Merge branch 'master' into release/v2.1

microsoft · Nov 26, 2019 · 88fd973 · 88fd973
2 parents a9aae2c + 3201a11
commit 88fd973
Show file tree

Hide file tree

Showing 78 changed files with 1,841 additions and 1,535 deletions.
diff --git a/Asa/Controllers/HomeController.cs b/Asa/Controllers/HomeController.cs
@@ -5,6 +5,7 @@
 using AttackSurfaceAnalyzer.Objects;
 using AttackSurfaceAnalyzer.Types;
 using AttackSurfaceAnalyzer.Utils;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Data.Sqlite;
 using Newtonsoft.Json;
@@ -13,6 +14,7 @@
 using System.Collections.Generic;
 using System.Diagnostics;
 using System.Globalization;
+using System.IO;
 using System.Linq;
 using System.Threading.Tasks;
 using System.Web;
@@ -401,7 +403,6 @@ public ActionResult StopMonitoring()
 
         public ActionResult RunAnalysis(string firstId, string secondId)
         {
-
             CompareCommandOptions opts = new CompareCommandOptions();
             opts.FirstRunId = firstId;
             opts.SecondRunId = secondId;
@@ -429,6 +430,48 @@ public ActionResult RunAnalysis(string firstId, string secondId)
             return Json("Started Analysis");
         }
 
+        [HttpPost]
+        public ActionResult RunAnalysisWithAnalyses(string SelectedBaseRunId, string SelectedCompareRunId, IFormFile AnalysisFilterFile)
+        {
+            var filePath = Path.GetTempFileName();
+
+            CompareCommandOptions opts = new CompareCommandOptions();
+            opts.FirstRunId = SelectedBaseRunId;
+            opts.SecondRunId = SelectedCompareRunId;
+            opts.Analyze = true;
+
+            if (AnalysisFilterFile != null)
+            {
+                using (var stream = System.IO.File.Create(filePath))
+                {
+                    AnalysisFilterFile.CopyTo(stream);
+                }
+                opts.AnalysesFile = filePath;
+            }
+
+            if (AttackSurfaceAnalyzerClient.GetComparators().Where(c => c.IsRunning() == RUN_STATUS.RUNNING).Any())
+            {
+                return Json("Comparators already running!");
+            }
+
+            using (var cmd = new SqliteCommand(SQL_CHECK_IF_COMPARISON_PREVIOUSLY_COMPLETED, DatabaseManager.Connection, DatabaseManager.Transaction))
+            {
+                cmd.Parameters.AddWithValue("@base_run_id", opts.FirstRunId);
+                cmd.Parameters.AddWithValue("@compare_run_id", opts.SecondRunId);
+                using (var reader = cmd.ExecuteReader())
+                {
+                    while (reader.Read())
+                    {
+                        return Json("Using cached comparison calculations.");
+                    }
+                }
+            }
+
+            Task.Factory.StartNew(() => AttackSurfaceAnalyzerClient.CompareRuns(opts));
+
+            return Json("Started Analysis");
+        }
+
         public IActionResult Analyze()
         {
             var model = new DataRunListModel

diff --git a/Asa/Program.cs b/Asa/Program.cs
@@ -1033,8 +1033,10 @@ public static Dictionary<string, object> CompareRuns(CompareCommandOptions opts)
             if (opts.Analyze)
             {
                 watch = System.Diagnostics.Stopwatch.StartNew();
+                Analyzer analyzer;
+
+                analyzer = new Analyzer(DatabaseManager.RunIdToPlatform(opts.FirstRunId), opts.AnalysesFile);
 
-                Analyzer analyzer = new Analyzer(DatabaseManager.RunIdToPlatform(opts.FirstRunId), opts.AnalysesFile);
                 if (results.Count > 0)
                 {
                     foreach (var key in results.Keys)

diff --git a/Asa/Views/Home/Analyze.cshtml b/Asa/Views/Home/Analyze.cshtml
diff --git a/Asa/wwwroot/js/Results.js b/Asa/wwwroot/js/Results.js
@@ -73,28 +73,31 @@ ResultTypeGroup.change(function () {
 $('#SelectedBaseRunId').change(function () { ResetResults(); });
 $('#SelectedCompareRunId').change(function () { ResetResults(); });
 
-$("#RunAnalysisButton").click(function () {
-    ResetResults();
-    DisableCollectionFields();
-
-    appendDebugMessage("Button Clicked", false);
-    if ($("#SelectedBaseRunId").value == "" || $("#SelectedCompareRunId").val() == "") {
-        SetStatus(l("%SelectRuns"));
-        EnableCollectionFields();
-    }
-    else if ($("#SelectedBaseRunId").val() == $("#SelectedCompareRunId").val()) {
-        SetStatus(l("%SelectDifferentRuns"));
-        EnableCollectionFields();
-    }
-    else {
-        var compare = { 'firstId': $('#SelectedBaseRunId').val(), 'secondId': $('#SelectedCompareRunId').val() };
-        $.getJSON('RunAnalysis', compare, function (result) {
-            SetStatus(result);
+$('#formId').submit(
+    function (e) {
+        ResetResults();
+        DisableCollectionFields();
+
+        var datas = new FormData(this);
+        datas.append('SelectedBaseRunId', $('#SelectedBaseRunId').val());
+        datas.append('SelectedCompareRunId', $('#SelectedCompareRunId').val());
+
+
+        $.ajax({
+            url: '/Home/RunAnalysisWithAnalyses',
+            type: 'POST',
+            data: datas,
+            processData: false,
+            contentType: false,
+            success: function (result) {
+                console.log(result);
+                SetStatus(result)
+                setTimeout(GetComparators, 500);
+            }
         });
-
-        setTimeout(GetComparators, 500);
+        e.preventDefault();
     }
-});
+);
 
 $("#FetchResultsButton").click(function () {
     resultOffset = resultOffset + 100;
@@ -109,6 +112,34 @@ $("#RunMonitorAnalysisButton").click(function () {
 $('#ExportResultsButton').click(ExportToExcel);
 $('#ExportMonitorResults').click(ExportMonitorResults);
 
+function RunAnalysis() {
+    appendDebugMessage("Button Clicked", false);
+    if ($("#SelectedBaseRunId").value == "" || $("#SelectedCompareRunId").val() == "") {
+        SetStatus(l("%SelectRuns"));
+        EnableCollectionFields();
+    }
+    else if ($("#SelectedBaseRunId").val() == $("#SelectedCompareRunId").val()) {
+        SetStatus(l("%SelectDifferentRuns"));
+        EnableCollectionFields();
+    }
+    else {
+        var compare;
+        if (!arguments[0]) {
+            compare = { 'firstId': $('#SelectedBaseRunId').val(), 'secondId': $('#SelectedCompareRunId').val() };
+            $.getJSON('RunAnalysis', compare, function (result) {
+                SetStatus(result);
+            });
+        }
+        else {
+            compare = { 'firstId': $('#SelectedBaseRunId').val(), 'secondId': $('#SelectedCompareRunId').val(), 'analyses': arguments[0] };
+            $.getJSON('RunAnalysisWithAnalyses', compare, function (result) {
+                SetStatus(result);
+            });
+        }
+
+    }
+}
+
 function ResetResults() {
     $('.results').hide();
     $('input[name=ResultType]').prop('checked', false);

diff --git a/GenerateDocfx/api/.manifest b/GenerateDocfx/api/.manifest
@@ -97,6 +97,8 @@
   "AttackSurfaceAnalyzer.Collectors.RegistryCollector.CanRunOnPlatform": "AttackSurfaceAnalyzer.Collectors.RegistryCollector.yml",
   "AttackSurfaceAnalyzer.Collectors.RegistryCollector.ClearRoots": "AttackSurfaceAnalyzer.Collectors.RegistryCollector.yml",
   "AttackSurfaceAnalyzer.Collectors.RegistryCollector.ExecuteInternal": "AttackSurfaceAnalyzer.Collectors.RegistryCollector.yml",
+  "AttackSurfaceAnalyzer.Collectors.RegistryCollector.GetName(System.Security.AccessControl.RegistryAccessRule)": "AttackSurfaceAnalyzer.Collectors.RegistryCollector.yml",
+  "AttackSurfaceAnalyzer.Collectors.RegistryCollector.RegistryKeyToRegistryObject(Microsoft.Win32.RegistryKey)": "AttackSurfaceAnalyzer.Collectors.RegistryCollector.yml",
   "AttackSurfaceAnalyzer.Collectors.RegistryMonitor": "AttackSurfaceAnalyzer.Collectors.RegistryMonitor.yml",
   "AttackSurfaceAnalyzer.Collectors.RegistryMonitor.#ctor": "AttackSurfaceAnalyzer.Collectors.RegistryMonitor.yml",
   "AttackSurfaceAnalyzer.Collectors.RegistryMonitor.CanRunOnPlatform": "AttackSurfaceAnalyzer.Collectors.RegistryMonitor.yml",
@@ -539,10 +541,11 @@
   "AttackSurfaceAnalyzer.Types.RUN_STATUS.RUNNING": "AttackSurfaceAnalyzer.Types.RUN_STATUS.yml",
   "AttackSurfaceAnalyzer.Utils": "AttackSurfaceAnalyzer.Utils.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
-  "AttackSurfaceAnalyzer.Utils.Analyzer.#ctor(AttackSurfaceAnalyzer.Types.PLATFORM,System.String)": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
+  "AttackSurfaceAnalyzer.Utils.Analyzer.#ctor(AttackSurfaceAnalyzer.Types.PLATFORM,System.String,System.String)": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer.Analyze(AttackSurfaceAnalyzer.Objects.CompareResult)": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer.Apply(AttackSurfaceAnalyzer.Objects.Rule,AttackSurfaceAnalyzer.Objects.CompareResult)": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer.DumpFilters": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
+  "AttackSurfaceAnalyzer.Utils.Analyzer.LoadBase64Filters(System.String)": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer.LoadEmbeddedFilters": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer.LoadFilters(System.String)": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
   "AttackSurfaceAnalyzer.Utils.Analyzer.ParseFilters": "AttackSurfaceAnalyzer.Utils.Analyzer.yml",
@@ -596,6 +599,7 @@
   "AttackSurfaceAnalyzer.Utils.DatabaseManager.VerifySchemaVersion": "AttackSurfaceAnalyzer.Utils.DatabaseManager.yml",
   "AttackSurfaceAnalyzer.Utils.DatabaseManager.Write(AttackSurfaceAnalyzer.Objects.CollectObject,System.String)": "AttackSurfaceAnalyzer.Utils.DatabaseManager.yml",
   "AttackSurfaceAnalyzer.Utils.DatabaseManager.WriteNext": "AttackSurfaceAnalyzer.Utils.DatabaseManager.yml",
+  "AttackSurfaceAnalyzer.Utils.DatabaseManager.WriteQueue": "AttackSurfaceAnalyzer.Utils.DatabaseManager.yml",
   "AttackSurfaceAnalyzer.Utils.DirectoryWalker": "AttackSurfaceAnalyzer.Utils.DirectoryWalker.yml",
   "AttackSurfaceAnalyzer.Utils.DirectoryWalker.WalkDirectory(System.String)": "AttackSurfaceAnalyzer.Utils.DirectoryWalker.yml",
   "AttackSurfaceAnalyzer.Utils.Elevation": "AttackSurfaceAnalyzer.Utils.Elevation.yml",

diff --git a/Lib/Utils/Analyzer.cs b/Lib/Utils/Analyzer.cs
@@ -52,8 +52,13 @@ public class Analyzer
 
         public Analyzer(PLATFORM platform, string filterLocation = null)
         {
-            if (filterLocation == null) { LoadEmbeddedFilters(); }
-            else { LoadFilters(filterLocation); }
+            if (filterLocation == null)
+            {
+                LoadEmbeddedFilters();
+            }
+            else { 
+                LoadFilters(filterLocation); 
+            }
 
             OsName = platform;
         }
@@ -430,7 +435,7 @@ e is ArgumentNullException
             }
         }
 
-        public void LoadFilters(string filterLoc = "analyses.json")
+        public void LoadFilters(string filterLoc = null)
         {
             try
             {