sangge/BackDoorBuster
1
0
Fork 0
Code Issues Pull Requests Projects 1 Activity

feature/pickle-data #20

Merged
sangge merged 10 commits from feature/pickle-data into main 2024-06-03 20:31:35 +08:00
Conversation 3 Commits 10 Files Changed 3 +28 -27
2 changed files with 28 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 0ae787002c - Show all commits

7
detection/backdoor_detection.py
View File

@@ -3,6 +3,8 @@ from typing import Dict, List, Tuple
from reportlab.lib.pagesizes import letter from reportlab.lib.pagesizes import letter
from reportlab.lib.styles import getSampleStyleSheet from reportlab.lib.styles import getSampleStyleSheet
from reportlab.platypus import Paragraph, Spacer, SimpleDocTemplate from reportlab.platypus import Paragraph, Spacer, SimpleDocTemplate
from detection.pickle_detection import pickleDataDetection
from .Regexdetection import find_dangerous_functions from .Regexdetection import find_dangerous_functions
from .GPTdetection import detectGPT from .GPTdetection import detectGPT
from .utils import * from .utils import *
@@ -176,6 +178,9 @@ def main():
parser.add_argument( parser.add_argument(
"-m", "--mode", help="Mode of operation:[regex,llm]", default="regex" "-m", "--mode", help="Mode of operation:[regex,llm]", default="regex"
) )
parser.add_argument(
"-p","--pickle",help="analyze the pickle file",default=None
)
args = parser.parse_args() args = parser.parse_args()
output_format = "txt" # Default output format output_format = "txt" # Default output format
output_file = None output_file = None
@@ -191,6 +196,8 @@ def main():
) )
output_file = args.output.rsplit(".", 1)[0] + ".txt" output_file = args.output.rsplit(".", 1)[0] + ".txt"
# 如果未指定输出文件,则输出到 stdout否则写入文件 # 如果未指定输出文件,则输出到 stdout否则写入文件
if args.pickle:
pickleDataDetection(args.pickle, output_file)
process_path(args.path, output_format, args.mode, output_file) process_path(args.path, output_format, args.mode, output_file)

48
detection/pickle_detection.py
View File

@@ -1,4 +1,5 @@
import io import io
import json
import os import os
import pickletools import pickletools
import pickle import pickle
@@ -87,10 +88,9 @@ class pickleScanner():
self.file = file self.file = file
def find_class(self, module, name): def find_class(self, module, name):
print(module, name)
if module.decode() in dangerous_modules or name.decode() in dangerous_names: if module.decode() in dangerous_modules or name.decode() in dangerous_names:
# self.maliciousCount += 1 # self.maliciousCount += 1
self.maliciousModule.append((module, name)) self.maliciousModule.append((module.decode(), name.decode()))
def load(self): def load(self):
self._unframer = _Unframer(self._file_read, self._file_readline) self._unframer = _Unframer(self._file_read, self._file_readline)
@@ -128,30 +128,24 @@ class pickleScanner():
def output(self): def output(self):
if self.ReduceCount > 0 or len(self.maliciousModule) > 0: return {
print("The pickle file maybe contains malicious code") "ReduceCount": self.ReduceCount,
print(f"The number of REDUCE opcodes is {self.ReduceCount}") "maliciousModule": self.maliciousModule
print("The malicious options are: ", self.maliciousModule) }
else:
print("The pickle file is safe")
def pickleDataDetection(file,output_file=None):
'''
:param file: pickle file path
'''
with open(file, "rb") as file:
pickscan = pickleScanner(file)
pickscan.load()
res = pickscan.output()
if output_file:
with open(output_file, "w") as file:
file.writelines(json.dumps(res))
else:
print(json.dumps(res))
if __name__ == '__main__':
pickleDataDetection("test.pkl")
class test:
a = 1
b = 2
def __reduce__(self):
return (__import__("os").system,('calc',))
data = pickle.dumps(test(),protocol=2)
print(data)
print(pickletools.dis(data))
with open("test.pkl", "wb") as file:
file.write(data)
with open("test.pkl", "rb") as file:
pickscan = pickleScanner(file)
pickscan.load()
pickscan.output()