-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtamper_db.py
More file actions
30 lines (21 loc) · 856 Bytes
/
Copy pathtamper_db.py
File metadata and controls
30 lines (21 loc) · 856 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
import os, sqlite3, json
sid = os.environ.get("SID")
db_path = r"backend\qod_mock.sqlite3"
if not sid:
raise SystemExit("SID env var missing. Set in PowerShell: $env:SID = $sid")
conn = sqlite3.connect(db_path)
cur = conn.cursor()
cur.execute("SELECT proof_json FROM proof_ledger WHERE session_id = ?", (sid,))
row = cur.fetchone()
if not row:
raise SystemExit(f"No proof_ledger row found for session_id={sid}")
proof = json.loads(row[0])
# Tamper: change proof content in DB only
proof["provider_observed"]["provider_note"] = "evil-simulated-provider"
new_json = json.dumps(proof, sort_keys=True)
# IMPORTANT: do NOT update this_hash or signature
cur.execute("UPDATE proof_ledger SET proof_json = ? WHERE session_id = ?", (new_json, sid))
conn.commit()
print("Tampered session:", sid)
print("Rows updated:", cur.rowcount)
conn.close()