91 lines
3.9 KiB
Python
91 lines
3.9 KiB
Python
import argparse
|
|
import os
|
|
import sqlite3
|
|
|
|
from libs.fingerprint import FingerprintDB
|
|
from libs.fingerprint_index import FingerprintIndex
|
|
|
|
class FingerPrintCompare:
|
|
def __init__(self, db=None, fingerprint=None, fingerprint_dir=None, fingerprint_index=None, percent_match=85.0):
|
|
self.db = db
|
|
self.fingerprint = fingerprint
|
|
self.fingerprint_dir = fingerprint_dir
|
|
self.fingerprint_index = fingerprint_index
|
|
self.percent_match = float(percent_match)
|
|
|
|
def do_comparison(self):
|
|
|
|
status = 'fail'
|
|
|
|
if self.fingerprint:
|
|
status = self.compare_fingerprint(self.fingerprint)
|
|
elif self.fingerprint_dir:
|
|
for subdir, dirs, finger_print_files in os.walk(self.fingerprint_dir):
|
|
for finger_print_file in finger_print_files:
|
|
fingerprint = subdir + os.sep + finger_print_file
|
|
if fingerprint.endswith('.json'):
|
|
status = self.compare_fingerprint(fingerprint)
|
|
if status == 'success':
|
|
return status
|
|
elif self.fingerprint_index:
|
|
status = self.check_fingerprint_index(self.fingerprint_index)
|
|
|
|
return status
|
|
|
|
def compare_fingerprint(self, fingerprint):
|
|
|
|
db = FingerprintDB()
|
|
db.scanDBFile(self.db)
|
|
percent = db.compareDB(fingerprint)
|
|
print "Percent match: {}".format(str(percent))
|
|
if percent >= self.percent_match:
|
|
return 'success'
|
|
else:
|
|
return 'fail'
|
|
|
|
def check_fingerprint_index(self, fingerprint_index):
|
|
"""
|
|
Check if the database is in the index if it is not compare it against all fingerprints in the index
|
|
"""
|
|
db = FingerprintDB()
|
|
db.scanDBFile(self.db)
|
|
md5_db = db.getMD5DB()
|
|
conn = sqlite3.connect(fingerprint_index)
|
|
c = conn.cursor()
|
|
status = c.execute('SELECT EXISTS(SELECT 1 FROM md5_all WHERE md5_db = ' + '"{}" '.format(md5_db) + 'LIMIT 1)').fetchone()
|
|
if status == (1,):
|
|
return 'success'
|
|
else:
|
|
return self.compare_finger_print_index(db, fingerprint_index)
|
|
|
|
@staticmethod
|
|
def compare_finger_print_index(db, fingerprint_index):
|
|
|
|
fp_index = FingerprintIndex()
|
|
fp_index.openIndex(fingerprint_index)
|
|
md5_db = db.getMD5DB()
|
|
md5_tables = db.getMD5Tables()
|
|
fp_list = fp_index.findFP(md5_db, md5_tables)
|
|
# for fp_index in fp_list:
|
|
# fq_fp = fp_dir + os.path.sep + fp_index
|
|
# print "[ OPEN fingerprint ] [ {} ]".format(fq_fp)
|
|
# percent = db.compareDB(fq_fp)
|
|
# print "Percent: {}".format(str(percent))
|
|
|
|
if __name__ == "__main__":
|
|
parser = argparse.ArgumentParser(description="Fingerprint a sqlite database based on its schema")
|
|
parser.add_argument('-db', '--database', default = None, help="path to file to be fingerprinted")
|
|
parser.add_argument('-fp', '--fingerprint', default = None, help="fingerprint file to use in comparison")
|
|
parser.add_argument('-fd', '--fpdir', default = None, help="path to directory of fingerprint files")
|
|
parser.add_argument('-idx', '--fingerprint_index', default = None, help="path to a fingerprint index")
|
|
parser.add_argument('-pm', '--percent_match', default = 85.0, help="acceptable percent match for passing condition")
|
|
args = parser.parse_args()
|
|
|
|
if not (args.database and (args.fingerprint or args.fpdir or args.fingerprint_index)):
|
|
parser.error("Please provide a database to compare and some form of fingerprint."
|
|
"This tool accepts a fingerprint file, a directory of fingerprint files, or"
|
|
"a fingerprint index file")
|
|
|
|
fpc = FingerPrintCompare(args.database, args.fingerprint, args.fpdir, args.fingerprint_index, float(args.percent_match))
|
|
result = fpc.do_comparison()
|
|
print result |