diff --git a/dbfp.py b/dbfp.py index 7e2e098..5a3f3f1 100644 --- a/dbfp.py +++ b/dbfp.py @@ -60,10 +60,13 @@ def indexFingerprints(fp_dir): print ex # -def compareFingerprintDir(file_in, fp_dir): +def compareFPIndex(fp_dir, db_in, json_in): try: db = FingerprintDB() - db.scanDBFile(file_in) + if (db_in): + db.scanDBFile(db_in) + else: + db.importJson(json_in) logging.info("MD5 DB == {}".format(db.getMD5DB())) logging.info("MD5 TB == {}".format(db.getMD5Tables())) @@ -229,12 +232,12 @@ def parseArgs(): parser.add_argument('-fp', '--fingerprint', required=False, help="fingerprint file to use in comparison") parser.add_argument('-ad', '--android_dir', required=False, help="path to a directory with android folder structure sqlite files") parser.add_argument('-dd', '--data_dir', required=False, help="path to a directory to search for sqlite files") - parser.add_argument('-idx', '--index_fingerprints', required=False, help="path to a directory with sqlite files, index fingerprints if no other args given") - parser.add_argument('-md5', required=False, help="md5 hash to query the index`") + # parser.add_argument('-idx', '--index_fingerprints', required=False, help="path to a directory with sqlite files, index fingerprints if no other args given") parser.add_argument('-an', '--app_name', required=False) parser.add_argument('-av', '--app_version', required=False) parser.add_argument('-n', '--notes', required=False) - parser.add_argument('-idxf', action='store_true', help="add a fingerprint to the index") + parser.add_argument('-idx', action='store_true', help="add a fingerprint to the index") + parser.add_argument('-md5', required=False, help="md5 hash to query the index`") parser.add_argument('-android_pull', action='store_true', help="automated pull of applications from a physical android phone") parser.add_argument('-v', '--verbose', action='store_true', help="will set logging level to INFO") parser.add_argument('-vv', '--vverbose', action='store_true', help="will set logging level to DEBUG") @@ -252,23 +255,40 @@ def parseArgs(): else: logging.basicConfig(level=logging.CRITICAL) - if args.idxf and args.fpdir and (args.database or args.fingerprint): + if args.fpdir and args.idx and (args.database or args.fingerprint): insertFP(args.database, args.fingerprint, args.fpdir) + elif args.fpdir and args.idx: + indexFingerprints(args.fpdir) elif (args.database and args.fingerprint): compareFingerprint(args.database, args.fingerprint) - elif (args.database and args.fpdir): - compareFingerprintDir(args.database, args.fpdir) + elif (args.fpdir and (args.database or args.fingerprint)): + compareFPIndex(args.fpdir, args.database, args.fingerprint) elif (args.fpdir and args.md5): queryMD5(args.fpdir, args.md5) elif (args.android_dir): androidData(args.android_dir) - elif (args.index_fingerprints): - indexFingerprints(args.index_fingerprints) elif (args.android_pull): androidPull() elif (args.database): createFingerprint(args.database, args.app_name, args.app_version, args.notes) else: + print 'Create fingerprint:' + print ' dbfp.py -db \n' + print 'Create fingerprint index:' + print ' dbfp.py -fd -idx\n' + print 'Add fingerprint to index:' + print ' dbfp.py -fp -idx (-db | -fp )\n' + print 'Compare fingerprint to a database file:' + print ' dbfp.py -fp -db \n' + print 'Lookup fingerprint from index:' + print ' dbfp.py -fd -fp )\n' + print 'Lookup database from index:' + print ' dbfp.py -fd -db \n' + print 'Lookup MD5 hash from index:' + print ' dbfp.py -fd -md5 \n' + print 'Android App pull and fingerprint:' + print ' dbfp.py -android_pull' + print '\n***** ***** ***** *****\n' parser.print_help() diff --git a/docs/devnotes b/docs/devnotes index 18b4a3b..bbbcdd2 100644 --- a/docs/devnotes +++ b/docs/devnotes @@ -13,6 +13,8 @@ Action Items from the code review: 4) Look at SQL statements parsing errors +5) Fingerprint compare feature + xx-Add function to query the index for a specific MD5 table (database schema)