Merge branch 'master' of https://github.com/yhackerbv/VulnNottiProject
Showing
5 changed files
with
14 additions
and
54 deletions
| ... | @@ -64,11 +64,7 @@ namespace VulnCrawler | ... | @@ -64,11 +64,7 @@ namespace VulnCrawler |
| 64 | } | 64 | } |
| 65 | 65 | ||
| 66 | /* 메인 동작 함수 */ | 66 | /* 메인 동작 함수 */ |
| 67 | - public static void Run() { | 67 | + public static void Run() { |
| 68 | - | ||
| 69 | - | ||
| 70 | - | ||
| 71 | - | ||
| 72 | // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록) | 68 | // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록) |
| 73 | Regex.CacheSize = 50; | 69 | Regex.CacheSize = 50; |
| 74 | 70 | ||
| ... | @@ -88,35 +84,6 @@ namespace VulnCrawler | ... | @@ -88,35 +84,6 @@ namespace VulnCrawler |
| 88 | { | 84 | { |
| 89 | continue; | 85 | continue; |
| 90 | } | 86 | } |
| 91 | - //var crawler = new VulnC(); | ||
| 92 | - //crawler.Init(directory); | ||
| 93 | - | ||
| 94 | - //Tree commitTree1 = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd").Tree; | ||
| 95 | - ////Tree parentTree1 = crawler.Repository.Lookup<Commit>("344ba37bdc299660e1b1693b6999e5fe116893e1").Tree; | ||
| 96 | - | ||
| 97 | - //Commit commit = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd"); | ||
| 98 | - | ||
| 99 | - //foreach (var parent in commit.Parents) | ||
| 100 | - //{ | ||
| 101 | - // Console.WriteLine($"Parent ID:{parent.Sha}"); | ||
| 102 | - // Tree commitTree = commit.Tree; | ||
| 103 | - // Tree parentTree = parent.Tree; | ||
| 104 | - // var patch = crawler.Repository.Diff.Compare<Patch>(commitTree, parentTree.); | ||
| 105 | - // foreach (var item in patch.Where(p => p.OldPath.EndsWith(".c"))) | ||
| 106 | - // { | ||
| 107 | - | ||
| 108 | - // Console.WriteLine(item.Status); | ||
| 109 | - // Console.WriteLine(item.Path); | ||
| 110 | - // Console.WriteLine(item.Patch); | ||
| 111 | - // } | ||
| 112 | - // Console.ReadLine(); | ||
| 113 | - | ||
| 114 | - //} | ||
| 115 | - | ||
| 116 | - | ||
| 117 | - ////Console.WriteLine(patch.Content); | ||
| 118 | - //Console.ReadLine(); | ||
| 119 | - | ||
| 120 | // 템플릿 패턴화 T : VulnAbstractCrawler | 87 | // 템플릿 패턴화 T : VulnAbstractCrawler |
| 121 | VulnWorker.Run<VulnC>(directory); | 88 | VulnWorker.Run<VulnC>(directory); |
| 122 | } | 89 | } | ... | ... |
| ... | @@ -31,7 +31,7 @@ namespace VulnCrawler | ... | @@ -31,7 +31,7 @@ namespace VulnCrawler |
| 31 | public string FuncName { get; set; } | 31 | public string FuncName { get; set; } |
| 32 | public string Hash { get; set; } | 32 | public string Hash { get; set; } |
| 33 | public string Path { get; set; } | 33 | public string Path { get; set; } |
| 34 | - | 34 | + public string Url { get; set; } |
| 35 | public override bool Equals(object obj) | 35 | public override bool Equals(object obj) |
| 36 | { | 36 | { |
| 37 | var block = obj as UserBlock; | 37 | var block = obj as UserBlock; |
| ... | @@ -131,7 +131,7 @@ namespace VulnCrawler | ... | @@ -131,7 +131,7 @@ namespace VulnCrawler |
| 131 | /// <summary> | 131 | /// <summary> |
| 132 | /// 커밋에서 검색할 정규식 문자열 | 132 | /// 커밋에서 검색할 정규식 문자열 |
| 133 | /// </summary> | 133 | /// </summary> |
| 134 | - public string SearchCommitPattern => @"CVE[ -](\d{4})[ -](\d{4,})"; | 134 | + public string SearchCommitPattern => @"CVE[ -](201[5-8])[ -](\d{4,})"; |
| 135 | /// <summary> | 135 | /// <summary> |
| 136 | /// 패치 코드에서 함수 찾을 정규식 패턴 문자열 | 136 | /// 패치 코드에서 함수 찾을 정규식 패턴 문자열 |
| 137 | /// </summary> | 137 | /// </summary> | ... | ... |
| ... | @@ -891,15 +891,10 @@ namespace VulnCrawler | ... | @@ -891,15 +891,10 @@ namespace VulnCrawler |
| 891 | var regex2 = new Regex(stringPattern, RegexOptions.Compiled); | 891 | var regex2 = new Regex(stringPattern, RegexOptions.Compiled); |
| 892 | var regex3 = new Regex(commentPattern2, RegexOptions.Compiled); | 892 | var regex3 = new Regex(commentPattern2, RegexOptions.Compiled); |
| 893 | var regex4 = new Regex(commentPattern, RegexOptions.Compiled); | 893 | var regex4 = new Regex(commentPattern, RegexOptions.Compiled); |
| 894 | - | ||
| 895 | bool found3 = false; | 894 | bool found3 = false; |
| 896 | - | ||
| 897 | bool com = false; | 895 | bool com = false; |
| 898 | - | ||
| 899 | - | ||
| 900 | while (!reader.EndOfStream) | 896 | while (!reader.EndOfStream) |
| 901 | { | 897 | { |
| 902 | - | ||
| 903 | string line = reader.ReadLine(); | 898 | string line = reader.ReadLine(); |
| 904 | string trim = line.Trim(); | 899 | string trim = line.Trim(); |
| 905 | if (commentLine) | 900 | if (commentLine) |
| ... | @@ -915,7 +910,6 @@ namespace VulnCrawler | ... | @@ -915,7 +910,6 @@ namespace VulnCrawler |
| 915 | continue; | 910 | continue; |
| 916 | } | 911 | } |
| 917 | } | 912 | } |
| 918 | - | ||
| 919 | // /* ~ 패턴 | 913 | // /* ~ 패턴 |
| 920 | if (regex3.IsMatch(trim)) | 914 | if (regex3.IsMatch(trim)) |
| 921 | { | 915 | { |
| ... | @@ -941,20 +935,18 @@ namespace VulnCrawler | ... | @@ -941,20 +935,18 @@ namespace VulnCrawler |
| 941 | if (found3) | 935 | if (found3) |
| 942 | { | 936 | { |
| 943 | string obStr = oldBuilder.ToString(); | 937 | string obStr = oldBuilder.ToString(); |
| 944 | - Console.WriteLine(obStr); | 938 | + //Console.WriteLine(obStr); |
| 945 | - | ||
| 946 | obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>()); | 939 | obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>()); |
| 947 | byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr); | 940 | byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr); |
| 948 | string absObStrBase64 = Convert.ToBase64String(obStrBytes); | 941 | string absObStrBase64 = Convert.ToBase64String(obStrBytes); |
| 949 | - | 942 | + // Console.WriteLine(obStr); |
| 950 | - Console.WriteLine(obStr); | 943 | + //Console.WriteLine("HASH: " + MD5HashFunc(obStr)); |
| 944 | + //Console.WriteLine(absObStrBase64); | ||
| 951 | if (!dict.ContainsKey(absObStrBase64.Length)) | 945 | if (!dict.ContainsKey(absObStrBase64.Length)) |
| 952 | { | 946 | { |
| 953 | dict[absObStrBase64.Length] = new HashSet<UserBlock>(); | 947 | dict[absObStrBase64.Length] = new HashSet<UserBlock>(); |
| 954 | } | 948 | } |
| 955 | - | ||
| 956 | string funcName = new string(oldBuilder.ToString().TakeWhile(c => c != '{').ToArray()); | 949 | string funcName = new string(oldBuilder.ToString().TakeWhile(c => c != '{').ToArray()); |
| 957 | - | ||
| 958 | (dict[absObStrBase64.Length] as HashSet<UserBlock>).Add(new UserBlock | 950 | (dict[absObStrBase64.Length] as HashSet<UserBlock>).Add(new UserBlock |
| 959 | { | 951 | { |
| 960 | Hash = MD5HashFunc(absObStrBase64), | 952 | Hash = MD5HashFunc(absObStrBase64), |
| ... | @@ -1090,11 +1082,11 @@ namespace VulnCrawler | ... | @@ -1090,11 +1082,11 @@ namespace VulnCrawler |
| 1090 | if (found3) | 1082 | if (found3) |
| 1091 | { | 1083 | { |
| 1092 | string obStr = oldBuilder.ToString(); | 1084 | string obStr = oldBuilder.ToString(); |
| 1093 | - Console.WriteLine(obStr); | 1085 | + // Console.WriteLine(obStr); |
| 1094 | obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>()); | 1086 | obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>()); |
| 1095 | byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr); | 1087 | byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr); |
| 1096 | string absObStrBase64 = Convert.ToBase64String(obStrBytes); | 1088 | string absObStrBase64 = Convert.ToBase64String(obStrBytes); |
| 1097 | - Console.WriteLine(obStr); | 1089 | + // Console.WriteLine(obStr); |
| 1098 | if (!dict.ContainsKey(absObStrBase64.Length)) | 1090 | if (!dict.ContainsKey(absObStrBase64.Length)) |
| 1099 | { | 1091 | { |
| 1100 | dict[absObStrBase64.Length] = new HashSet<UserBlock>(); | 1092 | dict[absObStrBase64.Length] = new HashSet<UserBlock>(); | ... | ... |
| ... | @@ -67,6 +67,7 @@ namespace VulnCrawler | ... | @@ -67,6 +67,7 @@ namespace VulnCrawler |
| 67 | public string FileName { get; set; } = "NULL"; /* FileName */ | 67 | public string FileName { get; set; } = "NULL"; /* FileName */ |
| 68 | public string FuncName { get; set; } = "NULL"; /* funcName */ | 68 | public string FuncName { get; set; } = "NULL"; /* funcName */ |
| 69 | public string Url { get; set; } = "NULL"; /* Url */ | 69 | public string Url { get; set; } = "NULL"; /* Url */ |
| 70 | + public string Product { get; set; } | ||
| 70 | 71 | ||
| 71 | } | 72 | } |
| 72 | //connect | 73 | //connect |
| ... | @@ -242,7 +243,7 @@ namespace VulnCrawler | ... | @@ -242,7 +243,7 @@ namespace VulnCrawler |
| 242 | { | 243 | { |
| 243 | Connection = Conn, | 244 | Connection = Conn, |
| 244 | //db에 추가 | 245 | //db에 추가 |
| 245 | - CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url)" | 246 | + CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url, product) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url,@product)" |
| 246 | }; | 247 | }; |
| 247 | cmd.Parameters.AddWithValue("@type", $"{vuln.Type}"); | 248 | cmd.Parameters.AddWithValue("@type", $"{vuln.Type}"); |
| 248 | cmd.Parameters.AddWithValue("@year", $"{vuln.Year}"); | 249 | cmd.Parameters.AddWithValue("@year", $"{vuln.Year}"); |
| ... | @@ -255,16 +256,16 @@ namespace VulnCrawler | ... | @@ -255,16 +256,16 @@ namespace VulnCrawler |
| 255 | cmd.Parameters.AddWithValue("@fileName", $"{vuln.FileName}"); | 256 | cmd.Parameters.AddWithValue("@fileName", $"{vuln.FileName}"); |
| 256 | cmd.Parameters.AddWithValue("@funcName", $"{vuln.FuncName}"); | 257 | cmd.Parameters.AddWithValue("@funcName", $"{vuln.FuncName}"); |
| 257 | cmd.Parameters.AddWithValue("@url", $"{vuln.Url}"); | 258 | cmd.Parameters.AddWithValue("@url", $"{vuln.Url}"); |
| 258 | - | 259 | + cmd.Parameters.AddWithValue("@product", $"{vuln.Product}"); |
| 259 | cmd.ExecuteNonQuery(); | 260 | cmd.ExecuteNonQuery(); |
| 260 | //콘솔출력용 | 261 | //콘솔출력용 |
| 261 | sql = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) " + | 262 | sql = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) " + |
| 262 | $"VALUES({vuln.Type}, {vuln.Year}, {vuln.Level}, {vuln.UserName}, {vuln.CveName},{vuln.Publish_date}, {vuln.Update_date}, {vuln.CveDetail}, {vuln.FileName}, {vuln.FuncName}, {vuln.Url})"; | 263 | $"VALUES({vuln.Type}, {vuln.Year}, {vuln.Level}, {vuln.UserName}, {vuln.CveName},{vuln.Publish_date}, {vuln.Update_date}, {vuln.CveDetail}, {vuln.FileName}, {vuln.FuncName}, {vuln.Url})"; |
| 263 | - Console.WriteLine(sql); | 264 | + // Console.WriteLine(sql); |
| 264 | } | 265 | } |
| 265 | catch (Exception e) | 266 | catch (Exception e) |
| 266 | { | 267 | { |
| 267 | - Console.WriteLine(e.ToString()); | 268 | + // Console.WriteLine(e.ToString()); |
| 268 | string es = e.ToString(); | 269 | string es = e.ToString(); |
| 269 | if (es.Contains("Connection must be valid and open")) | 270 | if (es.Contains("Connection must be valid and open")) |
| 270 | { | 271 | { | ... | ... |
This diff is collapsed. Click to expand it.
-
Please register or login to post a comment