diff --git a/pandora_agents/win32_old/install/install_service.vbs b/pandora_agents/win32_old/install/install_service.vbs deleted file mode 100755 index 3a07b23285..0000000000 --- a/pandora_agents/win32_old/install/install_service.vbs +++ /dev/null @@ -1,60 +0,0 @@ -' ==================================== -' Agent install as win Service -' ==================================== -dim PANDORA_HOME -PANDORA_HOME = "c:\pandora\" - -' ============================================================================== -' Dont touch below this line -' ============================================================================== - -' Check if exists instsrv.exe and srvany.exe - dim fso - Set fso = CreateObject("Scripting.FileSystemObject") - If Not fso.FileExists(PANDORA_HOME & "util\srvany.exe") Then - wScript.Echo "ERROR: Cannot find SRVANY.EXE, please read documentation and FAQ" - wScript.Quit - end if - If Not fso.FileExists(PANDORA_HOME & "util\instsrv.exe") Then - wScript.Echo "ERROR: Cannot find INSTSRV.EXE, please read documentation and FAQ" - wScript.Quit - end if - -runCmd PANDORA_HOME & "util\instsrv.exe PandoraAgent "& PANDORA_HOME& "util\srvany.exe" - -' Modificacion del registro -Set WshShell = WScript.CreateObject("WScript.Shell") - -WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\PandoraAgent\","Parameters" -WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\PandoraAgent\Parameters","Application", "REG_SZ" -WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\PandoraAgent\Parameters\Application",PANDORA_HOME & "pandora_agent.bat", "REG_SZ" -WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\PandoraAgent","Description", "REG_SZ" -WshShell.RegWrite "HKLM\SYSTEM\CurrentControlSet\Services\PandoraAgent\Description","Pandora Agent for Windows", "REG_SZ" - -wScript.Echo "Instalation sucessful. Please start service now or restart" - -' ====================================================== -' Librerias externas -' ====================================================== - -Function Run (ByVal cmd) ' Author: Christian d''Heureuse (www.source-code.biz) - Dim sh: Set sh = CreateObject("WScript.Shell") - Dim wsx: Set wsx = Sh.Exec(cmd) - If wsx.ProcessID = 0 And wsx.Status = 1 Then - ' (The Win98 version of VBScript does not detect WshShell.Exec errors) - Err.Raise vbObjectError,,"WshShell.Exec failed." - End If - Do - Dim Status: Status = wsx.Status - 'WScript.StdOut.Write wsx.StdOut.ReadAll() - 'WScript.StdErr.Write wsx.StdErr.ReadAll() - If Status <> 0 Then Exit Do - WScript.Sleep 10 - Loop - Run = wsx.ExitCode - End Function - -' Runs an internal command interpreter command. Author: Christian d''Heureuse (www.source-code.biz) -Function RunCmd (ByVal cmd) - RunCmd = Run("%ComSpec% /c " & cmd) -End Function diff --git a/pandora_agents/win32_old/install/pandora_agent_init.vbs b/pandora_agents/win32_old/install/pandora_agent_init.vbs deleted file mode 100755 index 6de623aa69..0000000000 --- a/pandora_agents/win32_old/install/pandora_agent_init.vbs +++ /dev/null @@ -1,164 +0,0 @@ -' +--------------------------------------------------------------- -' | Agente Windows para Pandora | Pandora Agent for Windows -' | Este codigo ha sido desarrollado por: -' | This code has beed coded by: -' | 2004, Sancho Lerena -' | 2004, Sergio Iglesias -' | Este codigo esta distribuido y protegido bajo la licencia GPL. -' | This code is distributed and protected under GPL licence. -' ---------------------------------------------------------------- - -version = "1.1a_050413" -' ==================================== -' Configuracion del agente -' ==================================== -' Global vars - -dim PANDORA_HOME -dim CONFIG_FILE -dim fichero_log -dim debug_mode - -PANDORA_HOME = "c:\pandora\" -CONFIG_FILE= PANDORA_HOME & "pandora_agent.conf" -fichero_log = "c:\pandora\pandora_agent.log" -debug_mode = 0 - -' ====================================================== -' Comprobacion de version de WSH y existencia de md5.exe -' ====================================================== -check_init(CONFIG_FILE) -Randomize ' Generamos un numero de serie pseudoaleatorio con la funcion rand - -'=================================================================================== -'lectura del fichero de configuración, para valores BASE de configuracion unicamente -'=================================================================================== -'Declarar variables. -Dim fs -Dim ts -Set fs = CreateObject("Scripting.FileSystemObject") - -'Open file. -Set ts = fs.OpenTextFile(CONFIG_FILE) -'Loop while not at the end of the file. -Do While Not ts.AtEndOfStream - linea = ts.ReadLine - if Not (linea = Empty) Then 'validamos que no es una linea en blanco - arrContents = Split(linea, " ") 'dividimos la linea en trozos - '==================================================================== - 'validamos si es una linea de configuracion, y cogemos su informacion - '==================================================================== - if (arrContents(0) = "server_ip") Then - SERVER = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "server_path") Then - SERVER_IN = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "temporal") Then - TEMPORAL = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "interval") Then - INTERVALO = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "host_name") Then - NOMBRE_HOST = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "private_key") Then - PRIVATE_KEY = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "debug") Then - debug_mode = trim(cstr(arrContents(1))) - end if - end if -Loop -ts.Close - - ' Inicializacion de los nombres de ficheros de datos y checksum - fichero_prueba = TEMPORAL&"/"&NOMBRE_HOST&".test" - Set fs = CreateObject("Scripting.FileSystemObject") - Set a = fs.OpenTextFile(fichero_prueba,8, true) - a.WriteLine("Agent " & NOMBRE_HOST &" test upload") - a.Close - Set WshShell = WScript.CreateObject("WScript.Shell") - - ' First, check if entry in registry exists for SERVER, if not, make an special connection to create this one, send KEYS interactively - salida = "" - on error resume next - hostkey_reg = "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys\rsa2@22:" & SERVER - salida = wshShell.regread(hostkey_reg) - on error goto 0 - if salida = "" then - debug_log fichero_log, "Creating hostkey in registry" - wScript.echo "Creating hostkey in registry" - WshShell.Run PANDORA_HOME & "util\pscp.exe -q -2 -l pandora -i " & PRIVATE_KEY & " " & fichero_prueba & " pandora@" & SERVER & ":" &SERVER_IN, 8, 0 - WScript.Sleep 1500 ' wait 1.5 sec - WshShell.AppActivate "pscp" - WshShell.SendKeys "yes" ' send YES if first time CONNECTION (hostkey accept) - WshShell.SendKeys "{ENTER}" - end if - - 'Checks for pscp proccess hang, and wait untill its done - counter = 0 - do while proceso ("pscp.exe") - wscript.sleep 1000 ' wait 1 secs - counter = counter + 1 - if counter > 15 then ' 15 seconds timeout for pscp shutdown - debug_log fichero_log, "PSCP Timeout creating hostkey" - wScript.echo "PSCP Timeout creating hostkey" - wscript.quit - end if - loop - - wScript.echo "Hostkey can be readed in registry. Instalation successful" - -' ============================================================= -' FUNCTION check_init () - Check initial dependencies -' ============================================================= -Function check_init (config_file) - ' Check pandora_agent.conf - dim fso - Set fso = CreateObject("Scripting.FileSystemObject") - If Not fso.FileExists(config_file) Then - wScript.Echo "ERROR: Cannot find " & config_file - wScript.Quit - end if - - dim oFileSys - Set oFileSys=CreateObject("Scripting.FileSystemObject") - If NOT oFileSys.FileExists(PANDORA_HOME & "util\md5.exe") then - wScript.Echo "ERROR FATAL"& vbcrlf & "Cannot find md5.exe" & vbcrlf - wScript.Quit - End If - - 'Comprobar que ejecutamos con v5.6 de WSH - If CDbl(wScript.Version) < CDbl("5.6") then - text = " \n ERROR: Windows Scripting Host Incorrect version \n\n Your actual version is " & wScript.Version & "\n \n Please download a latest version from http://msdn.microsoft.com/downloads/default.asp \n" - wScript.Echo Text - wScript.Quit - End if -End Function - -' ============================================================= -' FUNCTION debug_log (file_output, line_output) -' ============================================================= -Sub debug_log(file_output, line_output) - if debug_mode Then - Set fs = CreateObject("Scripting.FileSystemObject") - Set a = fs.OpenTextFile(file_output,8, true) - a.WriteLine(line_output) - a.Close - End if -End Sub - -' ================================================================ -' FUNCTION proceso (nombre) - Return 1 if process given is running -' ================================================================ -Function proceso (nombre) - proceso = 0 - for each Process in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("Win32_process") - if ( lcase(Process.Name) = lcase(nombre) ) then - proceso = 1 - end if - 'numeroProc = numeroProc + 1 - Next -End Function diff --git a/pandora_agents/win32_old/install/uninstall_service.vbs b/pandora_agents/win32_old/install/uninstall_service.vbs deleted file mode 100755 index f07f363e24..0000000000 --- a/pandora_agents/win32_old/install/uninstall_service.vbs +++ /dev/null @@ -1,52 +0,0 @@ -' ==================================== -' Agent install as win Service -' ==================================== -dim PANDORA_HOME -PANDORA_HOME = "c:\pandora\" - -' ============================================================================== -' Dont touch below this line -' ============================================================================== - -' Check if exists instsrv.exe and srvany.exe - dim fso - Set fso = CreateObject("Scripting.FileSystemObject") - If Not fso.FileExists(PANDORA_HOME & "util\srvany.exe") Then - wScript.Echo "ERROR: Cannot find SRVANY.EXE, please read documentation and FAQ" - wScript.Quit - end if - If Not fso.FileExists(PANDORA_HOME & "util\instsrv.exe") Then - wScript.Echo "ERROR: Cannot find INSTSRV.EXE, please read documentation and FAQ" - wScript.Quit - end if - -' Uninstall service - -runCmd PANDORA_HOME & "\util\instsrv.exe PandoraAgent REMOVE" -wScript.Echo "Uninstall successfully" -wScript.Quit -' ====================================================== -' Librerias externas -' ====================================================== - -Function Run (ByVal cmd) ' Author: Christian d''Heureuse (www.source-code.biz) - Dim sh: Set sh = CreateObject("WScript.Shell") - Dim wsx: Set wsx = Sh.Exec(cmd) - If wsx.ProcessID = 0 And wsx.Status = 1 Then - ' (The Win98 version of VBScript does not detect WshShell.Exec errors) - Err.Raise vbObjectError,,"WshShell.Exec failed." - End If - Do - Dim Status: Status = wsx.Status - 'WScript.StdOut.Write wsx.StdOut.ReadAll() - 'WScript.StdErr.Write wsx.StdErr.ReadAll() - If Status <> 0 Then Exit Do - WScript.Sleep 10 - Loop - Run = wsx.ExitCode - End Function - - -Function RunCmd (ByVal cmd) - RunCmd = Run("%ComSpec% /c " & cmd) -End Function diff --git a/pandora_agents/win32_old/pandora_agent.bat b/pandora_agents/win32_old/pandora_agent.bat deleted file mode 100755 index e9abeec9d7..0000000000 --- a/pandora_agents/win32_old/pandora_agent.bat +++ /dev/null @@ -1 +0,0 @@ -cscript.exe //B //nologo c:\pandora\pandora_agent.vbs \ No newline at end of file diff --git a/pandora_agents/win32_old/pandora_agent.conf b/pandora_agents/win32_old/pandora_agent.conf deleted file mode 100755 index 5c35d8a294..0000000000 --- a/pandora_agents/win32_old/pandora_agent.conf +++ /dev/null @@ -1,75 +0,0 @@ -server_ip pandora_server -server_path /opt/pandora_server/data_in -temporal c:\pandora\data_out -interval 300 -host_name winbox01 -private_key c:\pandora\util\keys\pandora_key.ppk -debug 1 - -module_begin -module_name NetbiosServer_KBSent -module_type generic_data -module_exec net statistics server | findstr "enviados sent" |c:\pandora\util\head -1 | c:\pandora\util\tr -s " " | c:\pandora\util\cut -f 3 -d " " -module_end - -module_begin -module_name Number_of_hidden_Shares -module_type generic_data -module_exec net share |findstr \$ |c:\pandora\util\cut -f1 -d" " |c:\pandora\util\wc -l|c:\pandora\util\tr -s " " -module_end - -module_begin -module_name CPU Name -module_type generic_data_string -module_registry HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString -module_end - -#module_begin -#module_name find_string -#module_type generic_proc -#module_file C:\pandora\testfile.txt -#module_string test -#module_end - -module_begin -module_name disk_free -module_type generic_data -module_system disk_free -module_end - -module_begin -module_name pagefile -module_type generic_data -module_system pagefile -module_end - -module_begin -module_name proctotal -module_type generic_data -module_system proc_total -module_end - -module_begin -module_name memfree -module_type generic_data -module_system mem_free -module_end - -module_begin -module_name Windows Update Service -module_type generic_proc -module_service wuauserv -module_end - -module_begin -module_name McAfee Shield Antivirus Service -module_type generic_proc -module_service McShield -module_end - -module_begin -module_name Explorer -module_type generic_proc -module_process Explorer.EXE -module_end - diff --git a/pandora_agents/win32_old/pandora_agent.vbs b/pandora_agents/win32_old/pandora_agent.vbs deleted file mode 100755 index ff3a8f43dd..0000000000 --- a/pandora_agents/win32_old/pandora_agent.vbs +++ /dev/null @@ -1,491 +0,0 @@ -' +--------------------------------------------------------------- -' | Agente Windows para Pandora | Pandora Agent for Windows -' | Este codigo ha sido desarrollado por: -' | This code has beed coded by: -' | 2004-2006, Sancho Lerena -' | 2004-2005, Sergio Iglesias -' | Este codigo esta distribuido y protegido bajo la licencia GPL. -' | This code is distributed and protected under GPL licence. -' ---------------------------------------------------------------- -version = "1.2a for Windows" - -' ==================================== -' Configuracion del agente -' ==================================== -' Global vars - -dim PANDORA_HOME -dim CONFIG_FILE -dim fichero_log -dim debug_mode - -PANDORA_HOME = "c:\pandora\" -CONFIG_FILE = PANDORA_HOME & "pandora_agent.conf" -fichero_log = PANDORA_HOME & "pandora_agent.log" -debug_mode = 0 - -' ====================================================== -' Comprobacion de version de WSH y existencia de md5.exe -' ====================================================== -check_init(CONFIG_FILE) -Randomize ' Generamos un numero de serie pseudoaleatorio con la funcion rand - -'=================================================================================== -'lectura del fichero de configuración, para valores BASE de configuracion unicamente -'=================================================================================== -'Declarar variables. -Dim fs -Dim ts -Set fs = CreateObject("Scripting.FileSystemObject") - -'Open file. -Set ts = fs.OpenTextFile(CONFIG_FILE) -'Loop while not at the end of the file. -Do While Not ts.AtEndOfStream - linea = ts.ReadLine - if Not (linea = Empty) Then 'validamos que no es una linea en blanco - arrContents = Split(linea, " ") 'dividimos la linea en trozos - '==================================================================== - 'validamos si es una linea de configuracion, y cogemos su informacion - '==================================================================== - if (arrContents(0) = "server_ip") Then - SERVER = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "server_path") Then - SERVER_IN = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "temporal") Then - TEMPORAL = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "interval") Then - INTERVALO = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "host_name") Then - NOMBRE_HOST = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "private_key") Then - PRIVATE_KEY = trim(cstr(arrContents(1))) - end if - if (arrContents(0) = "debug") Then - debug_mode = trim(cstr(arrContents(1))) - end if - end if -Loop - -ts.Close -' Debug mode init -if debug_mode Then - Set fs = CreateObject("Scripting.FileSystemObject") - Set a = fs.OpenTextFile(fichero_log,8, true) - texto = "DEBUG Mode: Starting Pandora Agent " & version & " execution " & vbcrlf - texto = texto & "DEBUG Mode: Reading startup variables..." &vbcrlf - texto = texto & "Home Path : " & PANDORA_HOME & vbcrlf - texto = texto &"Hostname : " & NOMBRE_HOST & vbcrlf - texto = texto &"Server : " & SERVER & vbcrlf - texto = texto &"ServerPath: " & SERVER_IN & vbcrlf - texto = texto &"TempPath : " & TEMPORAL & vbcrlf - texto = texto &"Interval : " & INTERVALO & vbcrlf - texto = texto & "PrivateKey: " & PRIVATE_KEY & vbcrlf - wScript.echo texto - a.WriteLine("DEBUG Starting Pandora Agent " & version) - a.WriteLine("Home Path : " & PANDORA_HOME) - a.WriteLine("Hostname : " & NOMBRE_HOST) - a.WriteLine("Server : " & SERVER) - a.WriteLine("ServerPath: " & SERVER_IN) - a.WriteLine("TempPath : " & TEMPORAL) - a.WriteLine("Interval : " & INTERVAL) - a.WriteLine("PrivateKey: " & PRIVATE_KEY) - a.Close -End if - -do ' Main loop - ' Checks for pscp proccess hang - existe = proceso ("pscp.exe") - if existe then - wScript.echo "Another instance of PSCP detected or delayed PSCP in memory, aborting" - debug_mode = 1 ' In this case, debug force to log this error - debug_log fichero_log, "Another instance of PSCP detected or delayed PSCP in memory " - wScript.Quit - end if - - ' ================================================================= - ' Preparacion Entorno: Variables de ficheros, temporales, etc - ' ================================================================= - ' Definicion de algunas variables, es VB, no haria falta, pero somos muy buenos programadores :-P - Dim s, datos, memoria_fisica, memoria_virtual - Dim fichero_datos, fichero_md5 - Dim anio, mes, dia, hora - numeroProc = 0 - serie= Int((100000 - 1 + 1) * Rnd + 1) - ' Construimos fecha y hora - anio = Year(Now()) - mes = Month (Now()) - dia = Day (Now()) - hora = Time() - - ' Inicializacion de los nombres de ficheros de datos y checksum - fichero_datos = TEMPORAL&"/"&NOMBRE_HOST&"."&serie&".data" - fichero_md5 = TEMPORAL&"/"&NOMBRE_HOST&"."&serie&".checksum" - fichero_wild = TEMPORAL&"/"&NOMBRE_HOST&"."&serie&".*" - - ' ==================================== - ' OS Info collection - ' ==================================== - ' Obtencion de la propia plataforma Windows - Set WshShell = WScript.CreateObject("WScript.Shell") - Set WshSysEnv = WshShell.Environment("SYSTEM") - strOS = WshSysEnv("OS") - strVersionNumber = WshShell.RegRead("HKLM\Software\Microsoft\" & "Windows NT\CurrentVersion\CurrentVersion") - strServicePack = WshShell.RegRead("HKLM\Software\Microsoft\" & "Windows NT\CurrentVersion\CSDVersion") - strActualOS = strOS & ", " & strVersionNumber & ", " & strServicePack - - ' ======================================================================== - ' Begin XML construction (agent_data header) - ' ======================================================================== - ' Cabecera del XML, conteniendo version, timestamp y otros datos generales del sistema - ' Como el intervalo, la version SO windows, la version del agente, etv - s = "" & vbcrlf - - ' ===================================================================== - ' Module parser - ' ===================================================================== - debug_log fichero_log, "*BEGIN PARSING MODULES" - Set ts = fs.OpenTextFile(CONFIG_FILE) - 'Loop while not at the end of the file. - Do While Not ts.AtEndOfStream - linea = ts.ReadLine - if Not (linea = Empty) Then 'validamos que no es una linea en blanco - arrContents = Split(linea, " ") 'dividimos la linea en trozos - '============================================================= - 'Module analyzer - '============================================================= - ' Parse 1th line (module_begin) token - if (lcase(arrContents(0)) = "module_begin") Then - es_servicio = 0 - es_proceso = 0 - 'Parse 2th line (could contain spaces between words!) - '2th linea contains NAME of module - linea_2 = ts.ReadLine - contenidos_2 = Split(linea_2, " ") - tamanio=UBound(contenidos_2) - i = 1 - nombre = "" - do while tamanio >= i - if (nombre = Empty) then - nombre = contenidos_2(i) - else - nombre = nombre & " " & contenidos_2(i) - end if - i = i +1 - loop - debug_log fichero_log, chr(9) & "--" & vbcrlf & chr(9) & "Module name: " & nombre - - ' Parse 3th line (module TYPE) - linea_3 = ts.ReadLine - contenidos_3 = Split(linea_3, " ") - tipo = contenidos_3(1) - 'debug_mode introduzco el tipo de modulo - debug_log fichero_log, chr(9) & "Module type : " & tipo - - ' Parse 4th linea (could contain spaces between words!) - ' 4th line contains process/service names - linea_4 = ts.ReadLine - contenidos_4 = Split (linea_4, " ") - tamanio=UBound(contenidos_4) - i = 1 - temp4 = "" - do while tamanio >= i - if (temp4 = Empty) then - temp4 = contenidos_4(i) - else - temp4 = temp4 & " " & contenidos_4(i) - end if - i = i +1 - loop - contenidos_4(1)=temp4 - debug_log fichero_log, chr(9) & "Content search for : " & temp4 - - ' ================================================ - ' module_service - ' ================================================ - if (lcase(contenidos_4(0)) = "module_service") Then - es_servicio = 1 - nombre_servicio = contenidos_4(1) - debug_log fichero_log, chr(9) & "Service Module: " & nombre_servicio - existe = servicio (nombre_servicio) ' Check service function - s = render_output (s, nombre, "generic_proc", existe) - end if - - ' ================================================ - ' module_process - ' ================================================ - if (lcase(contenidos_4(0)) = "module_process") Then - es_proceso = 1 - nombre_proceso = contenidos_4(1) - existe = proceso (nombre_proceso) - debug_log fichero_log, chr(9) & "Process module: " & nombre_proceso - s = render_output (s, nombre, "generic_proc", existe) - end if - - ' ============================================================== - ' module_system mem_free | proc_total | disk_free - ' ============================================================== - if (lcase(contenidos_4(0)) = "module_system") Then - es_sistema = 1 - dato_sistema = contenidos_4(1) - debug_log fichero_log, chr(9) & "Internal system module " & dato_sistema - '================================================== - ' Internal module: Freemem - '================================================== - if (dato_sistema = "mem_free") Then - For Each objOS in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("Win32_OperatingSystem") - mem_free = objOS.FreeVirtualMemory - Next - s = render_output (s, nombre, tipo, mem_free) - end if - '================================================== - ' Internal module: total process - '================================================== - if (lcase(dato_sistema) = "proc_total") Then - for each Process in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("Win32_process") - numeroProc = numeroProc + 1 - Next - s = render_output (s, nombre, tipo, numeroProc) - end if - '================================================== - ' Internal module: free disk - '================================================== - if (lcase(dato_sistema) = "disk_free") Then - Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2") - Set colDisks = objWMIService.ExecQuery ("Select * from Win32_LogicalDisk Where DriveType = " & "3" & "") - For Each objDisk in colDisks - s = render_output (s, nombre & "_" & objDisk.DeviceID , tipo, objDisk.FreeSpace) - Next - end if - end if ' End of module_system - - ' ================================================ - ' module_file - ' ================================================ - if (lcase(contenidos_4(0)) = "module_file") Then - fichero = contenidos_4(1) - ' Parse 5th line (module FILE) - linea_5 = ts.ReadLine - contenidos_5 = Split(linea_5, " ") ' 5th line is word to search - busqueda = contenidos_5(1) - Set fso = CreateObject("Scripting.FileSystemObject") - debug_log fichero_log, chr(9) & "File module: " & fichero & " token " & busqueda - linea_encontrada = 0 - If Not fso.FileExists(fichero) Then ' If file doesnt exists - debug_log fichero_log, chr(9) & "Doesn't exist file " & fichero & " returning 0\n" - else - Set str_file = fs.OpenTextFile(fichero) ' File exists and - Do While Not str_file.AtEndOfStream - linea = str_file.ReadLine - If InStr(linea, busqueda) <> 0 Then ' Word founded ! - linea_encontrada = 1 - End If - Loop - str_file.Close - End If - s = render_output (s, nombre, tipo, linea_encontrada) - end if ' Fin de busqueda de array - - ' ================================================ - ' module_exec - ' ================================================ - if (lcase(contenidos_4(0)) = "module_exec") Then - ejecucion = contenidos_4(1) - debug_log fichero_log, chr(9) & "Exec module: " & ejecucion - Set objFSO = CreateObject("Scripting.FileSystemObject") - strFileName = objFSO.GetTempName - strFullName = objFSO.BuildPath(temporal, strFileName) - runCmd ejecucion & " >> " & strFullName - Set objFile = objFSO.OpenTextFile(strFullName) - salida = objFile.ReadLine ' Only read first line !!, be careful ! - objFile.Close - objFSO.DeleteFile(strFullName) - s = render_output( s, nombre, tipo, salida) - end if - - ' ================================================ - ' module_registry - ' ================================================ - if (lcase(contenidos_4(0)) = "module_registry") Then - entrada_registro = contenidos_4(1) - debug_log fichero_log, chr(9) & "Registry module: " & entrada_registro - salida = "" - on error resume next - salida = wshShell.regread(entrada_registro) - on error goto 0 - if salida = "" then - debug_log fichero_log, chr(9) & "Error reading Registry module: " & entrada_registro - end if - s = render_output ( s, nombre, tipo, salida) - end if ' end registry module - - ' ================================================ - ' module_eventid - ' ================================================ - if (lcase(contenidos_4(0)) = "module_eventid") Then - id_event_log = contenidos_4(1) - debug_log fichero_log, chr(9) & "EventLog module: " & id_event_log - Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2") - Set colLoggedEvents = objWMIService.ExecQuery ("Select * from Win32_NTLogEvent Where Logfile = 'Application' and Eventcode = '" & id_event_log & "'") - eventos = 0 - For Each objEvent in colLoggedEvents - eventos = eventos + 1 - eventos = eventos +1 - Next - s = render_output (s, nombre, tipo, eventos) - end if ' finalizo lectura de event log - end if ' Comienzo bucle de busqueda de modulos - end if ' Si la linea no es linea vacia - Loop - 'Close the file. - ts.Close - debug_log fichero_log, "*END PARSING MODULES" - - ' Creamos el filehandle y escribimos en el archivo - ' ================================================ - 'cierro el xml existente desde el principio - s = s & "" & vbcrlf - Set fs = CreateObject("Scripting.FileSystemObject") - Set a = fs.CreateTextFile(fichero_datos, True) - a.WriteLine(s) - a.Close - - ' Creamos el MD5 utilizando una llamada a md5.exe - ' =============================================== - runCmd PANDORA_HOME & "util\md5.exe " & fichero_datos & " > " & fichero_md5 - wscript.sleep 2000 ' espero 2 segundos - - ' Send using SSH data file - ' ==================================== - - ' First, check if entry in registry exists for SERVER, if not, break - salida = "" - on error resume next - hostkey_reg = "HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys\rsa2@22:" & SERVER - salida = wshShell.regread(hostkey_reg) - on error goto 0 - if salida = "" then - debug_log fichero_log, "Cannot read hostkey in registry. Please create manually using plink or read documentation" - wScript.echo "Cannot create hostkey in registry. Please create manually using plink or read documentation" - wScript.quit - end if - - ' if here, hostkey must exists, so simply connect - set WshShell = WScript.CreateObject("WScript.Shell") - WshShell.Run PANDORA_HOME & "util\pscp.exe -q -2 -l pandora -i " & PRIVATE_KEY & " " & fichero_wild & " pandora@" & SERVER & ":" &SERVER_IN, 0, 1 - - ' If debug mode, terminate here - if debug_mode Then - Set fs = CreateObject("Scripting.FileSystemObject") - Set a = fs.OpenTextFile(fichero_log,8, true) - texto = "DEBUG Mode: Terminating execution" - texto = texto & vbcrlf & "Writing output to "&fichero_datos - wScript.echo texto - a.WriteLine("DEBUG Terminating pandora agent") - a.Close - wScript.quit - End if - - ' Delete data files - ' ============================== - Set objFSO = CreateObject("Scripting.FileSystemObject") - objFSO.DeleteFile(fichero_datos) - objFSO.DeleteFile(fichero_md5) - pausa = INTERVALO * 1000 - WScript.Sleep pausa ' sleep get value in miliseconds, not seconds -loop while debug_mode = 0 ' Forever loop - -' ==================================================================== -' FUNCTION RunCmd(cmd) - Runs an internal command interpreter command. -' ==================================================================== -Function RunCmd (ByVal cmd) - Dim sh: Set sh = CreateObject("WScript.Shell") - sh.Run "%ComSpec% /c " & cmd ,0,1 -End Function - -' ================================================================ -' FUNCTION proceso (nombre) - Return 1 if process given is running -' ================================================================ -Function proceso (nombre) - proceso = 0 - for each Process in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("Win32_process") - if ( lcase(Process.Name) = lcase(nombre) ) then - proceso = 1 - end if - 'numeroProc = numeroProc + 1 - Next -End Function - -' ============================================================= -' FUNCTION servicio (nombre) - Return 1 if SERVICE is running -' ============================================================= -Function servicio (nombre) - servicio = 0 - for each Service in GetObject("winmgmts:{impersonationLevel=impersonate}!").InstancesOf ("Win32_service") - if ( lcase(Service.Name) = lcase(nombre) ) then - if (Service.State = "Running" ) then - servicio = 1 - end if - end if - Next -End Function - -' ============================================================= -' FUNCTION output render_output (output, name, type, data) -' ============================================================= -function render_output(output, name, tipo, data) - s = output - s = s & "" & vbcrlf - s = s & ""& name & "" & vbcrlf - s = s & "" & tipo & "" & vbcrlf - s = s & "" & data & "" & vbcrlf - s = s & "" & vbcrlf - render_output=s -end function - -' ============================================================= -' FUNCTION debug_log (file_output, line_output) -' ============================================================= -Sub debug_log(file_output, line_output) - if debug_mode Then - Set fs = CreateObject("Scripting.FileSystemObject") - Set a = fs.OpenTextFile(file_output,8, true) - a.WriteLine(line_output) - a.Close - End if -End Sub - -' ============================================================= -' FUNCTION check_init () - Check initial dependencies -' ============================================================= -Function check_init (config_file) - ' Check pandora_agent.conf - dim fso - Set fso = CreateObject("Scripting.FileSystemObject") - If Not fso.FileExists(config_file) Then - wScript.Echo "ERROR: Cannot find " & config_file - wScript.Quit - end if - - dim oFileSys - Set oFileSys=CreateObject("Scripting.FileSystemObject") - If NOT oFileSys.FileExists(PANDORA_HOME & "util\md5.exe") then - wScript.Echo "ERROR FATAL"& vbcrlf & "Cannot find md5.exe" & vbcrlf - wScript.Quit - End If - - 'Comprobar que ejecutamos con v5.6 de WSH - If CDbl(wScript.Version) < CDbl("5.6") then - text = " \n ERROR: Windows Scripting Host Incorrect version \n\n Your current version is " & wScript.Version & "\n \n Please download a latest version from http://msdn.microsoft.com/downloads/default.asp \n" - wScript.Echo Text - wScript.Quit - End if -End Function -' ====================================================== -' End program -' ====================================================== \ No newline at end of file diff --git a/pandora_agents/win32_old/util/cp.exe b/pandora_agents/win32_old/util/cp.exe deleted file mode 100755 index 60f1cc2b65..0000000000 Binary files a/pandora_agents/win32_old/util/cp.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/cut.exe b/pandora_agents/win32_old/util/cut.exe deleted file mode 100755 index a75f2963a7..0000000000 Binary files a/pandora_agents/win32_old/util/cut.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/date.exe b/pandora_agents/win32_old/util/date.exe deleted file mode 100755 index 069bae1481..0000000000 Binary files a/pandora_agents/win32_old/util/date.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/expr.exe b/pandora_agents/win32_old/util/expr.exe deleted file mode 100755 index bce338407b..0000000000 Binary files a/pandora_agents/win32_old/util/expr.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/gawk.exe b/pandora_agents/win32_old/util/gawk.exe deleted file mode 100755 index f4a2f21d3a..0000000000 Binary files a/pandora_agents/win32_old/util/gawk.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/grep.exe b/pandora_agents/win32_old/util/grep.exe deleted file mode 100755 index 9597377a38..0000000000 Binary files a/pandora_agents/win32_old/util/grep.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/head.exe b/pandora_agents/win32_old/util/head.exe deleted file mode 100755 index 7f5ef8764a..0000000000 Binary files a/pandora_agents/win32_old/util/head.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/instsrv.exe b/pandora_agents/win32_old/util/instsrv.exe deleted file mode 100755 index 7843634d82..0000000000 Binary files a/pandora_agents/win32_old/util/instsrv.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/keys/pandora_key.ppk b/pandora_agents/win32_old/util/keys/pandora_key.ppk deleted file mode 100755 index c1e073d15f..0000000000 --- a/pandora_agents/win32_old/util/keys/pandora_key.ppk +++ /dev/null @@ -1,16 +0,0 @@ -PuTTY-User-Key-File-2: ssh-dss -Encryption: none -Comment: dsa-key-20050412 -Public-Lines: 9 -AAAAB3NzaC1kc3MAAACAfOVX8VJ8obsiOFJN1xzKemFNQ7jAIq7leAIAyGreAA/O -JY0cDb77cPmTELipzP3siUxryNrKBagqxUsXdSod2S38ZKi8k3HHDv0c+vqwpuli -kCWJY1NDLCtJpW+O04CIWh4nONj0lYt8lMp+C6EH5fNIPDY0/X0iqiGXTLUTv2sA -AAAVAMrGiPzKcfBoQt0hweTZePlse1srAAAAgBYg9pPWxBHjaaazzt83SAjv8BvD -NmuzPrQVm1h7Ihq61wxNks5DthZ4vSX1iUlHiKQDzrEejQbAdnkMg0PePf33yxUg -Va1AL6JwFa/QIzT26B6DJrjTARJ3rRa5PSvOKJ72td8KYRtBfu8PEdjv4PDZ3Yar -JAhVTShpz5JzEzTrAAAAgC+hWM8qArg7Lpdg3oZnCz8M3+AYYtWEfGuoHsvi2t5y -R3C424D9uiyMA8jjqWwunhoZuJc9C+v+f5Qr8t3WTHOlZtx/ijz/4acb909k9pT8 -3vrEnFGUHhKeJy5WoVvgkT61y+wEqj5fPijAHY5L59CoKQveX0h6ipuDndPCXBe2 -Private-Lines: 1 -AAAAFAFicC6Gf7XGF4GvVFPyTm4Gt/rx -Private-MAC: e77da1863687c2003376572c4f12fa965d9f6d80 diff --git a/pandora_agents/win32_old/util/keys/pandora_key.ppk.pub b/pandora_agents/win32_old/util/keys/pandora_key.ppk.pub deleted file mode 100755 index 59a2da7b8b..0000000000 --- a/pandora_agents/win32_old/util/keys/pandora_key.ppk.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-dss AAAAB3NzaC1kc3MAAACAfOVX8VJ8obsiOFJN1xzKemFNQ7jAIq7leAIAyGreAA/OJY0cDb77cPmTELipzP3siUxryNrKBagqxUsXdSod2S38ZKi8k3HHDv0c+vqwpulikCWJY1NDLCtJpW+O04CIWh4nONj0lYt8lMp+C6EH5fNIPDY0/X0iqiGXTLUTv2sAAAAVAMrGiPzKcfBoQt0hweTZePlse1srAAAAgBYg9pPWxBHjaaazzt83SAjv8BvDNmuzPrQVm1h7Ihq61wxNks5DthZ4vSX1iUlHiKQDzrEejQbAdnkMg0PePf33yxUgVa1AL6JwFa/QIzT26B6DJrjTARJ3rRa5PSvOKJ72td8KYRtBfu8PEdjv4PDZ3YarJAhVTShpz5JzEzTrAAAAgC+hWM8qArg7Lpdg3oZnCz8M3+AYYtWEfGuoHsvi2t5yR3C424D9uiyMA8jjqWwunhoZuJc9C+v+f5Qr8t3WTHOlZtx/ijz/4acb909k9pT83vrEnFGUHhKeJy5WoVvgkT61y+wEqj5fPijAHY5L59CoKQveX0h6ipuDndPCXBe2 dsa-key-20050412 \ No newline at end of file diff --git a/pandora_agents/win32_old/util/ls.exe b/pandora_agents/win32_old/util/ls.exe deleted file mode 100755 index 388af5eb41..0000000000 Binary files a/pandora_agents/win32_old/util/ls.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/md5.exe b/pandora_agents/win32_old/util/md5.exe deleted file mode 100755 index 8bdc35ccc8..0000000000 Binary files a/pandora_agents/win32_old/util/md5.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/plink.exe b/pandora_agents/win32_old/util/plink.exe deleted file mode 100755 index 93cfe39e04..0000000000 Binary files a/pandora_agents/win32_old/util/plink.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/pscp.exe b/pandora_agents/win32_old/util/pscp.exe deleted file mode 100755 index fd11467ca6..0000000000 Binary files a/pandora_agents/win32_old/util/pscp.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/pskill.exe b/pandora_agents/win32_old/util/pskill.exe deleted file mode 100755 index eaec20bfd2..0000000000 Binary files a/pandora_agents/win32_old/util/pskill.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/pslist.exe b/pandora_agents/win32_old/util/pslist.exe deleted file mode 100755 index a4706185d9..0000000000 Binary files a/pandora_agents/win32_old/util/pslist.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/puttygen.exe b/pandora_agents/win32_old/util/puttygen.exe deleted file mode 100755 index 8a43b5cd1c..0000000000 Binary files a/pandora_agents/win32_old/util/puttygen.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/scp.exe b/pandora_agents/win32_old/util/scp.exe deleted file mode 100755 index d9bf49d070..0000000000 Binary files a/pandora_agents/win32_old/util/scp.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/srvany.exe b/pandora_agents/win32_old/util/srvany.exe deleted file mode 100755 index cb31ec65db..0000000000 Binary files a/pandora_agents/win32_old/util/srvany.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/tail.exe b/pandora_agents/win32_old/util/tail.exe deleted file mode 100755 index 36c2abc22f..0000000000 Binary files a/pandora_agents/win32_old/util/tail.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/tr.exe b/pandora_agents/win32_old/util/tr.exe deleted file mode 100755 index 249cc46c09..0000000000 Binary files a/pandora_agents/win32_old/util/tr.exe and /dev/null differ diff --git a/pandora_agents/win32_old/util/wc.exe b/pandora_agents/win32_old/util/wc.exe deleted file mode 100755 index c0a2d1cd17..0000000000 Binary files a/pandora_agents/win32_old/util/wc.exe and /dev/null differ