UPD: updated documentation, added more information
This commit is contained in:
JohnE
parent
44bd8a54dd
commit
8c1366d8cd
|
|
@ -1,18 +1,110 @@
|
||||||
|
=========================
|
||||||
|
Fingerprint Design Doc
|
||||||
|
==========================
|
||||||
|
|
||||||
JSON Fingerprint Format Design
|
|
||||||
|
|
||||||
|
-----------------------
|
||||||
|
FINGERPRINT DESIGN
|
||||||
|
-----------------------
|
||||||
|
|
||||||
Fingerprint Naming Convention
|
Fingerprint Naming Convention
|
||||||
Fully Qualified Domain App Name + "__" + database name + "__" + "dbfp.json"
|
Fully Qualified Domain App Name + "__" + database name + "__" + "dbfp.json"
|
||||||
|
|
||||||
|
|
||||||
JSON File Format:
|
--------------------------
|
||||||
|
JSON FINGERPRINT FORMAT
|
||||||
|
--------------------------
|
||||||
|
|
||||||
1. "_file-metadata": has information regarding how this fingerprint was created
|
[ _file-details ]
|
||||||
|
contains information regarding how and where this fingerprint was created:
|
||||||
|
|
||||||
2. "db-metadata": contains the sql create statements for each table in the database
|
"app-name": name of the application, usually reverse dns is best identifier
|
||||||
|
"app-ver": version of the application at the time of this scan
|
||||||
|
"db-name": name of the database
|
||||||
|
"format-ver": fingerprint format version, this is helpful for major revisions
|
||||||
|
"notes": any notes to be included with this fingerprint
|
||||||
|
"scan-date": time stamp of the database scan and fingerprint creation
|
||||||
|
"scanner-name": name of the fingerprint scanner tool (to be future proof)
|
||||||
|
"scanner-ver": version of the fingerprint scanner tool used to create this fingerprint
|
||||||
|
|
||||||
3. "db-metadata-hashes": contains the md5 hashes of each create statement (for quicker comparisons of fingerprints)
|
|
||||||
|
|
||||||
4. "table": is the database schema in a hash format to be loaded into the fingerprint program
|
[ db-metadata ]
|
||||||
|
contains the exact create table strings, most create table strings are unique
|
||||||
|
|
||||||
|
[ db-metadata-hashes ]
|
||||||
|
contains hashing of the create table stings
|
||||||
|
|
||||||
|
[ tables ]
|
||||||
|
each table schema in a normalized (hash table) data type
|
||||||
|
|
||||||
|
|
||||||
|
-------------
|
||||||
|
EXAMPLE
|
||||||
|
-------------
|
||||||
|
|
||||||
|
{
|
||||||
|
"_file-details": {
|
||||||
|
"app-name": "cm.confide.android",
|
||||||
|
"app-ver": "",
|
||||||
|
"db-name": "confide.db",
|
||||||
|
"format-ver": "0.92",
|
||||||
|
"notes": "",
|
||||||
|
"scan-date": "2016-02-29_161058",
|
||||||
|
"scanner-name": "dbfp",
|
||||||
|
"scanner-ver": "1.00b"
|
||||||
|
},
|
||||||
|
"db-metadata": {
|
||||||
|
"android_metadata": "CREATE TABLE android_metadata (locale TEXT)",
|
||||||
|
"contacts": "CREATE TABLE contacts ( _id INTEGER PRIMARY KEY AUTOINCREMENT, userId INTEGER, firstName TEXT, lastName TEXT, signupDate DATETIME, verified BOOLEAN, email TEXT, phone TEXT )",
|
||||||
|
"sqlite_sequence": "CREATE TABLE sqlite_sequence(name,seq)"
|
||||||
|
},
|
||||||
|
"db-metadata-hashes": {
|
||||||
|
"android_metadata": "ba739eb03730e563915f2f76b26ced51",
|
||||||
|
"contacts": "3aaf8eb3bc00f3cf562b368341d4b84f",
|
||||||
|
"sqlite_sequence": "079355c84d8b3b1511a504e08aab7fd2"
|
||||||
|
},
|
||||||
|
"db-metadata-md5": "6ae62dd33c30775996db15fb90d2f99f",
|
||||||
|
"tables": {
|
||||||
|
"android_metadata": {
|
||||||
|
"locale": {
|
||||||
|
"datatype": "TEXT"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"contacts": {
|
||||||
|
"_id": {
|
||||||
|
"autoincrement": true,
|
||||||
|
"datatype": "INTEGER",
|
||||||
|
"primarykey": true
|
||||||
|
},
|
||||||
|
"email": {
|
||||||
|
"datatype": "TEXT"
|
||||||
|
},
|
||||||
|
"firstName": {
|
||||||
|
"datatype": "TEXT"
|
||||||
|
},
|
||||||
|
"lastName": {
|
||||||
|
"datatype": "TEXT"
|
||||||
|
},
|
||||||
|
"phone": {
|
||||||
|
"datatype": "TEXT"
|
||||||
|
},
|
||||||
|
"signupDate": {
|
||||||
|
"datatype": "DATETIME"
|
||||||
|
},
|
||||||
|
"userId": {
|
||||||
|
"datatype": "INTEGER"
|
||||||
|
},
|
||||||
|
"verified": {
|
||||||
|
"datatype": "BOOLEAN"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"sqlite_sequence": {
|
||||||
|
"name": {
|
||||||
|
"datatype": "INTEGER"
|
||||||
|
},
|
||||||
|
"seq": {
|
||||||
|
"datatype": "INTEGER"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,17 +13,27 @@ that our fingerprints will be > 1000. The index is designed for the future.
|
||||||
Where:
|
Where:
|
||||||
A sqlite database (_index_dbfp.db) is populated with index data. The current design
|
A sqlite database (_index_dbfp.db) is populated with index data. The current design
|
||||||
expects the index file to be located in the same directory as all the fingerprints.
|
expects the index file to be located in the same directory as all the fingerprints.
|
||||||
|
The fingerprint names are created uniquely and should never have a collision.
|
||||||
|
|
||||||
How:
|
How:
|
||||||
To create the index each fingerprint is read and unique hash values are inserted
|
To create the index each fingerprint is read and the unique hash values are inserted
|
||||||
into the index database along with the fingerprint file name. The current design
|
into the index database along with the fingerprint file name. Each fingerprint has
|
||||||
expects all fingerprint files to be in one dirctory. The fingerprint names are
|
an md5 hash that represent the entire database along with a md5 hash that represents
|
||||||
created uniquely and should never have a collision.
|
each table in the database. These md5 hashes are used as unique keys that can be
|
||||||
|
queried in the fingerprint index.
|
||||||
|
|
||||||
|
|
||||||
-------------------
|
----------
|
||||||
INDEX DB SCHEMA
|
DESIGN
|
||||||
-------------------
|
----------
|
||||||
|
Each create statement can be unique because of the various styles allowed, syntax
|
||||||
|
The result from the create statements are the same...
|
||||||
|
The create statments are md5 hashed, those md5 hashes are hashed for db_md5
|
||||||
|
|
||||||
|
|
||||||
|
-------------
|
||||||
|
DB SCHEMA
|
||||||
|
-------------
|
||||||
|
|
||||||
[ Table: md5_all ]
|
[ Table: md5_all ]
|
||||||
md5_db TEXT PRIMARY KEY, (hash value of the database schema)
|
md5_db TEXT PRIMARY KEY, (hash value of the database schema)
|
||||||
|
|
|
||||||
|
|
@ -3,12 +3,24 @@
|
||||||
|
|
||||||
Action Items from the code review:
|
Action Items from the code review:
|
||||||
|
|
||||||
|
1) Change table name from "metadata" to "app_details"
|
||||||
|
|
||||||
|
1) Regression Testing of all Features
|
||||||
|
|
||||||
|
2) Unit Tests
|
||||||
|
|
||||||
|
3) Documentation
|
||||||
|
|
||||||
|
4) Look at SQL statements parsing errors
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
xx-Add function to query the index for a specific MD5 table (database schema)
|
xx-Add function to query the index for a specific MD5 table (database schema)
|
||||||
|
|
||||||
xx-Add a feature to add a fingerprint to the existing index (it currently recreates an index)
|
xx-Add a feature to add a fingerprint to the existing index (it currently recreates an index)
|
||||||
|
|
||||||
-Add a table to the Index to list all the applications that have a fingerprint (include the app version)
|
xx-Add a table to the Index to list all the applications that have a fingerprint (include the app version)
|
||||||
-more functionality can result from this information in the index
|
xx-more functionality can result from this information in the index
|
||||||
|
|
||||||
-Create a document describing the index file and include an example
|
-Create a document describing the index file and include an example
|
||||||
-Create an example of the FingerprintDB class usage with a standalone tool
|
-Create an example of the FingerprintDB class usage with a standalone tool
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue