j3g
/
dbfp_pub
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

UPD: updated documentation, added more information

This commit is contained in:
JohnE 2016-02-29 17:09:43 -08:00
parent 44bd8a54dd
commit 8c1366d8cd
3 changed files with 129 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
docs/README_DEV_FINGERPRINT
View File

@ -1,18 +1,110 @@
=========================
Fingerprint Design Doc
==========================
JSON Fingerprint Format Design
-----------------------
FINGERPRINT DESIGN
-----------------------
Fingerprint Naming Convention
Fully Qualified Domain App Name + "__" + database name + "__" + "dbfp.json"
JSON File Format:
--------------------------
JSON FINGERPRINT FORMAT
--------------------------
1. "_file-metadata": has information regarding how this fingerprint was created
[ _file-details ]
contains information regarding how and where this fingerprint was created:
2. "db-metadata": contains the sql create statements for each table in the database
"app-name": name of the application, usually reverse dns is best identifier
"app-ver": version of the application at the time of this scan
"db-name": name of the database
"format-ver": fingerprint format version, this is helpful for major revisions
"notes": any notes to be included with this fingerprint
"scan-date": time stamp of the database scan and fingerprint creation
"scanner-name": name of the fingerprint scanner tool (to be future proof)
"scanner-ver": version of the fingerprint scanner tool used to create this fingerprint
3. "db-metadata-hashes": contains the md5 hashes of each create statement (for quicker comparisons of fingerprints)
4. "table": is the database schema in a hash format to be loaded into the fingerprint program
[ db-metadata ]
contains the exact create table strings, most create table strings are unique
[ db-metadata-hashes ]
contains hashing of the create table stings
[ tables ]
each table schema in a normalized (hash table) data type
-------------
EXAMPLE
-------------
{
"_file-details": {
"app-name": "cm.confide.android",
"app-ver": "",
"db-name": "confide.db",
"format-ver": "0.92",
"notes": "",
"scan-date": "2016-02-29_161058",
"scanner-name": "dbfp",
"scanner-ver": "1.00b"
},
"db-metadata": {
"android_metadata": "CREATE TABLE android_metadata (locale TEXT)",
"contacts": "CREATE TABLE contacts ( _id INTEGER PRIMARY KEY AUTOINCREMENT, userId INTEGER, firstName TEXT, lastName TEXT, signupDate DATETIME, verified BOOLEAN, email TEXT, phone TEXT )",
"sqlite_sequence": "CREATE TABLE sqlite_sequence(name,seq)"
},
"db-metadata-hashes": {
"android_metadata": "ba739eb03730e563915f2f76b26ced51",
"contacts": "3aaf8eb3bc00f3cf562b368341d4b84f",
"sqlite_sequence": "079355c84d8b3b1511a504e08aab7fd2"
},
"db-metadata-md5": "6ae62dd33c30775996db15fb90d2f99f",
"tables": {
"android_metadata": {
"locale": {
"datatype": "TEXT"
}
},
"contacts": {
"_id": {
"autoincrement": true,
"datatype": "INTEGER",
"primarykey": true
},
"email": {
"datatype": "TEXT"
},
"firstName": {
"datatype": "TEXT"
},
"lastName": {
"datatype": "TEXT"
},
"phone": {
"datatype": "TEXT"
},
"signupDate": {
"datatype": "DATETIME"
},
"userId": {
"datatype": "INTEGER"
},
"verified": {
"datatype": "BOOLEAN"
}
},
"sqlite_sequence": {
"name": {
"datatype": "INTEGER"
},
"seq": {
"datatype": "INTEGER"
}
}
}
}

24
docs/README_DEV_INDEX
View File

@ -13,17 +13,27 @@ that our fingerprints will be > 1000. The index is designed for the future.
Where:
A sqlite database (_index_dbfp.db) is populated with index data. The current design
expects the index file to be located in the same directory as all the fingerprints.
The fingerprint names are created uniquely and should never have a collision.
How:
To create the index each fingerprint is read and unique hash values are inserted
into the index database along with the fingerprint file name. The current design
expects all fingerprint files to be in one dirctory. The fingerprint names are
created uniquely and should never have a collision.
To create the index each fingerprint is read and the unique hash values are inserted
into the index database along with the fingerprint file name. Each fingerprint has
an md5 hash that represent the entire database along with a md5 hash that represents
each table in the database. These md5 hashes are used as unique keys that can be
queried in the fingerprint index.
-------------------
INDEX DB SCHEMA
-------------------
----------
DESIGN
----------
Each create statement can be unique because of the various styles allowed, syntax
The result from the create statements are the same...
The create statments are md5 hashed, those md5 hashes are hashed for db_md5
-------------
DB SCHEMA
-------------
[ Table: md5_all ]
md5_db TEXT PRIMARY KEY, (hash value of the database schema)

16
docs/devnotes
View File

@ -3,12 +3,24 @@
Action Items from the code review:
1) Change table name from "metadata" to "app_details"
1) Regression Testing of all Features
2) Unit Tests
3) Documentation
4) Look at SQL statements parsing errors
xx-Add function to query the index for a specific MD5 table (database schema)
xx-Add a feature to add a fingerprint to the existing index (it currently recreates an index)
-Add a table to the Index to list all the applications that have a fingerprint (include the app version)
-more functionality can result from this information in the index
xx-Add a table to the Index to list all the applications that have a fingerprint (include the app version)
xx-more functionality can result from this information in the index
-Create a document describing the index file and include an example
-Create an example of the FingerprintDB class usage with a standalone tool