Merge branch 'master' into khumaster

노현종
Commit c2601c2d1c5f87d6b6c00d7d07f9aa77b2ad516f c2601c2d 2 parents f0f4e5d4 edf20af0
Showing 3 changed files with 54 additions and 0 deletions
Vulnerablity_DB/VulnCrawler/Program.cs
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
Vulnerablity_DB/VulnCrawler/VulnWorker.cs
--- a/Vulnerablity_DB/VulnCrawler/Program.cs
View file @c2601c2
+++ b/Vulnerablity_DB/VulnCrawler/Program.cs
View file @c2601c2
@@ -66,6 +66,16 @@ namespace VulnCrawler
         }
         public static void Run() {
             // Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록)
+ 
+            // var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)");
+             var fields = VulnWorker.GetCriticalVariant(@"if(i + inl < bl) {");
+ 
+             foreach (var item in fields)
+             {
+                 Console.WriteLine(item);
+             }
+ 
+             return;
             var directorys = Directory.GetDirectories(@"c:\VulnPy");
             if (directorys.Length == 0) {
                 Console.WriteLine("Repository 목록 찾기 실패");
--- a/Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
View file @c2601c2
+++ b/Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
View file @c2601c2
@@ -13,6 +13,8 @@ namespace VulnCrawler
     // 추상 클래스
     public abstract class VulnAbstractCrawler
     {
+ 
+         private static readonly string[] ReservedList = { "if", "return", "break", "while", "typedef" };
         /// <summary>
         /// 생성자
         /// 경로를 입력받아서(path)
@@ -132,6 +134,44 @@ namespace VulnCrawler
             }
             return string.Empty;
         }
+ 
+         public static IEnumerable<string> GetCriticalVariant(string line)
+         {
+ 
+             // 메서드 정규식 패턴
+             string methodPattern = @"(\w+)\(";
+             // 변수 정규식 패턴
+             string fieldPattern = @"\w+";
+             // 메서드 목록
+             var methodSets = new HashSet<string>();
+             var methods = Regex.Matches(line, methodPattern);
+             // 현재 코드 라인에서 메서드 목록 추가
+             foreach (var met in methods)
+             {
+                 var method = met as Match;
+                 if (method.Success)
+                 {
+                     Console.WriteLine(method.Groups[1].Value);
+                     methodSets.Add(method.Groups[1].Value);
+                 }
+             }
+             Console.WriteLine("----");
+             var vars = Regex.Matches(line, fieldPattern);
+             // 변수 목록에서 메서드 목록에 있는 것 제외하고 반환
+             foreach (var x in vars)
+             {
+                 var field = x as Match;
+                 if (field.Success)
+                 {
+                     if (methodSets.Contains(field.Value))
+                     {
+                         continue;
+                     }
+                     yield return field.Value;
+                 }
+             }
+         }
+ 
         /// <summary>
         /// MD5 함수
         /// </summary>
--- a/Vulnerablity_DB/VulnCrawler/VulnWorker.cs
View file @c2601c2
+++ b/Vulnerablity_DB/VulnCrawler/VulnWorker.cs
View file @c2601c2
@@ -109,6 +109,10 @@ namespace VulnCrawler
                     Console.WriteLine($"Original Func: {originalFunc}");
                     // 해쉬 후
                     Console.WriteLine($"Original Func MD5: {md5}");
+                     Console.BackgroundColor = ConsoleColor.DarkRed;
+                     Console.WriteLine($"Patched: \n{entry.Patch}");
+ 
+                     Console.ResetColor();
                     Console.WriteLine("==============================");
 
                     #endregion