Merge pull request #29 from r4ulcl/dev

codefactor fix SQLi, SHA256, update README
r4ulcl · Oct 13, 2023 · fe8e653 · fe8e653
2 parents b4e1ae7 + 22f12e4
commit fe8e653
Show file tree

Hide file tree

Showing 8 changed files with 73 additions and 56 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,16 +1,18 @@
-FROM ubuntu
+FROM ubuntu:22.04                                                                                                                                     
 #FROM wireshark/wireshark-ubuntu-dev
 #:3.8-slim-buster
 
 WORKDIR /app
 
-RUN apt-get update
-RUN DEBIAN_FRONTEND=noninteractive apt-get install tshark -y --allow-change-held-packages
-RUN apt-get install python3 python3-pip make git -y
-RUN apt-get install pkg-config -y
-RUN apt-get install libcurl4-openssl-dev libssl-dev pkg-config -y #Dependencies
+RUN apt-get update \
+    && DEBIAN_FRONTEND=noninteractive apt-get install tshark -y --allow-change-held-packages \
+    && apt-get install python3 python3-pip make git -y \
+    && apt-get install pkg-config -y \
+    && apt-get install libcurl4-openssl-dev libssl-dev pkg-config -y \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
 COPY requirements.txt requirements.txt
-RUN pip3 install -r requirements.txt
+RUN pip3 install --no-cache-dir -r requirements.txt
 
 COPY . .
 
@@ -19,6 +21,4 @@ RUN git clone https://github.com/ZerBea/hcxtools.git ; cd hcxtools ; make ; make
 
 RUN mkdir /captures/
 
-#CMD ["/app/wifi_db.py"]
 ENTRYPOINT ["python3", "/app/wifi_db.py", "/captures/", "-d", "/db.SQLITE"]
-
diff --git a/README.md b/README.md
@@ -15,15 +15,28 @@
   <a href="https://github.com/r4ulcl/wifi_db/issues">
     <img src="https://img.shields.io/github/issues/r4ulcl/wifi_db.svg" alt="GitHub issues">
   </a>
+  <a href="https://www.codefactor.io/repository/github/r4ulcl/wifi_db">
+    <img src="https://www.codefactor.io/repository/github/r4ulcl/wifi_db/badge" alt="CodeFactor" />
+  </a>
+    <a href="https://github.com/r4ulcl/wifi_db">
+    <img src="https://tokei.rs/b1/github/r4ulcl/wifi_db" alt="LoC" />
+  </a>
   <a href="https://github.com/r4ulcl/wifi_db/blob/main/LICENSE">
     <img src="https://img.shields.io/github/license/r4ulcl/wifi_db.svg" alt="GitHub license">
   </a>
+
+  <br>
+  <a href="https://hub.docker.com/r/r4ulcl/wifi_db">
+    <img src="https://github.com/r4ulcl/wifi_db/actions/workflows/docker-image.yml/badge.svg" alt="Docker Image">
+  </a>
+    <a href="https://hub.docker.com/r/r4ulcl/wifi_db/tags">
+    <img src="https://github.com/r4ulcl/wifi_db/actions/workflows/docker-image-dev.yml/badge.svg" alt="Docker Image dev">
+  </a>
+
 </p>
 
 # wifi_db
 
-[![Docker Image](https://github.com/r4ulcl/wifi_db/actions/workflows/docker-image.yml/badge.svg)](https://hub.docker.com/r/r4ulcl/wifi_db) [![Docker Image dev](https://github.com/r4ulcl/wifi_db/actions/workflows/docker-image-dev.yml/badge.svg)](https://hub.docker.com/r/r4ulcl/wifi_db)
-
 Script to parse Aircrack-ng captures into a SQLite database and extract useful information like handshakes (in 22000 hashcat format), MGT identities, interesting relations between APs, clients and it's Probes, WPS information and a global view of all the APs seen.
 
 

diff --git a/delete_from_db.py b/delete_from_db.py
@@ -23,25 +23,25 @@ def delete_ap(database, bssid, verbose):
     try:
         cursor = database.cursor()
 
-        sql = "DELETE from handshake where bssid=\"" + bssid + "\""
-        print(sql)
-        cursor.execute(sql)
+        sql = "DELETE from handshake where bssid = ?"
+        print(sql, bssid)
+        cursor.execute(sql, bssid)
 
-        sql = "DELETE from identityap where bssid=\"" + bssid + "\""
-        print(sql)
-        cursor.execute(sql)
+        sql = "DELETE from identityap where bssid = ? "
+        print(sql, bssid)
+        cursor.execute(sql, bssid)
 
-        sql = "DELETE from seenap where bssid=\"" + bssid + "\""
-        print(sql)
-        cursor.execute(sql)
+        sql = "DELETE from seenap where bssid = ? "
+        print(sql, bssid)
+        cursor.execute(sql, bssid)
 
-        sql = "DELETE from connected where bssid=\"" + bssid + "\""
-        print(sql)
-        cursor.execute(sql)
+        sql = "DELETE from connected where bssid = ? "
+        print(sql, bssid)
+        cursor.execute(sql, bssid)
 
-        sql = "DELETE from ap where bssid=\"" + bssid + "\""
-        print(sql)
-        cursor.execute(sql)
+        sql = "DELETE from ap where bssid = ? "
+        print(sql, bssid)
+        cursor.execute(sql, bssid)
 
         database.commit()
     except sqlite3.IntegrityError as error:

diff --git a/requirements.txt b/requirements.txt
@@ -1,4 +1,5 @@
+defusedxml==0.7.1
 ftfy==6.1.1
 nest_asyncio==1.5.8
 pyshark==0.6
-requests==2.31.0
+Requests==2.31.0
diff --git a/utils/database_utils.py b/utils/database_utils.py
@@ -303,7 +303,6 @@ def insertWPS(cursor, verbose, bssid, wlan_ssid, wps_version, wps_device_name,
                         wps_config_methods_keypad))
         return int(0)
     except sqlite3.IntegrityError as error:
-        # TODO: Update info if there is more, like AP
         # errors += 1
         if verbose:
             print("insertWPS " + str(error))
@@ -373,7 +372,7 @@ def insertHandshake(cursor, verbose, bssid, mac, file):
 
         # Get file hash MD5
         with open(file, 'rb') as file_handle:
-            hash = hashlib.md5(file_handle.read()).hexdigest()
+            hash = getHash(file_handle.read())
 
         # insertHandshake Client and AP CONSTRAINT
         ssid = ""
@@ -503,12 +502,12 @@ def insertSeenAP(cursor, verbose, bssid, time, tool, signal_rsi,
 def setHashcat(cursor, verbose, bssid, mac, file, hashcat):
     try:
         with open(file, 'rb') as file_handle:
-            hashMD5 = hashlib.md5(file_handle.read()).hexdigest()
+            hash = getHash(file_handle.read())
         if verbose:
             print("HASH: ", hash)
         cursor.execute('''INSERT OR REPLACE INTO Handshake
                           VALUES(?,?,?,?,?)''',
-                       (bssid.upper(), mac.upper(), file, hashMD5, hashcat))
+                       (bssid.upper(), mac.upper(), file, hash, hashcat))
         return int(0)
     except sqlite3.IntegrityError as error:
         print("setHashcat" + str(error))
@@ -519,7 +518,7 @@ def insertFile(cursor, verbose, file):
     try:
         # Get MD5
         with open(file, 'rb') as file_handle:
-            hash = hashlib.md5(file_handle.read()).hexdigest()
+            hash = getHash(file_handle.read())
         if verbose:
             print("HASH: ", hash)
         cursor.execute('''INSERT OR REPLACE INTO Files VALUES(?,?,?,?)''',
@@ -530,9 +529,13 @@ def insertFile(cursor, verbose, file):
         return int(1)
 
 
+def getHash(file):
+    return hashlib.sha256(file).hexdigest()
+
+
 def setFileProcessed(cursor, verbose, file):
     try:
-        cursor.execute('''UPDATE Files SET processed = ? where file = ?''',
+        cursor.execute('''UPDATE Files SET processed = (?) where file = ?''',
                        ("True", file))
         return int(0)
     except sqlite3.IntegrityError as error:
@@ -547,12 +550,11 @@ def checkFileProcessed(cursor, verbose, file):
         return int(0)
 
     with open(file, 'rb') as file_handle:
-        hash = hashlib.md5(file_handle.read()).hexdigest()
+        hash = getHash(file_handle.read())
 
     try:
-        sql = "SELECT file from Files where hashMD5 = '" + hash + \
-              "' AND processed = 'True';"
-        cursor.execute(sql)
+        cursor.execute('''SELECT file FROM Files WHERE hashSHA = (?) 
+                          AND processed = "True"''', (hash,))
 
         output = cursor.fetchall()
         if len(output) > 0:
@@ -584,7 +586,7 @@ def obfuscateDB(database, verbose):
             new = (row[0][0:9] + ('XX:XX:XX') + '-' + aux)
             # print (new)
 
-            cursor.execute('''UPDATE AP set bssid = ? where bssid = ?''',
+            cursor.execute('''UPDATE AP set bssid = (?) where bssid = ?''',
                            (new, row[0]))
             database.commit()
 
@@ -609,7 +611,7 @@ def obfuscateDB(database, verbose):
             aux = ''.join(random.choice(letter) for _ in range(8))
             new = (row[0][0:9] + ('XX:XX:XX') + '-' + aux)
 
-            cursor.execute('''UPDATE Client set mac = ? where mac = ?''',
+            cursor.execute('''UPDATE Client set mac = (?) where mac = ?''',
                            (new.upper(), row[0].upper()))
             database.commit()
 
@@ -630,22 +632,22 @@ def clearWhitelist(database, verbose, whitelist):
         mac = mac.upper()
         try:
             cursor.execute(
-                "DELETE from Handshake where bssid='%s'" % (mac.upper()))
+                "DELETE from Handshake where bssid = (?) ", (mac.upper(),))
             cursor.execute(
-                "DELETE from Identity where bssid='%s'" % (mac.upper()))
+                "DELETE from Identity where bssid = (?) ", (mac.upper(),))
             cursor.execute(
-                "DELETE from SeenAP where bssid='%s'" % (mac.upper()))
+                "DELETE from SeenAP where bssid = (?) ", (mac.upper(),))
             cursor.execute(
-                "DELETE from SeenClient where mac='%s'" % (mac.upper()))
+                "DELETE from SeenClient where mac = (?) ", (mac.upper(),))
             cursor.execute(
-                "DELETE from Probe where mac='%s'" % (mac.upper()))
+                "DELETE from Probe where mac = (?) ", (mac.upper(),))
             cursor.execute(
-                "DELETE from Connected where bssid='%s' OR mac='%s'"
-                % (mac.upper(), mac.upper()))
+                "DELETE from Connected where bssid = (?)  OR mac = (?) "
+               , (mac.upper(), mac.upper(),))
             cursor.execute(
-                "DELETE from AP where bssid='%s'" % (mac.upper()))
+                "DELETE from AP where bssid = (?) ", (mac.upper(),))
             cursor.execute(
-                "DELETE from Client where mac='%s'" % (mac.upper()))
+                "DELETE from Client where mac = (?) ", (mac.upper(),))
 
             database.commit()
 

diff --git a/utils/update.py b/utils/update.py
@@ -7,7 +7,7 @@
 
 def is_git_installed():
     try:
-        subprocess.run(["git", "--version"], stdout=subprocess.PIPE,
+        subprocess.run(["/usr/bin/git", "--version"], stdout=subprocess.PIPE,
                        stderr=subprocess.PIPE, check=True)
         return True
     except FileNotFoundError:
@@ -54,7 +54,7 @@ def check_for_update(VERSION):
                                 ).strip().lower() or "y"
             if user_choice in ("", "y", "Y"):
                 print("Updating...")
-                update_process = subprocess.Popen(["git", "pull"],
+                update_process = subprocess.Popen(["/usr/bin/git", "pull"],
                                                   cwd=script_dir)
                 # Wait for the Git pull operation to complete
                 update_process.wait()

diff --git a/utils/wifi_db_aircrack.py b/utils/wifi_db_aircrack.py
@@ -2,7 +2,8 @@
 ''' Parse Aircrack, Kismet and Wigle output to a SQLite DB '''
 # -*- coding: utf-8 -*-
 import csv
-import xml.etree.ElementTree as ET
+#import xml.etree.ElementTree as ET # vuln! 
+import defusedxml.ElementTree as ET
 import os
 import re
 from utils import oui
@@ -658,7 +659,7 @@ def exec_hcxpcapngtool(name, database, verbose):
         arguments = fileName + ' -o test.22000'
 
         execution = subprocess.check_output("hcxpcapngtool --all " + arguments,
-                                            shell=True)
+                                            shell=False)
         if verbose:
             print(execution)
 

diff --git a/utils/wifi_db_database.sql b/utils/wifi_db_database.sql
@@ -98,12 +98,12 @@ CREATE TABLE IF NOT EXISTS Handshake
     bssid TEXT NOT NULL,
     mac TEXT NOT NULL,
     file TEXT NOT NULL,
-    hashMD5 TEXT NOT NULL,
+    hashSHA TEXT NOT NULL,
     hashcat TEXT,
     CONSTRAINT Key6 PRIMARY KEY (bssid,mac,file)
     CONSTRAINT FRelationship4 FOREIGN KEY (bssid) REFERENCES AP (bssid) ON UPDATE CASCADE ON DELETE CASCADE,
     CONSTRAINT FRelationship5 FOREIGN KEY (mac) REFERENCES Client (mac) ON UPDATE CASCADE ON DELETE CASCADE,
-    CONSTRAINT FRelationship8 FOREIGN KEY (file,hashMD5) REFERENCES Files (file,hashMD5) ON UPDATE CASCADE ON DELETE CASCADE
+    CONSTRAINT FRelationship8 FOREIGN KEY (file,hashSHA) REFERENCES Files (file,hashSHA) ON UPDATE CASCADE ON DELETE CASCADE
 );
 
 CREATE TABLE IF NOT EXISTS Identity
@@ -122,7 +122,7 @@ CREATE TABLE IF NOT EXISTS Files
 (
     file TEXT NOT NULL,
     processed BOOLEAN,
-    hashMD5 TEXT NOT NULL,
+    hashSHA TEXT NOT NULL,
     time datetime,
-    CONSTRAINT Key8 PRIMARY KEY (file,hashMD5)
+    CONSTRAINT Key8 PRIMARY KEY (file,hashSHA)
 );