Пример #1
0
        public override Task <ByteCodeAnalyzerResult> Analyze()
        {
            try
            {
                IEnumerable <MethodDefinition> methods =
                    from type in this.Module.Types.Cast <TypeDefinition>()
                    from method in type.Methods.Cast <MethodDefinition>()
                    select method;

                IEnumerable <TypeReference> type_references = this.Module.GetTypeReferences().Where(tr => tr.Name == "SHA1CryptoServiceProvider" || tr.Name == "MD5CryptoServiceProvider");

                if (type_references != null && type_references.Any())
                {
                    foreach (TypeReference tr in type_references)
                    {
                        this.ScriptEnvironment.Info("Type reference to SHA1CryptoServiceProvider found in module {0}", this.Module.Name);
                    }

                    foreach (MethodDefinition md in methods)
                    {
                        this.ScriptEnvironment.Debug("Method {0} returns {1}.", md.Name, md.MethodReturnType.ReturnType.Name);
                        foreach (Instruction i in md.Body.Instructions.Where(i => i.OpCode == OpCodes.Call || i.OpCode == OpCodes.Callvirt && i.Operand != null))
                        {
                            MethodReference mr = (MethodReference)i.Operand;
                            if (mr.FullName.Contains("System.Security.Cryptography.HashAlgorithm::ComputeHash"))
                            {
                                this.ScriptEnvironment.Info("Detected a call to System.Security.Cryptography.HashAlgorithm::ComputeHash in method {0}", md.FullName);
                                this.AnalyzerResult = new ByteCodeAnalyzerResult()
                                {
                                    Analyzer            = this,
                                    Executed            = true,
                                    Succeded            = true,
                                    IsVulnerable        = true,
                                    ModuleName          = this.Module.Name,
                                    LocationDescription = md.FullName
                                };
                                return(Task.FromResult(this.AnalyzerResult));
                            }
                        }
                    }
                    return(Task.FromResult(new ByteCodeAnalyzerResult()
                    {
                        Analyzer = this,
                        ModuleName = this.Module.Name,
                        Executed = true,
                        Succeded = true,
                        IsVulnerable = false,
                    }));
                }
                else
                {
                    return(Task.FromResult(new ByteCodeAnalyzerResult()
                    {
                        Analyzer = this,
                        ModuleName = this.Module.Name,
                        Executed = true,
                        Succeded = true,
                        IsVulnerable = false,
                    }));
                }
            }
            catch (Exception e)
            {
                ScriptEnvironment.Error(e);
                List <Exception> exceptions = new List <Exception> {
                    e
                };
                if (e.InnerException != null)
                {
                    exceptions.Add(e.InnerException);
                }
                return(Task.FromResult(new ByteCodeAnalyzerResult()
                {
                    Analyzer = this,
                    ModuleName = this.Module.Name,
                    Executed = true,
                    Succeded = false,
                    Exceptions = exceptions,
                    IsVulnerable = false,
                }));
            }
        }
Пример #2
0
        public override Task <ByteCodeAnalyzerResult> Analyze()
        {
            if (!this.ApplicationOptions.ContainsKey("GendarmeRules"))
            {
                return(Task.FromResult(this.AnalyzerResult));
            }
            try
            {
                DevAuditGendarmeRunner runner = new DevAuditGendarmeRunner(this.Module.Assembly, (string)this.ApplicationOptions["GendarmeRules"], this.ScriptEnvironment);
                runner.Execute();
                // casting to Severity int saves a ton of memory since IComparable<T> can be used instead of IComparable
                var query = from n in runner.Defects
                            orderby(int) n.Severity, n.Rule.Name
                select n;

                if (query.Any())
                {
                    /*
                     * List<ByteCodeAnalyzerResult> results = query.Select(d => new ByteCodeAnalyzerResult()
                     * {
                     *  Analyzer = this,
                     *  Executed = true,
                     *  Succeded = true,
                     *  IsVulnerable = true,
                     *  Severity = (int) d.Severity,
                     *  LocationDescription = d.Location.ToString(),
                     *  Confidence = (int) d.Confidence,
                     *  ModuleName = this.Module.Name,
                     *  Problem = d.Text,
                     *  Resolution = d.Rule.Solution
                     * }).ToList();
                     */
                    List <string> diagnostics = query.Select(d => string.Format("Name: {0}\nProblem: {1}\nLocation: {2}\nSeverity: {3}", d.Rule.Name, d.Rule.Problem, d.Location, d.Severity.ToString())).ToList();
                    return(Task.FromResult(new ByteCodeAnalyzerResult()
                    {
                        Analyzer = this,
                        Executed = true,
                        Succeded = true,
                        IsVulnerable = true,
                        DiagnosticMessages = diagnostics,
                        LocationDescription = "See diagnostics.",
                        ModuleName = this.Module.Name
                    }));
                }
                else
                {
                    return(Task.FromResult(new ByteCodeAnalyzerResult()
                    {
                        Analyzer = this,
                        Executed = true,
                        Succeded = true,
                        IsVulnerable = false,
                        ModuleName = this.Module.Name
                    }));
                }
            }
            catch (Exception e)
            {
                ScriptEnvironment.Error(e);
                return(Task.FromResult(new ByteCodeAnalyzerResult()
                {
                    Analyzer = this,
                    Executed = true,
                    Succeded = false,
                    Exceptions = new List <Exception>()
                    {
                        e
                    },
                    IsVulnerable = false,
                    ModuleName = this.Module.Name
                }));
            }
        }