public static object GetPEMD5(string hash)
{
string table = FileFormat.GetTable(hash);
if (table != "false")
{
using (SQLiteCommand cmd = new SQLiteCommand(string.Format("SELECT virusname FROM {0} WHERE hash MATCH '{1}';", table, hash), PEDB))
{
return(cmd.ExecuteScalar());
}
}
else
{
return(null);
}
}
internal static void AddKeys(Dictionary <string, string> db, DBT dbtp)
{
try
{
if (dbtp == DBT.SDB)
{
using (SQLiteTransaction trans = SDB.BeginTransaction())
{
using (SQLiteCommand addKeysCmd = new SQLiteCommand(SDB))
{
foreach (KeyValuePair <string, string> pair in db)
{
string sqlIns = "INSERT INTO TEXTDB (hex, virusname) VALUES('" + pair.Key + "', '" + pair.Value + "');";
addKeysCmd.CommandText = sqlIns;
addKeysCmd.ExecuteNonQuery();
}
}
trans.Commit();
}
SetCount(db.Count.ToString());
}
else if (dbtp == DBT.HDB)
{
using (SQLiteTransaction trans = HADB.BeginTransaction())
{
using (SQLiteCommand addKeysCmd = new SQLiteCommand(HADB))
{
foreach (KeyValuePair <string, string> pair in db)
{
string sqlIns = string.Format("INSERT INTO {0} (hash, virusname) VALUES('" + pair.Key + "', '" + pair.Value + "');", FileFormat.GetTable(pair.Key));
addKeysCmd.CommandText = sqlIns;
addKeysCmd.Transaction = trans;
addKeysCmd.ExecuteNonQuery();
}
}
trans.Commit();
}
SetCount(db.Count.ToString());
}
else if (dbtp == DBT.HEUR)
{
using (SQLiteTransaction trans = SDB.BeginTransaction())
{
using (SQLiteCommand addKeysCmd = new SQLiteCommand(SDB))
{
foreach (KeyValuePair <string, string> pair in db)
{
string sqlIns = "INSERT INTO HEURISTIC (instruction, rate) VALUES('" + pair.Key + "', '" + pair.Value + "');";
addKeysCmd.CommandText = sqlIns;
addKeysCmd.Transaction = trans;
addKeysCmd.ExecuteNonQuery();
}
}
trans.Commit();
}
SetCount(db.Count.ToString());
}
else if (dbtp == DBT.WDB)
{
using (SQLiteTransaction trans = WDB.BeginTransaction())
{
using (SQLiteCommand addKeysCmd = new SQLiteCommand(WDB))
{
foreach (KeyValuePair <string, string> pair in db)
{
string sqlIns = string.Format("INSERT INTO {0} (blacklistid, hash) VALUES('{1}', '{2}');",
FileFormat.GetTable(pair.Key), pair.Value, pair.Key);
addKeysCmd.CommandText = sqlIns;
addKeysCmd.Transaction = trans;
addKeysCmd.ExecuteNonQuery();
}
}
trans.Commit();
}
SetCount(db.Count.ToString());
}
else
{
using (SQLiteTransaction trans = PEDB.BeginTransaction())
{
using (SQLiteCommand addKeysCmd = new SQLiteCommand(PEDB))
{
foreach (KeyValuePair <string, string> pair in db)
{
string sqlIns = string.Format("INSERT INTO {0} (hash, virusname) VALUES('" + pair.Key + "', '" + pair.Value + "');", FileFormat.GetTable(pair.Key));
addKeysCmd.CommandText = sqlIns;
addKeysCmd.ExecuteNonQuery();
}
}
trans.Commit();
}
SetCount(db.Count.ToString());
}
}
catch
{
}
finally
{
}
}
public static BlackListResult CheckUrlHash(string hashedUrl)
{
SQLiteConnection conn = WDB;
BlackListResult blackListResult = BlackListResult.NotFound;
using (SQLiteCommand cmd = new SQLiteCommand(conn))
{
cmd.CommandText = string.Format("SELECT blacklistid FROM {0} WHERE hash MATCH '{1}';", FileFormat.GetTable(hashedUrl), hashedUrl);
object result = cmd.ExecuteScalar();
if (result == null)
{
blackListResult = BlackListResult.NotFound;
}
else
{
int blackListId = Convert.ToInt32(result);
int phishingId = 1;
if (blackListId == phishingId)
{
blackListResult = BlackListResult.PhishingAttack;
}
else if (blackListId == 3)
{
blackListResult = BlackListResult.PornAttack;
}
else
{
blackListResult = BlackListResult.MalwareAttack;
}
}
}
return(blackListResult);
}
