Skip to content
Browse files

iis: Adds ssdeep support

  • Loading branch information...
1 parent 86a7a94 commit 3b503e244a6b6a482e73930f80bcd75952404513 @zimmerle zimmerle committed Dec 9, 2013
Showing with 71 additions and 10 deletions.
  1. +2 −3 apache2/re_variables.c
  2. +15 −2 iis/Makefile.win
  3. +12 −2 iis/build_dependencies.bat
  4. +3 −3 iis/build_modsecurity.bat
  5. +39 −0 iis/dependencies/build_ssdeep.bat
View
5 apache2/re_variables.c
@@ -1160,8 +1160,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var,
}
/* If we had a match add this argument to the collection. */
if (match) {
- static int buf_size = 1024;
- char buf[buf_size];
+ char buf[1024];
FILE *file;
size_t nread;
char *full_content = NULL;
@@ -1173,7 +1172,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var,
continue;
}
- while ((nread = fread(buf, 1, buf_size-1, file)) > 0)
+ while ((nread = fread(buf, 1, 1023, file)) > 0)
{
total_lenght += nread;
buf[nread] = '\0';
View
17 iis/Makefile.win
@@ -10,11 +10,11 @@
LIBS = $(APACHE)\lib\libapr-1.lib \
$(APACHE)\lib\libaprutil-1.lib \
$(PCRE)\pcre.lib \
+ $(SSDEEP)\fuzzy.lib \
$(LIBXML2)\win32\bin.msvc\libxml2.lib \
"kernel32.lib" "user32.lib" "gdi32.lib" "winspool.lib" "comdlg32.lib" "advapi32.lib" "shell32.lib" "ole32.lib" \
"oleaut32.lib" "uuid.lib" "odbc32.lib" "odbccp32.lib" "ws2_32.lib" \
"iphlpapi.lib"
-
###########################################################################
###########################################################################
@@ -23,11 +23,13 @@ LINK = link.exe
MT = mt
-DEFS = /nologo /O2 /LD /W3 /wd4244 /wd4018 -DWIN32 -DWINNT -Dinline=APR_INLINE -DAP_DECLARE_STATIC -D_MBCS -D$(VERSION)
+DEFS = /nologo /O2 /LD /W3 /wd4244 /wd4018 -DWITH_YAJL -DWIN32 -DWINNT -Dinline=APR_INLINE -DAP_DECLARE_STATIC -D_MBCS -D$(VERSION)
DLL = ModSecurityIIS.dll
INCLUDES = -I. -I.. \
+ -I$(YAJL)\.. \
+ -I$(SSDEEP) \
-I$(PCRE)\include -I$(PCRE) \
-I$(LIBXML2)\include \
-I$(APACHE)\include \
@@ -47,6 +49,16 @@ LIBS = $(LIBS) $(YAJL)\lib\yajl.lib
DEFS=$(DEFS) -DWITH_YAJL
INCLUDES = $(INCLUDES) -I$(YAJL)\include -I$(YAJL) \
!ENDIF
+
+# ssdeep is optional
+!IF "$(SSDEEP)" != ""
+LIBS = $(LIBS) $(SSDEEP)\fuzzy.lib
+DEFS=$(DEFS) -DWITH_SSDEEP
+INCLUDES = $(INCLUDES) -I$(SSDEEP)\include -I$(SSDEEP) \
+!ENDIF
+
+
+
CFLAGS= -MD /Zi $(INCLUDES) $(DEFS)
@@ -60,6 +72,7 @@ OBJS1 = mod_security2.obj apache2_config.obj apache2_io.obj apache2_util.obj \
msc_release.obj msc_crypt.obj msc_tree.obj \
msc_status_engine.obj \
msc_json.obj
+
OBJS2 = api.obj buckets.obj config.obj filters.obj hooks.obj regex.obj server.obj
OBJS3 = main.obj moduleconfig.obj mymodule.obj
OBJS4 = libinjection_html5.obj \
View
14 iis/build_dependencies.bat
@@ -18,6 +18,8 @@
@set APACHE_BIN32=httpd-2.4.6-win32-VC11.zip
@set APACHE_BIN64=httpd-2.4.6-win64-VC11.zip
@set YAJL=lloyd-yajl-f4b2b1a.zip
+@set SSDEEP=ssdeep-2.10.tar.gz
+@set SSDEEP_BIN=ssdeep-2.10.zip
:: @set VCARGS32="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\vcvars32.bat"
:: @set VCARGS64="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\x86_amd64\vcvarsx86_amd64.bat"
@@ -47,12 +49,11 @@ call cl 2>&1 | findstr /C:"x64"
@call dependencies/build_apache.bat
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_apache
@cd "%CURRENT_DIR%"
-echo "c"
+
@echo # pcre. - %PCRE%
@call dependencies/build_pcre.bat
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_pcre
@cd "%CURRENT_DIR%"
-echo "b"
@echo # zlib - %ZLIB%
@call dependencies/build_zlib.bat
@@ -79,6 +80,11 @@ echo "b"
@if NOT (%ERRORLEVEL%) == (0) goto build_failed_yajl
@cd "%CURRENT_DIR%"
+@echo # ssdeep - %SSDEEP%
+@call dependencies/build_ssdeep.bat
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed_ssdeep
+@cd "%CURRENT_DIR%"
+
@echo All dependencies were built successfully.
@cd "%CURRENT_DIR%"
@exit /B 0
@@ -119,6 +125,10 @@ echo "b"
@echo Failed to setup %YAJL%...
@goto failed
+:build_failed_ssdeep
+@echo Failed to setup %SSDEEP%...
+@goto failed
+
:failed
@cd %CURRENT_DIR%
@exit /B 1
View
6 iis/build_modsecurity.bat
@@ -15,21 +15,21 @@ set CURRENT_DIR=%cd%
cd ..\apache2
del *.obj *.dll *.lib
del libinjection\*.obj libinjection\*.dll libinjection\*.lib
-NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1
+NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1 SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
@echo mlogc...
cd ..\mlogc
del *.obj *.dll *.lib
nmake -f Makefile.win clean
-nmake -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre CURL=..\iis\%DEPENDENCIES_DIR%\curl VERSION=VERSION_IIS
+nmake -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre CURL=..\iis\%DEPENDENCIES_DIR%\curl YAJL=..\iis\%DEPENDENCIES_DIR%\yajl SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep VERSION=VERSION_IIS
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
@echo iis...
cd ..\iis
del *.obj *.dll *.lib
nmake -f Makefile.win clean
-NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1
+NMAKE -f Makefile.win APACHE=..\iis\%DEPENDENCIES_DIR%\Apache24 PCRE=..\iis\%DEPENDENCIES_DIR%\pcre LIBXML2=..\iis\%DEPENDENCIES_DIR%\libxml2 LUA=..\iis\%DEPENDENCIES_DIR%\lua\src VERSION=VERSION_IIS YAJL=..\iis\%DEPENDENCIES_DIR%\yajl\build\yajl-2.0.1 SSDEEP=..\iis\%DEPENDENCIES_DIR%\ssdeep
@if NOT (%ERRORLEVEL%) == (0) goto build_failed
cd %CURRENT_DIR%
View
39 iis/dependencies/build_ssdeep.bat
@@ -0,0 +1,39 @@
+cd "%WORK_DIR%"
+
+@if NOT EXIST "%SOURCE_DIR%\%SSDEEP%" goto build_failed
+
+@7z.exe x "%SOURCE_DIR%\%SSDEEP_BIN%"
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+@7z.exe x "%SOURCE_DIR%\%SSDEEP%" -so | 7z.exe x -aoa -si -ttar
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+
+set SSDEEP_DIR=%SSDEEP_BIN:~0,-4%
+
+move "%SSDEEP_DIR%" "ssdeep"
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+cd "%WORK_DIR%\ssdeep\"
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+
+@set SSDEEP_ARCH="x86"
+@call cl 2>&1 | findstr /C:"x64"
+@if (%ERRORLEVEL%) == (0) set SSDEEP_ARCH="x64"
+
+lib /machine:%SSDEEP_ARCH% /def:fuzzy.def
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+
+copy /y "%WORK_DIR%\ssdeep\fuzzy.dll" "%OUTPUT_DIR%"
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+copy /y "%WORK_DIR%\ssdeep\fuzzy.def" "%OUTPUT_DIR%"
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+copy /y "%WORK_DIR%\ssdeep\fuzzy.lib" "%OUTPUT_DIR%"
+@if NOT (%ERRORLEVEL%) == (0) goto build_failed
+
+
+@exit /B 0
+
+:build_failed
+@echo Problems during the building phase
+@goto failed
+
+:failed
+@exit /B 1

0 comments on commit 3b503e2

Please sign in to comment.
Something went wrong with that request. Please try again.