Similarity ID
Similarity ID is an identifier used to determine if a finding is Recurrent, Fixed, or New. A hashing algorithm generates the Similarity ID, which is then used to compare the results between two scans and identify equivalent ones to expedite the triage process.
The Similarity ID provides labels (State, Severity, Comment, Ticket ID, Assignee) for results across all scans. The Similarity ID is identical if a result in the first scan is equivalent to one in the second. Select the two scans to compare results and click Compare Scans to perform the comparison and review your results as either Recurrent, Fixed, or New.
Warning
Results that share the first node, last node, and query ID will be identified as equivalent even if their node paths differ.
The following SQL injection is an example of how Similarity ID is calculated.
namespace SimIDExample
{
public partial class index : System.Web.UI.Page
{
private void doUpdate(String query)
{
var conn_string = "some_connection_string";
using (SqlConnection conn = new SqlConnection(conn_string))
{
SqlCommand command = new SqlCommand(query, conn);
conn.Open();
command.ExecuteNonQuery();
}//end using
}//end doUpdate
protected void submit_Click(object sender, EventArgs e)
{
doUpdate(getQuery());
}//end submit_Click
private String getQuery()
{
return "UPDATE Users SET Name = '" + name.Text + "' WHERE UID = '" + ViewState["UID"].ToString() + "'";
}//end getQuery
}//end class
}//end namespaceThis file exposes an SQL Injection from the source node name.Text to the sink node command.ExecuteNonQuery().
 |
Source Node:
String representation content: return "UPDATE Users SET Name = '" + name.Text + "' WHERE UID = '" + ViewState["UID"].ToString() + "'";
Encapsulating method: private String getQuery()
File name: a.cs
SimHash of string representation: 854 (approximation)
Sink Node:
String representation content: command.ExecuteNonQuery()
Encapsulating method: private void doUpdate(String query)
File name: a.cs
SimHash of string representation: 1015(approximation)
Query ID (SQL Injection in Java) = 594
Similarity ID will be calculated on the 3 data points above.