Include Namespace

GrokAssembly/GrokAssembly.csproj

@@ -1,22 +1,26 @@
-<Project Sdk="Microsoft.NET.Sdk">
-
-  <PropertyGroup>
-    <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp2.0</TargetFramework>
-
-    <AssemblyTitle>GrokAssembly</AssemblyTitle>
-    <AssemblyProduct>GrokAssembly</AssemblyProduct>
-    <Product>GrokAssembly</Product>
-    <AssemblyDescription>Inspects a .NET Assembly to determine Company, Product, and Version information</AssemblyDescription>
-    <Description>Inspects a .NET Assembly to determine Company, Product, and Version information</Description>
-    <AssemblyCompany>OWASP Foundation</AssemblyCompany>
-    <AssemblyCopyright>Copyright © 2018, OWASP Foundation. All Rights Reserved</AssemblyCopyright>
-    <AssemblyVersion>2.0.0.0</AssemblyVersion>
-    <version>2.0.0.0</version>
-    <PackageId>GrokAssembly</PackageId>
-    <PackageVersion>2.0.0.0</PackageVersion>
-    <Authors>OWASP Contributors</Authors>
-    <LicenseUrl>https://www.apache.org/licenses/LICENSE-2.0</LicenseUrl>
-  </PropertyGroup>
-
-</Project>
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>netcoreapp2.0</TargetFramework>
+
+    <AssemblyTitle>GrokAssembly</AssemblyTitle>
+    <AssemblyProduct>GrokAssembly</AssemblyProduct>
+    <Product>GrokAssembly</Product>
+    <AssemblyDescription>Inspects a .NET Assembly to determine Company, Product, and Version information</AssemblyDescription>
+    <Description>Inspects a .NET Assembly to determine Company, Product, and Version information</Description>
+    <AssemblyCompany>OWASP Foundation</AssemblyCompany>
+    <AssemblyCopyright>Copyright © 2019, OWASP Foundation. All Rights Reserved</AssemblyCopyright>
+    <AssemblyVersion>3.0.0.0</AssemblyVersion>
+    <version>3.0.0.0</version>
+    <PackageId>GrokAssembly</PackageId>
+    <PackageVersion>3.0.0.0</PackageVersion>
+    <Authors>OWASP Contributors</Authors>
+    <LicenseUrl>https://www.apache.org/licenses/LICENSE-2.0</LicenseUrl>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="System.Reflection.Metadata" Version="1.6.0" />
+  </ItemGroup>
+
+</Project>

GrokAssembly/Program.cs

@@ -11,7 +11,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * Copyright (c) 2018 The OWASP Foundation. All Rights Reserved.
+ * Copyright (c) 2019 The OWASP Foundation. All Rights Reserved.
  */
 using System;
 using System.Collections.Generic;
@@ -20,6 +20,8 @@
 using System.Text;
 using System.Xml;
 using System.Reflection;
+using System.Reflection.Metadata;
+using System.Reflection.PortableExecutable;
 
 namespace GrokAssembly
 {
@@ -62,21 +64,48 @@ public static int Main(string[] args)
                 {
                     FileVersionInfo fileInfo = FileVersionInfo.GetVersionInfo(Path.GetFullPath(args[0]));
 
-                    writeNode(writer, "CompanyName", fileInfo.CompanyName);
-                    writeNode(writer, "ProductName", fileInfo.ProductName);
-                    writeNode(writer, "ProductVersion", fileInfo.ProductVersion);
-                    writeNode(writer, "Comments", fileInfo.Comments);
-                    writeNode(writer, "FileDescription", fileInfo.FileDescription);
-                    writeNode(writer, "FileName", fileInfo.FileName);
-                    writeNode(writer, "FileVersion", fileInfo.FileVersion);
-                    writeNode(writer, "InternalName", fileInfo.InternalName);
-                    writeNode(writer, "LegalCopyright", fileInfo.LegalCopyright);
-                    writeNode(writer, "LegalTrademarks", fileInfo.LegalTrademarks);
-                    writeNode(writer, "OriginalFilename", fileInfo.OriginalFilename);
+                    writeNode(writer, "companyName", fileInfo.CompanyName);
+                    writeNode(writer, "productName", fileInfo.ProductName);
+                    writeNode(writer, "productVersion", fileInfo.ProductVersion);
+                    writeNode(writer, "comments", fileInfo.Comments);
+                    writeNode(writer, "fileDescription", fileInfo.FileDescription);
+                    writeNode(writer, "fileName", fileInfo.FileName);
+                    writeNode(writer, "fileVersion", fileInfo.FileVersion);
+                    writeNode(writer, "internalName", fileInfo.InternalName);
+                    writeNode(writer, "legalCopyright", fileInfo.LegalCopyright);
+                    writeNode(writer, "legalTrademarks", fileInfo.LegalTrademarks);
+                    writeNode(writer, "originalFilename", fileInfo.OriginalFilename);
 
                     AssemblyName assemblyName = AssemblyName.GetAssemblyName(Path.GetFullPath(args[0]));
-                    writeNode(writer, "fullname", assemblyName.FullName);
+                    writeNode(writer, "fullName", assemblyName.FullName);
 
+                    writer.WriteStartElement("namespaces");
+                    try
+                    {
+                        using (var stream = File.OpenRead(Path.GetFullPath(args[0])))
+                        using (var peFile = new PEReader(stream))
+                        {
+                            var reader = peFile.GetMetadataReader();
+                            HashSet<string> nspaces = new HashSet<string>();
+
+                            foreach (var handle in reader.TypeDefinitions)
+                            {
+                                var entry = reader.GetTypeDefinition(handle);
+                                string ns = reader.GetString(entry.Namespace);
+                                if (!nspaces.Contains(ns))
+                                {
+                                    writeNode(writer, "namespace", ns);
+                                    nspaces.Add(ns);
+                                }
+                            }
+                            writer.WriteEndElement();
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        writer.WriteEndElement();
+                        writeNode(writer, "warning", ex.Message);
+                    }
                 }
                 catch (BadImageFormatException)
                 {
@@ -142,6 +171,5 @@ private static string xmlSanitize(string input)
             }
             return result.ToString();
         }
-
     }
 }

README.md

@@ -2,22 +2,39 @@
 GrokAssembly
 ============
 
-GrokAssembly is a simple .NET/mono project used for getting name and version
-information out of an assembly. It is primarily used for the
-[OWASP Dependency Check][dependencycheck] project to identify company, product,
-and version information.
+GrokAssembly is a simple .NET core project used for extracting extended properties
+information, such as company, product name, and version, from an assembly. The tool
+is primarily used within the [OWASP Dependency Check][dependencycheck] project to
+identify Common Platform Identifiers (CPE) and report on known vulnerabilities.
 
 Usage:
 ------
 
-```cmd
-$ GrokAssembly <assembly>
+```bash
+$ dotnet GrokAssembly.dll <assembly>
 ```
 
-or
-
+### Example Output
 ```bash
-$ mono GrokAssembly.exe <assembly>
+$ dotnet GrokAssembly.dll GrokAssembly.dll
+```
+```xml
+<?xml version="1.0" encoding="utf-8"?>
+<assembly>
+    <companyName>OWASP Contributors</companyName>
+    <productName>GrokAssembly</productName>
+    <productVersion>3.0.0.0</productVersion>
+    <comments>Inspects a .NET Assembly to determine Company, Product, and Version information</comments>
+    <fileDescription>GrokAssembly</fileDescription>
+    <fileName>/Users/jeremy/Projects/GrokAssembly/GrokAssembly/bin/Release/netcoreapp2.0/GrokAssembly.dll</fileName>
+    <fileVersion>3.0.0.0</fileVersion>
+    <internalName>GrokAssembly.exe</internalName>
+    <originalFilename>GrokAssembly.exe</originalFilename>
+    <fullName>GrokAssembly, Version=3.0.0.0, Culture=neutral, PublicKeyToken=null</fullName>
+    <namespaces>
+        <namespace>GrokAssembly</namespace>
+    </namespaces>
+</assembly>
 ```
 
 [dependencycheck]: https://github.com/jeremylong/DependencyCheck