73 lines
2.7 KiB
Plaintext
73 lines
2.7 KiB
Plaintext
==================
|
|
DB Fingerprint
|
|
==================
|
|
|
|
|
|
-------------
|
|
INTRO
|
|
-------------
|
|
[D]ata[B]ase [F]inger[P]rint
|
|
|
|
dbfp is a tool that will scan a sqlite database and generate a fingerprint.
|
|
The fingerprint will uniquely identify the database.
|
|
The fingerprint consists of the database schema, the sql table create statements,
|
|
md5 calculations, and file meta-data.
|
|
The fingerprint is stored to disk in JSON format.
|
|
|
|
The fingerprint can be used to identify unknown databases from random paths or recovered from deleted space.
|
|
The fingerprint can be used for historical comparisons to see what has changed in a new version of an application.
|
|
|
|
|
|
-------------
|
|
FEATURES
|
|
-------------
|
|
1. Generate a fingerprint in JSON format.
|
|
2. Compare a sqlite database with a fingerprint.
|
|
3. Rip all apps from an Android phone and create fingerprints for all SQLite databases
|
|
4. Lightning fast fingerprint comparison
|
|
a. creates an index of fingerprints
|
|
b. query the index for quick fingerprint comparison
|
|
|
|
|
|
-------------
|
|
USAGE
|
|
-------------
|
|
|
|
***** ***** ***** *****
|
|
DB Fingerprint
|
|
***** ***** ***** *****
|
|
|
|
usage: dbfp.py [-h] [-db DATABASE] [-fd FPDIR] [-fp FINGERPRINT]
|
|
[-ad ANDROID_DIR] [-dd DATA_DIR] [-idx INDEX_FINGERPRINTS]
|
|
[-md5 MD5] [-an APP_NAME] [-av APP_VERSION] [-n NOTES] [-idxf]
|
|
[-android_pull] [-v] [-vv] [-l]
|
|
|
|
Fingerprint a sqlite database based on its schema
|
|
|
|
optional arguments:
|
|
-h, --help show this help message and exit
|
|
-db DATABASE, --database DATABASE
|
|
path to file to be fingerprinted
|
|
-fd FPDIR, --fpdir FPDIR
|
|
path to directory of fingerprint files
|
|
-fp FINGERPRINT, --fingerprint FINGERPRINT
|
|
fingerprint file to use in comparison
|
|
-ad ANDROID_DIR, --android_dir ANDROID_DIR
|
|
path to a directory with android folder structure
|
|
sqlite files
|
|
-dd DATA_DIR, --data_dir DATA_DIR
|
|
path to a directory to search for sqlite files
|
|
-idx INDEX_FINGERPRINTS, --index_fingerprints INDEX_FINGERPRINTS
|
|
path to a directory with sqlite files
|
|
-md5 MD5 md5 hash to query the index`
|
|
-an APP_NAME, --app_name APP_NAME
|
|
-av APP_VERSION, --app_version APP_VERSION
|
|
-n NOTES, --notes NOTES
|
|
-idxf add a fingerprint to the index
|
|
-android_pull automated pull of applications from a physical android
|
|
phone
|
|
-v, --verbose will set logging level to INFO
|
|
-vv, --vverbose will set logging level to DEBUG
|
|
-l, --logging will supercede the -v option and send all logging to a
|
|
file, logging.DEBUG
|