-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathProgram.cs
More file actions
123 lines (105 loc) · 4.1 KB
/
Program.cs
File metadata and controls
123 lines (105 loc) · 4.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
using DetonatorAgent.Services;
using DetonatorAgent.EdrPlugins;
var builder = WebApplication.CreateBuilder(args);
// Configure Kestrel to accept larger request bodies (100MB)
builder.WebHost.ConfigureKestrel(serverOptions =>
{
serverOptions.Limits.MaxRequestBodySize = 104857600; // 100 MB
});
// Configure console logging to use simple format
builder.Logging.ClearProviders();
builder.Logging.AddSimpleConsole(options =>
{
options.SingleLine = true;
options.IncludeScopes = false;
options.TimestampFormat = "yyyy-MM-dd HH:mm:ss ";
});
// Configure port from command line argument or use default from appsettings.json (8080)
var portArg = args.FirstOrDefault(arg => arg.StartsWith("--port="))?.Split('=')[1];
if (!string.IsNullOrEmpty(portArg))
{
builder.WebHost.UseUrls($"http://0.0.0.0:{portArg}");
}
// Add services to the container.
builder.Services.AddControllers();
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
// Register lock service as singleton to maintain state across requests
builder.Services.AddSingleton<ILockService, LockService>();
// Register execution tracking service as singleton to maintain state across requests
builder.Services.AddSingleton<ExecutionTrackingService>();
// Register agent log service as singleton to maintain logs across requests
builder.Services.AddSingleton<AgentLogService>();
builder.Services.AddSingleton<IAgentLogService>(provider => provider.GetRequiredService<AgentLogService>());
// Register platform-specific services
if (OperatingSystem.IsWindows()) {
// Register all Windows execution service implementations
builder.Services.AddSingleton<IExecutionService, WindowsExecutionServiceExec>();
builder.Services.AddSingleton<IExecutionService, WindowsExecutionServiceAutoit>();
builder.Services.AddSingleton<IExecutionService, WindowsExecutionServiceClickfix>();
}
else {
// Register Linux execution service implementation
builder.Services.AddSingleton<IExecutionService, LinuxExecutionService>();
}
// Register EDR service based on command line argument
var edrService = args.FirstOrDefault(arg => arg.StartsWith("--edr="))?.Split('=')[1]?.ToLower() ?? "defender";
if (OperatingSystem.IsWindows()) {
switch (edrService) {
case "defender":
builder.Services.AddSingleton<IEdrService, DefenderEdrPlugin>();
break;
case "fibratus":
builder.Services.AddSingleton<IEdrService, FibratusEdrPlugin>();
break;
case "example":
builder.Services.AddSingleton<IEdrService, ExampleEdrPlugin>();
break;
default:
Console.WriteLine($"Unknown EDR service '{edrService}' specified. Use 'defender' or 'fibratus'");
return 1;
}
}
else {
switch (edrService) {
default:
builder.Services.AddSingleton<IEdrService, ExampleEdrPlugin>();
break;
}
}
var app = builder.Build();
// Configure custom logging to capture agent logs
var agentLogService = app.Services.GetRequiredService<AgentLogService>();
var loggerFactory = app.Services.GetRequiredService<ILoggerFactory>();
loggerFactory.AddProvider(new AgentLoggerProvider(agentLogService));
// Add initial startup log
agentLogService.AddLog("DetonatorAgent - Starting up");
agentLogService.AddLog($"EDR Plugin: {edrService}");
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment()) {
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseHttpsRedirection();
app.UseAuthorization();
app.MapControllers();
// Add lifetime events for logging
var lifetime = app.Services.GetRequiredService<IHostApplicationLifetime>();
lifetime.ApplicationStopping.Register(() =>
{
agentLogService.AddLog("DetonatorAgent - Shutting down");
});
try
{
agentLogService.AddLog("DetonatorAgent - Running");
await app.RunAsync();
agentLogService.AddLog("DetonatorAgent - Stopped normally");
return 0;
}
catch (Exception ex)
{
agentLogService.AddLog($"DetonatorAgent - FATAL ERROR: {ex.GetType().Name}: {ex.Message}");
agentLogService.AddLog($"Stack trace: {ex.StackTrace}");
Console.WriteLine($"Fatal error: {ex}");
return 1;
}