diff --git a/README b/DEV_README similarity index 80% rename from README rename to DEV_README index 78378b8..b605135 100644 --- a/README +++ b/DEV_README @@ -7,7 +7,7 @@ INTRO ------------- dbfp is a tool that will scan a sqlite database and generate a fingerprint. -The fingerprint is basically the database schema. +The fingerprint is basically the database schema with some metadata (md5 sums, scan information) The fingerprint is stored to disk in JSON format. diff --git a/RELEASE_NOTES b/RELEASE_NOTES index abd9736..c101d6c 100644 --- a/RELEASE_NOTES +++ b/RELEASE_NOTES @@ -13,6 +13,13 @@ History ------------ +version 0.90 + -improved sql create parsing + -improved support for AOSP Androd contacts database + -improved the table schema comparison + -added as an option and to the fingerprint: + app name, app version, notes regarding this scan + version 0.85 -modified format -added "file-metadata", info about the scanner and fingerprint file diff --git a/dbfp.py b/dbfp.py index e8633f7..46e5ce0 100644 --- a/dbfp.py +++ b/dbfp.py @@ -64,7 +64,7 @@ def parseArgs(): # compare a sqlite database file to all fingerprints if (args.fp and args.fpdir): - compareFingerprints(args.file, args.fp, args.fpdir) + compareFingerprintDir(args.file, args.fp, args.fpdir) # compare a sqlite database file to a fingerprint if (args.fp): compareFingerprint(args.file, args.fp) diff --git a/docs/README b/docs/README index ff682cd..8a8b14e 100644 --- a/docs/README +++ b/docs/README @@ -6,10 +6,24 @@ ------------- INTRO ------------- +[D]ata[B]ase [F]inger[P]rint + dbfp is a tool that will scan a sqlite database and generate a fingerprint. -The fingerprint is basically the database schema. +The fingerprint will uniquely identify the database. +The fingerprint consists of the database schema, the sql table create statements, + md5 calculations, and file meta-data. The fingerprint is stored to disk in JSON format. +The fingerprint can be used to identify unknown databases from random paths or recovered from deleted space. +The fingerprint can be used for historical comparisons to see what has changed in a new version of an application. + + +------------- + FEATURES +------------- +1. Generate a fingerprint in JSON format. +2. Compare a sqlite database with a fingerprint. + ------------- USAGE @@ -19,12 +33,19 @@ The fingerprint is stored to disk in JSON format. DB Fingerprint ***** ***** ***** ***** -usage: main.py [-h] [-f FILE] [-j JSON] [-v] +usage: dbfp.py [-h] [-f FILE] [-fd FPDIR] [-fp FP] [-an APP_NAME] + [-av APP_VERSION] [-n NOTES] [-v] Fingerprint a sqlite database based on its schema optional arguments: -h, --help show this help message and exit -f FILE, --file FILE - -j JSON, --json JSON + -fd FPDIR, --fpdir FPDIR + path to dirctory of fingerprint files + -fp FP, --fp FP fingerprint file to use in comparison + -an APP_NAME, --app_name APP_NAME + -av APP_VERSION, --app_version APP_VERSION + -n NOTES, --notes NOTES -v, --verbose + \ No newline at end of file diff --git a/libs/fingerprint.py b/libs/fingerprint.py index 11a5668..72903a4 100644 --- a/libs/fingerprint.py +++ b/libs/fingerprint.py @@ -32,7 +32,7 @@ class DBSchema: """ sqlmaster = "SELECT name, sql FROM sqlite_master WHERE type='table'" - scanner_ver = "0.85" + scanner_ver = "0.90" format_ver = "0.90" def __init__(self):