Panoptes 1.0.0
Endpoint Detection and Response
Loading...
Searching...
No Matches
Classes | Functions
grpc.hpp File Reference
#include <Windows.h>
#include <string>

Go to the source code of this file.

Classes

class  PanoptesContainerClient
 

Functions

void SelfQueuePeScan (std::string pePath, std::string fileHash)
 
VOID RunServiceServer (LPVOID lpParam)
 

Function Documentation

◆ RunServiceServer()

VOID RunServiceServer ( LPVOID  lpParam)

Definition at line 371 of file grpc.cpp.

372{
373 serviceContext = reinterpret_cast<PanoptesContext*>(lpParam);
374 PanoptesImpl service;
375 grpc::ServerBuilder builder;
376 int selected_port = 0;
377 std::string server_url = "localhost:0";
378
379 //Setting the server address to localhost:0 will allow the OS to assign an available port
380 builder.AddListeningPort(server_url, grpc::InsecureServerCredentials(), &selected_port);
381 builder.RegisterService(&service);
382
383 std::unique_ptr<grpc::Server> server(builder.BuildAndStart());
384 if (server == nullptr) {
385 auto threadError = &serviceContext->threadError;
386 bool threadState = threadError->load();
387 threadError->store(true);
388 }
389
390 bool updatedReg = CreateRegistryEntryWithPort(selected_port);
391 if (!updatedReg) {
392 auto threadError = &serviceContext->threadError;
393 bool threadState = threadError->load();
394 threadError->store(true);
395 }
396
397 server->Wait();
398}
PanoptesImpl
The PanoptesImpl class is a class that implements the PanoptesExtensibility::Service interface from t...
Definition ext_server.cpp:66
serviceContext
PanoptesContext * serviceContext
Definition grpc.cpp:27
CreateRegistryEntryWithPort
bool CreateRegistryEntryWithPort(DWORD dwPort)
Definition grpc.cpp:127
PanoptesContext::threadError
std::atomic< bool > threadError
Definition panoptes_service.h:7

References CreateRegistryEntryWithPort(), serviceContext, and PanoptesContext::threadError.

Referenced by WinMain().

◆ SelfQueuePeScan()

void SelfQueuePeScan ( std::string  pePath,
std::string  fileHash 
)

Definition at line 224 of file grpc.cpp.

224 {
225 auto configuration = serviceContext->config;
226 if (isPathInExclusions(configuration->m_exclusions, pePath)) {
227 return;
228 }
229
230 DWORD containerPort = 0;
231 GetRegistryPortValue(containerPort);
232 std::string server_url = "localhost:" + std::to_string(containerPort);
233 std::shared_ptr<grpc::Channel> channel = grpc::CreateChannel(server_url, grpc::InsecureChannelCredentials());
234 selfStub_ = PanoptesService::NewStub(channel);
235
236 AckMessage reply;
237 ClientContext context;
238 PeScanInfo request;
239 request.set_file_hash(fileHash);
240 request.set_portable_executable_path(pePath);
241
242 Status status = selfStub_->QueuePeScan(&context, request, &reply);
243 if (!status.ok()) {
244 std::cout << status.error_code() << ": " << status.error_message() << std::endl;
245 }
246}
GetRegistryPortValue
bool GetRegistryPortValue(DWORD &portValue)
Definition grpc.cpp:48
selfStub_
std::unique_ptr< PanoptesService::Stub > selfStub_
Definition grpc.cpp:25
isPathInExclusions
bool isPathInExclusions(const std::vector< std::string > &exclusions, const std::string &fullPath)
Definition grpc.cpp:93
DWORD
unsigned long DWORD
Definition inject.h:2
PanoptesContext::config
Configuration * config
Definition panoptes_service.h:8

References PanoptesContext::config, GetRegistryPortValue(), isPathInExclusions(), selfStub_, and serviceContext.

Referenced by DisplayEventInfo().

Generated by doxygen 1.9.8