Esempio n. 1
0
 /// <summary>
 /// Opens a saved scanner file
 /// </summary>
 /// <param name="sender"></param>
 /// <param name="e"></param>
 private void scannerToolStripMenuItem_Click(object sender, EventArgs e)
 {
     try
     {
         DialogResult result = openFileDialog1.ShowDialog(); // Show the dialog.
         if (result == DialogResult.OK)                      // Test result.
         {
             CRObjSerializer cros = new CRObjSerializer();
             crs = cros.LoadCRScanner(openFileDialog1.FileName);
             //set drop down box
             comboBox1.Items.Clear();
             foreach (var p in crs.Patterns)
             {
                 comboBox1.Items.Add(p);
             }
             //set the save path
             fileSavePath = openFileDialog1.FileName;
         }
     }
     catch (Exception ex)
     {
         MessageBox.Show(ex.Message, "Error"
                         , MessageBoxButtons.OK, MessageBoxIcon.Error);
         crl.WriteLog(CRLogger.CRLogTitle.Error, "Error opening a scanner file " +
                      ex.Message);
     }
 }
Esempio n. 2
0
 public ScannerSaveForm(CRScanner crs)
 {
     InitializeComponent();
     crScanner = crs;
     crl       = new CRLogger();
     initFormFeilds();
 }
Esempio n. 3
0
        /// <summary>
        /// This event handler provides a dialog to open a regex project file
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void projectToolStripMenuItem_Click(object sender, EventArgs e)
        {
            try
            {
                openFileDialog1.InitialDirectory = Environment.CurrentDirectory +
                                                   "\\" + projDir;
                DialogResult result = openFileDialog1.ShowDialog();

                if (result == DialogResult.OK)
                {
                    FileInfo fi = new FileInfo(openFileDialog1.FileName);
                    if (fi.Extension == ".rp")
                    {
                        //call open here
                        RegexProject rp = RegexSerializer.LoadRegexProject(fi.FullName);
                        this.Text          += " *" + rp.RegexProjName;
                        this.crs            = rp.ProjScanner;
                        this.workingScanDir = rp.ProjWorkingDirectory;
                    }
                    else
                    {
                        throw new Exception("error opening RegexProject fiel: wrong file type");
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(" error opening file " + ex.Message, "Error",
                                MessageBoxButtons.OK, MessageBoxIcon.Error);
                crl.WriteLog(CRLogger.CRLogTitle.Error, "Error while opening file " +
                             ex.Message);
            }
        }
Esempio n. 4
0
 public List <CRIndicator> GetIndicators(string dirPath, CRScanner scanner)
 {
     try
     {
         FileUtil fu = new FileUtil();
         foreach (var f in fu.GetFiles(dirPath))
         {
             FileInfo fi = new FileInfo(f);
             foreach (var ex in scanner.FileExtensions)
             {
                 if (fi.Extension == ex)
                 {
                     //do scan
                     getIndis(f, scanner);
                 }
             } //end foreach ex
         }     //end foreach f
         //May need to add a clean function here to remove duplicate
         //line triggers
         return(indis);
     }
     catch (Exception ex)
     {
         throw new CRServicesException(ex.Message);
     }
 }
Esempio n. 5
0
 private void getIndis(string filePath, CRScanner crs)
 {
     try
     {
         foreach (var p in crs.Patterns)
         {
             var lines = File.ReadAllLines(filePath);
             for (int i = 0; i < lines.Length; i++)
             {
                 var matches = Regex.Matches(lines[i], p);
                 if (matches.Count > 0)
                 {
                     //found match make vul
                     CRIndicator crvul = new CRIndicator();
                     crvul.CRVID      = crs.CRVID;
                     crvul.Line       = lines[i].ToString();
                     crvul.LineNumber = i + 1;//account for 0
                     crvul.Path       = filePath;
                     crvul.MVal       = matches[0].Value;
                     //TODO: clean indi
                     indis.Add(crvul);
                 }
             } //end for
         }     //end foreach
     }
     catch (Exception ex)
     {
         throw new CRServicesException(ex.Message);
     }
 }
Esempio n. 6
0
 public CRVData GetCRVData(List<CRIndicator> indicators, CRScanner crscanner)
 {
     try
     {
         foreach(var i in indicators)
         {
             //analyze new rules here
             //1. does the file have the appropriate reference? //if yes then
             if (refCheck(i.Path))
             {
                 //2. is the appropriate method called?
                 //if yes then no vulnerability else positive 
             }
             else
             {
                 //create vul
             }
             
         }
         throw new NotImplementedException();
     }
     catch (Exception ex)
     {
         throw new CRServicesException(ex.Message);
     }
     
 }
Esempio n. 7
0
        public List <CRVul> GetVuls(string dirPath, CRScanner scanner)
        {
            try
            {
                FileUtil fu = new FileUtil();
                foreach (var f in fu.GetFiles(dirPath))
                {
                    FileInfo fi = new FileInfo(f);
                    foreach (var ex in scanner.FileExtensions)
                    {
                        if (fi.Extension == ex)
                        {
                            //do scan
                            getVuls(f, scanner);
                        }
                    }
                }

                return(cleanVuls(Vuls));
            }
            catch (Exception ex)
            {
                //TODO: add custom exception
                throw new Exception(ex.Message);
            }
        }
Esempio n. 8
0
        public RegexEditorForm()
        {
            InitializeComponent();
            initFrom();//common form setup method

            crs          = new CRScanner();
            fileSavePath = "";
            crl          = new CRLogger();
        }
Esempio n. 9
0
        public RegexEditorForm(RegexFormCache rpc)
        {
            InitializeComponent();
            initFrom();//common form setup method

            crs            = rpc.CRS;
            crl            = rpc.CRL;
            fileSavePath   = rpc.FileSavePath;
            workingScanDir = rpc.WorkingScanDir;
        }
Esempio n. 10
0
        private void scannerToolStripMenuItem1_Click(object sender, EventArgs e)
        {
            //init scanner object
            crs = null;
            crs = new CRScanner();
            //clear the patter combobox
            comboBox1.Items.Clear();
            //open scanner save form
            ScannerSaveForm ssf = new ScannerSaveForm(crs);

            ssf.Show();
        }
Esempio n. 11
0
 public FileExtForm(CRScanner crs)
 {
     InitializeComponent();
     foreach (var ex in crs.FileExtensions)
     {
         if (!comboBox1.Items.Contains(ex))
         {
             comboBox1.Items.Add(ex);
         }
     }
     crScanner = crs;
 }
Esempio n. 12
0
        public CRVData GetCRVData(List <CRIndicator> indicators, CRScanner crscanner)
        {
            int  findings  = 0;
            bool isFinding = true;

            try
            {
                //loop through indicators
                foreach (var i in indicators)
                {
                    foreach (var p in crscanner.Patterns)
                    {
                        //if indicator has a pattern
                        //then not a finding
                        //else a finding
                        var lines = File.ReadAllLines(i.Path);
                        for (int j = 0; j < lines.Length; j++)
                        {
                            //if any indicator has one of the patterns its not a finding
                            var matches = Regex.Matches(lines[j], p);
                            if (matches.Count > 0)
                            {
                                isFinding = false;
                            }
                        } //end lines
                    }     //end crscanner patterns


                    //before moving to next indicator increment counter
                    if (isFinding)
                    {
                        findings++;
                    }
                    isFinding = true;//set back
                }//end indicator loop
                crvData.Indicators = indicators;
                if (findings > 0)
                {
                    crvData.Positive = true;
                }
                else
                {
                    crvData.Positive = false;
                }
                return(crvData);
            }
            catch (Exception ex)
            {
                throw new SN17001Exception(ex.Message);
            }
        }
Esempio n. 13
0
 /// <summary>
 /// initScanner() loads scanner objects from serialized scanner files
 // </summary>
 /// <exception cref="SN17001Exception">SN17001Exception</exception>
 public void initScanner()
 {
     try
     {
         //Get the scanner objects
         CRObjSerializer cros = new CRObjSerializer();
         Icrscanner = cros.LoadCRScanner(iScanner);
         Acrscanner = cros.LoadCRScanner(aScanner);
     }
     catch (Exception ex)
     {
         throw new SN17001Exception(ex.Message);
     }
 }
Esempio n. 14
0
        public CRVData Scan()
        {
            //Get the scanner object
            CRObjSerializer cros      = new CRObjSerializer();
            CRScanner       crscanner = cros.LoadCRScanner(sPath);

            //Call the ICRISE implementation for this scanner
            ICRISE             icrise     = new SN171001IndicatorScan();
            List <CRIndicator> indicators = icrise.GetIndicators(dPath, crscanner);

            //Call the ICRIAE implementation for this scanner
            ICRIAE  icriae = new SN17001AnalyzerScan();
            CRVData crd    = icriae.GetCRVData(indicators, null);

            return(null);
        }
Esempio n. 15
0
        public RegexEditorForm(RegexProject rp)
        {
            InitializeComponent();
            initFrom();//common form setup method

            //setup new scanner
            crs = new CRScanner();
            foreach (var p in rp.ProjScanner.Patterns)//add patterns
            {
                crs.Patterns.Add(p);
            }

            foreach (var fex in rp.ProjScanner.FileExtensions)//add file extensions
            {
                crs.FileExtensions.Add(fex);
            }

            //fileSavePath = FileSavepath;//set up the save path
            //crl = Crl;
            //richTextBox1.Text = text;
            workingScanDir = rp.ProjWorkingDirectory;//setup the working dir
            this.Text     += " *" + rp.RegexProjName;
        }
Esempio n. 16
0
 private void getVuls(string filePath, CRScanner crs)
 {
     //TODO: add try catch
     foreach (var p in crs.Patterns)
     {
         var lines = File.ReadAllLines(filePath);
         for (int i = 0; i < lines.Length; i++)
         {
             var matches = Regex.Matches(lines[i], p);
             if (matches.Count > 0)
             {
                 //found match make vul
                 CRVul crvul = new CRVul();
                 crvul.CRVID      = crs.CRVID;
                 crvul.Line       = lines[i].ToString();
                 crvul.LineNumber = i + 1;//account for 0
                 crvul.Path       = filePath;
                 //TODO: clean vuls
                 Vuls.Add(crvul);
             }
         }
     }
 }
Esempio n. 17
0
        /// <summary>
        /// This constructor is used when original form calls another form
        /// </summary>
        /// <param name="Crs"></param>
        /// <param name="Crl"></param>
        /// <param name="FileSavepath"></param>
        /// <param name="text"></param>
        public RegexEditorForm(CRScanner Crs, CRLogger Crl, string FileSavepath,
                               string workDir, string text)
        {
            InitializeComponent();
            initFrom();//common form setup method

            //setup new scanner
            crs = new CRScanner();
            foreach (var p in Crs.Patterns)//add patterns
            {
                crs.Patterns.Add(p);
            }

            foreach (var fex in Crs.FileExtensions)//add file extensions
            {
                crs.FileExtensions.Add(fex);
            }


            fileSavePath      = FileSavepath;//set up the save path
            crl               = Crl;
            richTextBox1.Text = text;
            workingScanDir    = workDir;//setup the working dir
        }
Esempio n. 18
0
 public NameAndDesForm(CRScanner crs)
 {
     InitializeComponent();
     this.crs = crs;
     initFormFeilds();
 }
Esempio n. 19
0
        private void matchSelectedToolStripMenuItem_Click(object sender, EventArgs e)
        {
            //do scan here
            ScanEngine se          = new ScanEngine();
            CRScanner  newcrsanner = new CRScanner();

            newcrsanner.Patterns.Add(richTextBox1.SelectedText);
            foreach (var fex in crs.FileExtensions)
            {
                newcrsanner.FileExtensions.Add(fex);
            }

            Cursor = Cursors.WaitCursor;
            try
            {
                if (workingScanDir == "")
                {
                    DialogResult result = folderBrowserDialog1.ShowDialog();
                    if (result == DialogResult.OK)
                    {
                        var vuls = se.GetVuls(folderBrowserDialog1.SelectedPath, newcrsanner);
                        //create the output
                        StringBuilder sb = new StringBuilder();
                        foreach (var v in vuls)
                        {
                            //sb.AppendFormat("{0}\n", v.VulData());
                            sb.AppendFormat("{0}\n", v.ToString());
                        }

                        //call new reg form here
                        RegexEditorForm newref = new RegexEditorForm(newcrsanner, crl,
                                                                     RegexEditorForm.fileSavePath, this.workingScanDir, sb.ToString());
                        newref.Show();
                    }
                }
                else
                {
                    var vuls = se.GetVuls(workingScanDir, newcrsanner);
                    //create the output
                    StringBuilder sb = new StringBuilder();
                    foreach (var v in vuls)
                    {
                        //sb.AppendFormat("{0}\n", v.VulData());
                        sb.AppendFormat("{0}\n", v.ToString());
                    }
                    //call new reg form here
                    RegexEditorForm newref = new RegexEditorForm(newcrsanner, crl,
                                                                 RegexEditorForm.fileSavePath, this.workingScanDir, sb.ToString());
                    newref.Show();
                }
                Cursor = Cursors.Default;
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message, "Error"
                                , MessageBoxButtons.OK, MessageBoxIcon.Error);
                crl.WriteLog(CRLogger.CRLogTitle.Error, "Error while performing quick scan " +
                             ex.Message);
                Cursor = Cursors.Default;
            }
        }
Esempio n. 20
0
 public AddMulPatForm(CRScanner crs)
 {
     InitializeComponent();
     this.crs = crs;
     crl      = new CRLogger();
 }