GithubHelp home page GithubHelp logo

mysql-snitch's Introduction

mysql-snitch

mysql-snitch is a tool to watch tables/queries for any changes and tattle if they do with details of the records that changed.

Have a 3rd party application that doesn't audit changes to admin users? Want to know if a malicious user is able to twiddle bits they shouldn't be able to? Just want to make sure marketing doesn't add everyone as an admin?

Snitch might be able to help.

Quick Start

$ git clone [email protected]:seriallos/mysql-snitch.git
$ cd mysql-snitch
$ npm install

# Set up your configs - look at the Configuration section below
$ cp config/example.yaml config/production.yaml
$ vim config/production.yaml

$ NODE_ENV=production coffee run.coffee

Configuration

mysql-snitch uses the lovely config module so it's easy to create configs based on hosts or general environments.

By default, I use YAML for the configuration so all examples will be in that format. If you wish, you can use JSON or actual JavaScript code for your configs (with the exception that runtime.json MUST be JSON).

The example config in the repo provides information on what can be done.

Example Queries

vBulletin

SELECT * FROM administrator - Notify of new admins, deleted admins, or admin permission changes.

SELECT * FROM plugin - Notify of any changes to VB plugins

SELECT * FROM template - Notify of any change to VB templates

You can get fancy and use joins to make the notifications a bit more useful:

SELECT
  u.userid,
  u.username,
  a.adminpermissions,
  a.notes,
  u.password,
  u.salt,
  u.email
FROM
  administrator a
  JOIN user u ON a.userid = u.userid
ORDER BY u.userid ASC

This detects changes to an admin's username, permissions, password, salt, or email. It will also detect new or removed admins.

Drupal

New/Deleted/Changed Admins:

SELECT
  u.uid,
  u.name,
  u.pass,
  u.mail,
  u.status
FROM
  users u
  JOIN users_roles ur ON u.uid = ur.uid
  JOIN role r ON ur.rid = r.rid
WHERE
  r.name = 'administrator'
ORDER BY u.uid ASC

Technical Notes

  • Snitch does not use long-running connections to the database. It creates and ends the connection for every check to avoid dealing with timeouts.
  • Records are compared based on a field named 'id' or the first field returned by the query. You can alias any field to the name 'id' to force it to be the ID field used for comparison.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.