import argparse import os import sqlite3 from libs.fingerprint import FingerprintDB from libs.fingerprint_index import FingerprintIndex class FingerPrintCompare: def __init__(self, db=None, fingerprint=None, fingerprint_dir=None, fingerprint_index=None, percent_match=85.0): self.db = db self.fingerprint = fingerprint self.fingerprint_dir = fingerprint_dir self.fingerprint_index = fingerprint_index self.percent_match = float(percent_match) def do_comparison(self): status = 'fail' if self.fingerprint: status = self.compare_fingerprint(self.fingerprint) elif self.fingerprint_dir: for subdir, dirs, finger_print_files in os.walk(self.fingerprint_dir): for finger_print_file in finger_print_files: fingerprint = subdir + os.sep + finger_print_file if fingerprint.endswith('.json'): status = self.compare_fingerprint(fingerprint) if status == 'success': return status elif self.fingerprint_index: status = self.check_fingerprint_index(self.fingerprint_index) return status def compare_fingerprint(self, fingerprint): db = FingerprintDB() db.scanDBFile(self.db) percent = db.compareDB(fingerprint) print "Percent match: {}".format(str(percent)) if percent >= self.percent_match: return 'success' else: return 'fail' def check_fingerprint_index(self, fingerprint_index): """ Check if the database is in the index if it is not compare it against all fingerprints in the index """ db = FingerprintDB() db.scanDBFile(self.db) md5_db = db.getMD5DB() conn = sqlite3.connect(fingerprint_index) c = conn.cursor() status = c.execute('SELECT EXISTS(SELECT 1 FROM md5_all WHERE md5_db = ' + '"{}" '.format(md5_db) + 'LIMIT 1)').fetchone() if status == (1,): return 'success' else: return self.compare_finger_print_index(db, fingerprint_index) @staticmethod def compare_finger_print_index(db, fingerprint_index): fp_index = FingerprintIndex() fp_index.openIndex(fingerprint_index) md5_db = db.getMD5DB() md5_tables = db.getMD5Tables() fp_list = fp_index.findFP(md5_db, md5_tables) # for fp_index in fp_list: # fq_fp = fp_dir + os.path.sep + fp_index # print "[ OPEN fingerprint ] [ {} ]".format(fq_fp) # percent = db.compareDB(fq_fp) # print "Percent: {}".format(str(percent)) if __name__ == "__main__": parser = argparse.ArgumentParser(description="Fingerprint a sqlite database based on its schema") parser.add_argument('-db', '--database', default = None, help="path to file to be fingerprinted") parser.add_argument('-fp', '--fingerprint', default = None, help="fingerprint file to use in comparison") parser.add_argument('-fd', '--fpdir', default = None, help="path to directory of fingerprint files") parser.add_argument('-idx', '--fingerprint_index', default = None, help="path to a fingerprint index") parser.add_argument('-pm', '--percent_match', default = 85.0, help="acceptable percent match for passing condition") args = parser.parse_args() if not (args.database and (args.fingerprint or args.fpdir or args.fingerprint_index)): parser.error("Please provide a database to compare and some form of fingerprint." "This tool accepts a fingerprint file, a directory of fingerprint files, or" "a fingerprint index file") fpc = FingerPrintCompare(args.database, args.fingerprint, args.fpdir, args.fingerprint_index, float(args.percent_match)) result = fpc.do_comparison() print result