updating communication

.gitignore

@@ -36,3 +36,4 @@
 #certification files
 *.pem
 *.key
+*.vsidx

src/client_backend/client_backend.cpp

@@ -22,7 +22,16 @@ int main() {
     log(LOGLEVEL::INFO, "[main()]:Starting main thread.");
 	printf("welcome to the jakach security tool main thread\n");
     load_settings();//load the settings from the settings file
-    if (update_settings()) { //update the settings from the server
+    if (update_settings("settings")) { //update the settings from the server
+        log(LOGLEVEL::ERR, "[main()]:Could not update settings from server.");
+    }
+    if (update_settings("rtp_included")) { //update the settings from the server
+        log(LOGLEVEL::ERR, "[main()]:Could not update settings from server.");
+    }
+    if (update_settings("rtp_excluded")) { //update the settings from the server
+        log(LOGLEVEL::ERR, "[main()]:Could not update settings from server.");
+    }
+    if (update_settings("sched")) { //update the settings from the server
         log(LOGLEVEL::ERR, "[main()]:Could not update settings from server.");
     }
     load_settings();

src/client_backend/connect.cpp

@@ -46,7 +46,7 @@ size_t write_callback(void* contents, size_t size, size_t nmemb, void* userp) {
 int download_file_from_srv(const char* url, const char* output_file_path) {
     //use curl to download a file from a server
     char*temp_path = new char[515];
-    char* buf = new char[55];
+    char* buf = new char[505];
     strcpy_s(temp_path,495, output_file_path);
     strcat_s(temp_path,505, ".temp");
     CURL* curl;
@@ -84,7 +84,7 @@ int download_file_from_srv(const char* url, const char* output_file_path) {
         return 4;
     }
     else {
-        fscanf(output_file, "%50s", buf);
+        fscanf(output_file, "%500s", buf);
         if (strcmp(buf, "no_auth") == 0) {
             fclose(output_file);
             return 5;

src/client_backend/security.cpp

@@ -6,11 +6,11 @@ int check_cert(const char*cert,const char*secrets_path) {
 		return 1;
 	}
 	else {
-		char*secrets = new char[300];
+		char*secrets = new char[505];
 		while (!feof(fp)) {
-			fscanf_s(fp, "%s", secrets, 295); // get the secret
+			fscanf_s(fp, "%s", secrets, 500); // get the secret
 			if (strcmp("cert", secrets) == 0) {
-				fscanf_s(fp, "%s", secrets, 295); // get the secret
+				fscanf_s(fp, "%s", secrets, 500); // get the secret
 				if (strcmp(cert, secrets) == 0) {
 					delete[] secrets;
 					return 0;
@@ -28,11 +28,11 @@ char* get_apikey(const char* secrets_path) {
 		return 0;
 	}
 	else {
-		char*secrets = new char[300];
+		char*secrets = new char[505];
 		while (!feof(fp)) {
-			fscanf_s(fp, "%s", secrets, 295); // get the secret
+			fscanf_s(fp, "%s", secrets, 500); // get the secret
 			if (strcmp("apikey", secrets) == 0) {
-				fscanf_s(fp, "%s", secrets, 295); // get the secret
+				fscanf_s(fp, "%s", secrets, 500); // get the secret
 				return secrets;
 			}
 		}

src/client_backend/update.cpp

@@ -4,7 +4,7 @@
 #include "log.h"
 #include "connect.h"
 #include "settings.h"
-
+#include "security.h"
 
 int update_db(const std::string& folder_path) {
 	//download the databases from the server
@@ -40,12 +40,25 @@ int update_db(const std::string& folder_path) {
 	}
 	return 0;
 }
-int update_settings() {
+int update_settings(const char*settings_type) {
 	//create the strings to download the files
-	char* url = new char[500];
+	char* url = new char[1000];
 	get_setting("server:server_url", url);
-	strcat_s(url, 500, "/api/php/settings/get_settings.php?settings");
-	int res = download_file_from_srv(url, SETTINGS_DB);
+	strcat_s(url, 1000, "/api/php/settings/get_settings.php?");//need to add machine_id and apikey
+	strcat_s(url, 1000, settings_type);
+	strcat_s(url, 1000, "&machine_id=");
+	strcat_s(url, 1000, get_machineid(SECRETS));
+	strcat_s(url, 1000, "&apikey=");
+	strcat_s(url, 1000, get_apikey(SECRETS));
+	int res = 1;
+	if(strcmp(settings_type,"settings")==0)
+		res = download_file_from_srv(url, SETTINGS_DB);
+	else if (strcmp(settings_type, "rtp_inlcuded") == 0)
+		res = download_file_from_srv(url, INCLUDED_FOLDERS);
+	else if (strcmp(settings_type, "rtp_excluded") == 0)
+		res = download_file_from_srv(url, EXCLUDED_FOLDERS);
+	else if (strcmp(settings_type, "sched") == 0)
+		res = download_file_from_srv(url, SCHED_PATH);
 	//int res = 0;
 	if (res != 0) {
 		log(LOGLEVEL::ERR, "[update_settings()]: Error downloading settings database file from server", url, " ERROR:",res);

src/client_backend/update.h

@@ -4,5 +4,5 @@
 #include <curl/curl.h>
 #include<string>
 int update_db(const std::string& folder_path);
-int update_settings();
+int update_settings(const char*settings_type);
 #endif

src/client_backend/x64/Debug/client_backend.log

@@ -1,53 +1,3 @@
   Quellen werden auf Modulabhängigkeiten überprüft...
-  check_dir.cpp
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\check_dir.cpp(361,7): warning C4101: "fp": Unreferenzierte lokale Variable
-C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244: "Argument": Konvertierung von "wchar_t" in "const _Elem", möglicher Datenverlust
-C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:         with
-C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:         [
-C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:             _Elem=char
-C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53): warning C4244:         ]
-  (Quelldatei „check_dir.cpp“ wird kompiliert)
-  C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2749,53):
-  der Vorlageninstanziierungskontext (der älteste zuerst) ist
-  	C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\check_dir.cpp(155,29):
-  	Siehe Verweis auf die gerade kompilierte Instanziierung "std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string<std::_String_iterator<std::_String_val<std::_Simple_types<_Elem>>>,0>(_Iter,_Iter,const _Alloc &)" der Funktions-Vorlage.
-          with
-          [
-              _Elem=wchar_t,
-              _Iter=std::_String_iterator<std::_String_val<std::_Simple_types<wchar_t>>>,
-              _Alloc=std::allocator<char>
-          ]
-  		C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\check_dir.cpp(155,29):
-  		Ersten Verweis auf "std::basic_string<char,std::char_traits<char>,std::allocator<char>>::basic_string" in "process_changes" anzeigen
-  	C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\MSVC\14.38.33130\include\xstring(2590,17):
-  	Siehe Verweis auf die gerade kompilierte Instanziierung "void std::basic_string<char,std::char_traits<char>,std::allocator<char>>::_Construct_from_iter<wchar_t*,wchar_t*,_Size_type>(_Iter,const _Sent,_Size)" der Funktions-Vorlage.
-          with
-          [
-              _Size_type=unsigned __int64,
-              _Iter=wchar_t *,
-              _Sent=wchar_t *,
-              _Size=unsigned __int64
-          ]
-  
-  client_backend.cpp
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244: "Argument": Konvertierung von "_Rep" in "DWORD", möglicher Datenverlust
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:         with
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:         [
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:             _Rep=__int64
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\client_backend.cpp(73,24): warning C4244:         ]
-  connect.cpp
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\connect.cpp(118,65): warning C4267: "Argument": Konvertierung von "size_t" nach "int", Datenverlust möglich
-  local_com.cpp
-  local_schedule.cpp
-  log.cpp
-  md5hash.cpp
-  scan.cpp
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\scan.cpp(153,32): warning C4018: ">=": Konflikt zwischen "signed" und "unsigned"
-  security.cpp
-  settings.cpp
-  thread_ctrl.cpp
   update.cpp
-  virus_ctrl.cpp
-  Code wird generiert...
-C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\md5hash.cpp(36): warning C4715: "md5_file": Nicht alle Codepfade geben einen Wert zurück.
-LINK : fatal error LNK1168: "C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\client_backend.exe" kann nicht zum Schreiben geöffnet werden.
+  client_backend.vcxproj -> C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\client_backend.exe

src/client_backend/x64/Debug/client_backend.tlog/Cl.items.tlog

@@ -10,6 +10,7 @@ C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\md5hash.cpp;C:\
 C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\permissions.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\permissions.obj
 C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\queue _ctrl.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\queue _ctrl.obj
 C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\scan.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\scan.obj
+C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\security.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\security.obj
 C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\settings.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\settings.obj
 C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\thread_ctrl.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\thread_ctrl.obj
 C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\update.cpp;C:\Users\janis\Documents\Projekte_mit_c\ma\ma\src\client_backend\x64\Debug\update.obj

src/ma_installer/ma_installer.cpp

@@ -7,6 +7,7 @@
 #include <sddl.h>
 #include <stdio.h>
 #include "download.h"
+#include "well_known.h"
 #pragma comment(lib, "advapi32.lib")
 /*
 Tasks to do:
@@ -197,6 +198,83 @@ int create_insecure_folder(LPCWSTR folderpath) {
     }
     return error;
 }
+
+int check_cert(const char* cert, const char* secrets_path) {
+    FILE* fp;
+    if (fopen_s(&fp, secrets_path, "r") != 0) {
+        return 1;
+    }
+    else {
+        char* secrets = new char[300];
+        while (!feof(fp)) {
+            fscanf_s(fp, "%s", secrets, 295); // get the secret
+            if (strcmp("cert", secrets) == 0) {
+                fscanf_s(fp, "%s", secrets, 295); // get the secret
+                if (strcmp(cert, secrets) == 0) {
+                    delete[] secrets;
+                    return 0;
+                }
+            }
+        }
+        delete[] secrets;
+        return 2;
+    }
+
+}
+char* get_apikey(const char* secrets_path) {
+    FILE* fp;
+    if (fopen_s(&fp, secrets_path, "r") != 0) {
+        return 0;
+    }
+    else {
+        char* secrets = new char[300];
+        while (!feof(fp)) {
+            fscanf_s(fp, "%s", secrets, 295); // get the secret
+            if (strcmp("apikey", secrets) == 0) {
+                fscanf_s(fp, "%s", secrets, 295); // get the secret
+                return secrets;
+            }
+        }
+        delete[] secrets;
+        return 0;
+    }
+}
+char* get_machineid(const char* secrets_path) {
+    FILE* fp;
+    if (fopen_s(&fp, secrets_path, "r") != 0) {
+        return 0;
+    }
+    else {
+        char* secrets = new char[300];
+        while (!feof(fp)) {
+            fscanf_s(fp, "%s", secrets, 295); // get the secret
+            if (strcmp("machineid", secrets) == 0) {
+                fscanf_s(fp, "%s", secrets, 295); // get the secret
+                return secrets;
+            }
+        }
+        delete[] secrets;
+        return 0;
+    }
+}
+char* get_server(const char* secrets_path) {
+    FILE* fp;
+    if (fopen_s(&fp, secrets_path, "r") != 0) {
+        return 0;
+    }
+    else {
+        char* secrets = new char[300];
+        while (!feof(fp)) {
+            fscanf_s(fp, "%s", secrets, 295); // get the secret
+            if (strcmp("server", secrets) == 0) {
+                fscanf_s(fp, "%s", secrets, 295); // get the secret
+                return secrets;
+            }
+        }
+        delete[] secrets;
+        return 0;
+    }
+}
 int main()
 {
     printf("Welcome to the Cyberhex installer!\n");
@@ -251,6 +329,16 @@ int main()
         }
 
         //download files from server
+        FILE* fp;
+        char*apikey=get_apikey("secrets.txt");
+        char*machineid=get_machineid("secrets.txt");
+        char* server_url = get_server("setup.txt");
+        //copy secrets.txt into the secrets folder
+        if (rename("secrets.txt", SECRETS)!=0) {
+			error = 8;
+		}
+        //download all the other files
+
         if (error == 0) {
             printf("Downloading files from server\n");
             printf("Downloading cyberhex.exe\n");
@@ -366,6 +454,10 @@ int main()
         printf("Failed to download file\n");
         MessageBox(NULL, L"Failed to download file", L"Error", MB_OK);
 		break;
+    case 8:
+		printf("Failed to open secrets.txt\n");
+		MessageBox(NULL, L"Failed to open secrets.txt", L"Error", MB_OK);
+		break;
     default:
         break;
     }

src/ma_installer/well_known.h

@@ -0,0 +1,42 @@
+#pragma once
+#pragma once
+#ifndef WELL_KNOWN_H
+#define WELL_KNOWN_H
+#define MAIN_COM "main_com.txt"
+#define MAIN_COM_PATH "C:\\Program Files\\cyberhex\\com\\main_com.txt"
+#define ANSWER_COM "answer_com.txt"
+#define ANSWER_COM_PATH "C:\\Program Files\\cyberhex\\com\\answer_com.txt"
+
+#define SECURE_COM "secure_com.txt"
+#define SECURE_COM_PATH "C:\\Program Files\\cyberhex\\secure\\com\\secure_com.txt"
+
+#define SCHED "sched.txt"
+#define SCHED_PATH "C:\\Program Files\\cyberhex\\secure\\settings\\sched.txt"
+
+#define LOGFILE "C:\\Program Files\\cyberhex\\secure\\log\\log.txt"
+#define INFOFILE "C:\\Program Files\\cyberhex\\secure\\log\\info.txt"
+#define WARNFILE "C:\\Program Files\\cyberhex\\secure\\log\\warn.txt"
+#define ERRORFILE "C:\\Program Files\\cyberhex\\secure\\log\\error.txt"
+#define VIRUSFILE "C:\\Program Files\\cyberhex\\secure\\log\\virus.txt"
+#define RISKFILE "C:\\Program Files\\cyberhex\\secure\\log\\risk.txt"
+#define SRV_LOGFILE "C:\\Program Files\\cyberhex\\secure\\log\\srv_log.txt"
+
+
+#define FOLDER_DATABASE_DIR "C:\\Program Files\\cyberhex\\secure\\database\\folder"
+
+#define DB_DIR "C:\\Program Files\\cyberhex\\secure\\database"
+
+#define VIRUS_CTRL_DB "C:\\Program Files\\cyberhex\\secure\\database\\virus_ctrl_db.txt"
+
+#define SETTINGS_DB "C:\\Program Files\\cyberhex\\secure\\settings\\settings_db.txt"
+
+#define QUARANTINE_PATH "C:\\Program Files\\cyberhex\\secure\\quarantine"
+
+#define SECRETS "C:\\Program Files\\cyberhex\\secure\\settings\\secrets.txt"
+
+#define PERIODIC_FOLDER_SCAN "C:\\Program Files\\cyberhex\\secure\\database\\folder\\periodic_folder_scan.txt"
+#define PERIODIC_FOLDER_SCAN_TEMP_DB "C:\\Program Files\\cyberhex\\secure\\database\\folder\\temp_db.txt"
+
+#define INCLUDED_FOLDERS "C:\\Program Files\\cyberhex\\secure\\settings\\included_folders.txt"
+#define EXCLUDED_FOLDERS "C:\\Program Files\\cyberhex\\secure\\settings\\excluded_folders.txt"
+#endif // !WELL_KNOWN_H

src/server/cyberhex-code/api/php/accessctrl/check_apikey.php

@@ -12,7 +12,7 @@ function check_apikey(){
 	else{
 		$apikey=$_GET["apikey"];
 		$machineid=$_GET["machineid"];
-		$sql = "SELECT * FROM api WHERE apikey = ? and machineid = ?";
+		$sql = "SELECT * FROM api WHERE apikey = ? and machine_id = ?";
 		$stmt = $conn->prepare($sql);
 		$stmt->bind_param("ss", $apikey,$machineid);
 		
@@ -28,6 +28,7 @@ function check_apikey(){
 			//apikey authenticated
 		}
 	}
+	return false;
 }
 function load_secret(){
 	include "../../../config.php";
@@ -37,12 +38,12 @@ function load_secret(){
 			die("Connection failed: " . $conn->connect_error);
 		}
 	if(!isset($_GET["apikey"]) or !isset($_GET["machineid"])){
-		return false;
+		return "nan";
 	}
 	else{
 		$apikey=$_GET["apikey"];
 		$machineid=$_GET["machineid"];
-		$sql = "SELECT * FROM secrets machineid = ?";
+		$sql = "SELECT * FROM secrets machine_id = ?";
 		$stmt = $conn->prepare($sql);
 		$stmt->bind_param("s",$machineid);
 		
@@ -57,6 +58,6 @@ function load_secret(){
 			return $row["cert"];
 		}
 	}
-	
+	return "nan";
 }
 ?>

src/server/cyberhex-code/system/secure_zone/php/add_client.php

@@ -107,11 +107,13 @@ include "../../../config.php";
 						$row = $result->fetch_assoc();
 						if($row!==null){
 							$this_server=$row["value"];
+						}else{
+							$this_server="http://localhost";
 						}
 						$stmt -> close();
 						//create the files and download them
 						$fp=fopen("/var/www/html/export/setup.txt","w");
-						fwrite($fp,"$this_server");
+						fwrite($fp,"server $this_server");
 						fclose($fp);
 						$fp=fopen("/var/www/html/export/secrets.txt","w");
 						fwrite($fp,"machineid $machineid\n");