j3g
/
dbfp_pub
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

UPD: updated docs added verbose examples of the tools usage

This commit is contained in:
JohnE 2016-02-29 19:45:39 -08:00
parent 40d10614a9
commit 8cca9ed317
2 changed files with 32 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
dbfp.py
View File

@ -60,10 +60,13 @@ def indexFingerprints(fp_dir):
print ex print ex
# #
def compareFingerprintDir(file_in, fp_dir): def compareFPIndex(fp_dir, db_in, json_in):
try: try:
db = FingerprintDB() db = FingerprintDB()
db.scanDBFile(file_in) if (db_in):
db.scanDBFile(db_in)
else:
db.importJson(json_in)
logging.info("MD5 DB == {}".format(db.getMD5DB())) logging.info("MD5 DB == {}".format(db.getMD5DB()))
logging.info("MD5 TB == {}".format(db.getMD5Tables())) logging.info("MD5 TB == {}".format(db.getMD5Tables()))
@ -229,12 +232,12 @@ def parseArgs():
parser.add_argument('-fp', '--fingerprint', required=False, help="fingerprint file to use in comparison") parser.add_argument('-fp', '--fingerprint', required=False, help="fingerprint file to use in comparison")
parser.add_argument('-ad', '--android_dir', required=False, help="path to a directory with android folder structure sqlite files") parser.add_argument('-ad', '--android_dir', required=False, help="path to a directory with android folder structure sqlite files")
parser.add_argument('-dd', '--data_dir', required=False, help="path to a directory to search for sqlite files") parser.add_argument('-dd', '--data_dir', required=False, help="path to a directory to search for sqlite files")
parser.add_argument('-idx', '--index_fingerprints', required=False, help="path to a directory with sqlite files, index fingerprints if no other args given") # parser.add_argument('-idx', '--index_fingerprints', required=False, help="path to a directory with sqlite files, index fingerprints if no other args given")
parser.add_argument('-md5', required=False, help="md5 hash to query the index`")
parser.add_argument('-an', '--app_name', required=False) parser.add_argument('-an', '--app_name', required=False)
parser.add_argument('-av', '--app_version', required=False) parser.add_argument('-av', '--app_version', required=False)
parser.add_argument('-n', '--notes', required=False) parser.add_argument('-n', '--notes', required=False)
parser.add_argument('-idxf', action='store_true', help="add a fingerprint to the index") parser.add_argument('-idx', action='store_true', help="add a fingerprint to the index")
parser.add_argument('-md5', required=False, help="md5 hash to query the index`")
parser.add_argument('-android_pull', action='store_true', help="automated pull of applications from a physical android phone") parser.add_argument('-android_pull', action='store_true', help="automated pull of applications from a physical android phone")
parser.add_argument('-v', '--verbose', action='store_true', help="will set logging level to INFO") parser.add_argument('-v', '--verbose', action='store_true', help="will set logging level to INFO")
parser.add_argument('-vv', '--vverbose', action='store_true', help="will set logging level to DEBUG") parser.add_argument('-vv', '--vverbose', action='store_true', help="will set logging level to DEBUG")
@ -252,23 +255,40 @@ def parseArgs():
else: else:
logging.basicConfig(level=logging.CRITICAL) logging.basicConfig(level=logging.CRITICAL)
if args.idxf and args.fpdir and (args.database or args.fingerprint): if args.fpdir and args.idx and (args.database or args.fingerprint):
insertFP(args.database, args.fingerprint, args.fpdir) insertFP(args.database, args.fingerprint, args.fpdir)
elif args.fpdir and args.idx:
indexFingerprints(args.fpdir)
elif (args.database and args.fingerprint): elif (args.database and args.fingerprint):
compareFingerprint(args.database, args.fingerprint) compareFingerprint(args.database, args.fingerprint)
elif (args.database and args.fpdir): elif (args.fpdir and (args.database or args.fingerprint)):
compareFingerprintDir(args.database, args.fpdir) compareFPIndex(args.fpdir, args.database, args.fingerprint)
elif (args.fpdir and args.md5): elif (args.fpdir and args.md5):
queryMD5(args.fpdir, args.md5) queryMD5(args.fpdir, args.md5)
elif (args.android_dir): elif (args.android_dir):
androidData(args.android_dir) androidData(args.android_dir)
elif (args.index_fingerprints):
indexFingerprints(args.index_fingerprints)
elif (args.android_pull): elif (args.android_pull):
androidPull() androidPull()
elif (args.database): elif (args.database):
createFingerprint(args.database, args.app_name, args.app_version, args.notes) createFingerprint(args.database, args.app_name, args.app_version, args.notes)
else: else:
print 'Create fingerprint:'
print ' dbfp.py -db <database_file>\n'
print 'Create fingerprint index:'
print ' dbfp.py -fd <fingerprint_dir> -idx\n'
print 'Add fingerprint to index:'
print ' dbfp.py -fp <fingerprint_file> -idx (-db <database_file> | -fp <fingerprint_file>)\n'
print 'Compare fingerprint to a database file:'
print ' dbfp.py -fp <fingerprint_file> -db <database_file>\n'
print 'Lookup fingerprint from index:'
print ' dbfp.py -fd <fingerprint_dir> -fp <fingerprint_file>)\n'
print 'Lookup database from index:'
print ' dbfp.py -fd <fingerprint_dir> -db <database_file>\n'
print 'Lookup MD5 hash from index:'
print ' dbfp.py -fd <fingerprint_dir> -md5 <md5_hash_string>\n'
print 'Android App pull and fingerprint:'
print ' dbfp.py -android_pull'
print '\n***** ***** ***** *****\n'
parser.print_help() parser.print_help()

2
docs/devnotes
View File

@ -13,6 +13,8 @@ Action Items from the code review:
4) Look at SQL statements parsing errors 4) Look at SQL statements parsing errors
5) Fingerprint compare feature
xx-Add function to query the index for a specific MD5 table (database schema) xx-Add function to query the index for a specific MD5 table (database schema)