Panoptes/container__ipc_8hpp_source.html

#pragma once

#include <Windows.h>

#include <string>

#include <queue>

#include <mutex>

#include <condition_variable>

#include <thread>

#include "ExtensibilityCore.h"


class PeMessageQueue {

public:

    void enqueue(const PeScan& message);

    PeScan dequeue();

    PeMessageQueue();


    ~PeMessageQueue() {

        DeleteCriticalSection(&cs_);

    }


private:

    std::queue<PeScan> queue_;

    CRITICAL_SECTION cs_;

    CONDITION_VARIABLE cv_;

};


class MemoryMessageQueue {

public:

    std::condition_variable cv;


    void enqueue(const MemScan& message);

    MemScan dequeue();

private:

    std::queue<MemScan> queue_;

    std::mutex mutex_;

    std::condition_variable cv_;

};


class PanoptesServiceClient {

public:

    PanoptesServiceClient();

    bool Hello(ExtensibilityType extensibilityType, std::string port);

    bool SendResults_Yara(std::string PePath, std::string FileHash, DWORD ProcessId, std::string YaraRulesPath, INT MatchRules, std::vector<std::string> DetectedRules);

    bool SendResults_PE(std::string PePath, bool IsPeSigned, std::string PeSignerSubject, std::vector<std::string> PeImports);

    bool SendResults_AMSI(std::string PePath, DWORD AmsiResult);

};


VOID RunContainerServer(LPVOID ContainerPort);


extern MemoryMessageQueue* message_queue_mem_;

extern PeMessageQueue* message_queue_pe_;

ExtensibilityCore.h

ExtensibilityType
ExtensibilityType
The type of extensibility.
Definition ExtensibilityCore.h:10

MemoryMessageQueue
Definition container_ipc.hpp:24

MemoryMessageQueue::enqueue
void enqueue(const MemScan &message)
The enqueue function enqueues a MemScan message to the queue.
Definition ext_server.cpp:47

MemoryMessageQueue::cv
std::condition_variable cv
Definition container_ipc.hpp:26

MemoryMessageQueue::dequeue
MemScan dequeue()
The dequeue function dequeues a MemScan messages from the queue.
Definition ext_server.cpp:55

PanoptesServiceClient
Panoptes Service Client that is used to communicate with the Panoptes Service via.
Definition container_ipc.hpp:36

PanoptesServiceClient::SendResults_Yara
bool SendResults_Yara(std::string PePath, std::string FileHash, DWORD ProcessId, std::string YaraRulesPath, INT MatchRules, std::vector< std::string > DetectedRules)

PanoptesServiceClient::PanoptesServiceClient
PanoptesServiceClient()
The PanoptesServiceClient class is a class that implements the PanoptesServiceClient class.
Definition service_client.cpp:15

PanoptesServiceClient::SendResults_PE
bool SendResults_PE(std::string PePath, bool IsPeSigned, std::string PeSignerSubject, std::vector< std::string > PeImports)

PanoptesServiceClient::SendResults_AMSI
bool SendResults_AMSI(std::string PePath, DWORD AmsiResult)

PanoptesServiceClient::Hello
bool Hello(ExtensibilityType extensibilityType, std::string port)
The Hello function sends a Hello message to the Panoptes main service from the container.
Definition service_client.cpp:25

PeMessageQueue
Definition container_ipc.hpp:10

PeMessageQueue::~PeMessageQueue
~PeMessageQueue()
Definition container_ipc.hpp:15

PeMessageQueue::PeMessageQueue
PeMessageQueue()
The PeMessageQueue class is a thread-safe queue for PeScan messages.
Definition ext_server.cpp:13

PeMessageQueue::dequeue
PeScan dequeue()
The dequeue function dequeues a PeScan messages from the queue.
Definition ext_server.cpp:31

PeMessageQueue::enqueue
void enqueue(const PeScan &message)
The enqueue function is a function that enqueues a PeScan message to the queue.
Definition ext_server.cpp:21

RunContainerServer
VOID RunContainerServer(LPVOID ContainerPort)
The RunContainerServer function is a function that runs the container server.
Definition ext_server.cpp:105

message_queue_mem_
MemoryMessageQueue * message_queue_mem_
Definition container.cpp:16

message_queue_pe_
PeMessageQueue * message_queue_pe_
Definition container.cpp:15

DWORD
unsigned long DWORD
Definition inject.h:2

MemScan
The information about the memory to be scanned that passed between the container, extensibility and t...
Definition ExtensibilityCore.h:26

PeScan
The information about the file to be scanned that passed between the container, extensibility and the...
Definition ExtensibilityCore.h:19