노현종

0411 md5

...@@ -3,6 +3,7 @@ using System; ...@@ -3,6 +3,7 @@ using System;
3 using System.Collections.Generic; 3 using System.Collections.Generic;
4 using System.IO; 4 using System.IO;
5 using System.Linq; 5 using System.Linq;
6 +using System.Security.Cryptography;
6 using System.Text; 7 using System.Text;
7 using System.Text.RegularExpressions; 8 using System.Text.RegularExpressions;
8 using System.Threading.Tasks; 9 using System.Threading.Tasks;
...@@ -12,20 +13,10 @@ namespace VulnCrawler ...@@ -12,20 +13,10 @@ namespace VulnCrawler
12 class Program 13 class Program
13 { 14 {
14 static void Main(string[] args) { 15 static void Main(string[] args) {
15 - //if (Directory.Exists(@"c:\test")) {
16 - // DeleteDirectory(@"c:\test");
17 16
18 - //}
19 17
20 - //var co = new CloneOptions {
21 - // OnCheckoutProgress = CheckoutProcess,
22 - // OnTransferProgress = TransferProgress,
23 18
24 - // CredentialsProvider = (_url, _user, _cred) => new UsernamePasswordCredentials { Username = "yhackerbv@gmail.com", Password = "@@GUSwjdaf12@@" }
25 19
26 - //};
27 -
28 - //Repository.Clone("https://github.com/torvalds/linux.git", @"\test\", co);
29 using (var r = new Repository(@"c:\test2")) { 20 using (var r = new Repository(@"c:\test2")) {
30 var commits = r.Commits 21 var commits = r.Commits
31 .Where(c => Regex.Match(c.Message, @"CVE-20\d\d-\d{4}", RegexOptions.IgnoreCase).Success) 22 .Where(c => Regex.Match(c.Message, @"CVE-20\d\d-\d{4}", RegexOptions.IgnoreCase).Success)
...@@ -93,25 +84,49 @@ namespace VulnCrawler ...@@ -93,25 +84,49 @@ namespace VulnCrawler
93 StringBuilder oldBuilder = new StringBuilder(); 84 StringBuilder oldBuilder = new StringBuilder();
94 using (var reader = new StreamReader(oldBlob.GetContentStream())) { 85 using (var reader = new StreamReader(oldBlob.GetContentStream())) {
95 int readCount = 0; 86 int readCount = 0;
87 + int defSpace = 0;
96 while (!reader.EndOfStream && readCount <= oldStart + oldLines) { 88 while (!reader.EndOfStream && readCount <= oldStart + oldLines) {
97 - string line = reader.ReadLine();
98 89
99 - if (readCount++ >= oldStart) { 90 + string line = reader.ReadLine();
100 - oldBuilder.AppendLine(line); 91 + if (defSpace > 0) {
92 + if (line.Length < defSpace) {
93 + continue;
101 } 94 }
95 + string concat = line.Substring(0, defSpace);
96 + if (string.IsNullOrWhiteSpace(concat)) {
97 + string trim = line.Trim();
98 + if (trim.StartsWith("#")) {
99 + continue;
102 } 100 }
103 101
102 + oldBuilder.Append(line);
103 + }
104 + else {
105 + continue;
106 + }
107 + }
108 + if (Regex.Match(line, $@"def {methodName}\(.*\)").Success) {
109 + defSpace = line.IndexOf(methodName);
110 + oldBuilder.Append(line);
111 + }
104 112
105 - /* 113 + }
106 - * CVE 탐지된 코드 순환 -> def로 시작하는 파이썬 함수만 걸러내야함
107 - * 문제는 파이썬은 c와 달리 {}가 없어서 상당히 귀찮음
108 - */
109 114
110 } 115 }
111 116
112 - string replace = Regex.Replace(oldBuilder.ToString(), " ", ""); 117 + StringBuilder sb = new StringBuilder();
118 + sb.Append("\"\"\"");
119 + sb.Append(@".*");
120 + sb.Append("\"\"\"");
121 + if (Regex.Match(oldBuilder.ToString(), sb.ToString()).Success) {
122 + string replace = Regex.Replace(oldBuilder.ToString(), sb.ToString(), "");
123 + replace = Regex.Replace(replace, " ", "");
113 Console.WriteLine($"Builder: \n{replace}"); 124 Console.WriteLine($"Builder: \n{replace}");
114 125
126 + string md5 = MD5HashFunc(replace);
127 + Console.WriteLine($"MD5: {md5}");
128 + }
129 +
115 } 130 }
116 Console.WriteLine("-----------"); 131 Console.WriteLine("-----------");
117 Console.ResetColor(); 132 Console.ResetColor();
...@@ -125,6 +140,20 @@ namespace VulnCrawler ...@@ -125,6 +140,20 @@ namespace VulnCrawler
125 } 140 }
126 } 141 }
127 } 142 }
143 +
144 + public static string MD5HashFunc(string str) {
145 + StringBuilder MD5Str = new StringBuilder();
146 + byte[] byteArr = Encoding.ASCII.GetBytes(str);
147 + byte[] resultArr = (new MD5CryptoServiceProvider()).ComputeHash(byteArr);
148 +
149 + //for (int cnti = 1; cnti < resultArr.Length; cnti++) (2010.06.27)
150 + for (int cnti = 0; cnti < resultArr.Length; cnti++) {
151 + MD5Str.Append(resultArr[cnti].ToString("X2"));
152 + }
153 + return MD5Str.ToString();
154 + }
155 +
156 +
128 public static void DeleteDirectory(string targetDir) { 157 public static void DeleteDirectory(string targetDir) {
129 File.SetAttributes(targetDir, FileAttributes.Normal); 158 File.SetAttributes(targetDir, FileAttributes.Normal);
130 159
......