A security tool for scanning relational database column contents for unencrypted protected card and ACH information
- Easy scanning of columns
- Low false-negatives
- Avoids bad outcome (we do not certify databases with unencrypted data)
- Reported data includes confidence scores
- Quick Deployment Option
- Deployable via a docker/VM image - NOTHING TO BUILD OR INSTALL!
| Name | Contribution(s) |
|---|---|
| Tiffany Ambrose | Writer |
| Joseph Charlton | Writer |
| Dania Jean-Baptiste | Writer |
| Brian Lasher | Writer and Coder |
| Nataliz Martinez-Santiago | Writer |
| Jordan McMillan | Writer and Coder |
| Scott Piersall | Writer and Coder |
| Zachary Russell | Writer and Coder |
| Matthew Tyroler | Writer |
| Ariel Turnley | Writer |
RoundTabler requires you to have a working version of Docker on your machine.
-
Clone the repository to your machine.
git clone https://github.com/ScottPiersall/RoundTabler.git
-
Double-click on the
WindowsLaunchRoundTablerTestingNetwork.batto automatically build and start the RoundTabler Docker container and the Docker Application Stack. -
Open Docker Desktop and launch the CLI on the instance named 'roundtabler'.
-
cd into the src directory
cd src
-
On Windows, the java files need to be compiled manually in the container. Now that you are in the src directory inside the contianer, run the following command:
javac RoundTabler/*.java RoundTabler/db/*.java utility/*.java
-
Clone the repository to your machine.
git clone https://github.com/ScottPiersall/RoundTabler.git
-
Double-click on the
MacOSLaunchRoundTablerTestingNetwork.shto automatically build and start the RoundTabler Docker container and the Docker Application Stack. -
Open Docker Desktop and launch the CLI on the instance named 'roundtabler'.
-
cd into the src directory
cd src
-
Clone the repository to your machine
git clone https://github.com/ScottPiersall/RoundTabler.git
-
Navigate to the cloned directory:
cd RoundTabler -
Make the
LinuxLaunchRoundTablerTestingNetworkscript executable if necessarychmod +x LinuxLaunchRoundTablerTestingNetwork
-
Execute the
LinuxLaunchRoundTablerTestingNetworkscript as a user with necessary Docker permissions- e.g.
sudo sufor a superuser ./LinuxLaunchRoundTablerTestingNetwork
- e.g.
-
Attach to the container with an interactive prompt OR set your host CLASSPATH to that seen in the
Dockerfiledocker exec -it roundtabler /bin/bash
-
cd into the src directory
cd src
Before you run the tool, you can view the homepage provided by the NGINX Docker Container created at:
`localhost:8000/home.html`
On the homepage, all the results from the scans will be made available to you via the localhost, as well as any errors that occur.
To review the list of helpful options in the CLI please run:
`java RoundTabler.RoundTable --help`
Example command for RoundTabler:
`java RoundTabler.RoundTable --type=all --dbtype=mariadb --server=[DATABASE SERVER ADDRESS] --user=[USERNAME CREDENTIAL] --password=[PASSWORD CREDENTIAL] --database=[DATABASE NAME]`
The RoundTabler development team provides an example database that can be used to ensure RoundTabler is functioning correctly. With the creation of the Docker Application Stack, it comes with a mariadb and Adminer container. The steps to test against this sample database with known PCI and NACHA information are as follows.
-
First the mariadb database needs to be populated
- Navigate to
localhost:8080where you will see the Adminer login. - Log in using
- User: root
- Password: example
- Click 'Create Database' and make a database called estore.
- Click 'import' in the sidebar and click 'browse'
- Select the file under the 'SampleDBs' folder in the cloned repository on your machine named: estore_large.mysqlbackup.sql.gz.
- Click
execute
- After some time, Adminer will reflect the changes it made. The database has been successfully populated!
- Navigate to
-
Now you can open Docker Desktop, and launch the CLI for the 'roundtabler' container.
- On Linux, you can access the CLI from your terminal using:
docker exec -it roundtabler /bin/bash
- On Linux, you can access the CLI from your terminal using:
-
cd into the src directory
cd src
-
Once in src you can run RoundTabler:
java RoundTabler.RoundTable --type=all --dbtype=mariadb --server=roundtabler-db-1 --user=root --password=example --database=estore
-
This will start the RoundTabler tool and scan the estore database you recently created, and populated, in step one.
-
Once the scan is finished, you can refresh the home page at localhost:8000/home.html and the directory will have the result file from your scan for viewing.
Note: If you would like to test against the estore_huge please refer to the 'Testing Against Estore_Huge' section for testing that database.
The result files generated by RoundTabler will look similar to this:
- RESULTS_estore_20221128_234049.html, where:
- estore: the name of the database scanned
- 20221128: is the date in YYYYMMDD format
- 234049: is the time in HHMMSS
In cases where the database you wish to scan is extremely large, you may get the following error:
java.lang.OutOfMemoryError
To properly navigate this error, you need to allow RoundTabler to use more memory while running. In order to do that, you simply need to add the -Xms flag to the normal RoundTabler command:
java -Xms[MEMORY AMOUNT][M | G] RoundTabler.Roundtable --type=all --dbtype=mariadb --server=[SERVER ADDRESS] --user=[USERNAME CREDENTIAL] --password=[PASSWORD CREDENTIAL] --database=[DATABASE NAME]
This will allow RoundTabler to use more than the default amount of memory and scan larger databases.
In some cases, your browser will stop you from being able to view new results from scans. This is caused by your browser storing cached information of the homepage and failing to display new changes to it by the NGINX container.
To fix this issue, you can access your browsers settings, clear the cache, and then refresh the homepage.
Here are ways to clear your browser cache for a few common browsers:
-
Open your browser and browse to localhost:8080.
- Log in with the credentials of:
- User: root
- Password: example
- Once you are logged into the database, click 'Create Database' and name the database: 'estore_huge'
- You can close the browser for now.
- Log in with the credentials of:
-
Now, navigate to the SampleDBs folder on the host machine located withing your cloned RoundTabler code.
-
Unzip the file named
estore_huge.mysqlbackup.sql.gzinto the SampleDBs folder you are currently in. -
Open a terminal using Administrative Privileges in the SampleDBs folder and run:
docker cp ./estore_huge.mysqlbackup.sql roundtabler-db-1:/- This will copy the unzipped sql script into the roundtabler-db-1 container.
-
Open Docker Desktop and click the drop down on the roundtabler application stack, then open the CLI for the roundtabler-db-1 container and run:
mysql -uroot -pexample estore_huge < estore_huge.mysqlbackup.sql- This will pipe the sql script into the estore_huge database.
-
You can now open the CLI for the roundtabler container and run the following commands:
-
cd src -
java RoundTabler.RoundTable --type=all --dbtype=mariadb --server=roundtabler-db-1 --user=root --password=example --database=estore_huge
-