More comprehensive documentation can be found on the lib_mysqludf_ssdeep readthedocs.org page Functions
- Param: to_hash string to be hashed using ssdeep.
- Return: a hash STRING on success and NULL otherwise.
Calculates an ssdeep hash for the supplied string.
- Param: file_name to be hashed using ssdeep.
- Return: a hash STRING on success and NULL otherwise.
Calculates an ssdeep hash for the supplied filename.
- Param: signature1 ssdeep hash string to compare.
- Param: signature2 ssdeep hash string to compare.
- Return: an INTEGER (0 to 100) on success and NULL otherwise.
Calculates match percentage between two hash strings.
Move into the lib_mysqludf_ssdeep directory.
sudo apt-get install libmysqlclient-dev
- Get ssdeep from sourceforge
- Install with
./configure
and thenmake
and thenmake install
- Done
mkdir build
./build.sh
- lib_mysqludf_ssdeep.so will now be in the current directory.
Move into the lib_mysqludf_ssdeep directory.
yum install gcc-c++ mysql-devel autoconf automake libtool
- Get ssdeep from sourceforge
- Install with
./configure
and thenmake
and thenmake install
- Done
mkdir build
./build.sh
- lib_mysqludf_ssdeep.so will now be in the current directory.
To find your MySQL plugin directory run the following query in MySQL:
show variables like 'plugin_dir';
Mine is /usr/lib/mysql/plugin/ and I have used that in the examples below. It can be changed in your /etc/mysql/my.cnf file with the line in the mysqld section:
[mysqld]
plugin_dir=/usr/lib/mysql/plugin
sudo cp lib_mysqludf_ssdeep.so /usr/lib/mysql/plugin/
mysql -u root -p < src/installdb.sql
- Done.
sudo rm /usr/lib/mysql/plugin/lib_mysqludf_ssdeep.so
mysql -u root -p < src/uninstalldb.sql
- Done.