Toggle navigation
Toggle navigation
This project
Loading...
Sign in
노현종
/
2018-1-Capstone1-VulnNotti
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Pipelines
Graphs
Issues
0
Merge Requests
0
Snippets
Network
Create a new issue
Builds
Commits
Issue Boards
Authored by
이지윤
2018-06-10 02:31:13 +0900
Browse Files
Options
Browse Files
Download
Plain Diff
Commit
0e3e7355419a16c893eb785e1673e680087508d8
0e3e7355
2 parents
17a22d4c
bcdb9649
Merge branch 'master' of
https://github.com/yhackerbv/VulnNottiProject
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
216 additions
and
121 deletions
Vulnerablity_DB/VulnCrawler/Program.cs
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
Vulnerablity_DB/VulnCrawler/VulnC.cs
Vulnerablity_DB/VulnCrawler/VulnRDS.cs
Vulnerablity_DB/VulnUserCodeAnalyzer/Program.cs
Vulnerablity_DB/VulnCrawler/Program.cs
View file @
0e3e735
...
...
@@ -65,10 +65,6 @@ namespace VulnCrawler
/* 메인 동작 함수 */
public
static
void
Run
()
{
// Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록)
Regex
.
CacheSize
=
50
;
...
...
@@ -88,35 +84,6 @@ namespace VulnCrawler
{
continue
;
}
//var crawler = new VulnC();
//crawler.Init(directory);
//Tree commitTree1 = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd").Tree;
////Tree parentTree1 = crawler.Repository.Lookup<Commit>("344ba37bdc299660e1b1693b6999e5fe116893e1").Tree;
//Commit commit = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd");
//foreach (var parent in commit.Parents)
//{
// Console.WriteLine($"Parent ID:{parent.Sha}");
// Tree commitTree = commit.Tree;
// Tree parentTree = parent.Tree;
// var patch = crawler.Repository.Diff.Compare<Patch>(commitTree, parentTree.);
// foreach (var item in patch.Where(p => p.OldPath.EndsWith(".c")))
// {
// Console.WriteLine(item.Status);
// Console.WriteLine(item.Path);
// Console.WriteLine(item.Patch);
// }
// Console.ReadLine();
//}
////Console.WriteLine(patch.Content);
//Console.ReadLine();
// 템플릿 패턴화 T : VulnAbstractCrawler
VulnWorker
.
Run
<
VulnC
>(
directory
);
}
...
...
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
View file @
0e3e735
...
...
@@ -31,7 +31,7 @@ namespace VulnCrawler
public
string
FuncName
{
get
;
set
;
}
public
string
Hash
{
get
;
set
;
}
public
string
Path
{
get
;
set
;
}
public
string
Url
{
get
;
set
;
}
public
override
bool
Equals
(
object
obj
)
{
var
block
=
obj
as
UserBlock
;
...
...
@@ -131,7 +131,7 @@ namespace VulnCrawler
/// <summary>
/// 커밋에서 검색할 정규식 문자열
/// </summary>
public
string
SearchCommitPattern
=>
@"CVE[ -](
\d{4}
)[ -](\d{4,})"
;
public
string
SearchCommitPattern
=>
@"CVE[ -](
201[5-8]
)[ -](\d{4,})"
;
/// <summary>
/// 패치 코드에서 함수 찾을 정규식 패턴 문자열
/// </summary>
...
...
Vulnerablity_DB/VulnCrawler/VulnC.cs
View file @
0e3e735
...
...
@@ -891,15 +891,10 @@ namespace VulnCrawler
var
regex2
=
new
Regex
(
stringPattern
,
RegexOptions
.
Compiled
);
var
regex3
=
new
Regex
(
commentPattern2
,
RegexOptions
.
Compiled
);
var
regex4
=
new
Regex
(
commentPattern
,
RegexOptions
.
Compiled
);
bool
found3
=
false
;
bool
com
=
false
;
while
(!
reader
.
EndOfStream
)
{
string
line
=
reader
.
ReadLine
();
string
trim
=
line
.
Trim
();
if
(
commentLine
)
...
...
@@ -915,7 +910,6 @@ namespace VulnCrawler
continue
;
}
}
// /* ~ 패턴
if
(
regex3
.
IsMatch
(
trim
))
{
...
...
@@ -941,20 +935,18 @@ namespace VulnCrawler
if
(
found3
)
{
string
obStr
=
oldBuilder
.
ToString
();
Console
.
WriteLine
(
obStr
);
//Console.WriteLine(obStr);
obStr
=
Abstract
(
obStr
,
new
Dictionary
<
string
,
string
>(),
new
Dictionary
<
string
,
string
>());
byte
[]
obStrBytes
=
Encoding
.
Unicode
.
GetBytes
(
obStr
);
string
absObStrBase64
=
Convert
.
ToBase64String
(
obStrBytes
);
Console
.
WriteLine
(
obStr
);
// Console.WriteLine(obStr);
//Console.WriteLine("HASH: " + MD5HashFunc(obStr));
//Console.WriteLine(absObStrBase64);
if
(!
dict
.
ContainsKey
(
absObStrBase64
.
Length
))
{
dict
[
absObStrBase64
.
Length
]
=
new
HashSet
<
UserBlock
>();
}
string
funcName
=
new
string
(
oldBuilder
.
ToString
().
TakeWhile
(
c
=>
c
!=
'{'
).
ToArray
());
(
dict
[
absObStrBase64
.
Length
]
as
HashSet
<
UserBlock
>).
Add
(
new
UserBlock
{
Hash
=
MD5HashFunc
(
absObStrBase64
),
...
...
@@ -1090,11 +1082,11 @@ namespace VulnCrawler
if
(
found3
)
{
string
obStr
=
oldBuilder
.
ToString
();
Console
.
WriteLine
(
obStr
);
//
Console.WriteLine(obStr);
obStr
=
Abstract
(
obStr
,
new
Dictionary
<
string
,
string
>(),
new
Dictionary
<
string
,
string
>());
byte
[]
obStrBytes
=
Encoding
.
Unicode
.
GetBytes
(
obStr
);
string
absObStrBase64
=
Convert
.
ToBase64String
(
obStrBytes
);
Console
.
WriteLine
(
obStr
);
//
Console.WriteLine(obStr);
if
(!
dict
.
ContainsKey
(
absObStrBase64
.
Length
))
{
dict
[
absObStrBase64
.
Length
]
=
new
HashSet
<
UserBlock
>();
...
...
Vulnerablity_DB/VulnCrawler/VulnRDS.cs
View file @
0e3e735
...
...
@@ -67,6 +67,7 @@ namespace VulnCrawler
public
string
FileName
{
get
;
set
;
}
=
"NULL"
;
/* FileName */
public
string
FuncName
{
get
;
set
;
}
=
"NULL"
;
/* funcName */
public
string
Url
{
get
;
set
;
}
=
"NULL"
;
/* Url */
public
string
Product
{
get
;
set
;
}
}
//connect
...
...
@@ -242,7 +243,7 @@ namespace VulnCrawler
{
Connection
=
Conn
,
//db에 추가
CommandText
=
"INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url
) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url
)"
CommandText
=
"INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url
, product) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url,@product
)"
};
cmd
.
Parameters
.
AddWithValue
(
"@type"
,
$
"{vuln.Type}"
);
cmd
.
Parameters
.
AddWithValue
(
"@year"
,
$
"{vuln.Year}"
);
...
...
@@ -255,16 +256,16 @@ namespace VulnCrawler
cmd
.
Parameters
.
AddWithValue
(
"@fileName"
,
$
"{vuln.FileName}"
);
cmd
.
Parameters
.
AddWithValue
(
"@funcName"
,
$
"{vuln.FuncName}"
);
cmd
.
Parameters
.
AddWithValue
(
"@url"
,
$
"{vuln.Url}"
);
cmd
.
Parameters
.
AddWithValue
(
"@product"
,
$
"{vuln.Product}"
);
cmd
.
ExecuteNonQuery
();
//콘솔출력용
sql
=
"INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) "
+
$
"VALUES({vuln.Type}, {vuln.Year}, {vuln.Level}, {vuln.UserName}, {vuln.CveName},{vuln.Publish_date}, {vuln.Update_date}, {vuln.CveDetail}, {vuln.FileName}, {vuln.FuncName}, {vuln.Url})"
;
Console
.
WriteLine
(
sql
);
//
Console.WriteLine(sql);
}
catch
(
Exception
e
)
{
Console
.
WriteLine
(
e
.
ToString
());
//
Console.WriteLine(e.ToString());
string
es
=
e
.
ToString
();
if
(
es
.
Contains
(
"Connection must be valid and open"
))
{
...
...
Vulnerablity_DB/VulnUserCodeAnalyzer/Program.cs
View file @
0e3e735
...
...
@@ -15,26 +15,109 @@ using Newtonsoft.Json.Linq;
namespace
VulnUserCodeAnalyzer
{
public
class
CVE
{
public
string
Type
{
get
;
set
;
}
public
int
Year
{
get
;
set
;
}
//public string UserName { get; set; }
public
string
Code
{
get
;
set
;
}
public
DateTime
Publish_Date
{
get
;
set
;
}
public
DateTime
Update_Date
{
get
;
set
;
}
public
string
Detail
{
get
;
set
;
}
//public string FileName { get; set; }
//public string FuncNameBase64 { get; set; }
//public string Url { get; set; }
public
double
Level
{
get
;
set
;
}
}
public
static
class
CVE_JSON
{
/// <summary>
/// CVE 테이블
/// </summary>
public
static
Dictionary
<
int
,
Dictionary
<
string
,
CVE
>>
CveDict
{
get
;
set
;
}
static
CVE_JSON
()
{
CveDict
=
new
Dictionary
<
int
,
Dictionary
<
string
,
CVE
>>();
}
public
static
void
AutoLoad
()
{
var
dir
=
new
DirectoryInfo
(
@"c:\CVE"
);
foreach
(
var
json
in
dir
.
EnumerateFiles
(
"*.json"
))
{
var
match
=
Regex
.
Match
(
json
.
Name
,
@"(20\d\d)"
);
if
(!
match
.
Success
)
{
continue
;
}
int
year
=
int
.
Parse
(
match
.
Value
);
if
(
CveDict
.
ContainsKey
(
year
))
{
continue
;
}
var
dict
=
LoadCveJson
(
int
.
Parse
(
match
.
Value
));
CveDict
.
Add
(
year
,
dict
);
Console
.
WriteLine
(
$
"cve 로드 완료 {year}, 개수 : {CveDict[year].Count}"
);
}
}
/// <summary>
/// CVE 정보 수집
/// </summary>
/// <param name="year"></param>
/// <returns></returns>
private
static
Dictionary
<
string
,
CVE
>
LoadCveJson
(
int
year
)
{
string
json
=
File
.
ReadAllText
(
$
@"C:\CVE\{year}.json"
);
JObject
jobj
=
JObject
.
Parse
(
json
);
var
cveDict
=
jobj
[
"CVE_Items"
].
ToDictionary
(
t
=>
t
[
"cve"
][
"CVE_data_meta"
][
"ID"
].
ToString
(),
t
=>
{
var
vendor_data
=
t
[
"cve"
][
"affects"
][
"vendor"
][
"vendor_data"
]
as
JArray
;
string
vendor_name
=
"NULL"
;
if
(
vendor_data
.
Count
>
0
)
{
vendor_name
=
vendor_data
.
First
()[
"vendor_name"
].
ToString
();
}
var
description_data
=
t
[
"cve"
][
"description"
][
"description_data"
]
as
JArray
;
string
description
=
"NULL"
;
if
(
description_data
.
Count
>
0
)
{
description
=
description_data
.
First
()[
"value"
].
ToString
();
}
double
level
=
0
;
var
impact
=
t
[
"impact"
];
if
(
impact
.
HasValues
)
{
level
=
Double
.
Parse
(
impact
[
"baseMetricV2"
][
"cvssV2"
][
"baseScore"
].
ToString
());
}
return
new
CVE
{
Code
=
t
[
"cve"
][
"CVE_data_meta"
][
"ID"
].
ToString
(),
Type
=
vendor_name
,
Detail
=
description
,
Year
=
year
,
Publish_Date
=
DateTime
.
Parse
(
t
[
"publishedDate"
].
ToString
()),
Update_Date
=
DateTime
.
Parse
(
t
[
"lastModifiedDate"
].
ToString
()),
Level
=
level
,
};
});
return
cveDict
;
}
}
class
Program
{
static
void
Main
(
string
[]
args
)
{
//string json = File.ReadAllText(@"C:\Users\haena\Downloads\cvelist-master\2018\5xxx\CVE-2018-5004.json");
//JObject jobj = JObject.Parse(json);
//Console.WriteLine(jobj["CVE_data_meta"].ToString());
/* 연도별 CVE JSON 파일 로드 */
CVE_JSON
.
AutoLoad
();
/* 크롤러 타입 */
var
crawler
=
new
VulnC
();
//var bytes = Convert.FromBase64String("cwB0AGEAdABpAGMAIABpAG4AdAAgAGMAaABhAGMAaABhADIAMABfAHAAbwBsAHkAMQAzADAANQBfAGMAaQBwAGgAZQByACgARQBWAFAAXwBDAEkAUABIAEUAUgBfAEMAVABYACAAKgBjAHQAeAAsACAAdQBuAHMAaQBnAG4AZQBkACAAYwBoAGEAcgAgACoAbwB1AHQALAANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAYwBvAG4AcwB0ACAAdQBuAHMAaQBnAG4AZQBkACAAYwBoAGEAcgAgACoAaQBuACwAIABzAGkAegBlAF8AdAAgAGwAZQBuACkADQAKAHsADQAKACAAIAAgACAARQBWAFAAXwBDAEgAQQBDAEgAQQBfAEEARQBBAEQAXwBDAFQAWAAgACoAYQBjAHQAeAAgAD0AIABhAGUAYQBkAF8AZABhAHQAYQAoAGMAdAB4ACkAOwANAAoAIAAgACAAIABzAGkAegBlAF8AdAAgAHIAZQBtACwAIABwAGwAZQBuACAAPQAgAGEAYwB0AHgALQA+AHQAbABzAF8AcABhAHkAbABvAGEAZABfAGwAZQBuAGcAdABoADsADQAKACAAIAAgACAAcwB0AGEAdABpAGMAIABjAG8AbgBzAHQAIAB1AG4AcwBpAGcAbgBlAGQAIABjAGgAYQByACAAegBlAHIAbwBbAFAATwBMAFkAMQAzADAANQBfAEIATABPAEMASwBfAFMASQBaAEUAXQAgAD0AIAB7ACAAMAAgAH0AOwANAAoAIAAgACAAIABpAGYAIAAoACEAYQBjAHQAeAAtAD4AbQBhAGMAXwBpAG4AaQB0AGUAZAApACAAewANAAoAIAAgACAAIAAgACAAIAAgAGEAYwB0AHgALQA+AGsAZQB5AC4AYwBvAHUAbgB0AGUAcgBbADAAXQAgAD0AIAAwADsADQAKACAAIAAgACAAIAAgACAAIABtAGUAbQBzAGUAdAAoAGEAYwB0AHgALQA+AGsAZQB5AC4AYgB1AGYALAAgADAALAAgAHMAaQB6AGUAbwBmACgAYQBjAHQAeAAtAD4AawBlAHkALgBiAHUAZgApACkAOwANAAoAIAAgACAAIAAgACAAIAAgAEMAaABhAEMAaABhADIAMABfAGMAdAByADMAMgAoAGEAYwB0AHgALQA+AGsAZQB5AC4AYgB1AGYALAAgAGEAYwB0AHgALQA+AGsAZQB5AC4AYgB1AGYALAAgAEMASABBAEMASABBAF8AQgBMAEsAXwBTAEkAWgBFACwADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABhAGMAdAB4AC0APgBrAGUAeQAuAGsAZQB5AC4AZAAsACAAYQBjAHQAeAAtAD4AawBlAHkALgBjAG8AdQBuAHQAZQByACkAOwANAAoAIAAgACAAIAAgACAAIAAgAFAAbwBsAHkAMQAzADAANQBfAEkAbgBpAHQAKABQAE8ATABZADEAMwAwADUAXwBjAHQAeAAoAGEAYwB0AHgAKQAsACAAYQBjAHQAeAAtAD4AawBlAHkALgBiAHUAZgApADsADQAKACAAIAAgACAAIAAgACAAIABhAGMAdAB4AC0APgBrAGUAeQAuAGMAbwB1AG4AdABlAHIAWwAwAF0AIAA9ACAAMQA7AA0ACgAgACAAIAAgACAAIAAgACAAYQBjAHQAeAAtAD4AawBlAHkALgBwAGEAcgB0AGkAYQBsAF8AbABlAG4AIAA9ACAAMAA7AA0ACgAgACAAIAAgACAAIAAgACAAYQBjAHQAeAAtAD4AbABlAG4ALgBhAGEAZAAgAD0AIABhAGMAdAB4AC0APgBsAGUAbgAuAHQAZQB4AHQAIAA9ACAAMAA7AA0ACgAgACAAIAAgACAAIAAgACAAYQBjAHQAeAAtAD4AbQBhAGMAXwBpAG4AaQB0AGUAZAAgAD0AIAAxADsADQAKACAAIAAgACAAfQANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUABvAGwAeQAxADMAMAA1AF8AVQBwAGQAYQB0AGUAKABQAE8ATABZADEAMwAwADUAXwBjAHQAeAAoAGEAYwB0AHgAKQAsACAAaQBuACwAIABsAGUAbgApADsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGEAYwB0AHgALQA+AGwAZQBuAC4AYQBhAGQAIAArAD0AIABsAGUAbgA7AA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABhAGMAdAB4AC0APgBhAGEAZAAgAD0AIAAxADsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAHIAZQB0AHUAcgBuACAAbABlAG4AOwANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABpAGYAIAAoACgAcgBlAG0AIAA9ACAAKABzAGkAegBlAF8AdAApAGEAYwB0AHgALQA+AGwAZQBuAC4AYQBhAGQAIAAlACAAUABPAEwAWQAxADMAMAA1AF8AQgBMAE8AQwBLAF8AUwBJAFoARQApACkADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABQAG8AbAB5ADEAMwAwADUAXwBVAHAAZABhAHQAZQAoAFAATwBMAFkAMQAzADAANQBfAGMAdAB4ACgAYQBjAHQAeAApACwAIAB6AGUAcgBvACwADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAFAATwBMAFkAMQAzADAANQBfAEIATABPAEMASwBfAFMASQBaAEUAIAAtACAAcgBlAG0AKQA7AA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGEAYwB0AHgALQA+AGEAYQBkACAAPQAgADAAOwANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAfQANAAoA");
//var str = Encoding.Unicode.GetString(bytes);
//Console.WriteLine(str);
//var abs = crawler.Abstract(str, new Dictionary<string, string>(), new Dictionary<string, string>());
//Console.WriteLine(abs);
//Console.WriteLine(VulnAbstractCrawler.MD5HashFunc(abs));
//Console.ReadLine();
// default usage
/* 매칭을 위한 자료구조 Bloom Filter */
int
capacity
=
50000000
;
var
filter
=
new
Filter
<
string
>(
capacity
);
...
...
@@ -42,10 +125,8 @@ namespace VulnUserCodeAnalyzer
string
txt
=
File
.
ReadAllText
(
@"Account.xml"
);
// string xml = aes.AESDecrypt128(txt, key);
string
xml
=
txt
;
AWS
.
LoadAccount
(
xml
);
AWS
.
Account
account
=
AWS
.
account
;
/* AWS 정보 출력 */
Console
.
WriteLine
(
$
"Endpoint: {account.Endpoint}, ID: {account.Id}, PW: {account.Pw}"
);
try
...
...
@@ -58,64 +139,62 @@ namespace VulnUserCodeAnalyzer
Console
.
WriteLine
(
$
"접속 에러 :: {e.ToString()}"
);
return
;
}
/* AWS 연결 여부 확인 */
if
(
VulnRDS
.
Conn
.
State
==
System
.
Data
.
ConnectionState
.
Open
)
{
Console
.
WriteLine
(
"접속 성공"
);
}
else
{
Console
.
WriteLine
(
"연결 실패"
);
return
;
}
/* hashDict = 사용된 사용자 함수 정보 */
var
hashDict
=
new
Dictionary
<
int
,
HashSet
<
VulnAbstractCrawler
.
UserBlock
>>();
/* 경과 시간 체크 */
Stopwatch
stopwatch
=
new
Stopwatch
();
stopwatch
.
Start
();
DirectoryInfo
dirInfo
=
new
DirectoryInfo
(
@"C:\code"
);
/* 모든 .c 파일 탐색 */
var
codeFiles
=
dirInfo
.
EnumerateFiles
(
"*.c"
,
SearchOption
.
AllDirectories
);
int
totalFileCount
=
codeFiles
.
Count
();
int
count
=
0
;
foreach
(
var
codeFile
in
codeFiles
)
{
// Process.Start(codeFile.FullName);
Console
.
WriteLine
(
codeFile
.
FullName
);
using
(
var
reader
=
codeFile
.
OpenText
())
{
/* 사용자 코드를 함수별로 나눔 */
var
dict
=
crawler
.
CrawlUserCode
(
reader
);
foreach
(
var
item
in
dict
)
{
/* hashDict의 키와 item.key는 함수 블록의 코드 길이 */
if
(!
hashDict
.
ContainsKey
(
item
.
Key
))
{
hashDict
[
item
.
Key
]
=
new
HashSet
<
VulnAbstractCrawler
.
UserBlock
>();
}
/* item.Value는 각 코드 길이 마다의 블록 정보
* Bloom Filter에 코드 블록 해쉬값 기록
*/
foreach
(
var
hash
in
item
.
Value
)
{
hash
.
Path
=
codeFile
.
FullName
;
hashDict
[
item
.
Key
].
Add
(
hash
);
filter
.
Add
(
hash
.
Hash
);
}
}
count
++;
double
per
=
((
double
)
count
/
(
double
)
totalFileCount
)
*
100
;
//Console.Clear();
Console
.
WriteLine
(
$
"{count} / {totalFileCount} :: {per.ToString("
#
0.0
")}%, 개체 수 : {hashDict.Count}"
);
//if (count > 100)
//{
// break;
//}
}
}
// Console.ReadLine();
var
findBlocks
=
new
Queue
<
VulnAbstractCrawler
.
UserBlock
>();
var
vulnDict
=
new
Dictionary
<
string
,
IEnumerable
<
VulnRDS
.
_Vuln
>>();
foreach
(
var
set
in
hashDict
)
{
/* 사용자 코드의 길이 마다 DB로 부터 같은 길이의 CVE 레코드 목록 가져옴 */
var
cveList
=
VulnRDS
.
SelectVulnbyLen
(
set
.
Key
).
Select
(
v
=>
v
.
Cve
).
Distinct
();
foreach
(
var
cve
in
cveList
)
{
...
...
@@ -123,6 +202,10 @@ namespace VulnUserCodeAnalyzer
{
vulnDict
[
cve
]
=
new
HashSet
<
VulnRDS
.
_Vuln
>();
var
vulnHashSet
=
vulnDict
[
cve
]
as
HashSet
<
VulnRDS
.
_Vuln
>;
/* 같은 길이의 CVE에서 또 같은 종류의 CVE 레코드 목록 가져옴
* 같은 종류의 CVE 레코드들이 사용자 코드에서 모두 포함되어야
* CVE를 가지고 있다고 인정하는 프로그램 정책 때문
*/
var
searchedCveHashList
=
VulnRDS
.
SelectVulnbyCve
(
cve
);
Console
.
WriteLine
(
$
"cve:{cve}, {searchedCveHashList.Count()}개 가져옴"
);
foreach
(
var
s
in
searchedCveHashList
)
...
...
@@ -133,86 +216,138 @@ namespace VulnUserCodeAnalyzer
}
}
}
var
findCveDict
=
new
Dictionary
<
string
,
List
<
VulnAbstractCrawler
.
UserBlock
>>();
var
findCveList
=
new
HashSet
<
string
>();
/* 본격적인 취약점 매칭 부분 */
foreach
(
var
vulnSet
in
vulnDict
)
{
Console
.
WriteLine
(
$
"-----cve:{vulnSet.Key}"
);
//
Console.WriteLine($"-----cve:{vulnSet.Key}");
bool
match
=
false
;
foreach
(
var
vuln
in
vulnSet
.
Value
)
{
/* 사용자 코드 해쉬 저장해논 bloom filter에 취약점 레코드 해쉬값들이 포함되는지 확인
* 포함이 된다는 건 해당 취약점 레코드가 사용자 코드에도 있다는 뜻(취약점)
* 같은 종류의 CVE 레코드가 전부 필터에 포함된다면 취약점으로 판단한다.
*/
if
(
filter
.
Contains
(
vuln
.
BlockHash
))
{
Console
.
WriteLine
(
$
"필터 확인 : {vuln.BlockHash}"
);
if
(
hashDict
.
ContainsKey
(
vuln
.
LenFunc
))
{
/* Bloom Filter는 아쉽게도 포함 여부만 알 수 있기에
* 포함되었음을 알았다면 검색해서 정보를 구한다. */
var
userBlock
=
hashDict
[
vuln
.
LenFunc
].
FirstOrDefault
(
b
=>
b
.
Hash
==
vuln
.
BlockHash
);
if
(
userBlock
==
null
)
{
Console
.
WriteLine
(
"userBlock이 비어있습니다."
);
continue
;
}
Console
.
WriteLine
(
$
"CVE:{vuln.Cve}, {userBlock.FuncName}, 블록 확인 : DB : {vuln.BlockHash}, User : {userBlock.Hash}"
);
/* 해당 유저 블록을 임시 저장한다.
* 밑에서 블록 정보를 DB로 전송하기 위해서다.
*/
if
(!
findCveDict
.
ContainsKey
(
vuln
.
Cve
))
{
findCveDict
[
vuln
.
Cve
]
=
new
List
<
VulnAbstractCrawler
.
UserBlock
>();
}
userBlock
.
Url
=
vuln
.
Url
;
findCveDict
[
vuln
.
Cve
].
Add
(
userBlock
);
match
=
true
;
findBlocks
.
Enqueue
(
userBlock
);
}
}
else
{
match
=
false
;
//
break;
break
;
}
}
/* 취약점 레코드가 전부 있어야 CVE 찾음 인정 */
if
(
match
)
{
Console
.
WriteLine
(
$
"CVE 찾음 {vulnSet.Key}"
);
/* 찾았으면 cve값을 기록함 밑에서 찾은 cve 정보 전송하기 위해 */
findCveList
.
Add
(
vulnSet
.
Key
);
}
else
{
Console
.
WriteLine
(
"없음"
);
}
}
stopwatch
.
Stop
();
/* 매칭 끝 후처리 (출력, DB 전송 등) */
var
hours
=
stopwatch
.
Elapsed
.
Hours
;
var
minutes
=
stopwatch
.
Elapsed
.
Minutes
;
var
seconds
=
stopwatch
.
Elapsed
.
Seconds
;
Console
.
WriteLine
(
$
"경과 시간 {hours.ToString("
00
")}:{minutes.ToString("
00
")}:{seconds.ToString("
00
")}"
);
// CVE JSON 검색
foreach
(
var
vuln
in
findBlocks
)
Console
.
WriteLine
(
$
"찾은 CVE 개수 : {findCveList.Count}"
);
var
yearMatch
=
new
Regex
(
@"CVE-(\d{4})-(\d+)"
);
foreach
(
var
cve
in
findCveList
)
{
Console
.
WriteLine
(
cve
);
var
c
=
yearMatch
.
Match
(
cve
);
int
year
=
int
.
Parse
(
c
.
Groups
[
1
].
Value
);
if
(!
CVE_JSON
.
CveDict
.
ContainsKey
(
year
))
{
continue
;
}
if
(!
CVE_JSON
.
CveDict
[
year
].
ContainsKey
(
cve
))
{
continue
;
}
var
data
=
CVE_JSON
.
CveDict
[
year
][
cve
];
// 블룸 필터 테스트
//while(true)
//{
// string key = Console.ReadLine();
// if (key == "-1")
// {
// break;
// }
// if (filter.Contains(key))
// {
// Console.WriteLine("포함");
// }
// else
// {
// Console.WriteLine("없음");
// }
//}
/* 취약점 타입 분류 */
string
type
=
"NORMAL"
;
if
(
data
.
Detail
.
IndexOf
(
"overflow"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"OVERFLOW"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"xss"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"XSS"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"injection"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"SQLINJECTION"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"dos"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"DOS"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"Memory"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"MEMORY"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"CSRF"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"CSRF"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"inclusion"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"FILEINCLUSION"
;
}
else
if
(
data
.
Detail
.
IndexOf
(
"EXCUTE"
,
StringComparison
.
CurrentCultureIgnoreCase
)
>
0
)
{
type
=
"EXCUTE"
;
}
var
urlBytes
=
Convert
.
FromBase64String
(
findCveDict
[
cve
].
FirstOrDefault
().
Url
);
string
url
=
Encoding
.
Unicode
.
GetString
(
urlBytes
);
/* DB 전송 */
VulnRDS
.
InsertVulnDetail
(
new
VulnRDS
.
Vuln_detail
{
CveName
=
data
.
Code
,
Type
=
type
,
Level
=
data
.
Level
.
ToString
(),
Year
=
data
.
Year
.
ToString
(),
CveDetail
=
data
.
Detail
,
Publish_date
=
data
.
Publish_Date
.
ToString
(
"yyyy-MM-dd"
),
Update_date
=
data
.
Update_Date
.
ToString
(
"yyyy-MM-dd"
),
UserName
=
"samsung"
,
Url
=
url
,
FileName
=
findCveDict
[
cve
].
FirstOrDefault
().
Path
.
Replace
(
@"C:\code"
,
""
),
FuncName
=
findCveDict
[
cve
].
FirstOrDefault
().
FuncName
,
Product
=
data
.
Type
,
});
Console
.
WriteLine
(
"추가 완료"
);
}
}
}
...
...
Please
register
or
login
to post a comment