Skip to content

Commit 3e712c5

Browse files
committed
EDIT readme and ADD examples
1 parent 4ee3a12 commit 3e712c5

3 files changed

Lines changed: 94 additions & 1 deletion

File tree

README.md

Lines changed: 63 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,63 @@
1-
API Document
1+
Document for IoTcube API
2+
========================
3+
This document is an outline and usage document of "IoTcube API". This document is an early version and describes the APIs that deal with the "Vulnerable Code Clone Detection" functionality of "Whitebox Testing" in IoTcube.
4+
5+
Getting Started with API
6+
------------------------
7+
Currently, the initial version of IoTcube API can receive vulnerability information in software by sending ".hidx file" (generated through *hmark*, <https://github.com/iotcube/hmark>) through **POST** method to our API address.
8+
9+
**Address to send POST request**
10+
>**https://<span></span>iotcube.net/api/wf1**
11+
12+
**Params**
13+
* ***files***: the **path** and **contents** of the ".hidx file" (which you want to check for vulnerabilities).
14+
* ***headers***: your **user-agent** value
15+
16+
**Return Field Definitions**
17+
+ **Common value**
18+
+ **total_cve** - Total number of detected CVEs.
19+
+ **total_vulfunc** - Total number of detected vulnerable functions.
20+
+ **file_count** - Total number of files in uploaded '.hidx file'.
21+
+ **func_count** - Total number of functions in uploaded '.hidx file'.
22+
+ **line_count** - Total number of lines in uploaded '.hidx file'.
23+
24+
+ **Vulnerability exists**
25+
+ **cveid** - The CVE value of the vulnerability.
26+
+ **cwe** - The CWE value of the vulnerability.
27+
+ **cvss** - The CVSS value of the vulnerability.
28+
+ **file** - The file path where the vulnerability exists.
29+
+ **funcid** - The function number in the file (*See hmark*).
30+
+ **diff** - Patch information for this vulnerability.
31+
32+
Result (JSON)
33+
-------------
34+
```
35+
[
36+
{
37+
"total_cve" : 5,
38+
"total_vulfunc": 6,
39+
"file_count" : 100,
40+
"func_count" : 1000,
41+
"line_count" : 10000,
42+
},
43+
{
44+
"cveid" : "CVE-2018-0000",
45+
"cwe" : "CWE-119",
46+
"cvss" : "10.0",
47+
"file" : "Path/to/file",
48+
"funcid": "5",
49+
"diff" : "https://iotcube.net/whitebox/diff/.../CVE-2018-0000_....diff",
50+
}, … ,
51+
{
52+
53+
}
54+
]
55+
```
56+
Sample codes
57+
------------
58+
See *'example'* directory.
59+
60+
About
61+
-----
62+
This document and code is authored and maintained by Seunghoon Woo.
63+
>seunghoonwoo@<span></span>korea.ac.kr

example/API_example_php.php

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
<?php
2+
function CallAPI($method, $url, $header, $data)
3+
{
4+
$curl = curl_init($url);
5+
switch ($method)
6+
{
7+
case "POST":
8+
curl_setopt($curl, CURLOPT_POST, 1);
9+
if ($data)
10+
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
11+
break;
12+
}
13+
curl_setopt($curl, CURLOPT_URL, $url);
14+
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
15+
curl_setopt ($curl, CURLOPT_HTTPHEADER, $header);
16+
$result = curl_exec($curl);
17+
curl_close($curl);
18+
return $result;
19+
}
20+
21+
$file_name = "/filepath/to/hidxfile.hidx";
22+
$header = array ("User-Agent: your user-agent value");
23+
$data = array ("file" => curl_file_create (realpath($file_name)));
24+
$url = 'https://iotcube.net/api/wf1';
25+
$resp = CallAPI ("POST", $url, $header, $data);
26+
?>

example/API_example_python.py

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
import requests
2+
3+
files = {'file': ("/filepath/to/hidxfile.hidx", open("/filepath/to/hidxfile.hidx", 'rb'))}
4+
headers = {'user-agent': 'your user-agent value'
5+
response = requests.post("https://iotcube.net/api/wf1", files=files, headers=headers)

0 commit comments

Comments
 (0)