Exemplo n.º 1
0
def segement_comp_proc():
    db1 = Graph("http://localhost:7475/db/data/")  #假设软件数据库开启在7475端口
    db2 = Graph("http://localhost:7476/db/data/")  #假设代码段数据库开启在7476

    workbook = Workbook()
    worksheet = workbook.active
    worksheet.title = u"CFG代码段查找测试结果"
    header = [u'代码段', u"漏洞文件", u"漏洞函数", u"是否匹配", u"相似度"]
    worksheet.append(header)
    workbook.save("cfg_segement.xlsx")

    #假设只测试一个代码段函数
    segement_funcs = [
        "CVE_2015_3417_VULN_COMPLETE_0",
    ]
    funcs = get_all_functions(db1)

    for func_name in segement_funcs:
        try:
            func_similarity_segement_level(db1, funcs, db2, func_name,
                                           worksheet)
            workbook.save("cfg_segement.xlsx")
        except:
            print "error occured!"

    print "all works done!"
Exemplo n.º 2
0
def get_software_var_map(soft, port):
    neo4j_db = Graph("http://127.0.0.1:%d/db/data/" % port)
    sql_db = sqlite3.connect("/home/bert/Documents/data/" + soft + ".db")
    sql_db.execute('''create table if not exists %s(
            func_id INT PRIMARY KEY,
            func_name CHAR(100) NOT NULL,
            file CHAR(200) NOT NULL,
            var_map TEXT NOT NULL,
            ast_type_const TEXT NOT NULL,
            ast_type_only TEXT NOT NULL,
            ast_const_only TEXT NOT NULL,
            ast_no_type_const TEXT NOT NULL,
            no_mapping TEXT NOT NULL)''' % soft)
    sql_db.commit()

    funcs = get_all_functions(neo4j_db)
    open("" + len(funcs).__str__(), "w")
    print "get all functions OK:", len(funcs)

    for func in funcs:
        # 查重
        ret = sql_db.execute("select * from %s where func_id=?" % soft,
                             (func._id, ))
        if ret.fetchone():
            continue

        print "[%s] processing %s " % (datetime.datetime.now().strftime(
            "%y-%m-%d %H:%M:%S"), func.properties[u'name'])

        try:
            ast_root = get_function_ast_root(neo4j_db, func)
            func_file = get_function_file(neo4j_db, func)
            ser = serializedAST(neo4j_db)
            ret = ser.genSerilizedAST(ast_root)
            var_map = ser.variable_maps
            ast1 = ";".join(ret[0])
            ast2 = ";".join(ret[1])
            ast3 = ";".join(ret[2])
            ast4 = ";".join(ret[3])
            ast5 = ";".join(ret[4])
        except Exception, e:
            traceback.print_exc()

        try:
            sql_db.execute(
                'insert into %s values(?, ?, ?, ?, ?, ?, ?, ?,?)' % soft,
                (func._id, func.properties[u'name'], func_file,
                 var_map.__str__(), ast1, ast2, ast3, ast4, ast5))
            sql_db.commit()
        except Exception, e:
            print e
Exemplo n.º 3
0
def astlevel_comp_proc():
    db_conn = get_connection()
    if db_conn is None:
        print u"数据库连接失败"
        return
    
    #选择所有ffmpeg的漏洞函数   
    cur = db_conn.cursor()
    cur.execute("select * from vulnerability_info")
    rets = cur.fetchall()
    
    func_names = []
    for ret in rets:
        vuln_info = vulnerability_info(ret)
        cve_info = vuln_info.get_cve_info(db_conn)
        soft = cve_info.get_soft(db_conn)
        
        if soft.software_name == "ffmpeg":
            func_names.append(cve_info.cveid.upper().replace("-", "_") + "_VULN_" + vuln_info.vuln_func )
    
    #特征数据库,默认开启在7474端口
    db2 = Graph() #默认连接7474端口
    db1 = Graph("http://localhost:7475/db/data") #假设7475端口是某ffmpeg的图形数据库
    suffix_tree_obj = suffixtree()
    
    wb = Workbook()
    ws = wb.active
    ws.title = u"AST函数级漏洞查找测试结果"
    header = [u'漏洞函数名', u"漏洞文件", u"漏洞函数", "distinct_type_and_const" , "distinct_const_no_type",
              "distinct_type_no_const", "no_type_no_const", "耗时"]
    ws.append(header)
    wb.save("ast_func.xlsx")
    
    all_funcs = get_all_functions(db2)
    for name in func_names:
        try:
            func_similarity_astLevel(db1, all_funcs, db2, name, suffix_tree_obj, ws)
            wb.save("ast_func.xlsx")
        except:
            print "error occured"
    
    suffix_tree_obj.close()
    
    print "all works done!"
Exemplo n.º 4
0
def cfg_comp_proc():
    db_conn = get_connection()
    if db_conn is None:
        print u"数据库连接失败"
        return
    
    #选择所有ffmpeg的漏洞函数   
    cur = db_conn.cursor()
    cur.execute("select * from vulnerability_info")
    rets = cur.fetchall()
    
    func_names = ['CVE_2010_3429_VULN_flic_decode_frame_8BPP',]
    '''
    for ret in rets:
        vuln_info = vulnerability_info(ret)
        cve_info = vuln_info.get_cve_info(db_conn)
        soft = cve_info.get_soft(db_conn)
        
        if soft.software_name == "ffmpeg":
            func_names.append(cve_info.cveid.upper().replace("-", "_") + "_VULN_" + vuln_info.vuln_func )
    '''
    #特征数据库,默认开启在7474端口
    character_db = Graph() #默认连接7474端口
    soft_db = Graph("http://localhost:7475/db/data") #假设7475端口是某ffmpeg的图形数据库
        
    wb = Workbook()
    ws = wb.active
    ws.title = u"CFG函数级漏洞查找测试结果"
    header = [u'漏洞函数名', u"漏洞文件", u"漏洞函数", u"是否匹配", u"相似度", u"耗时"]
    ws.append(header)
    wb.save("cfg_func.xlsx")
    
    all_funcs = get_all_functions(soft_db)
    for name in func_names:
        print "processing " + name
        try:
            func_similarity_cfg_level(soft_db, all_funcs, character_db, name, ws)
            wb.save("ast_func.xlsx")
        except Exception as e:
            print e       
Exemplo n.º 5
0
def segement_comp_proc():
    db1 = Graph("http://localhost:7475/db/data/")  #假设软件数据库开启在7475端口
    db2 = Graph("http://localhost:7476/db/data/")  #假设代码段数据库开启在7476
    
    workbook = Workbook()
    worksheet = workbook.active
    worksheet.title = u"CFG代码段查找测试结果"
    header = [u'代码段', u"漏洞文件", u"漏洞函数", u"是否匹配", u"相似度"]
    worksheet.append(header)
    workbook.save("cfg_segement.xlsx")
    
    #假设只测试一个代码段函数
    segement_funcs = ["CVE_2015_3417_VULN_COMPLETE_0",]
    funcs = get_all_functions(db1)
    
    for func_name in segement_funcs:
        try:
            func_similarity_segement_level(db1, funcs, db2, func_name, worksheet)
            workbook.save("cfg_segement.xlsx")
        except:
            print "error occured!"
    
    print "all works done!"