adding add_client to server

src/client_backend/client_backend.cpp

@@ -27,7 +27,6 @@ int main() {
     }
     load_settings();
     initialize(DB_DIR); //load the hash databases into memory
-    //download_file_from_srv("http://192.168.27.13/api/php/settings/get_settings.php?settings", "c:\\programdata\\jakach\\out12.txt");
 
     //start a second thread which will scan for new files
     if (get_setting("rtp_folder_scan:status") == 1) {

src/client_backend/client_backend.vcxproj

@@ -148,6 +148,7 @@
     <ClCompile Include="permissions.cpp" />
     <ClCompile Include="queue _ctrl.cpp" />
     <ClCompile Include="scan.cpp" />
+    <ClCompile Include="security.cpp" />
     <ClCompile Include="settings.cpp" />
     <ClCompile Include="thread_ctrl.cpp" />
     <ClCompile Include="update.cpp" />
@@ -164,6 +165,7 @@
     <ClInclude Include="queue_ctrl.h" />
     <ClInclude Include="resource.h" />
     <ClInclude Include="scan.h" />
+    <ClInclude Include="security.h" />
     <ClInclude Include="settings.h" />
     <ClInclude Include="thread_ctrl.h" />
     <ClInclude Include="update.h" />

src/client_backend/client_backend.vcxproj.filters

@@ -63,6 +63,9 @@
     <ClCompile Include="update.cpp">
       <Filter>Headerdateien</Filter>
     </ClCompile>
+    <ClCompile Include="security.cpp">
+      <Filter>Headerdateien</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="md5hash.h">
@@ -110,6 +113,9 @@
     <ClInclude Include="update.h">
       <Filter>Headerdateien</Filter>
     </ClInclude>
+    <ClInclude Include="security.h">
+      <Filter>Headerdateien</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <ResourceCompile Include="client_backend.rc">

src/client_backend/connect.cpp

@@ -2,6 +2,8 @@
 #ifndef CONNECT_CPP
 #define CONNECT_CPP
 #include "connect.h"
+#include "well_known.h"
+#include "security.h"
 
 static size_t WriteCallback(void* contents, size_t size, size_t nmemb, void* userp)
 {
@@ -43,11 +45,14 @@ size_t write_callback(void* contents, size_t size, size_t nmemb, void* userp) {
 
 int download_file_from_srv(const char* url, const char* output_file_path) {
     //use curl to download a file from a server
-
+    char*temp_path = new char[515];
+    char* buf = new char[55];
+    strcpy_s(temp_path,495, output_file_path);
+    strcat_s(temp_path,505, ".temp");
     CURL* curl;
     CURLcode res;
     FILE* output_file;
-    char*buf=new char[55];
+
     curl = curl_easy_init();
     if (!curl) {
         return 1;
@@ -57,7 +62,7 @@ int download_file_from_srv(const char* url, const char* output_file_path) {
     curl_easy_setopt(curl, CURLOPT_URL, url);
 
     // Create a file to write the downloaded data
-    output_file = fopen(output_file_path, "wb");
+    output_file = fopen(temp_path, "wb");
     if (!output_file) {
         curl_easy_cleanup(curl);
         return 2;
@@ -75,7 +80,7 @@ int download_file_from_srv(const char* url, const char* output_file_path) {
     // Cleanup and close the file
     curl_easy_cleanup(curl);
     fclose(output_file);
-    if ((output_file = fopen(output_file_path, "r")) == 0) {
+    if ((output_file = fopen(temp_path, "r")) == 0) {
         return 4;
     }
     else {
@@ -84,9 +89,19 @@ int download_file_from_srv(const char* url, const char* output_file_path) {
             fclose(output_file);
             return 5;
         }
+        else if(check_cert(buf, SECRETS)!=0){
+            if (rename(temp_path, output_file_path)) {
+				fclose(output_file);
+				return 6;
+            }
+        }else {
+        	fclose(output_file);
+			return 7;
+        }
         fclose(output_file);
     }
     delete[] buf;
+    delete[] temp_path;
     return 0;
 }
 

src/client_backend/security.cpp

@@ -0,0 +1,60 @@
+#include "security.h"
+
+int check_cert(const char*cert,const char*secrets_path) {
+	FILE* fp;
+	if (fopen_s(&fp, secrets_path, "r") != 0) {
+		return 1;
+	}
+	else {
+		char*secrets = new char[300];
+		while (!feof(fp)) {
+			fscanf_s(fp, "%s", secrets, 295); // get the secret
+			if (strcmp("cert", secrets) == 0) {
+				fscanf_s(fp, "%s", secrets, 295); // get the secret
+				if (strcmp(cert, secrets) == 0) {
+					delete[] secrets;
+					return 0;
+				}
+			}
+		}
+		delete[] secrets;
+		return 2;
+	}
+
+}
+char* get_apikey(const char* secrets_path) {
+	FILE* fp;
+	if (fopen_s(&fp, secrets_path, "r") != 0) {
+		return 0;
+	}
+	else {
+		char*secrets = new char[300];
+		while (!feof(fp)) {
+			fscanf_s(fp, "%s", secrets, 295); // get the secret
+			if (strcmp("apikey", secrets) == 0) {
+				fscanf_s(fp, "%s", secrets, 295); // get the secret
+				return secrets;
+			}
+		}
+		delete[] secrets;
+		return 0;
+	}
+}
+char* get_machineid(const char*secrets_path){
+	FILE* fp;
+	if (fopen_s(&fp, secrets_path, "r") != 0) {
+		return 0;
+	}
+	else {
+		char* secrets = new char[300];
+		while (!feof(fp)) {
+			fscanf_s(fp, "%s", secrets, 295); // get the secret
+			if (strcmp("machineid", secrets) == 0) {
+				fscanf_s(fp, "%s", secrets, 295); // get the secret
+				return secrets;
+			}
+		}
+		delete[] secrets;
+		return 0;
+	}
+}

src/client_backend/security.h

@@ -0,0 +1,10 @@
+#pragma once
+#ifndef SECURITY_H
+#define SECURITY_H
+#include <string>
+#include <iostream>
+#include <fstream>
+int check_cert(const char* cert,const char* secrets_path);
+char*get_apikey(const char*secrets_path);
+char* get_machineid(const char*secrets_path);
+#endif // !SECURITY_H

src/client_backend/update.cpp

@@ -46,9 +46,9 @@ int update_settings() {
 	get_setting("server:server_url", url);
 	strcat_s(url, 500, "/api/php/settings/get_settings.php?settings");
 	int res = download_file_from_srv(url, SETTINGS_DB);
-	//res = 0;
+	//int res = 0;
 	if (res != 0) {
-		log(LOGLEVEL::ERR, "[update_db()]: Error downloading settings database file from server", url, " ERROR:",res);
+		log(LOGLEVEL::ERR, "[update_settings()]: Error downloading settings database file from server", url, " ERROR:",res);
 		return 1;
 	}
 

src/client_backend/well_known.h

@@ -31,6 +31,8 @@
 
 #define QUARANTINE_PATH "C:\\Program Files\\cyberhex\\secure\\quarantine"
 
+#define SECRETS "C:\\Program Files\\cyberhex\\secure\\settings\\secrets.txt"
+
 #define PERIODIC_FOLDER_SCAN "C:\\Program Files\\cyberhex\\secure\\database\\folder\\periodic_folder_scan.txt"
 #define PERIODIC_FOLDER_SCAN_TEMP_DB "C:\\Program Files\\cyberhex\\secure\\database\\folder\\temp_db.txt"
 

src/client_backend/x64/Debug/client_backend.log

@@ -1,4 +1,53 @@
   Quellen werden auf Modulabhängigkeiten überprüft...
+  check_dir.cpp
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\check_dir.cpp(361,7): warning C4101: "fp": Unreferenzierte lokale Variable
+C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244: "Argument": Konvertierung von "wchar_t" in "const _Elem", möglicher Datenverlust
+C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:         with
+C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:         [
+C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:             _Elem=char
+C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:         ]
+  (Quelldatei „check_dir.cpp“ wird kompiliert)
+  C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53):
+  der Vorlageninstanziierungskontext (der älteste zuerst) ist
+  	C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\check_dir.cpp(155,29):
+  	Siehe Verweis auf die gerade kompilierte Instanziierung "std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<std::_String_iterator<std::_String_val<std::_Simple_types<_Elem>>>,0>(_Iter,_Iter,const _Alloc &)" der Funktions-Vorlage.
+          with
+          [
+              _Elem=wchar_t,
+              _Iter=std::_String_iterator<std::_String_val<std::_Simple_types<wchar_t>>>,
+              _Alloc=std::allocator<char>
+          ]
+  		C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\check_dir.cpp(155,29):
+  		Ersten Verweis auf "std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string" in "process_changes" anzeigen
+  	C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2590,17):
+  	Siehe Verweis auf die gerade kompilierte Instanziierung "void std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Construct_from_iter<wchar_t*,wchar_t*,_Size_type>(_Iter,const _Sent,_Size)" der Funktions-Vorlage.
+          with
+          [
+              _Size_type=unsigned __int64,
+              _Iter=wchar_t *,
+              _Sent=wchar_t *,
+              _Size=unsigned __int64
+          ]
+  
+  client_backend.cpp
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244: "Argument": Konvertierung von "_Rep" in "DWORD", möglicher Datenverlust
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:         with
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:         [
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:             _Rep=__int64
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:         ]
   connect.cpp
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\connect.cpp(103,65): warning C4267: "Argument": Konvertierung von "size_t" nach "int", Datenverlust möglich
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\connect.cpp(118,65): warning C4267: "Argument": Konvertierung von "size_t" nach "int", Datenverlust möglich
-  client_backend.vcxproj -> C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\client_backend.exe
+  local_com.cpp
+  local_schedule.cpp
+  log.cpp
+  md5hash.cpp
+  scan.cpp
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\scan.cpp(153,32): warning C4018: ">=": Konflikt zwischen "signed" und "unsigned"
+  security.cpp
+  settings.cpp
+  thread_ctrl.cpp
+  update.cpp
+  virus_ctrl.cpp
+  Code wird generiert...
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\md5hash.cpp(36): warning C4715: "md5_file": Nicht alle Codepfade geben einen Wert zurück.
+LINK : fatal error LNK1168: "C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\client_backend.exe" kann nicht zum Schreiben geöffnet werden.

src/server/cyberhex-code/api/php/accessctrl/check_apikey.php

@@ -29,4 +29,34 @@ function check_apikey(){
 		}
 	}
 }
+function load_secret(){
+	include "../../../config.php";
+	$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
+		if ($conn->connect_error) {
+			$success=0;
+			die("Connection failed: " . $conn->connect_error);
+		}
+	if(!isset($_GET["apikey"]) or !isset($_GET["machineid"])){
+		return false;
+	}
+	else{
+		$apikey=$_GET["apikey"];
+		$machineid=$_GET["machineid"];
+		$sql = "SELECT * FROM secrets machineid = ?";
+		$stmt = $conn->prepare($sql);
+		$stmt->bind_param("s",$machineid);
+		
+		// Execute the statement
+		$stmt->execute();
+
+		// Get the result
+		$result = $stmt->get_result();
+		
+		$row = $result->fetch_assoc();
+		if($row!==null){
+			return $row["cert"];
+		}
+	}
+	
+}
 ?>

src/server/cyberhex-code/api/php/settings/get_settings.php

@@ -24,12 +24,14 @@ if(isset($_GET["settings"])){
 		rtp_folder_scan:status on
 	*/
 	load_settings();
+	echo(load_secret());
 	echo("virus_ctrl:virus_found:action ".$setting_virus_ctrl_virus_found_action."\n");
 	echo("server:server_url ".$setting_server_server_url."\n");
 	echo("rtp_folder_scan:status ".$setting_rtp_folder_scan_status."\n");
 	echo("rtp_process_scan:status ".$setting_rtp_process_scan_status."\n");
 }
 if(isset($_GET["rtp_included"])){
+	echo(load_secret());
 	//load all the entrys from a db table
 	$sql = "SELECT path,id FROM rtp_included ORDER BY id";
 	$stmt = $conn->prepare($sql);
@@ -44,6 +46,7 @@ if(isset($_GET["rtp_included"])){
 	
 }
 if(isset($_GET["rtp_excluded"])){
+	echo(load_secret());
 	//load all the entrys from a db table
 	$sql = "SELECT path,id FROM rtp_excluded ORDER BY id";
 	$stmt = $conn->prepare($sql);
@@ -58,6 +61,7 @@ if(isset($_GET["rtp_excluded"])){
 	
 }
 if(isset($_GET["sched"])){
+	echo(load_secret());
 	//load all the entrys from a db table
 	$sql = "SELECT task,id FROM user_tasks ORDER BY id";
 	$stmt = $conn->prepare($sql);

src/server/cyberhex-code/system/secure_zone/php/add_client.php

@@ -0,0 +1,49 @@
+<?php
+session_start();
+
+// Check if the user is logged in
+if (!isset($_SESSION['username']) or !isset($_SESSION["login"])) {
+    // Redirect to the login page or handle unauthorized access
+    header("Location: /login.php");
+    exit();
+}
+
+$username = $_SESSION['username'];
+$perms = $_SESSION["perms"];
+$email = $_SESSION["email"];
+if($perms[7]!=="1"){
+	header("location:/system/insecure_zone/php/no_access.php");
+	$block=1;
+	exit();
+}else{
+	$block=0;
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script>
+	 <title>Change Password</title>
+</head>
+<body>
+
+<div class="container mt-5">
+    <div class="row justify-content-center">
+        <div class="col-md-6">
+            <div class="card">
+                <div class="card-header">
+                    <h4>Add a machine</h4>
+                </div>
+                <div class="card-body">
+					<form action="add_client.php?add=true" method="post">
+                        <button type="submit" class="btn btn-primary btn-block">Add Machine</button>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+</body>
+</html>