security log
This commit is contained in:
Daniel Balk
@@ -21,7 +21,10 @@ public class ResourcesController : Controller
|
|||||||
{
|
{
|
||||||
if (name.Contains(".."))
|
if (name.Contains(".."))
|
||||||
{
|
{
|
||||||
await SecurityLogService.Log(SecurityLogType.PathTransversal, name);
|
await SecurityLogService.Log(SecurityLogType.PathTransversal, x =>
|
||||||
|
{
|
||||||
|
x.Add<string>(name);
|
||||||
|
});
|
||||||
return NotFound();
|
return NotFound();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
using Moonlight.App.Database.Entities.LogsEntries;
|
using Moonlight.App.Database.Entities.LogsEntries;
|
||||||
|
using Moonlight.App.Models.Log;
|
||||||
using Moonlight.App.Models.Misc;
|
using Moonlight.App.Models.Misc;
|
||||||
using Moonlight.App.Repositories.LogEntries;
|
using Moonlight.App.Repositories.LogEntries;
|
||||||
using Moonlight.App.Services.Sessions;
|
using Moonlight.App.Services.Sessions;
|
||||||
@@ -17,16 +18,18 @@ public class SecurityLogService
|
|||||||
HttpContextAccessor = httpContextAccessor;
|
HttpContextAccessor = httpContextAccessor;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Task Log(SecurityLogType type, params object[] data)
|
public Task Log(SecurityLogType type, Action<SecurityLogParameters> data)
|
||||||
{
|
{
|
||||||
var ip = GetIp();
|
var ip = GetIp();
|
||||||
|
var al = new SecurityLogParameters();
|
||||||
|
data(al);
|
||||||
|
|
||||||
var entry = new SecurityLogEntry()
|
var entry = new SecurityLogEntry()
|
||||||
{
|
{
|
||||||
Ip = ip,
|
Ip = ip,
|
||||||
Type = type,
|
Type = type,
|
||||||
System = false,
|
System = false,
|
||||||
JsonData = data.Length == 0 ? "" : JsonConvert.SerializeObject(data)
|
JsonData = al.Build()
|
||||||
};
|
};
|
||||||
|
|
||||||
Repository.Add(entry);
|
Repository.Add(entry);
|
||||||
@@ -34,13 +37,16 @@ public class SecurityLogService
|
|||||||
return Task.CompletedTask;
|
return Task.CompletedTask;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Task LogSystem(SecurityLogType type, params object[] data)
|
public Task LogSystem(SecurityLogType type, Action<SecurityLogParameters> data)
|
||||||
{
|
{
|
||||||
|
var al = new SecurityLogParameters();
|
||||||
|
data(al);
|
||||||
|
|
||||||
var entry = new SecurityLogEntry()
|
var entry = new SecurityLogEntry()
|
||||||
{
|
{
|
||||||
Type = type,
|
Type = type,
|
||||||
System = true,
|
System = true,
|
||||||
JsonData = data.Length == 0 ? "" : JsonConvert.SerializeObject(data)
|
JsonData = al.Build()
|
||||||
};
|
};
|
||||||
|
|
||||||
Repository.Add(entry);
|
Repository.Add(entry);
|
||||||
@@ -60,4 +66,24 @@ public class SecurityLogService
|
|||||||
|
|
||||||
return HttpContextAccessor.HttpContext.Connection.RemoteIpAddress!.ToString();
|
return HttpContextAccessor.HttpContext.Connection.RemoteIpAddress!.ToString();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public class SecurityLogParameters
|
||||||
|
{
|
||||||
|
private List<LogData> Data = new List<LogData>();
|
||||||
|
|
||||||
|
public void Add<T>(object data)
|
||||||
|
{
|
||||||
|
Data.Add(new LogData()
|
||||||
|
{
|
||||||
|
Type = typeof(T),
|
||||||
|
Value = data.ToString()
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
internal string Build()
|
||||||
|
{
|
||||||
|
return JsonConvert.SerializeObject(Data);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@@ -76,7 +76,10 @@ public class OneTimeJwtService
|
|||||||
}
|
}
|
||||||
catch (SignatureVerificationException)
|
catch (SignatureVerificationException)
|
||||||
{
|
{
|
||||||
await SecurityLogService.LogSystem(SecurityLogType.ManipulatedJwt, token);
|
await SecurityLogService.LogSystem(SecurityLogType.ManipulatedJwt, x =>
|
||||||
|
{
|
||||||
|
x.Add<string>(token);
|
||||||
|
});
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
|
|||||||
@@ -364,7 +364,10 @@ public class ServerService
|
|||||||
|
|
||||||
if (server == null)
|
if (server == null)
|
||||||
{
|
{
|
||||||
await SecurityLogService.LogSystem(SecurityLogType.SftpBruteForce, serverId);
|
await SecurityLogService.LogSystem(SecurityLogType.SftpBruteForce, x =>
|
||||||
|
{
|
||||||
|
x.Add<int>(id);
|
||||||
|
});
|
||||||
throw new Exception("Server not found");
|
throw new Exception("Server not found");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -89,7 +89,10 @@ public class IdentityService
|
|||||||
}
|
}
|
||||||
catch (SignatureVerificationException)
|
catch (SignatureVerificationException)
|
||||||
{
|
{
|
||||||
await SecurityLogService.Log(SecurityLogType.ManipulatedJwt, token);
|
await SecurityLogService.Log(SecurityLogType.ManipulatedJwt, x =>
|
||||||
|
{
|
||||||
|
x.Add<string>(token);
|
||||||
|
});
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
|
|||||||
@@ -94,7 +94,11 @@ public class UserService
|
|||||||
|
|
||||||
if (user == null)
|
if (user == null)
|
||||||
{
|
{
|
||||||
await SecurityLogService.Log(SecurityLogType.LoginFail, new[] { email, password });
|
await SecurityLogService.Log(SecurityLogType.LoginFail, x =>
|
||||||
|
{
|
||||||
|
x.Add<User>(email);
|
||||||
|
x.Add<string>(password);
|
||||||
|
});
|
||||||
throw new DisplayException("Email and password combination not found");
|
throw new DisplayException("Email and password combination not found");
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -103,7 +107,11 @@ public class UserService
|
|||||||
return user.TotpEnabled;
|
return user.TotpEnabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
await SecurityLogService.Log(SecurityLogType.LoginFail, new[] { email, password });
|
await SecurityLogService.Log(SecurityLogType.LoginFail, x =>
|
||||||
|
{
|
||||||
|
x.Add<User>(email);
|
||||||
|
x.Add<string>(password);
|
||||||
|
});
|
||||||
throw new DisplayException("Email and password combination not found");;
|
throw new DisplayException("Email and password combination not found");;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -136,7 +144,11 @@ public class UserService
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
await SecurityLogService.Log(SecurityLogType.LoginFail, new[] { email, password });
|
await SecurityLogService.Log(SecurityLogType.LoginFail, x =>
|
||||||
|
{
|
||||||
|
x.Add<User>(email);
|
||||||
|
x.Add<string>(password);
|
||||||
|
});
|
||||||
throw new DisplayException("2FA code invalid");
|
throw new DisplayException("2FA code invalid");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -185,7 +197,10 @@ public class UserService
|
|||||||
|
|
||||||
if (user == null)
|
if (user == null)
|
||||||
{
|
{
|
||||||
await SecurityLogService.LogSystem(SecurityLogType.SftpBruteForce, id);
|
await SecurityLogService.LogSystem(SecurityLogType.SftpBruteForce, x =>
|
||||||
|
{
|
||||||
|
x.Add<int>(id);
|
||||||
|
});
|
||||||
throw new Exception("Invalid username");
|
throw new Exception("Invalid username");
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -198,7 +213,11 @@ public class UserService
|
|||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
||||||
await SecurityLogService.LogSystem(SecurityLogType.SftpBruteForce, new[] { id.ToString(), password });
|
await SecurityLogService.LogSystem(SecurityLogType.SftpBruteForce, x =>
|
||||||
|
{
|
||||||
|
x.Add<int>(id);
|
||||||
|
x.Add<string>(password);
|
||||||
|
});
|
||||||
throw new Exception("Invalid userid or password");
|
throw new Exception("Invalid userid or password");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user