|
|
servaddr.sin_port = htons (server->getPort ());
|
|
|
|
bind(sockfd, (struct sockaddr *)&servaddr, sizeof (servaddr));
|
|
|
|
|
2008-12-11 11:20:07 +01:00
|
|
|
while (server->isRunning () == 1) {
|
|
|
|
len = sizeof(cliaddr);
|
2015-09-22 14:54:48 +02:00
|
|
|
n = recvfrom(sockfd, mesg, MAX_PACKET_SIZE, 0, (struct sockaddr *)&cliaddr, &len);
|
2008-12-11 11:20:07 +01:00
|
|
|
if (n == SOCKET_ERROR) {
|
2009-03-24 15:06:23 +01:00
|
|
|
pandoraLog ("UDP Server: Error %d", WSAGetLastError ());
|
|
|
|
break;
|
|
|
|
}
|
2008-12-11 11:20:07 +01:00
|
|
|
|
|
|
|
/* Authenticate client */
|
2015-09-22 14:54:48 +02:00
|
|
|
if (server->isAddressAuth (cliaddr.sin_addr.s_addr)) {
|
|
|
|
mesg[n] = 0;
|
|
|
|
process_command (server->getService (), mesg);
|
|
|
|
} else {
|
2009-03-24 15:06:23 +01:00
|
|
|
pandoraLog ("UDP Server: Unauthorised access from %s", inet_ntoa (cliaddr.sin_addr));
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-03-24 15:06:23 +01:00
|
|
|
WSACleanup ();
|
2008-12-11 11:20:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Processes and executes server commands.
|
|
|
|
*
|
|
|
|
* @param service Windows service associated to the server.
|
|
|
|
* @param command Server command.
|
|
|
|
*
|
|
|
|
* @return 1 on error, 0 otherwise.
|
|
|
|
*/
|
|
|
|
int Pandora::process_command (Pandora_Windows_Service *service, char *command) {
|
|
|
|
int rc;
|
|
|
|
char operation[MAX_PACKET_SIZE], action[MAX_PACKET_SIZE], target[MAX_PACKET_SIZE];
|
|
|
|
string var, value;
|
2009-03-24 15:06:23 +01:00
|
|
|
Pandora_Agent_Conf *conf = NULL;
|
2008-12-11 11:20:07 +01:00
|
|
|
|
|
|
|
rc = sscanf (command, "%s %s %s", operation, action, target);
|
|
|
|
if (rc < 3) {
|
|
|
|
pandoraLog ("UDP Server: Received invalid data: %s", command);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2009-03-24 15:06:23 +01:00
|
|
|
/* Re-run */
|
2008-12-11 11:20:07 +01:00
|
|
|
if (strcmp (operation, "REFRESH") == 0) {
|
2013-04-11 17:39:28 +02:00
|
|
|
service->pandora_run (1);
|
2009-03-24 15:06:23 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
conf = service->getConf();
|
|
|
|
|
|
|
|
/* Service management */
|
|
|
|
if (strcmp (action, "SERVICE") == 0) {
|
|
|
|
var = "service_";
|
|
|
|
var.append (target);
|
|
|
|
std::transform(var.begin(), var.end(), var.begin(), ::tolower);
|
|
|
|
value = conf->getValue (var);
|
|
|
|
if (atoi (value.c_str ()) != 1) {
|
|
|
|
pandoraLog ("UDP Server: Unauthorised access to service %s", target);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (strcmp (operation, "START") == 0) {
|
|
|
|
Pandora_Wmi::startService (target);
|
|
|
|
} else if (strcmp (operation, "STOP") == 0) {
|
|
|
|
Pandora_Wmi::stopService (target);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Process management */
|
|
|
|
if (strcmp (action, "PROCESS") == 0) {
|
|
|
|
var = "process_";
|
|
|
|
var.append (target);
|
|
|
|
std::transform(var.begin(), var.end(), var.begin(), ::tolower);
|
|
|
|
|
|
|
|
if (strcmp (operation, "START") == 0) {
|
|
|
|
var.append ("_start");
|
|
|
|
} else if (strcmp (operation, "STOP") == 0) {
|
|
|
|
var.append ("_stop");
|
|
|
|
} else {
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
value = conf->getValue (var);
|
|
|
|
if (value.empty ()) {
|
|
|
|
pandoraLog ("UDP Server: Unauthorised access to process %s", target);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
Pandora_Wmi::runProgram (value.c_str());
|
|
|
|
}
|
2008-12-11 11:20:07 +01:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
2015-09-22 14:54:48 +02:00
|
|
|
|
|
|
|
void UDP_Server::splitAuthAddress (string all_address) {
|
|
|
|
this->auth_address.clear();
|
|
|
|
size_t comma_pos;
|
|
|
|
string single_ip;
|
|
|
|
do {
|
|
|
|
single_ip.clear();
|
|
|
|
/*Splits ips with comma*/
|
|
|
|
comma_pos = all_address.find_first_of (',', 0);
|
|
|
|
if (comma_pos != string::npos){
|
|
|
|
single_ip = all_address.substr (0, comma_pos);
|
|
|
|
} else {
|
|
|
|
single_ip = all_address;
|
|
|
|
}
|
|
|
|
unsigned long single_ip_num = inet_addr (single_ip.c_str ());
|
|
|
|
if (single_ip_num != INADDR_NONE) {
|
|
|
|
this->auth_address.push_back (single_ip_num);
|
|
|
|
} else {
|
|
|
|
pandoraDebug ("Invalid UDP Server Auth Address: %s", single_ip.c_str ());
|
|
|
|
}
|
|
|
|
all_address = all_address.substr (comma_pos + 1, all_address.length ());
|
|
|
|
} while (comma_pos != string::npos);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool UDP_Server::isAddressAuth (unsigned long ip){
|
|
|
|
for (this->it=(this->auth_address).begin(); this->it != (this->auth_address).end(); ++it) {
|
|
|
|
if (*it == ip || *it == INADDR_ANY) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|