66 lines
2.3 KiB
Plaintext
66 lines
2.3 KiB
Plaintext
==================
|
|
DB Fingerprint
|
|
==================
|
|
|
|
|
|
-------------
|
|
INTRO
|
|
-------------
|
|
[D]ata[B]ase [F]inger[P]rint
|
|
|
|
dbfp is a tool that will scan a sqlite database and generate a fingerprint.
|
|
The fingerprint will uniquely identify the database.
|
|
The fingerprint consists of the database schema, the sql table create statements,
|
|
md5 calculations, and file meta-data.
|
|
The fingerprint is stored to disk in JSON format.
|
|
|
|
The fingerprint can be used to identify unknown databases from random paths or recovered from deleted space.
|
|
The fingerprint can be used for historical comparisons to see what has changed in a new version of an application.
|
|
|
|
|
|
-------------
|
|
FEATURES
|
|
-------------
|
|
1. Generate a fingerprint in JSON format.
|
|
2. Compare a sqlite database with a fingerprint.
|
|
3. Rip all apps from an Android phone and create fingerprints for all SQLite databases
|
|
4. Lightning fast fingerprint comparison
|
|
a. creates an index of fingerprints
|
|
b. query the index for quick fingerprint comparison
|
|
|
|
|
|
-------------
|
|
USAGE
|
|
-------------
|
|
|
|
***** ***** ***** *****
|
|
DB Fingerprint
|
|
***** ***** ***** *****
|
|
|
|
usage: dbfp.py [-h] [-db DATABASE] [-fd FPDIR] [-fp FINGERPRINT]
|
|
[-dd DATA_DIR] [-idx INDEX_FINGERPRINTS] [-an APP_NAME]
|
|
[-av APP_VERSION] [-n NOTES] [-pull] [-v] [-l]
|
|
|
|
Fingerprint a sqlite database based on its schema
|
|
|
|
optional arguments:
|
|
-h, --help show this help message and exit
|
|
-db DATABASE, --database DATABASE
|
|
path to file to be fingerprinted
|
|
-fd FPDIR, --fpdir FPDIR
|
|
path to directory of fingerprint files
|
|
-fp FINGERPRINT, --fingerprint FINGERPRINT
|
|
fingerprint file to use in comparison
|
|
-dd DATA_DIR, --data_dir DATA_DIR
|
|
path to a directory with sqlite files
|
|
-idx INDEX_FINGERPRINTS, --index_fingerprints INDEX_FINGERPRINTS
|
|
path to a directory with sqlite files
|
|
-an APP_NAME, --app_name APP_NAME
|
|
-av APP_VERSION, --app_version APP_VERSION
|
|
-n NOTES, --notes NOTES
|
|
-pull automated pull of applications from a physical android
|
|
phone
|
|
-v, --verbose will set logging level to DEBUG
|
|
-l, --logging will supercede the -v option and send all logging to a
|
|
file, logging.DEBUG
|