노현종 / 2018-1-Capstone1-VulnNotti

Go to a project
Toggle navigation Toggle navigation pinning
이지윤
0e3e7355 2 parents 17a22d4c bcdb9649

Merge branch 'master' of https://github.com/yhackerbv/VulnNottiProject

Inline Side-by-side
Showing 5 changed files with 218 additions and 123 deletions
......@@ -64,11 +64,7 @@ namespace VulnCrawler
}
/* 메인 동작 함수 */
public static void Run() {
public static void Run() {
// Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록)
Regex.CacheSize = 50;
......@@ -88,35 +84,6 @@ namespace VulnCrawler
{
continue;
}
//var crawler = new VulnC();
//crawler.Init(directory);
//Tree commitTree1 = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd").Tree;
////Tree parentTree1 = crawler.Repository.Lookup<Commit>("344ba37bdc299660e1b1693b6999e5fe116893e1").Tree;
//Commit commit = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd");
//foreach (var parent in commit.Parents)
//{
// Console.WriteLine($"Parent ID:{parent.Sha}");
// Tree commitTree = commit.Tree;
// Tree parentTree = parent.Tree;
// var patch = crawler.Repository.Diff.Compare<Patch>(commitTree, parentTree.);
// foreach (var item in patch.Where(p => p.OldPath.EndsWith(".c")))
// {
// Console.WriteLine(item.Status);
// Console.WriteLine(item.Path);
// Console.WriteLine(item.Patch);
// }
// Console.ReadLine();
//}
////Console.WriteLine(patch.Content);
//Console.ReadLine();
// 템플릿 패턴화 T : VulnAbstractCrawler
VulnWorker.Run<VulnC>(directory);
}
......
......@@ -31,7 +31,7 @@ namespace VulnCrawler
public string FuncName { get; set; }
public string Hash { get; set; }
public string Path { get; set; }
public string Url { get; set; }
public override bool Equals(object obj)
{
var block = obj as UserBlock;
......@@ -131,7 +131,7 @@ namespace VulnCrawler
/// <summary>
/// 커밋에서 검색할 정규식 문자열
/// </summary>
public string SearchCommitPattern => @"CVE[ -](\d{4})[ -](\d{4,})";
public string SearchCommitPattern => @"CVE[ -](201[5-8])[ -](\d{4,})";
/// <summary>
/// 패치 코드에서 함수 찾을 정규식 패턴 문자열
/// </summary>
......
......@@ -891,15 +891,10 @@ namespace VulnCrawler
var regex2 = new Regex(stringPattern, RegexOptions.Compiled);
var regex3 = new Regex(commentPattern2, RegexOptions.Compiled);
var regex4 = new Regex(commentPattern, RegexOptions.Compiled);
bool found3 = false;
bool com = false;
while (!reader.EndOfStream)
{
string line = reader.ReadLine();
string trim = line.Trim();
if (commentLine)
......@@ -915,7 +910,6 @@ namespace VulnCrawler
continue;
}
}
// /* ~ 패턴
if (regex3.IsMatch(trim))
{
......@@ -941,20 +935,18 @@ namespace VulnCrawler
if (found3)
{
string obStr = oldBuilder.ToString();
Console.WriteLine(obStr);
//Console.WriteLine(obStr);
obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>());
byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr);
string absObStrBase64 = Convert.ToBase64String(obStrBytes);
Console.WriteLine(obStr);
// Console.WriteLine(obStr);
//Console.WriteLine("HASH: " + MD5HashFunc(obStr));
//Console.WriteLine(absObStrBase64);
if (!dict.ContainsKey(absObStrBase64.Length))
{
dict[absObStrBase64.Length] = new HashSet<UserBlock>();
}
string funcName = new string(oldBuilder.ToString().TakeWhile(c => c != '{').ToArray());
(dict[absObStrBase64.Length] as HashSet<UserBlock>).Add(new UserBlock
{
Hash = MD5HashFunc(absObStrBase64),
......@@ -1090,11 +1082,11 @@ namespace VulnCrawler
if (found3)
{
string obStr = oldBuilder.ToString();
Console.WriteLine(obStr);
// Console.WriteLine(obStr);
obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>());
byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr);
string absObStrBase64 = Convert.ToBase64String(obStrBytes);
Console.WriteLine(obStr);
// Console.WriteLine(obStr);
if (!dict.ContainsKey(absObStrBase64.Length))
{
dict[absObStrBase64.Length] = new HashSet<UserBlock>();
......
......@@ -67,6 +67,7 @@ namespace VulnCrawler
public string FileName { get; set; } = "NULL"; /* FileName */
public string FuncName { get; set; } = "NULL"; /* funcName */
public string Url { get; set; } = "NULL"; /* Url */
public string Product { get; set; }
}
//connect
......@@ -242,7 +243,7 @@ namespace VulnCrawler
{
Connection = Conn,
//db에 추가
CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url)"
CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url, product) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url,@product)"
};
cmd.Parameters.AddWithValue("@type", $"{vuln.Type}");
cmd.Parameters.AddWithValue("@year", $"{vuln.Year}");
......@@ -255,16 +256,16 @@ namespace VulnCrawler
cmd.Parameters.AddWithValue("@fileName", $"{vuln.FileName}");
cmd.Parameters.AddWithValue("@funcName", $"{vuln.FuncName}");
cmd.Parameters.AddWithValue("@url", $"{vuln.Url}");
cmd.Parameters.AddWithValue("@product", $"{vuln.Product}");
cmd.ExecuteNonQuery();
//콘솔출력용
sql = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) " +
$"VALUES({vuln.Type}, {vuln.Year}, {vuln.Level}, {vuln.UserName}, {vuln.CveName},{vuln.Publish_date}, {vuln.Update_date}, {vuln.CveDetail}, {vuln.FileName}, {vuln.FuncName}, {vuln.Url})";
Console.WriteLine(sql);
// Console.WriteLine(sql);
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
// Console.WriteLine(e.ToString());
string es = e.ToString();
if (es.Contains("Connection must be valid and open"))
{
......
......@@ -15,26 +15,109 @@ using Newtonsoft.Json.Linq;
namespace VulnUserCodeAnalyzer
{
public class CVE
{
public string Type { get; set; }
public int Year { get; set; }
//public string UserName { get; set; }
public string Code { get; set; }
public DateTime Publish_Date { get; set; }
public DateTime Update_Date { get; set; }
public string Detail { get; set; }
//public string FileName { get; set; }
//public string FuncNameBase64 { get; set; }
//public string Url { get; set; }
public double Level { get; set; }
}
public static class CVE_JSON
{
/// <summary>
/// CVE 테이블
/// </summary>
public static Dictionary<int, Dictionary<string, CVE>> CveDict { get; set; }
static CVE_JSON()
{
CveDict = new Dictionary<int, Dictionary<string, CVE>>();
}
public static void AutoLoad()
{
var dir = new DirectoryInfo(@"c:\CVE");
foreach (var json in dir.EnumerateFiles("*.json"))
{
var match = Regex.Match(json.Name, @"(20\d\d)");
if (!match.Success)
{
continue;
}
int year = int.Parse(match.Value);
if (CveDict.ContainsKey(year))
{
continue;
}
var dict = LoadCveJson(int.Parse(match.Value));
CveDict.Add(year, dict);
Console.WriteLine($"cve 로드 완료 {year}, 개수 : {CveDict[year].Count}");
}
}
/// <summary>
/// CVE 정보 수집
/// </summary>
/// <param name="year"></param>
/// <returns></returns>
private static Dictionary<string, CVE> LoadCveJson(int year)
{
string json = File.ReadAllText($@"C:\CVE\{year}.json");
JObject jobj = JObject.Parse(json);
var cveDict = jobj["CVE_Items"].ToDictionary(t => t["cve"]["CVE_data_meta"]["ID"].ToString(), t =>
{
var vendor_data = t["cve"]["affects"]["vendor"]["vendor_data"] as JArray;
string vendor_name = "NULL";
if (vendor_data.Count > 0)
{
vendor_name = vendor_data.First()["vendor_name"].ToString();
}
var description_data = t["cve"]["description"]["description_data"] as JArray;
string description = "NULL";
if (description_data.Count > 0)
{
description = description_data.First()["value"].ToString();
}
double level = 0;
var impact = t["impact"];
if (impact.HasValues)
{
level = Double.Parse(impact["baseMetricV2"]["cvssV2"]["baseScore"].ToString());
}
return new CVE
{
Code = t["cve"]["CVE_data_meta"]["ID"].ToString(),
Type = vendor_name,
Detail = description,
Year = year,
Publish_Date = DateTime.Parse(t["publishedDate"].ToString()),
Update_Date = DateTime.Parse(t["lastModifiedDate"].ToString()),
Level = level,
};
});
return cveDict;
}
}
class Program
{
static void Main(string[] args)
{
//string json = File.ReadAllText(@"C:\Users\haena\Downloads\cvelist-master\2018\5xxx\CVE-2018-5004.json");
//JObject jobj = JObject.Parse(json);
//Console.WriteLine(jobj["CVE_data_meta"].ToString());
/* 연도별 CVE JSON 파일 로드 */
CVE_JSON.AutoLoad();
/* 크롤러 타입 */
var crawler = new VulnC();
//var bytes = Convert.FromBase64String("cwB0AGEAdABpAGMAIABpAG4AdAAgAGMAaABhAGMAaABhADIAMABfAHAAbwBsAHkAMQAzADAANQBfAGMAaQBwAGgAZQByACgARQBWAFAAXwBDAEkAUABIAEUAUgBfAEMAVABYACAAKgBjAHQAeAAsACAAdQBuAHMAaQBnAG4AZQBkACAAYwBoAGEAcgAgACoAbwB1AHQALAANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAYwBvAG4AcwB0ACAAdQBuAHMAaQBnAG4AZQBkACAAYwBoAGEAcgAgACoAaQBuACwAIABzAGkAegBlAF8AdAAgAGwAZQBuACkADQAKAHsADQAKACAAIAAgACAARQBWAFAAXwBDAEgAQQBDAEgAQQBfAEEARQBBAEQAXwBDAFQAWAAgACoAYQBjAHQAeAAgAD0AIABhAGUAYQBkAF8AZABhAHQAYQAoAGMAdAB4ACkAOwANAAoAIAAgACAAIABzAGkAegBlAF8AdAAgAHIAZQBtACwAIABwAGwAZQBuACAAPQAgAGEAYwB0AHgALQA+AHQAbABzAF8AcABhAHkAbABvAGEAZABfAGwAZQBuAGcAdABoADsADQAKACAAIAAgACAAcwB0AGEAdABpAGMAIABjAG8AbgBzAHQAIAB1AG4AcwBpAGcAbgBlAGQAIABjAGgAYQByACAAegBlAHIAbwBbAFAATwBMAFkAMQAzADAANQBfAEIATABPAEMASwBfAFMASQBaAEUAXQAgAD0AIAB7ACAAMAAgAH0AOwANAAoAIAAgACAAIABpAGYAIAAoACEAYQBjAHQAeAAtAD4AbQBhAGMAXwBpAG4AaQB0AGUAZAApACAAewANAAoAIAAgACAAIAAgACAAIAAgAGEAYwB0AHgALQA+AGsAZQB5AC4AYwBvAHUAbgB0AGUAcgBbADAAXQAgAD0AIAAwADsADQAKACAAIAAgACAAIAAgACAAIABtAGUAbQBzAGUAdAAoAGEAYwB0AHgALQA+AGsAZQB5AC4AYgB1AGYALAAgADAALAAgAHMAaQB6AGUAbwBmACgAYQBjAHQAeAAtAD4AawBlAHkALgBiAHUAZgApACkAOwANAAoAIAAgACAAIAAgACAAIAAgAEMAaABhAEMAaABhADIAMABfAGMAdAByADMAMgAoAGEAYwB0AHgALQA+AGsAZQB5AC4AYgB1AGYALAAgAGEAYwB0AHgALQA+AGsAZQB5AC4AYgB1AGYALAAgAEMASABBAEMASABBAF8AQgBMAEsAXwBTAEkAWgBFACwADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABhAGMAdAB4AC0APgBrAGUAeQAuAGsAZQB5AC4AZAAsACAAYQBjAHQAeAAtAD4AawBlAHkALgBjAG8AdQBuAHQAZQByACkAOwANAAoAIAAgACAAIAAgACAAIAAgAFAAbwBsAHkAMQAzADAANQBfAEkAbgBpAHQAKABQAE8ATABZADEAMwAwADUAXwBjAHQAeAAoAGEAYwB0AHgAKQAsACAAYQBjAHQAeAAtAD4AawBlAHkALgBiAHUAZgApADsADQAKACAAIAAgACAAIAAgACAAIABhAGMAdAB4AC0APgBrAGUAeQAuAGMAbwB1AG4AdABlAHIAWwAwAF0AIAA9ACAAMQA7AA0ACgAgACAAIAAgACAAIAAgACAAYQBjAHQAeAAtAD4AawBlAHkALgBwAGEAcgB0AGkAYQBsAF8AbABlAG4AIAA9ACAAMAA7AA0ACgAgACAAIAAgACAAIAAgACAAYQBjAHQAeAAtAD4AbABlAG4ALgBhAGEAZAAgAD0AIABhAGMAdAB4AC0APgBsAGUAbgAuAHQAZQB4AHQAIAA9ACAAMAA7AA0ACgAgACAAIAAgACAAIAAgACAAYQBjAHQAeAAtAD4AbQBhAGMAXwBpAG4AaQB0AGUAZAAgAD0AIAAxADsADQAKACAAIAAgACAAfQANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUABvAGwAeQAxADMAMAA1AF8AVQBwAGQAYQB0AGUAKABQAE8ATABZADEAMwAwADUAXwBjAHQAeAAoAGEAYwB0AHgAKQAsACAAaQBuACwAIABsAGUAbgApADsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGEAYwB0AHgALQA+AGwAZQBuAC4AYQBhAGQAIAArAD0AIABsAGUAbgA7AA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABhAGMAdAB4AC0APgBhAGEAZAAgAD0AIAAxADsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAHIAZQB0AHUAcgBuACAAbABlAG4AOwANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABpAGYAIAAoACgAcgBlAG0AIAA9ACAAKABzAGkAegBlAF8AdAApAGEAYwB0AHgALQA+AGwAZQBuAC4AYQBhAGQAIAAlACAAUABPAEwAWQAxADMAMAA1AF8AQgBMAE8AQwBLAF8AUwBJAFoARQApACkADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABQAG8AbAB5ADEAMwAwADUAXwBVAHAAZABhAHQAZQAoAFAATwBMAFkAMQAzADAANQBfAGMAdAB4ACgAYQBjAHQAeAApACwAIAB6AGUAcgBvACwADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAFAATwBMAFkAMQAzADAANQBfAEIATABPAEMASwBfAFMASQBaAEUAIAAtACAAcgBlAG0AKQA7AA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAGEAYwB0AHgALQA+AGEAYQBkACAAPQAgADAAOwANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAfQANAAoA");
//var str = Encoding.Unicode.GetString(bytes);
//Console.WriteLine(str);
//var abs = crawler.Abstract(str, new Dictionary<string, string>(), new Dictionary<string, string>());
//Console.WriteLine(abs);
//Console.WriteLine(VulnAbstractCrawler.MD5HashFunc(abs));
//Console.ReadLine();
// default usage
/* 매칭을 위한 자료구조 Bloom Filter */
int capacity = 50000000;
var filter = new Filter<string>(capacity);
......@@ -42,10 +125,8 @@ namespace VulnUserCodeAnalyzer
string txt = File.ReadAllText(@"Account.xml");
// string xml = aes.AESDecrypt128(txt, key);
string xml = txt;
AWS.LoadAccount(xml);
AWS.Account account = AWS.account;
/* AWS 정보 출력 */
Console.WriteLine($"Endpoint: {account.Endpoint}, ID: {account.Id}, PW: {account.Pw}");
try
......@@ -58,64 +139,62 @@ namespace VulnUserCodeAnalyzer
Console.WriteLine($"접속 에러 :: {e.ToString()}");
return;
}
/* AWS 연결 여부 확인 */
if (VulnRDS.Conn.State == System.Data.ConnectionState.Open)
{
Console.WriteLine("접속 성공");
}
else
{
Console.WriteLine("연결 실패");
return;
}
/* hashDict = 사용된 사용자 함수 정보 */
var hashDict = new Dictionary<int, HashSet<VulnAbstractCrawler.UserBlock>>();
/* 경과 시간 체크 */
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
DirectoryInfo dirInfo = new DirectoryInfo(@"C:\code");
/* 모든 .c 파일 탐색 */
var codeFiles = dirInfo.EnumerateFiles("*.c", SearchOption.AllDirectories);
int totalFileCount = codeFiles.Count();
int count = 0;
foreach (var codeFile in codeFiles)
{
// Process.Start(codeFile.FullName);
Console.WriteLine(codeFile.FullName);
using (var reader = codeFile.OpenText())
{
/* 사용자 코드를 함수별로 나눔 */
var dict = crawler.CrawlUserCode(reader);
foreach (var item in dict)
{
/* hashDict의 키와 item.key는 함수 블록의 코드 길이 */
if (!hashDict.ContainsKey(item.Key))
{
hashDict[item.Key] = new HashSet<VulnAbstractCrawler.UserBlock>();
}
/* item.Value는 각 코드 길이 마다의 블록 정보
* Bloom Filter에 코드 블록 해쉬값 기록
*/
foreach (var hash in item.Value)
{
hash.Path = codeFile.FullName;
hashDict[item.Key].Add(hash);
filter.Add(hash.Hash);
}
}
count++;
double per = ((double)count / (double)totalFileCount) * 100;
//Console.Clear();
Console.WriteLine($"{count} / {totalFileCount} :: {per.ToString("#0.0")}%, 개체 수 : {hashDict.Count}");
//if (count > 100)
//{
// break;
//}
}
}
// Console.ReadLine();
var findBlocks = new Queue<VulnAbstractCrawler.UserBlock>();
var vulnDict = new Dictionary<string, IEnumerable<VulnRDS._Vuln>>();
foreach (var set in hashDict)
{
/* 사용자 코드의 길이 마다 DB로 부터 같은 길이의 CVE 레코드 목록 가져옴 */
var cveList = VulnRDS.SelectVulnbyLen(set.Key).Select(v => v.Cve).Distinct();
foreach (var cve in cveList)
{
......@@ -123,6 +202,10 @@ namespace VulnUserCodeAnalyzer
{
vulnDict[cve] = new HashSet<VulnRDS._Vuln>();
var vulnHashSet = vulnDict[cve] as HashSet<VulnRDS._Vuln>;
/* 같은 길이의 CVE에서 또 같은 종류의 CVE 레코드 목록 가져옴
* 같은 종류의 CVE 레코드들이 사용자 코드에서 모두 포함되어야
* CVE를 가지고 있다고 인정하는 프로그램 정책 때문
*/
var searchedCveHashList = VulnRDS.SelectVulnbyCve(cve);
Console.WriteLine($"cve:{cve}, {searchedCveHashList.Count()}개 가져옴");
foreach (var s in searchedCveHashList)
......@@ -133,86 +216,138 @@ namespace VulnUserCodeAnalyzer
}
}
}
var findCveDict = new Dictionary<string, List<VulnAbstractCrawler.UserBlock>>();
var findCveList = new HashSet<string>();
/* 본격적인 취약점 매칭 부분 */
foreach (var vulnSet in vulnDict)
{
Console.WriteLine($"-----cve:{vulnSet.Key}");
//Console.WriteLine($"-----cve:{vulnSet.Key}");
bool match = false;
foreach (var vuln in vulnSet.Value)
{
/* 사용자 코드 해쉬 저장해논 bloom filter에 취약점 레코드 해쉬값들이 포함되는지 확인
* 포함이 된다는 건 해당 취약점 레코드가 사용자 코드에도 있다는 뜻(취약점)
* 같은 종류의 CVE 레코드가 전부 필터에 포함된다면 취약점으로 판단한다.
*/
if (filter.Contains(vuln.BlockHash))
{
Console.WriteLine($"필터 확인 : {vuln.BlockHash}");
if (hashDict.ContainsKey(vuln.LenFunc))
{
/* Bloom Filter는 아쉽게도 포함 여부만 알 수 있기에
* 포함되었음을 알았다면 검색해서 정보를 구한다. */
var userBlock = hashDict[vuln.LenFunc].FirstOrDefault(b => b.Hash == vuln.BlockHash);
if (userBlock == null)
{
Console.WriteLine("userBlock이 비어있습니다.");
continue;
}
Console.WriteLine($"CVE:{vuln.Cve}, {userBlock.FuncName}, 블록 확인 : DB : {vuln.BlockHash}, User : {userBlock.Hash}");
/* 해당 유저 블록을 임시 저장한다.
* 밑에서 블록 정보를 DB로 전송하기 위해서다.
*/
if (!findCveDict.ContainsKey(vuln.Cve))
{
findCveDict[vuln.Cve] = new List<VulnAbstractCrawler.UserBlock>();
}
userBlock.Url = vuln.Url;
findCveDict[vuln.Cve].Add(userBlock);
match = true;
findBlocks.Enqueue(userBlock);
}
}
else
{
match = false;
// break;
break;
}
}
/* 취약점 레코드가 전부 있어야 CVE 찾음 인정 */
if (match)
{
Console.WriteLine($"CVE 찾음 {vulnSet.Key}");
/* 찾았으면 cve값을 기록함 밑에서 찾은 cve 정보 전송하기 위해 */
findCveList.Add(vulnSet.Key);
}
else
{
Console.WriteLine("없음");
}
}
stopwatch.Stop();
/* 매칭 끝 후처리 (출력, DB 전송 등) */
var hours = stopwatch.Elapsed.Hours;
var minutes = stopwatch.Elapsed.Minutes;
var seconds = stopwatch.Elapsed.Seconds;
Console.WriteLine($"경과 시간 {hours.ToString("00")}:{minutes.ToString("00")}:{seconds.ToString("00")}");
// CVE JSON 검색
foreach (var vuln in findBlocks)
Console.WriteLine($"찾은 CVE 개수 : {findCveList.Count}");
var yearMatch = new Regex(@"CVE-(\d{4})-(\d+)");
foreach (var cve in findCveList)
{
Console.WriteLine(cve);
var c = yearMatch.Match(cve);
int year = int.Parse(c.Groups[1].Value);
if (!CVE_JSON.CveDict.ContainsKey(year))
{
continue;
}
if (!CVE_JSON.CveDict[year].ContainsKey(cve))
{
continue;
}
var data = CVE_JSON.CveDict[year][cve];
}
// 블룸 필터 테스트
//while(true)
//{
// string key = Console.ReadLine();
// if (key == "-1")
// {
// break;
// }
// if (filter.Contains(key))
// {
// Console.WriteLine("포함");
// }
// else
// {
// Console.WriteLine("없음");
// }
//}
/* 취약점 타입 분류 */
string type = "NORMAL";
if (data.Detail.IndexOf("overflow", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "OVERFLOW";
}
else if (data.Detail.IndexOf("xss", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "XSS";
}
else if (data.Detail.IndexOf("injection", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "SQLINJECTION";
}
else if (data.Detail.IndexOf("dos", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "DOS";
}
else if (data.Detail.IndexOf("Memory", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "MEMORY";
}
else if (data.Detail.IndexOf("CSRF", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "CSRF";
}
else if (data.Detail.IndexOf("inclusion", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "FILEINCLUSION";
}
else if (data.Detail.IndexOf("EXCUTE", StringComparison.CurrentCultureIgnoreCase) > 0)
{
type = "EXCUTE";
}
var urlBytes = Convert.FromBase64String(findCveDict[cve].FirstOrDefault().Url);
string url = Encoding.Unicode.GetString(urlBytes);
/* DB 전송 */
VulnRDS.InsertVulnDetail(new VulnRDS.Vuln_detail
{
CveName = data.Code,
Type = type,
Level = data.Level.ToString(),
Year = data.Year.ToString(),
CveDetail = data.Detail,
Publish_date = data.Publish_Date.ToString("yyyy-MM-dd"),
Update_date = data.Update_Date.ToString("yyyy-MM-dd"),
UserName = "samsung",
Url = url,
FileName = findCveDict[cve].FirstOrDefault().Path.Replace(@"C:\code", ""),
FuncName = findCveDict[cve].FirstOrDefault().FuncName,
Product = data.Type,
});
Console.WriteLine("추가 완료");
}
}
}
......