diff --git a/src/web/crawler/Client.java b/src/web/crawler/Client.java
index bb7f7ff8e5e755466e7cd1b6102a8af3b2111945..198e43e73c2ca5e9824d54e268b75b3b43dc2e1f 100644
--- a/src/web/crawler/Client.java
+++ b/src/web/crawler/Client.java
@@ -41,7 +41,7 @@
* Creation: 2015
* @version 2.0 25/03/2016
* @author Marie FORRAT &Angeliki AKTYPI & Ludovic APVRILLE & Dan Huynh VO
- * @see
+ * @see
*/
@@ -64,7 +64,8 @@ import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.io.FileUtils;
-
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
public class Client {
@@ -80,30 +81,30 @@ public class Client {
System.out.println("\n" + Message.SUC_CREATE_REQ_MESSAGE);
return requestMsg;
}
-
+
/**
*
* @param answerMsg
*/
public static void analyseAnswerMessage(Message answerMsg) {
//Analyse the message from the server,
- //Depends on the cmd, we can determine the values
+ //Depends on the cmd, we can determine the values
String cmd = answerMsg.getCmd();
// System.out.println(cmd);
-
+
if (cmd == null) {
System.out.println(Message.ERR_CMD);
- }
-
+ }
+
else if (cmd.equals(Message.RESULT_SEARCH)) {
//show GUI for search
//Call Huy's function
ArrayList<Object> res = new ArrayList();
res = answerMsg.getContent();
System.out.println("\n"+res);
-
- }
-
+
+ }
+
else if (cmd.equals(Message.RESULT_DETAIL)) {
//show GUI for detail of a specific record
//Call Huy's function
@@ -111,34 +112,34 @@ public class Client {
res = answerMsg.getContent();
System.out.println("\n"+res);
- }
-
+ }
+
else if (cmd.equals(Message.RESULT_STATISTIC)) {
-
+
//Show picture-Use a function to convert binary to image
- //Message.convertByteToImage(answerMsg.getImageByte());
-
+ //Message.convertByteToImage(answerMsg.getImageByte());
+
ArrayList<Object> resultContent = new ArrayList();
resultContent = answerMsg.getContent();
byte[] imgByte = (byte[]) resultContent.get(0);
Message.convertByteToImage(imgByte,answerMsg);
//Call Huy's function to load Image
- }
-
+ }
+
else if (cmd.equals(Message.RESULT_HISTOGRAM)) {
-
+
//Show picture-Use a function to convert binary to image
- //Message.convertByteToImage(answerMsg.getImageByte());
-
+ //Message.convertByteToImage(answerMsg.getImageByte());
+
ArrayList<Object> resultContent = new ArrayList();
resultContent = answerMsg.getContent();
byte[] imgByte = (byte[]) resultContent.get(0);
Message.convertByteToImage(imgByte,answerMsg);
//Call Huy's function to load Image
- }
-
+ }
+
else {
System.out.print(Message.ERR_CMD2);
}
@@ -150,9 +151,16 @@ public class Client {
* @param args
*/
public static void main(String[] args) {
+ SSLSocket client = null;
+
try {
- Socket client = new Socket("LocalHost", WebCrawler.PORT);
- TraceManager.addDev("Client has been created successfully!");
+ SSLSocketFactory sslSocketFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
+ client = (SSLSocket)sslSocketFactory.createSocket("LocalHost",12345);
+
+ client.setEnabledCipherSuites(client.getSupportedCipherSuites());
+
+ System.out.println("Client has been created successfully!");
+
ObjectOutputStream outputStream = new ObjectOutputStream(client.getOutputStream());
ObjectInputStream inputStream = new ObjectInputStream(client.getInputStream());
@@ -161,8 +169,8 @@ public class Client {
String cmd;
ArrayList<String> options = new ArrayList();
ArrayList<String> values = new ArrayList();
-
- // open up standard input
+
+ // open up standard input
BufferedReader br;
/* Buffer */
@@ -173,33 +181,33 @@ public class Client {
/* Read from console */
cmd = br.readLine();
System.out.print("\n");
-
+
while (true) {
if (cmd.equals(Message.CMD_SEARCH)) {
-
+
options.add(Message.OPTION_KEY_WORDS);
options.add(Message.OPTION_DATE);
options.add(Message.OPTION_SCORE);
options.add(Message.OPTION_SYSTEM);
options.add(Message.OPTION_NUMBER);
-
+
System.out.println("Insert the keyword, the year, the score "
- +"the system and the number of results that you wish.");
+ +"the system and the number of results that you wish.");
System.out.println("Example:buffer-injection this-year linux 4-5 10\n");
String arguments = br.readLine();
String[] argument = arguments.split(" ");
-
+
for (int i = 0; i < 5; i++) {
//System.out.println(argument[i]);
values.add(argument[i]);
- }
+ }
break;
- }
-
+ }
+
else if (cmd.equals(Message.CMD_DETAIL)) {
-
+
options.add(Message.OPTION_KEY_WORDS);
System.out.println("Insert the cve-id that you wish.");
System.out.println("Example:CVE-2015-0001\n");
@@ -207,64 +215,64 @@ public class Client {
values.add(argument);
break;
}
-
+
//Creat a statistic image request
else if (cmd.equals(Message.CMD_STATISTIC)) {
-
+
options.add(Message.OPTION_KEY_WORDS);
-
- System.out.println("Insert the systems that you wish "
- +"to be statistically examined.");
+
+ System.out.println("Insert the systems that you wish "
+ +"to be statistically examined.");
System.out.println("Example:linux apache chrome windows sql\n");
String arguments = br.readLine();
values.add(arguments);
//String[] argument = arguments.split(" ");
-
- /* for (int i = 0; i < argument.length; i++) {
- //System.out.println(argument[i]);
- values.add(argument[i]);
+
+ /* for (int i = 0; i < argument.length; i++) {
+ //System.out.println(argument[i]);
+ values.add(argument[i]);
}*/
break;
- }
-
- else if (cmd.equals(Message.CMD_HISTOGRAM)) {
-
+ }
+
+ else if (cmd.equals(Message.CMD_HISTOGRAM)) {
+
options.add(Message.OPTION_KEY_WORDS);
-
- System.out.println("Insert one system that you wish "
- +"to be statistically examined.");
+
+ System.out.println("Insert one system that you wish "
+ +"to be statistically examined.");
System.out.println("Example:linux\n");
String arguments = br.readLine();
- /* String[] argument = arguments.split(" ");
-
- for (int i = 0; i < argument.length; i++) {
+ /* String[] argument = arguments.split(" ");
+
+ for (int i = 0; i < argument.length; i++) {
//System.out.println(argument[i]);
values.add(argument[i]);
- }*/
+ }*/
values.add(arguments);
break;
- }
-
+ }
+
else {
System.out.print(Message.ERR_CMD2);
break;
- }
-
+ }
+
}
//Create a msg with constructors
Message msg = createRequestMessage(cmd, options, values);
-
+
//Push the message to server
outputStream.writeObject(msg);
-
+
//Get back the message from server
Message answerMsg = new Message();
try {
answerMsg = (Message) inputStream.readObject();
analyseAnswerMessage(answerMsg);
- }
-
+ }
+
catch (ClassNotFoundException ex) {
Logger.getLogger(MultiThreadServer.class.getName()).log(Level.SEVERE, null, ex);
}
diff --git a/src/web/crawler/DatabaseCreation.java b/src/web/crawler/DatabaseCreation.java
index c733e4e06cc5447213874ec9aafd38f622ce7fa1..904bafef6b14c895274076f8fce037280ad81661 100644
--- a/src/web/crawler/DatabaseCreation.java
+++ b/src/web/crawler/DatabaseCreation.java
@@ -349,6 +349,8 @@ public class DatabaseCreation {
vulnerabilitesSqlFile.delete();
}
+
+ TraceManager.addDev("Storing in File:" + vulnerabilitesSqlFile.toString());
/* Store Table VULNERABILITIES */
ps = conn.prepareStatement("CALL SYSCS_UTIL.SYSCS_EXPORT_TABLE (?,?,?,?,?,?)");
ps.setString(1, null);
diff --git a/src/web/crawler/MultiThreadServer.java b/src/web/crawler/MultiThreadServer.java
index 44f2f755a44163fa32b4e43629a493852f28bdb4..0b64d99e4b66c216059b1122029356abaaa6fa3c 100644
--- a/src/web/crawler/MultiThreadServer.java
+++ b/src/web/crawler/MultiThreadServer.java
@@ -65,6 +65,7 @@ import java.util.logging.Logger;
import javax.xml.transform.TransformerException;
import org.apache.commons.io.FileUtils;
import web.crawler.WebCrawler;
+import myutil.externalSearch.Message;
public class MultiThreadServer {
diff --git a/src/web/crawler/ThreadSocket.java b/src/web/crawler/ThreadSocket.java
index 7229f8205945bbad99779203cce820445518498e..3cd6520fe038120164f9ad2d2fe78a8269d35bb7 100644
--- a/src/web/crawler/ThreadSocket.java
+++ b/src/web/crawler/ThreadSocket.java
@@ -42,7 +42,7 @@
* Creation: 2015
* @version 2.0 25/03/2016
* @author Dan Huynh VO, Ludovic APVRILLE
- * @see
+ * @see
*/
package web.crawler;
@@ -54,24 +54,27 @@ import java.sql.SQLException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.transform.TransformerException;
+import myutil.externalSearch.Message;
+import javax.net.ssl.SSLSocket;
public class ThreadSocket extends Thread {
-
- Socket socket = null;
- DatabaseQuery database = null;
-
+
+ SSLSocket socket = null;
+ DatabaseQuery database = null;
+
/**
*
* @param socket
* @param database
*/
- public ThreadSocket(Socket socket, web.crawler.DatabaseQuery database){
+ public ThreadSocket(SSLSocket socket, web.crawler.DatabaseQuery database){
+
this.socket = socket;
this.database=database;
}
-
+
@Override
public void run() {
try {
@@ -79,34 +82,34 @@ public class ThreadSocket extends Thread {
//Receive from clients
ObjectOutputStream toClient = new ObjectOutputStream(socket.getOutputStream());
//Send to clients
-
-
- //Create a new message to prepare getting the message from client
- Message requestMsg = new Message();
-
- try {
- requestMsg = (Message) fromClient.readObject();
- } catch (ClassNotFoundException ex) {
- Logger.getLogger(ThreadSocket.class.getName()).log(Level.SEVERE, null, ex);
- }
-
- //Print the result
- //System.out.println(requestMsg.getCmd());
- //System.out.println(requestMsg.getOptions());
- //System.out.println(requestMsg.getValues());
-
- //Read the message and then modify the content
-
- Message answerMsg = new Message();
- answerMsg = MultiThreadServer.analyseRequestMessage(requestMsg,database);
-
- //Send it back to the client
- toClient.writeObject(answerMsg);
-
- toClient.close();
- fromClient.close();
- socket.close();
-
+
+
+ //Create a new message to prepare getting the message from client
+ Message requestMsg = new Message();
+
+ try {
+ requestMsg = (Message) fromClient.readObject();
+ } catch (ClassNotFoundException ex) {
+ Logger.getLogger(ThreadSocket.class.getName()).log(Level.SEVERE, null, ex);
+ }
+
+ //Print the result
+ //System.out.println(requestMsg.getCmd());
+ //System.out.println(requestMsg.getOptions());
+ //System.out.println(requestMsg.getValues());
+
+ //Read the message and then modify the content
+
+ Message answerMsg = new Message();
+ answerMsg = MultiThreadServer.analyseRequestMessage(requestMsg, database);
+
+ //Send it back to the client
+ toClient.writeObject(answerMsg);
+
+ toClient.close();
+ fromClient.close();
+ socket.close();
+
} catch (IOException ex) {
Logger.getLogger(ThreadSocket.class.getName()).log(Level.SEVERE, null, ex);
} catch (SQLException ex) {
diff --git a/src/web/crawler/WebCrawler.java b/src/web/crawler/WebCrawler.java
index 86f9fec240a63c72999a4e5b0a6d150f86879a0c..33f3427ec10140a60d60d3aad17bb65ba8fa5bec 100644
--- a/src/web/crawler/WebCrawler.java
+++ b/src/web/crawler/WebCrawler.java
@@ -65,6 +65,11 @@ import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import static web.crawler.FileManagement.ParsingXML;
+import javax.net.ssl.SSLServerSocket;
+import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLSocket;
+import java.text.SimpleDateFormat;
+import java.util.Date;
@@ -119,12 +124,16 @@ public class WebCrawler {
File thisyearfile = new File(FileNames[0]);
thisyearfile.delete();
+
File lastyearfile = new File(FileNames[1]);
lastyearfile.delete();
+
File beforelastyearfile = new File(FileNames[2]);
beforelastyearfile.delete();
+
File beforebeforelastyearfile = new File(FileNames[3]);
beforebeforelastyearfile.delete();
+
database.deleteReferencesSqlFile();
database.deleteVulnerabilitesSqlFile();
database.deleteSoftwaresSqlFile();
@@ -155,7 +164,7 @@ public class WebCrawler {
} else {
/* Read XML file and store the informations in the database */
- for (String xmlFile : FileNames) {
+ for (String xmlFile: FileNames) {
ParsingXML(xmlFile, pathToFiles, database);
}
System.out.println("Total records insert in the database: " + database.getTotalRecordsInDatabase() + "\n\n");
@@ -177,7 +186,6 @@ public class WebCrawler {
pathToFiles = "";
}
- TraceManager.addDev("PathtoFiles=" + pathToFiles);
String thisyear = new SimpleDateFormat("yyyy").format(new Date());
@@ -216,14 +224,21 @@ public class WebCrawler {
/* =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= */
/* Server's Protocol Initialization */
/* =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= */
+ SSLServerSocket sslServerSocket = null;
try {
- ServerSocket server = new ServerSocket(PORT);
- TraceManager.addDev("Server has been created successfully");
+ // ServerSocket server = new ServerSocket(1234);
+ SSLServerSocketFactory factory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
+ sslServerSocket = (SSLServerSocket) factory.createServerSocket(12345);
+
+ System.out.println("Server has been created successfully\n");
while (true) { //Allow a client to connect
//Use multithread
//If a client asks to connect, then accept it
- new ThreadSocket(server.accept(), dbq).start();
+ SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
+ sslSocket.setEnabledCipherSuites(sslServerSocket.getSupportedCipherSuites());
+
+ new ThreadSocket(sslSocket, dbq).start();
}
} catch (IOException e) {