def vuln_patch_comp_proc(): db_conn = get_connection() if db_conn is None: print u"数据库连接失败" return neo4jdb = Graph() suffix_tree_obj = suffixtree() cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() infos = [] for ret in rets: soft = vulnerability_info(ret).get_cve_info(db_conn).get_soft(db_conn) if soft.software_name == "ffmpeg": infos.append(ret) wb = Workbook() ws = wb.active ws.title = u"测试结果" header = [u'CVE编号', u"软件版本", u"漏洞函数", u"漏洞文件",u"状态", "distinct_type_and_const" , "distinct_const_no_type", "distinct_type_no_const", "no_type_no_const", "cost"] ws.append(header) for info in infos: try: vuln_patch_compare(db_conn, neo4jdb, vulnerability_info(info), ws, suffix_tree_obj) wb.save("ast_result.xlsx") except Exception as e: print e suffix_tree_obj.close() print "all works done!"
def astlevel_comp_proc(): db_conn = get_connection() if db_conn is None: print u"数据库连接失败" return #选择所有ffmpeg的漏洞函数 cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() func_names = [] for ret in rets: vuln_info = vulnerability_info(ret) cve_info = vuln_info.get_cve_info(db_conn) soft = cve_info.get_soft(db_conn) if soft.software_name == "ffmpeg": func_names.append(cve_info.cveid.upper().replace("-", "_") + "_VULN_" + vuln_info.vuln_func ) #特征数据库,默认开启在7474端口 db2 = Graph() #默认连接7474端口 db1 = Graph("http://localhost:7475/db/data") #假设7475端口是某ffmpeg的图形数据库 suffix_tree_obj = suffixtree() wb = Workbook() ws = wb.active ws.title = u"AST函数级漏洞查找测试结果" header = [u'漏洞函数名', u"漏洞文件", u"漏洞函数", "distinct_type_and_const" , "distinct_const_no_type", "distinct_type_no_const", "no_type_no_const", "耗时"] ws.append(header) wb.save("ast_func.xlsx") all_funcs = get_all_functions(db2) for name in func_names: try: func_similarity_astLevel(db1, all_funcs, db2, name, suffix_tree_obj, ws) wb.save("ast_func.xlsx") except: print "error occured" suffix_tree_obj.close() print "all works done!"
#coding=utf-8 ''' Created on 2016年1月26日 @author: Bert ''' from db.models import vulnerability_info, get_connection import os import shutil db_conn = get_connection() if db_conn is None: print u"数据库连接失败" exit(0) cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() cur.close() for ret in rets: file = vulnerability_info(ret).vuln_file cur_dir = os.path.dirname(__file__) path = os.path.join(cur_dir, file[31:]) os.makedirs(os.path.dirname(path)) shutil.copyfile(file, path)
if __name__ == "__main__": db_conn = get_connection() if db_conn is None: print u"数据库连接失败" exit(0) neo4jdb = py2neo.Graph() cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() cur.close() infos = [] for ret in rets: cve_info = vulnerability_info(ret).get_cve_info(db_conn) soft = cve_info.get_soft(db_conn) if soft.software_name == "ffmpeg": infos.append(ret) wb = Workbook() ws = wb.active ws.title = u"CFG测试结果" header = [u'CVE编号', u"软件版本", u"漏洞函数", u"漏洞文件", u"是否匹配", u"相似度", u"耗时"] ws.append(header) for info in infos: try: func_cfg_similarity_process(vulnerability_info(info), db_conn, neo4jdb, ws) wb.save("cfg_redult.xlsx")
def get_var_mapping(soft_name): db_conn = get_connection() if db_conn is None: print u"数据库连接失败" return cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() neo4j_db = Graph() infos = [] for ret in rets: soft = vulnerability_info(ret).get_cve_info(db_conn).get_soft(db_conn) if soft.software_name == soft_name: infos.append(ret) var_map_db = sqlite3.connect("var_map.db") var_map_db.execute('''create table if not exists %s( func_name CHAR(100) PRIMARY KEY, var_map TEXT NOT NULL)''' % soft_name) var_map_db.commit() print "There are %d functions" % len(infos) for info in infos: vuln_info = vulnerability_info(info) cve_info = vuln_info.get_cve_info(db_conn) if vuln_info.vuln_func == "None": continue vuln_name = cve_info.cveid.replace("-", "_").upper() + "_VULN_" + vuln_info.vuln_func patch_name = cve_info.cveid.replace("-", "_").upper() + "_PATCHED_" + vuln_info.vuln_func #check if VULN exist ret = var_map_db.execute("select * from %s where func_name=?" % soft_name, (vuln_name,)) if not ret.fetchone(): #VULN var_map = get_type_mapping_table(neo4j_db, vuln_name) try: var_map_db.execute('insert into %s values(?, ?)' % soft_name, (vuln_name, var_map.__str__()) ) var_map_db.commit() except Exception, e: print soft_name, vuln_name print "error:", e #check if PATCH exist ret = var_map_db.execute("select * from %s where func_name=?" % soft_name,(patch_name,)) if not ret.fetchone(): #PATCH var_map = get_type_mapping_table(neo4j_db, patch_name) try: var_map_db.execute('insert into %s values(?, ?)' % soft_name, (patch_name, var_map.__str__())) var_map_db.commit() except Exception, e: print soft_name, vuln_name print "error:", e
def get_var_mapping(soft_name): db_conn = get_connection() if db_conn is None: print u"数据库连接失败" return cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() neo4j_db = Graph() infos = [] for ret in rets: soft = vulnerability_info(ret).get_cve_info(db_conn).get_soft(db_conn) if soft.software_name == soft_name: infos.append(ret) var_map_db = sqlite3.connect("var_map.db") var_map_db.execute('''create table if not exists %s( func_name CHAR(100) PRIMARY KEY, var_map TEXT NOT NULL)''' % soft_name) var_map_db.commit() print "There are %d functions" % len(infos) for info in infos: vuln_info = vulnerability_info(info) cve_info = vuln_info.get_cve_info(db_conn) if vuln_info.vuln_func == "None": continue vuln_name = cve_info.cveid.replace( "-", "_").upper() + "_VULN_" + vuln_info.vuln_func patch_name = cve_info.cveid.replace( "-", "_").upper() + "_PATCHED_" + vuln_info.vuln_func #check if VULN exist ret = var_map_db.execute( "select * from %s where func_name=?" % soft_name, (vuln_name, )) if not ret.fetchone(): #VULN var_map = get_type_mapping_table(neo4j_db, vuln_name) try: var_map_db.execute('insert into %s values(?, ?)' % soft_name, (vuln_name, var_map.__str__())) var_map_db.commit() except Exception, e: print soft_name, vuln_name print "error:", e #check if PATCH exist ret = var_map_db.execute( "select * from %s where func_name=?" % soft_name, (patch_name, )) if not ret.fetchone(): #PATCH var_map = get_type_mapping_table(neo4j_db, patch_name) try: var_map_db.execute('insert into %s values(?, ?)' % soft_name, (patch_name, var_map.__str__())) var_map_db.commit() except Exception, e: print soft_name, vuln_name print "error:", e
if __name__ == "__main__": db_conn = get_connection() if db_conn is None: print u"数据库连接失败" exit(0) neo4jdb = py2neo.Graph() cur = db_conn.cursor() cur.execute("select * from vulnerability_info") rets = cur.fetchall() cur.close() infos = [] for ret in rets: cve_info = vulnerability_info(ret).get_cve_info(db_conn) soft = cve_info.get_soft(db_conn) if soft.software_name == "ffmpeg": infos.append(ret) wb = Workbook() ws = wb.active ws.title = u"CFG测试结果" header = [u"CVE编号", u"软件版本", u"漏洞函数", u"漏洞文件", u"是否匹配", u"相似度", u"耗时"] ws.append(header) for info in infos: try: func_cfg_similarity_process(vulnerability_info(info), db_conn, neo4jdb, ws) wb.save("cfg_redult.xlsx") except Exception: