From a1701dd94a68eba50b8593da1cf6e05dd5d14284 Mon Sep 17 00:00:00 2001 From: Dominik Schlecht Date: Sun, 26 Feb 2017 17:18:39 +0100 Subject: [PATCH] Tweaked BinSkim to give more results. --- StaticAnalyzer/views/windows.py | 22 +++++++++++++------ install/windows/rpc_client.py | 4 ++-- .../windows_binary_analysis.html | 4 +++- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/StaticAnalyzer/views/windows.py b/StaticAnalyzer/views/windows.py index b914378e7c..c999fd151b 100644 --- a/StaticAnalyzer/views/windows.py +++ b/StaticAnalyzer/views/windows.py @@ -330,7 +330,7 @@ def __binskim(name, bin_an_dic, run_local=False, app_dir=None): path = bin_path output_p = "-o" output_d = bin_path + "_binskim" - # verbose = "-v" + verbose = "-v" policy_p = "--config" policy_d = "default" # TODO(Other policies?) @@ -340,7 +340,7 @@ def __binskim(name, bin_an_dic, run_local=False, app_dir=None): command, path, output_p, output_d, - # verbose, + verbose, policy_p, policy_d ] @@ -369,11 +369,19 @@ def __parse_binskim(bin_an_dic, output): if 'results' in current_run: rules = output['runs'][0]['rules'] for res in current_run['results']: - result = { - "rule_id": res['ruleId'], - "status": "Insecure", - "desc": rules[res['ruleId']]['shortDescription'] - } + if res['level'] != "pass": + result = { + "rule_id": res['ruleId'], + "status": "Insecure", + "desc": rules[res['ruleId']]['shortDescription'], + "info": res['formattedRuleMessage']["arguments"][2] + } + else: + result = { + "rule_id": res['ruleId'], + "status": "Secure", + "desc": rules[res['ruleId']]['shortDescription'] + } bin_an_dic['results'].append(result) else: print "[WARNING] binskim has no results." diff --git a/install/windows/rpc_client.py b/install/windows/rpc_client.py index a705c0f41a..5a9ecfbfdf 100755 --- a/install/windows/rpc_client.py +++ b/install/windows/rpc_client.py @@ -100,7 +100,7 @@ def binskim(sample, signature): path = config['MobSF']['samples'] + sample output_p = "-o" output_d = config['MobSF']['samples'] + sample + "_binskim" - # verbose = "-v" + verbose = "-v" policy_p = "--config" policy_d = "default" # TODO(Other policies?) @@ -110,7 +110,7 @@ def binskim(sample, signature): command, path, output_p, output_d, - # verbose, + verbose, policy_p, policy_d ] diff --git a/templates/static_analysis/windows_binary_analysis.html b/templates/static_analysis/windows_binary_analysis.html index 9aca529d90..4cb31c1a4d 100644 --- a/templates/static_analysis/windows_binary_analysis.html +++ b/templates/static_analysis/windows_binary_analysis.html @@ -218,7 +218,7 @@

Binary Analysis

ISSUE STATUS DESCRIPTION - + INFO @@ -239,6 +239,7 @@

Binary Analysis

{{ result.desc }} + {{ result.info }} {% endfor %} {% for warn in bin_an_warnings %} @@ -250,6 +251,7 @@

Binary Analysis

{{ warn.desc }} + {{ warn.info }} {% endfor %}