mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-15 09:17:42 +00:00
Merge branch '844-generic-account-artifact' into 841-maintain-selection
Conflicts: Core/src/org/sleuthkit/autopsy/datamodel/_private/Accounts.java
This commit is contained in:
millmanorama
commit
07d93a07d8
@ -222,6 +222,10 @@
|
||||
</dependency>
|
||||
</module-dependencies>
|
||||
<public-packages>
|
||||
<package>net.sf.sevenzipjbinding</package>
|
||||
<package>net.sf.sevenzipjbinding.impl</package>
|
||||
<package>net.sf.sevenzipjbinding.simple</package>
|
||||
<package>net.sf.sevenzipjbinding.simple.impl</package>
|
||||
<package>org.sleuthkit.autopsy.actions</package>
|
||||
<package>org.sleuthkit.autopsy.casemodule</package>
|
||||
<package>org.sleuthkit.autopsy.casemodule.events</package>
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2013 Basis Technology Corp.
|
||||
* Copyright 2011-2016 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -61,6 +61,7 @@ import org.sleuthkit.datamodel.TskCoreException;
|
||||
//@ServiceProvider(service = DataResultViewer.class)
|
||||
final class DataResultViewerThumbnail extends AbstractDataResultViewer {
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
private static final Logger logger = Logger.getLogger(DataResultViewerThumbnail.class.getName());
|
||||
//flag to keep track if images are being loaded
|
||||
private int curPage;
|
||||
@ -95,7 +96,7 @@ final class DataResultViewerThumbnail extends AbstractDataResultViewer {
|
||||
|
||||
iconView.setSelectionMode(ListSelectionModel.MULTIPLE_INTERVAL_SELECTION);
|
||||
em.addPropertyChangeListener(new ExplorerManagerNodeSelectionListener());
|
||||
thumbnailSizeComboBox.setModel(new javax.swing.DefaultComboBoxModel<String>(
|
||||
thumbnailSizeComboBox.setModel(new javax.swing.DefaultComboBoxModel<>(
|
||||
new String[] { Bundle.DataResultViewerThumbnail_thumbnailSizeComboBox_small(),
|
||||
Bundle.DataResultViewerThumbnail_thumbnailSizeComboBox_medium(),
|
||||
Bundle.DataResultViewerThumbnail_thumbnailSizeComboBox_large() }));
|
||||
@ -395,11 +396,8 @@ final class DataResultViewerThumbnail extends AbstractDataResultViewer {
|
||||
|
||||
private void switchPage() {
|
||||
|
||||
EventQueue.invokeLater(new Runnable() {
|
||||
@Override
|
||||
public void run() {
|
||||
setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
|
||||
}
|
||||
EventQueue.invokeLater(() -> {
|
||||
setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
|
||||
});
|
||||
|
||||
//Note the nodes factories are likely creating nodes in EDT anyway, but worker still helps
|
||||
@ -437,7 +435,7 @@ final class DataResultViewerThumbnail extends AbstractDataResultViewer {
|
||||
ex.getMessage()),
|
||||
NotifyDescriptor.ERROR_MESSAGE);
|
||||
DialogDisplayer.getDefault().notify(d);
|
||||
logger.log(Level.SEVERE, "Error making thumbnails: " + ex.getMessage()); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error making thumbnails: {0}", ex.getMessage()); //NON-NLS
|
||||
} // catch and ignore if we were cancelled
|
||||
catch (java.util.concurrent.CancellationException ex) {
|
||||
}
|
||||
@ -453,6 +451,7 @@ final class DataResultViewerThumbnail extends AbstractDataResultViewer {
|
||||
goToPageField.setEnabled(false);
|
||||
pageNumLabel.setText("");
|
||||
imagesRangeLabel.setText("");
|
||||
thumbnailSizeComboBox.setEnabled(false);
|
||||
} else {
|
||||
pageNumLabel.setText(
|
||||
NbBundle.getMessage(this.getClass(), "DataResultViewerThumbnail.pageNumbers.curOfTotal",
|
||||
@ -464,7 +463,7 @@ final class DataResultViewerThumbnail extends AbstractDataResultViewer {
|
||||
pageNextButton.setEnabled(!(curPage == totalPages));
|
||||
pagePrevButton.setEnabled(!(curPage == 1));
|
||||
goToPageField.setEnabled(totalPages > 1);
|
||||
|
||||
thumbnailSizeComboBox.setEnabled(true);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -18,6 +18,11 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.Accounts;
|
||||
import org.sleuthkit.autopsy.datamodel._private.FileTypeExtensionFilters;
|
||||
import org.sleuthkit.autopsy.datamodel._private.RecentFiles;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import org.openide.nodes.AbstractNode;
|
||||
import org.openide.nodes.Children.Keys;
|
||||
import org.openide.nodes.Node;
|
||||
|
||||
@ -185,13 +185,13 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
|
||||
ss = Sheet.createPropertiesSet();
|
||||
s.put(ss);
|
||||
}
|
||||
final String NO_DESCR = NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.noDesc.text");
|
||||
final String NO_DESCR = NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.noDesc.text");
|
||||
|
||||
Map<String, Object> map = new LinkedHashMap<>();
|
||||
fillPropertyMap(map, artifact);
|
||||
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.srcFile.name"),
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.srcFile.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.srcFile.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.srcFile.displayName"),
|
||||
NO_DESCR,
|
||||
this.getDisplayName()));
|
||||
|
||||
@ -222,13 +222,13 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
|
||||
actualMimeType = ""; //NON-NLS
|
||||
}
|
||||
}
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.ext.name"),
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.ext.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.ext.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.ext.displayName"),
|
||||
NO_DESCR,
|
||||
ext));
|
||||
ss.put(new NodeProperty<>(
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.mimeType.name"),
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.mimeType.displayName"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.mimeType.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.mimeType.displayName"),
|
||||
NO_DESCR,
|
||||
actualMimeType));
|
||||
}
|
||||
@ -243,32 +243,32 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
|
||||
|
||||
if (sourcePath.isEmpty() == false) {
|
||||
ss.put(new NodeProperty<>(
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.filePath.name"),
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.filePath.displayName"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.filePath.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.filePath.displayName"),
|
||||
NO_DESCR,
|
||||
sourcePath));
|
||||
}
|
||||
|
||||
if (Arrays.asList(SHOW_FILE_METADATA).contains(artifactTypeId)) {
|
||||
AbstractFile file = associated instanceof AbstractFile ? (AbstractFile) associated : null;
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileModifiedTime.name"),
|
||||
NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileModifiedTime.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileModifiedTime.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileModifiedTime.displayName"),
|
||||
"",
|
||||
file != null ? ContentUtils.getStringTime(file.getMtime(), file) : ""));
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileChangedTime.name"),
|
||||
NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileChangedTime.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileChangedTime.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileChangedTime.displayName"),
|
||||
"",
|
||||
file != null ? ContentUtils.getStringTime(file.getCtime(), file) : ""));
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileAccessedTime.name"),
|
||||
NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileAccessedTime.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileAccessedTime.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileAccessedTime.displayName"),
|
||||
"",
|
||||
file != null ? ContentUtils.getStringTime(file.getAtime(), file) : ""));
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileCreatedTime.name"),
|
||||
NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileCreatedTime.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileCreatedTime.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileCreatedTime.displayName"),
|
||||
"",
|
||||
file != null ? ContentUtils.getStringTime(file.getCrtime(), file) : ""));
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileSize.name"),
|
||||
NbBundle.getMessage(this.getClass(), "ContentTagNode.createSheet.fileSize.displayName"),
|
||||
ss.put(new NodeProperty<>(NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileSize.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "ContentTagNode.createSheet.fileSize.displayName"),
|
||||
"",
|
||||
associated.getSize()));
|
||||
}
|
||||
@ -287,8 +287,8 @@ public class BlackboardArtifactNode extends DisplayableItemNode {
|
||||
|
||||
if (dataSourceStr.isEmpty() == false) {
|
||||
ss.put(new NodeProperty<>(
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.dataSrc.name"),
|
||||
NbBundle.getMessage(this.getClass(), "BlackboardArtifactNode.createSheet.dataSrc.displayName"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.dataSrc.name"),
|
||||
NbBundle.getMessage(BlackboardArtifactNode.class, "BlackboardArtifactNode.createSheet.dataSrc.displayName"),
|
||||
NO_DESCR,
|
||||
dataSourceStr));
|
||||
}
|
||||
|
||||
@ -118,17 +118,6 @@ FileSize.createSheet.filterType.displayName=Filter Type
|
||||
FileSize.createSheet.filterType.desc=no description
|
||||
FileSize.exception.notSupported.msg=Not supported for this type of Displayable Item\: {0}
|
||||
FileTypeChildren.exception.notSupported.msg=Not supported for this type of Displayable Item\: {0}
|
||||
FileTypeExtensionFilters.tskImgFilter.text=Images
|
||||
FileTypeExtensionFilters.tskVideoFilter.text=Videos
|
||||
FileTypeExtensionFilters.tskAudioFilter.text=Audio
|
||||
FileTypeExtensionFilters.tskArchiveFilter.text=Archives
|
||||
FileTypeExtensionFilters.tskDocumentFilter.text=Documents
|
||||
FileTypeExtensionFilters.tskExecFilter.text=Executable
|
||||
FileTypeExtensionFilters.autDocHtmlFilter.text=HTML
|
||||
FileTypeExtensionFilters.autDocOfficeFilter.text=Office
|
||||
FileTypeExtensionFilters.autoDocPdfFilter.text=PDF
|
||||
FileTypeExtensionFilters.autDocTxtFilter.text=Plain Text
|
||||
FileTypeExtensionFilters.autDocRtfFilter.text=Rich Text
|
||||
FileTypeNode.createSheet.filterType.name=Filter Type
|
||||
FileTypeNode.createSheet.filterType.displayName=Filter Type
|
||||
FileTypeNode.createSheet.filterType.desc=no description
|
||||
|
||||
171
Core/src/org/sleuthkit/autopsy/datamodel/CreditCards.java
Normal file
171
Core/src/org/sleuthkit/autopsy/datamodel/CreditCards.java
Normal file
@ -0,0 +1,171 @@
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import com.google.common.collect.Range;
|
||||
import com.google.common.collect.RangeMap;
|
||||
import com.google.common.collect.TreeRangeMap;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStreamReader;
|
||||
import java.util.Optional;
|
||||
import java.util.logging.Level;
|
||||
import java.util.logging.Logger;
|
||||
import javax.annotation.concurrent.GuardedBy;
|
||||
import org.apache.commons.csv.CSVFormat;
|
||||
import org.apache.commons.csv.CSVParser;
|
||||
import org.apache.commons.csv.CSVRecord;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
|
||||
import org.sleuthkit.autopsy.datamodel._private.BINRange;
|
||||
|
||||
public class CreditCards {
|
||||
|
||||
//Interface for objects that provide details about one or more BINs.
|
||||
static public interface BankIdentificationNumber {
|
||||
|
||||
/**
|
||||
* Get the city of the issuer.
|
||||
*
|
||||
* @return the city of the issuer.
|
||||
*/
|
||||
Optional<String> getBankCity();
|
||||
|
||||
/**
|
||||
* Get the name of the issuer.
|
||||
*
|
||||
* @return the name of the issuer.
|
||||
*/
|
||||
Optional<String> getBankName();
|
||||
|
||||
/**
|
||||
* Get the phone number of the issuer.
|
||||
*
|
||||
* @return the phone number of the issuer.
|
||||
*/
|
||||
Optional<String> getBankPhoneNumber();
|
||||
|
||||
/**
|
||||
* Get the URL of the issuer.
|
||||
*
|
||||
* @return the URL of the issuer.
|
||||
*/
|
||||
Optional<String> getBankURL();
|
||||
|
||||
/**
|
||||
* Get the brand of this BIN range.
|
||||
*
|
||||
* @return the brand of this BIN range.
|
||||
*/
|
||||
Optional<String> getBrand();
|
||||
|
||||
/**
|
||||
* Get the type of card (credit vs debit) for this BIN range.
|
||||
*
|
||||
* @return the type of cards in this BIN range.
|
||||
*/
|
||||
Optional<String> getCardType();
|
||||
|
||||
/**
|
||||
* Get the country of the issuer.
|
||||
*
|
||||
* @return the country of the issuer.
|
||||
*/
|
||||
Optional<String> getCountry();
|
||||
|
||||
/**
|
||||
* Get the length of account numbers in this BIN range.
|
||||
*
|
||||
* NOTE: the length is currently unused, and not in the data file for
|
||||
* any ranges. It could be quite helpfull for validation...
|
||||
*
|
||||
* @return the length of account numbers in this BIN range. Or an empty
|
||||
* Optional if the length is unknown.
|
||||
*
|
||||
*/
|
||||
Optional<Integer> getNumberLength();
|
||||
|
||||
/**
|
||||
* Get the scheme this BIN range uses to amex,visa,mastercard, etc
|
||||
*
|
||||
* @return the scheme this BIN range uses.
|
||||
*/
|
||||
Optional<String> getScheme();
|
||||
}
|
||||
|
||||
private static final Logger LOGGER = Logger.getLogger(CreditCards.class.getName());
|
||||
/**
|
||||
* Range Map from a (ranges of) BINs to data model object with details of
|
||||
* the BIN, ie, bank name, phone, url, visa/amex/mastercard/...,
|
||||
*/
|
||||
@GuardedBy("CreditCards.class")
|
||||
private final static RangeMap<Integer, BINRange> binRanges = TreeRangeMap.create();
|
||||
|
||||
/**
|
||||
* Flag for if we have loaded the BINs from the file already.
|
||||
*/
|
||||
@GuardedBy("CreditCards.class")
|
||||
private static boolean binsLoaded = false;
|
||||
|
||||
/**
|
||||
* Load the BIN range information from disk. If the map has already been
|
||||
* initialized, don't load again.
|
||||
*/
|
||||
synchronized private static void loadBINRanges() {
|
||||
if (binsLoaded == false) {
|
||||
try {
|
||||
InputStreamReader in = new InputStreamReader(CreditCards.class.getResourceAsStream("ranges.csv")); //NON-NLS
|
||||
CSVParser rangesParser = CSVFormat.RFC4180.withFirstRecordAsHeader().parse(in);
|
||||
|
||||
//parse each row and add to range map
|
||||
for (CSVRecord record : rangesParser) {
|
||||
|
||||
/**
|
||||
* Because ranges.csv allows both 6 and (the newer) 8 digit
|
||||
* BINs, but we need a consistent length for the range map,
|
||||
* we pad all the numbers out to 8 digits
|
||||
*/
|
||||
String start = StringUtils.rightPad(record.get("iin_start"), 8, "0"); //pad start with 0's //NON-NLS
|
||||
|
||||
//if there is no end listed, use start, since ranges will be closed.
|
||||
String end = StringUtils.defaultIfBlank(record.get("iin_end"), start); //NON-NLS
|
||||
end = StringUtils.rightPad(end, 8, "99"); //pad end with 9's //NON-NLS
|
||||
|
||||
final String numberLength = record.get("number_length"); //NON-NLS
|
||||
|
||||
try {
|
||||
BINRange binRange = new BINRange(Integer.parseInt(start),
|
||||
Integer.parseInt(end),
|
||||
StringUtils.isBlank(numberLength) ? null : Integer.valueOf(numberLength),
|
||||
record.get("scheme"), //NON-NLS
|
||||
record.get("brand"), //NON-NLS
|
||||
record.get("type"), //NON-NLS
|
||||
record.get("country"), //NON-NLS
|
||||
record.get("bank_name"), //NON-NLS
|
||||
record.get("bank_url"), //NON-NLS
|
||||
record.get("bank_phone"), //NON-NLS
|
||||
record.get("bank_city")); //NON-NLS
|
||||
|
||||
binRanges.put(Range.closed(binRange.getBINstart(), binRange.getBINend()), binRange);
|
||||
|
||||
} catch (NumberFormatException numberFormatException) {
|
||||
LOGGER.log(Level.WARNING, "Failed to parse BIN range: " + record.toString(), numberFormatException); //NON-NLS
|
||||
}
|
||||
binsLoaded = true;
|
||||
}
|
||||
} catch (IOException ex) {
|
||||
LOGGER.log(Level.WARNING, "Failed to load BIN ranges form ranges.csv", ex); //NON-NLS
|
||||
MessageNotifyUtil.Notify.warn("Credit Card Number Discovery", "There was an error loading Bank Identification Number information. Accounts will not have their BINs identified.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an BINInfo object with details about the given BIN
|
||||
*
|
||||
* @param bin the BIN to get details of.
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
synchronized static public BankIdentificationNumber getBINInfo(int bin) {
|
||||
loadBINRanges();
|
||||
return binRanges.get(bin);
|
||||
}
|
||||
}
|
||||
@ -18,6 +18,9 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
|
||||
/**
|
||||
* Root node to store the data sources in a case
|
||||
*/
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.util.ArrayList;
|
||||
|
||||
@ -22,6 +22,7 @@ import org.sleuthkit.autopsy.datamodel.DeletedContent.DeletedContentsChildren.De
|
||||
import org.sleuthkit.autopsy.datamodel.DeletedContent.DeletedContentsNode;
|
||||
import org.sleuthkit.autopsy.datamodel.FileSize.FileSizeRootChildren.FileSizeNode;
|
||||
import org.sleuthkit.autopsy.datamodel.FileSize.FileSizeRootNode;
|
||||
import org.sleuthkit.autopsy.datamodel._private.Accounts;
|
||||
|
||||
/**
|
||||
* Visitor pattern that goes over all nodes in the directory tree. This includes
|
||||
@ -127,7 +128,7 @@ public interface DisplayableItemNodeVisitor<T> {
|
||||
*/
|
||||
T visit(Accounts.AccountsRootNode accountRootNode);
|
||||
|
||||
T visit(Accounts.AccountTypeNode accountTypeNode);
|
||||
T visit(Accounts.CreditCardNumberAccountTypeNode accountTypeNode);
|
||||
|
||||
T visit(Accounts.ByBINNode byArtifactNode);
|
||||
|
||||
@ -137,6 +138,8 @@ public interface DisplayableItemNodeVisitor<T> {
|
||||
|
||||
T visit(Accounts.BINNode binNode);
|
||||
|
||||
T visit(Accounts.DefaultAccountTypeNode node);
|
||||
|
||||
/**
|
||||
* Visitor with an implementable default behavior for all types. Override
|
||||
* specific visit types to not use the default behavior.
|
||||
@ -350,7 +353,7 @@ public interface DisplayableItemNodeVisitor<T> {
|
||||
}
|
||||
|
||||
@Override
|
||||
public T visit(Accounts.AccountTypeNode node) {
|
||||
public T visit(Accounts.CreditCardNumberAccountTypeNode node) {
|
||||
return defaultVisit(node);
|
||||
}
|
||||
|
||||
@ -378,5 +381,9 @@ public interface DisplayableItemNodeVisitor<T> {
|
||||
public T visit(Accounts.BINNode node) {
|
||||
return defaultVisit(node);
|
||||
}
|
||||
@Override
|
||||
public T visit(Accounts.DefaultAccountTypeNode node) {
|
||||
return defaultVisit(node);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.sql.ResultSet;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.util.ArrayList;
|
||||
@ -37,7 +39,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.autopsy.ingest.IngestManager;
|
||||
import org.sleuthkit.autopsy.ingest.ModuleDataEvent;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_CREDIT_CARD_ACCOUNT;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_EMAIL_MSG;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_GEN_INFO;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT;
|
||||
@ -201,7 +203,7 @@ public class ExtractedContent implements AutopsyVisitableItem {
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_KEYWORD_HIT));
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_INTERESTING_FILE_HIT));
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_INTERESTING_ARTIFACT_HIT));
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_CREDIT_CARD_ACCOUNT));
|
||||
doNotShow.add(new BlackboardArtifact.Type(TSK_ACCOUNT));
|
||||
}
|
||||
|
||||
private final PropertyChangeListener pcl = (PropertyChangeEvent evt) -> {
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.util.ArrayList;
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.FileTypeExtensionFilters;
|
||||
import java.util.List;
|
||||
import java.util.Observable;
|
||||
import java.util.Observer;
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.FileTypeExtensionFilters;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.util.Arrays;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.sql.ResultSet;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.sql.ResultSet;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.sql.ResultSet;
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.RecentFiles;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.util.Arrays;
|
||||
|
||||
@ -28,7 +28,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.openide.nodes.AbstractNode;
|
||||
import org.openide.nodes.ChildFactory;
|
||||
import org.openide.nodes.Node;
|
||||
import org.sleuthkit.autopsy.datamodel.RecentFiles.RecentFilesFilter;
|
||||
import org.sleuthkit.autopsy.datamodel._private.RecentFiles.RecentFilesFilter;
|
||||
import org.sleuthkit.datamodel.AbstractFile;
|
||||
import org.sleuthkit.datamodel.Content;
|
||||
import org.sleuthkit.datamodel.ContentVisitor;
|
||||
|
||||
@ -25,7 +25,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.openide.nodes.Children;
|
||||
import org.openide.nodes.Sheet;
|
||||
import org.openide.util.lookup.Lookups;
|
||||
import org.sleuthkit.autopsy.datamodel.RecentFiles.RecentFilesFilter;
|
||||
import org.sleuthkit.autopsy.datamodel._private.RecentFiles.RecentFilesFilter;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
|
||||
/**
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.awt.Desktop;
|
||||
import java.awt.event.ActionEvent;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
|
||||
/**
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.Accounts;
|
||||
import java.util.Arrays;
|
||||
import org.openide.nodes.Sheet;
|
||||
import org.openide.util.NbBundle;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import java.beans.PropertyChangeEvent;
|
||||
import java.beans.PropertyChangeListener;
|
||||
import java.util.Collections;
|
||||
|
||||
@ -18,6 +18,8 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyItemVisitor;
|
||||
import org.sleuthkit.autopsy.datamodel._private.AutopsyVisitableItem;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
|
||||
/**
|
||||
|
||||
@ -18,6 +18,7 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel._private.FileTypeExtensionFilters;
|
||||
import java.util.Arrays;
|
||||
import org.openide.nodes.Sheet;
|
||||
import org.openide.util.NbBundle;
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -16,14 +16,27 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
package org.sleuthkit.autopsy.datamodel._private;
|
||||
|
||||
import org.sleuthkit.autopsy.datamodel.DataSources;
|
||||
import org.sleuthkit.autopsy.datamodel.DeletedContent;
|
||||
import org.sleuthkit.autopsy.datamodel.EmailExtracted;
|
||||
import org.sleuthkit.autopsy.datamodel.ExtractedContent;
|
||||
import org.sleuthkit.autopsy.datamodel.FileSize;
|
||||
import org.sleuthkit.autopsy.datamodel.HashsetHits;
|
||||
import org.sleuthkit.autopsy.datamodel.InterestingHits;
|
||||
import org.sleuthkit.autopsy.datamodel.KeywordHits;
|
||||
import org.sleuthkit.autopsy.datamodel.Reports;
|
||||
import org.sleuthkit.autopsy.datamodel.Results;
|
||||
import org.sleuthkit.autopsy.datamodel.Tags;
|
||||
import org.sleuthkit.autopsy.datamodel.Views;
|
||||
|
||||
/**
|
||||
* This visitor goes over the AutopsyVisitableItems, which are currently the
|
||||
* nodes in the tree that are structural and not nodes that are from
|
||||
* Sleuthkit-based data model objects.
|
||||
*/
|
||||
interface AutopsyItemVisitor<T> {
|
||||
public interface AutopsyItemVisitor<T> {
|
||||
|
||||
T visit(DataSources i);
|
||||
|
||||
@ -16,13 +16,14 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
package org.sleuthkit.autopsy.datamodel._private;
|
||||
;
|
||||
|
||||
/**
|
||||
* AutopsyVisitableItems are the nodes in the directory tree that are for
|
||||
* structure only. They are not associated with content objects.
|
||||
*/
|
||||
interface AutopsyVisitableItem {
|
||||
public interface AutopsyVisitableItem {
|
||||
|
||||
/**
|
||||
* visitor pattern support
|
||||
128
Core/src/org/sleuthkit/autopsy/datamodel/_private/BINRange.java
Normal file
128
Core/src/org/sleuthkit/autopsy/datamodel/_private/BINRange.java
Normal file
@ -0,0 +1,128 @@
|
||||
package org.sleuthkit.autopsy.datamodel._private;
|
||||
|
||||
import java.util.Optional;
|
||||
import javax.annotation.concurrent.Immutable;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.sleuthkit.autopsy.datamodel.CreditCards;
|
||||
|
||||
/**
|
||||
* Details of a range of Bank Identification Number(s) (BIN) used by a bank.
|
||||
*/
|
||||
@Immutable
|
||||
public class BINRange implements CreditCards.BankIdentificationNumber {
|
||||
|
||||
private final int BINStart; //start of BIN range, 8 digits
|
||||
private final int BINEnd; // end (incluse ) of BIN rnage, 8 digits
|
||||
|
||||
private final Integer numberLength; // the length of accounts numbers with this BIN, currently unused
|
||||
|
||||
/**
|
||||
* AMEX, VISA, MASTERCARD, DINERS, DISCOVER, UNIONPAY
|
||||
*/
|
||||
private final String scheme;
|
||||
private final String brand;
|
||||
|
||||
/**
|
||||
* DEBIT, CREDIT
|
||||
*/
|
||||
private final String cardType;
|
||||
private final String country;
|
||||
private final String bankName;
|
||||
private final String bankCity;
|
||||
private final String bankURL;
|
||||
private final String bankPhoneNumber;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
*
|
||||
* @param BIN_start the first BIN in the range, must be 8 digits
|
||||
* @param BIN_end the last(inclusive) BIN in the range, must be 8
|
||||
* digits
|
||||
* @param number_length the length of account numbers in this BIN range
|
||||
* @param scheme amex/visa/mastercard/etc
|
||||
* @param brand the brand of this BIN range
|
||||
* @param type credit vs debit
|
||||
* @param country the country of the issuer
|
||||
* @param bank_name the name of the issuer
|
||||
* @param bank_url the url of the issuer
|
||||
* @param bank_phone the phone number of the issuer
|
||||
* @param bank_city the city of the issuer
|
||||
*/
|
||||
public BINRange(int BIN_start, int BIN_end, Integer number_length, String scheme, String brand, String type, String country, String bank_name, String bank_url, String bank_phone, String bank_city) {
|
||||
this.BINStart = BIN_start;
|
||||
this.BINEnd = BIN_end;
|
||||
|
||||
this.numberLength = number_length;
|
||||
this.scheme = StringUtils.defaultIfBlank(scheme, null);
|
||||
this.brand = StringUtils.defaultIfBlank(brand, null);
|
||||
this.cardType = StringUtils.defaultIfBlank(type, null);
|
||||
this.country = StringUtils.defaultIfBlank(country, null);
|
||||
this.bankName = StringUtils.defaultIfBlank(bank_name, null);
|
||||
this.bankURL = StringUtils.defaultIfBlank(bank_url, null);
|
||||
this.bankPhoneNumber = StringUtils.defaultIfBlank(bank_phone, null);
|
||||
this.bankCity = StringUtils.defaultIfBlank(bank_city, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the first BIN in this range
|
||||
*
|
||||
* @return the first BIN in this range.
|
||||
*/
|
||||
public int getBINstart() {
|
||||
return BINStart;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the last (inclusive) BIN in this range.
|
||||
*
|
||||
* @return the last (inclusive) BIN in this range.
|
||||
*/
|
||||
public int getBINend() {
|
||||
return BINEnd;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<Integer> getNumberLength() {
|
||||
return Optional.ofNullable(numberLength);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getScheme() {
|
||||
return Optional.ofNullable(scheme);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getBrand() {
|
||||
return Optional.ofNullable(brand);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getCardType() {
|
||||
return Optional.ofNullable(cardType);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getCountry() {
|
||||
return Optional.ofNullable(country);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getBankName() {
|
||||
return Optional.ofNullable(bankName);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getBankURL() {
|
||||
return Optional.ofNullable(bankURL);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getBankPhoneNumber() {
|
||||
return Optional.ofNullable(bankPhoneNumber);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<String> getBankCity() {
|
||||
return Optional.ofNullable(bankCity);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
FileTypeExtensionFilters.tskImgFilter.text=Images
|
||||
FileTypeExtensionFilters.tskVideoFilter.text=Videos
|
||||
FileTypeExtensionFilters.tskAudioFilter.text=Audio
|
||||
FileTypeExtensionFilters.tskArchiveFilter.text=Archives
|
||||
FileTypeExtensionFilters.tskDocumentFilter.text=Documents
|
||||
FileTypeExtensionFilters.tskExecFilter.text=Executable
|
||||
FileTypeExtensionFilters.autDocHtmlFilter.text=HTML
|
||||
FileTypeExtensionFilters.autDocOfficeFilter.text=Office
|
||||
FileTypeExtensionFilters.autoDocPdfFilter.text=PDF
|
||||
FileTypeExtensionFilters.autDocTxtFilter.text=Plain Text
|
||||
FileTypeExtensionFilters.autDocRtfFilter.text=Rich Text
|
||||
|
||||
@ -16,20 +16,20 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
package org.sleuthkit.autopsy.datamodel._private;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
import org.openide.util.NbBundle;
|
||||
import org.sleuthkit.autopsy.datamodel.FileTypeExtensions;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
|
||||
/**
|
||||
* Filters database results by file extension.
|
||||
*/
|
||||
class FileTypeExtensionFilters implements AutopsyVisitableItem {
|
||||
public class FileTypeExtensionFilters implements AutopsyVisitableItem {
|
||||
|
||||
private SleuthkitCase skCase;
|
||||
private final SleuthkitCase skCase;
|
||||
|
||||
// root node filters
|
||||
public enum RootFilter implements AutopsyVisitableItem, SearchFilterInterface {
|
||||
@ -53,10 +53,10 @@ class FileTypeExtensionFilters implements AutopsyVisitableItem {
|
||||
NbBundle.getMessage(FileTypeExtensionFilters.class, "FileTypeExtensionFilters.tskExecFilter.text"),
|
||||
Arrays.asList(".exe", ".dll", ".bat", ".cmd", ".com")); //NON-NLS
|
||||
|
||||
private int id;
|
||||
private String name;
|
||||
private String displayName;
|
||||
private List<String> filter;
|
||||
private final int id;
|
||||
private final String name;
|
||||
private final String displayName;
|
||||
private final List<String> filter;
|
||||
|
||||
private RootFilter(int id, String name, String displayName, List<String> filter) {
|
||||
this.id = id;
|
||||
@ -110,10 +110,10 @@ class FileTypeExtensionFilters implements AutopsyVisitableItem {
|
||||
NbBundle.getMessage(FileTypeExtensionFilters.class, "FileTypeExtensionFilters.autDocRtfFilter.text"),
|
||||
Arrays.asList(".rtf")); //NON-NLS
|
||||
|
||||
private int id;
|
||||
private String name;
|
||||
private String displayName;
|
||||
private List<String> filter;
|
||||
private final int id;
|
||||
private final String name;
|
||||
private final String displayName;
|
||||
private final List<String> filter;
|
||||
|
||||
private DocumentFilter(int id, String name, String displayName, List<String> filter) {
|
||||
this.id = id;
|
||||
@ -157,10 +157,10 @@ class FileTypeExtensionFilters implements AutopsyVisitableItem {
|
||||
ExecutableFilter_CMD(3, "ExecutableFilter_CMD", ".cmd", Arrays.asList(".cmd")), //NON-NLS
|
||||
ExecutableFilter_COM(4, "ExecutableFilter_COM", ".com", Arrays.asList(".com")); //NON-NLS
|
||||
|
||||
private int id;
|
||||
private String name;
|
||||
private String displayName;
|
||||
private List<String> filter;
|
||||
private final int id;
|
||||
private final String name;
|
||||
private final String displayName;
|
||||
private final List<String> filter;
|
||||
|
||||
private ExecutableFilter(int id, String name, String displayName, List<String> filter) {
|
||||
this.id = id;
|
||||
@ -208,7 +208,7 @@ class FileTypeExtensionFilters implements AutopsyVisitableItem {
|
||||
return this.skCase;
|
||||
}
|
||||
|
||||
interface SearchFilterInterface {
|
||||
public interface SearchFilterInterface {
|
||||
|
||||
public String getName();
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.sleuthkit.autopsy.datamodel;
|
||||
package org.sleuthkit.autopsy.datamodel._private;
|
||||
|
||||
import org.openide.util.NbBundle;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
@ -25,7 +25,7 @@ import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
* Recent files node support NOTE: As of june '15 we do not display this in the
|
||||
* tree. It can be added back when we have filtering in the results area.
|
||||
*/
|
||||
class RecentFiles implements AutopsyVisitableItem {
|
||||
public class RecentFiles implements AutopsyVisitableItem {
|
||||
|
||||
SleuthkitCase skCase;
|
||||
|
||||
@ -37,7 +37,7 @@ import org.sleuthkit.autopsy.coreutils.ContextMenuExtensionPoint;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.autopsy.datamodel.AbstractAbstractFileNode.AbstractFilePropertyType;
|
||||
import org.sleuthkit.autopsy.datamodel.AbstractFsContentNode;
|
||||
import org.sleuthkit.autopsy.datamodel.Accounts;
|
||||
import org.sleuthkit.autopsy.datamodel._private.Accounts;
|
||||
import org.sleuthkit.autopsy.datamodel.BlackboardArtifactNode;
|
||||
import org.sleuthkit.autopsy.datamodel.DeletedContent.DeletedContentsChildren.DeletedContentNode;
|
||||
import org.sleuthkit.autopsy.datamodel.DeletedContent.DeletedContentsNode;
|
||||
@ -497,7 +497,7 @@ public class DataResultFilterNode extends FilterNode {
|
||||
}
|
||||
|
||||
@Override
|
||||
public AbstractAction visit(Accounts.AccountTypeNode node) {
|
||||
public AbstractAction visit(Accounts.CreditCardNumberAccountTypeNode node) {
|
||||
return openChild(node);
|
||||
}
|
||||
|
||||
|
||||
@ -57,7 +57,7 @@ import org.sleuthkit.autopsy.corecomponents.DataResultTopComponent;
|
||||
import org.sleuthkit.autopsy.corecomponents.TableFilterNode;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
|
||||
import org.sleuthkit.autopsy.datamodel.Accounts;
|
||||
import org.sleuthkit.autopsy.datamodel._private.Accounts;
|
||||
import org.sleuthkit.autopsy.datamodel.BlackboardArtifactNode;
|
||||
import org.sleuthkit.autopsy.datamodel.DataSources;
|
||||
import org.sleuthkit.autopsy.datamodel.DataSourcesNode;
|
||||
|
||||
|
Before Width: | Height: | Size: 1.4 KiB After Width: | Height: | Size: 1.4 KiB |
@ -254,8 +254,8 @@ class ReportHTML implements TableReportModule {
|
||||
case TSK_REMOTE_DRIVE:
|
||||
in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/report/images/drive_network.png"); //NON-NLS
|
||||
break;
|
||||
case TSK_CREDIT_CARD_ACCOUNT:
|
||||
in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/report/images/credit-card.png"); //NON-NLS
|
||||
case TSK_ACCOUNT:
|
||||
in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/report/images/accounts.png"); //NON-NLS
|
||||
break;
|
||||
default:
|
||||
logger.log(Level.WARNING, "useDataTypeIcon: unhandled artifact type = " + dataType); //NON-NLS
|
||||
@ -264,7 +264,17 @@ class ReportHTML implements TableReportModule {
|
||||
iconFilePath = path + File.separator + iconFileName;
|
||||
break;
|
||||
}
|
||||
} else { // no defined artifact found for this dataType
|
||||
} else if (dataType.startsWith(ARTIFACT_TYPE.TSK_ACCOUNT.getDisplayName())) {
|
||||
/* TSK_ACCOUNT artifacts get separated by their TSK_ACCOUNT_TYPE
|
||||
* attribute, with a synthetic compound dataType name, so they are
|
||||
* not caught by the switch statement above. For now we just give
|
||||
* them all the general account icon, but we could do something else
|
||||
* in the future.
|
||||
*/
|
||||
in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/report/images/accounts.png"); //NON-NLS
|
||||
iconFileName = "accounts.png"; //NON-NLS
|
||||
iconFilePath = path + File.separator + iconFileName;
|
||||
} else { // no defined artifact found for this dataType
|
||||
in = getClass().getResourceAsStream("/org/sleuthkit/autopsy/report/images/star.png"); //NON-NLS
|
||||
iconFileName = "star.png"; //NON-NLS
|
||||
iconFilePath = path + File.separator + iconFileName;
|
||||
|
||||
@ -18,12 +18,16 @@
|
||||
*/
|
||||
package org.sleuthkit.autopsy.report;
|
||||
|
||||
import com.google.common.collect.ListMultimap;
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.common.collect.Multimaps;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Comparator;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
@ -43,6 +47,7 @@ import org.sleuthkit.datamodel.AbstractFile;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifactTag;
|
||||
import org.sleuthkit.datamodel.BlackboardAttribute;
|
||||
import org.sleuthkit.datamodel.BlackboardAttribute.Type;
|
||||
import org.sleuthkit.datamodel.Content;
|
||||
import org.sleuthkit.datamodel.ContentTag;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
@ -119,10 +124,10 @@ class TableReportGenerator {
|
||||
*/
|
||||
private void makeBlackboardArtifactTables() {
|
||||
// Make a comment string describing the tag names filter in effect.
|
||||
StringBuilder comment = new StringBuilder();
|
||||
String comment = "";
|
||||
if (!tagNamesFilter.isEmpty()) {
|
||||
comment.append(NbBundle.getMessage(this.getClass(), "ReportGenerator.artifactTable.taggedResults.text"));
|
||||
comment.append(makeCommaSeparatedList(tagNamesFilter));
|
||||
comment += NbBundle.getMessage(this.getClass(), "ReportGenerator.artifactTable.taggedResults.text");
|
||||
comment += makeCommaSeparatedList(tagNamesFilter);
|
||||
}
|
||||
|
||||
// Add a table to the report for every enabled blackboard artifact type.
|
||||
@ -139,10 +144,10 @@ class TableReportGenerator {
|
||||
|
||||
// Keyword hits and hashset hit artifacts get special handling.
|
||||
if (type.getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()) {
|
||||
writeKeywordHits(tableReport, comment.toString(), tagNamesFilter);
|
||||
writeKeywordHits(tableReport, comment, tagNamesFilter);
|
||||
continue;
|
||||
} else if (type.getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT.getTypeID()) {
|
||||
writeHashsetHits(tableReport, comment.toString(), tagNamesFilter);
|
||||
writeHashsetHits(tableReport, comment, tagNamesFilter);
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -152,54 +157,92 @@ class TableReportGenerator {
|
||||
continue;
|
||||
}
|
||||
|
||||
/*
|
||||
Gets all of the attribute types of this artifact type by adding
|
||||
all of the types to a set
|
||||
*/
|
||||
Set<BlackboardAttribute.Type> attrTypeSet = new TreeSet<>((BlackboardAttribute.Type o1, BlackboardAttribute.Type o2) -> o1.getDisplayName().compareTo(o2.getDisplayName()));
|
||||
for (ArtifactData data : artifactList) {
|
||||
List<BlackboardAttribute> attributes = data.getAttributes();
|
||||
for (BlackboardAttribute attribute : attributes) {
|
||||
attrTypeSet.add(attribute.getAttributeType());
|
||||
/* TSK_ACCOUNT artifacts get grouped by their TSK_ACCOUNT_TYPE
|
||||
* attribute, and then handed off to the standard method for writing
|
||||
* tables. */
|
||||
if (type.getTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT.getTypeID()) {
|
||||
//Group account artifacts by their account type
|
||||
ListMultimap<String, ArtifactData> groupedArtifacts = Multimaps.index(artifactList,
|
||||
artifactData -> {
|
||||
try {
|
||||
return artifactData.getArtifact().getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE)).getValueString();
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Unable to get value of TSK_ACCOUNT_TYPE attribute. Defaulting to \"unknown\"", ex);
|
||||
return "unknown";
|
||||
}
|
||||
});
|
||||
for (String accountType : groupedArtifacts.keySet()) {
|
||||
/* If the report is a ReportHTML, the data type name
|
||||
* eventualy makes it to useDataTypeIcon which expects but
|
||||
* does not require a artifact name, so we make a synthetic
|
||||
* compund name by appending a ":" and the account type.
|
||||
*/
|
||||
final String compundDataTypeName = BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT.getDisplayName() + ": " + accountType;
|
||||
writeTableForDataType(groupedArtifacts.get(accountType), type, compundDataTypeName, comment);
|
||||
}
|
||||
} else {
|
||||
//all other artifact types are sent to writeTableForDataType directly
|
||||
writeTableForDataType(artifactList, type, type.getDisplayName(), comment);
|
||||
}
|
||||
// Get the columns appropriate for the artifact type. This is
|
||||
// used to get the data that will be in the cells below based on
|
||||
// type, and display the column headers.
|
||||
List<Column> columns = getArtifactTableColumns(type.getTypeID(), attrTypeSet);
|
||||
if (columns.isEmpty()) {
|
||||
continue;
|
||||
}
|
||||
columnHeaderMap.put(type.getTypeID(), columns);
|
||||
|
||||
// The artifact list is sorted now, as getting the row data is
|
||||
// dependent on having the columns, which is necessary for
|
||||
// sorting.
|
||||
Collections.sort(artifactList);
|
||||
List<String> columnHeaderNames = new ArrayList<>();
|
||||
for (Column currColumn : columns) {
|
||||
columnHeaderNames.add(currColumn.getColumnHeader());
|
||||
}
|
||||
|
||||
tableReport.startDataType(type.getDisplayName(), comment.toString());
|
||||
tableReport.startTable(columnHeaderNames);
|
||||
for (ArtifactData artifactData : artifactList) {
|
||||
// Get the row data for this artifact, and has the
|
||||
// module add it.
|
||||
List<String> rowData = artifactData.getRow();
|
||||
if (rowData.isEmpty()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
tableReport.addRow(rowData);
|
||||
}
|
||||
// Finish up this data type
|
||||
progressPanel.increment();
|
||||
tableReport.endTable();
|
||||
tableReport.endDataType();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* Write the given list of artifacts to the table for the given type.
|
||||
*
|
||||
* @param artifactList The List of artifacts to include in the table.
|
||||
* @param type The Type of artifacts included in the table. All the
|
||||
* artifacts in artifactList should be of this type.
|
||||
* @param tableName The name of the table.
|
||||
* @param comment A comment to put in the header.
|
||||
*/
|
||||
private void writeTableForDataType(List<ArtifactData> artifactList, BlackboardArtifact.Type type, String tableName, String comment) {
|
||||
/*
|
||||
* Make a sorted set of all of the attribute types that are on any of
|
||||
* the given artifacts.
|
||||
*/
|
||||
Set<BlackboardAttribute.Type> attrTypeSet = new TreeSet<>(Comparator.comparing(BlackboardAttribute.Type::getDisplayName));
|
||||
for (ArtifactData data : artifactList) {
|
||||
List<BlackboardAttribute> attributes = data.getAttributes();
|
||||
for (BlackboardAttribute attribute : attributes) {
|
||||
attrTypeSet.add(attribute.getAttributeType());
|
||||
}
|
||||
}
|
||||
/* Get the columns appropriate for the artifact type. This is used to
|
||||
* get the data that will be in the cells below based on type, and
|
||||
* display the column headers.
|
||||
*/
|
||||
List<Column> columns = getArtifactTableColumns(type.getTypeID(), attrTypeSet);
|
||||
if (columns.isEmpty()) {
|
||||
return;
|
||||
}
|
||||
columnHeaderMap.put(type.getTypeID(), columns);
|
||||
|
||||
/* The artifact list is sorted now, as getting the row data is dependent
|
||||
* on having the columns, which is necessary for sorting.
|
||||
*/
|
||||
Collections.sort(artifactList);
|
||||
|
||||
tableReport.startDataType(tableName, comment);
|
||||
tableReport.startTable(Lists.transform(columns, Column::getColumnHeader));
|
||||
|
||||
for (ArtifactData artifactData : artifactList) {
|
||||
// Get the row data for this artifact, and has the
|
||||
// module add it.
|
||||
List<String> rowData = artifactData.getRow();
|
||||
if (rowData.isEmpty()) {
|
||||
return;
|
||||
}
|
||||
|
||||
tableReport.addRow(rowData);
|
||||
}
|
||||
// Finish up this data type
|
||||
progressPanel.increment();
|
||||
tableReport.endTable();
|
||||
tableReport.endDataType();
|
||||
}
|
||||
|
||||
/**
|
||||
* Make table for tagged files
|
||||
*/
|
||||
@ -1449,8 +1492,9 @@ class TableReportGenerator {
|
||||
|
||||
columns.add(new AttributeColumn(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.remotePath"),
|
||||
new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_REMOTE_PATH)));
|
||||
} else if (artifactTypeId == BlackboardArtifact.ARTIFACT_TYPE.TSK_CREDIT_CARD_ACCOUNT.getTypeID()) {
|
||||
} else if (artifactTypeId == BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT.getTypeID()) {
|
||||
columns.add(new StatusColumn());
|
||||
attributeTypeSet.remove(new Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE));
|
||||
} else {
|
||||
// This is the case that it is a custom type. The reason an else is
|
||||
// necessary is to make sure that the source file column is added
|
||||
@ -1584,6 +1628,7 @@ class TableReportGenerator {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private class AttributeColumn implements Column {
|
||||
|
||||
private final String columnHeader;
|
||||
@ -1643,10 +1688,6 @@ class TableReportGenerator {
|
||||
@Override
|
||||
public String getCellData(ArtifactData artData) {
|
||||
return getFileUniquePath(artData.getContent());
|
||||
/*else if (this.columnHeader.equals(NbBundle.getMessage(this.getClass(), "ReportGenerator.artTableColHdr.tags"))) {
|
||||
return makeCommaSeparatedList(artData.getTags());
|
||||
}
|
||||
return "";*/
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
BIN
Core/src/org/sleuthkit/autopsy/report/images/account_menu.png
Normal file
BIN
Core/src/org/sleuthkit/autopsy/report/images/account_menu.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 1.4 KiB |
@ -37,7 +37,7 @@ import org.sleuthkit.autopsy.casemodule.Case;
|
||||
import org.sleuthkit.autopsy.corecomponentinterfaces.DataContentViewer;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_CREDIT_CARD_ACCOUNT;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT;
|
||||
import static org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT;
|
||||
import org.sleuthkit.datamodel.BlackboardAttribute;
|
||||
import org.sleuthkit.datamodel.BlackboardAttribute.ATTRIBUTE_TYPE;
|
||||
@ -127,7 +127,7 @@ public class ExtractedContentViewer implements DataContentViewer {
|
||||
//if the node had artifacts in the lookup use them, other wise look up all credit card artifacts for the content.
|
||||
Collection<? extends BlackboardArtifact> artifacts = nodeLookup.lookupAll(BlackboardArtifact.class);
|
||||
artifacts = (artifacts == null || artifacts.isEmpty())
|
||||
? content.getArtifacts(TSK_CREDIT_CARD_ACCOUNT)
|
||||
? content.getArtifacts(TSK_ACCOUNT)
|
||||
: artifacts;
|
||||
|
||||
/*
|
||||
@ -140,7 +140,7 @@ public class ExtractedContentViewer implements DataContentViewer {
|
||||
*/
|
||||
for (BlackboardArtifact artifact : artifacts) {
|
||||
try {
|
||||
BlackboardAttribute solrIDAttr = artifact.getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SOLR_DOCUMENT_ID));
|
||||
BlackboardAttribute solrIDAttr = artifact.getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_KEYWORD_SEARCH_DOCUMENT_ID));
|
||||
if (solrIDAttr != null) {
|
||||
String valueString = solrIDAttr.getValueString();
|
||||
if (StringUtils.isNotBlank(valueString)) {
|
||||
@ -148,7 +148,7 @@ public class ExtractedContentViewer implements DataContentViewer {
|
||||
}
|
||||
}
|
||||
|
||||
BlackboardAttribute keyWordAttr = artifact.getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER));
|
||||
BlackboardAttribute keyWordAttr = artifact.getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_CARD_NUMBER));
|
||||
if (keyWordAttr != null) {
|
||||
String valueString = keyWordAttr.getValueString();
|
||||
if (StringUtils.isNotBlank(valueString)) {
|
||||
@ -188,7 +188,7 @@ public class ExtractedContentViewer implements DataContentViewer {
|
||||
* For keyword hit artifacts, add the text of the artifact that hit,
|
||||
* not the hit artifact; otherwise add the text for the artifact.
|
||||
*/
|
||||
if (artifact.getArtifactTypeID() == TSK_KEYWORD_HIT.getTypeID()) {
|
||||
if (artifact.getArtifactTypeID() == TSK_KEYWORD_HIT.getTypeID() || artifact.getArtifactTypeID() == TSK_ACCOUNT.getTypeID()) {
|
||||
try {
|
||||
BlackboardAttribute attribute = artifact.getAttribute(TSK_ASSOCIATED_ARTIFACT_TYPE);
|
||||
if (attribute != null) {
|
||||
@ -296,7 +296,7 @@ public class ExtractedContentViewer implements DataContentViewer {
|
||||
Collection<? extends BlackboardArtifact> artifacts = node.getLookup().lookupAll(BlackboardArtifact.class);
|
||||
if (artifacts != null) {
|
||||
for (BlackboardArtifact art : artifacts) {
|
||||
if (art.getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_CREDIT_CARD_ACCOUNT.getTypeID()) {
|
||||
if (art.getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT.getTypeID()) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@ -321,7 +321,7 @@ public class ExtractedContentViewer implements DataContentViewer {
|
||||
if (art == null) {
|
||||
return 4;
|
||||
} else if (art.getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_KEYWORD_HIT.getTypeID()
|
||||
|| art.getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_CREDIT_CARD_ACCOUNT.getTypeID()) {
|
||||
|| art.getArtifactTypeID() == BlackboardArtifact.ARTIFACT_TYPE.TSK_ACCOUNT.getTypeID()) {
|
||||
return 6;
|
||||
} else {
|
||||
return 4;
|
||||
|
||||
@ -122,7 +122,7 @@ abstract class KeywordSearchList {
|
||||
|
||||
//CCN
|
||||
List<Keyword> ccns = new ArrayList<>();
|
||||
ccns.add(new Keyword(CCN_REGEX, false, BlackboardAttribute.ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER));
|
||||
ccns.add(new Keyword(CCN_REGEX, false, BlackboardAttribute.ATTRIBUTE_TYPE.TSK_CARD_NUMBER));
|
||||
lockedLists.add("Credit Card Numbers");
|
||||
addList("Credit Card Numbers", ccns, true, false, true);
|
||||
}
|
||||
|
||||
@ -34,8 +34,9 @@ import org.apache.solr.client.solrj.SolrQuery;
|
||||
import org.apache.solr.client.solrj.response.TermsResponse.Term;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.autopsy.coreutils.Version;
|
||||
import org.sleuthkit.autopsy.datamodel.Accounts;
|
||||
import org.sleuthkit.autopsy.datamodel.CreditCards;
|
||||
import org.sleuthkit.datamodel.AbstractFile;
|
||||
import org.sleuthkit.datamodel.Account;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact.ARTIFACT_TYPE;
|
||||
import org.sleuthkit.datamodel.BlackboardAttribute;
|
||||
@ -52,8 +53,7 @@ final class TermComponentQuery implements KeywordSearchQuery {
|
||||
private static final boolean DEBUG = Version.Type.DEVELOPMENT.equals(Version.getBuildType());
|
||||
|
||||
private static final String MODULE_NAME = KeywordSearchModuleFactory.getModuleName();
|
||||
private static final BlackboardAttribute.Type SOLR_DOCUMENT_ID_TYPE = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SOLR_DOCUMENT_ID);
|
||||
private static final BlackboardAttribute.Type ACCOUNT_NUMBER_TYPE = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER);
|
||||
private static final BlackboardAttribute.Type KEYWORD_SEARCH_DOCUMENT_ID = new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_KEYWORD_SEARCH_DOCUMENT_ID);
|
||||
|
||||
//TODO: move these regex and the luhn check to a new class, something like: CreditCardNumberValidator
|
||||
/*
|
||||
@ -186,8 +186,13 @@ final class TermComponentQuery implements KeywordSearchQuery {
|
||||
Collection<BlackboardAttribute> attributes = new ArrayList<>();
|
||||
try {
|
||||
//if the keyword hit matched the credit card number keyword/regex...
|
||||
if (keyword.getType() == ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER) {
|
||||
newArtifact = hit.getContent().newArtifact(ARTIFACT_TYPE.TSK_CREDIT_CARD_ACCOUNT);
|
||||
if (keyword.getType() == ATTRIBUTE_TYPE.TSK_CARD_NUMBER) {
|
||||
newArtifact = hit.getContent().newArtifact(ARTIFACT_TYPE.TSK_ACCOUNT);
|
||||
final BlackboardAttribute attr = new BlackboardAttribute(
|
||||
new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE),
|
||||
MODULE_NAME, Account.Type.CREDIT_CARD.name());
|
||||
newArtifact.addAttribute(attr);
|
||||
|
||||
// make account artifact
|
||||
//try to match it against the track 1 regex
|
||||
Matcher matcher = TRACK1_PATTERN.matcher(hit.getSnippet());
|
||||
@ -204,31 +209,31 @@ final class TermComponentQuery implements KeywordSearchQuery {
|
||||
AbstractFile file = (AbstractFile) hit.getContent();
|
||||
if (file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNUSED_BLOCKS
|
||||
|| file.getType() == TskData.TSK_DB_FILES_TYPE_ENUM.UNALLOC_BLOCKS) {
|
||||
newArtifact.addAttribute(new BlackboardAttribute(SOLR_DOCUMENT_ID_TYPE, MODULE_NAME, hit.getSolrDocumentId()));
|
||||
newArtifact.addAttribute(new BlackboardAttribute(KEYWORD_SEARCH_DOCUMENT_ID, MODULE_NAME, hit.getSolrDocumentId()));
|
||||
}
|
||||
}
|
||||
|
||||
String ccn = newArtifact.getAttribute(ACCOUNT_NUMBER_TYPE).getValueString();
|
||||
final int iin = Integer.parseInt(ccn.substring(0, 8));
|
||||
String ccn = newArtifact.getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_CARD_NUMBER)).getValueString();
|
||||
final int bin = Integer.parseInt(ccn.substring(0, 8));
|
||||
|
||||
Accounts.IINInfo iinInfo = Accounts.getIINInfo(iin);
|
||||
CreditCards.BankIdentificationNumber binInfo = CreditCards.getBINInfo(bin);
|
||||
|
||||
if (iinInfo != null) {
|
||||
iinInfo.getScheme().ifPresent(scheme
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_CREDIT_CARD_SCHEME, scheme));
|
||||
iinInfo.getCardType().ifPresent(cardType
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_PAYMENT_CARD_TYPE, cardType));
|
||||
iinInfo.getBrand().ifPresent(brand
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_BRAND, brand));
|
||||
iinInfo.getBankName().ifPresent(bankName
|
||||
if (binInfo != null) {
|
||||
binInfo.getScheme().ifPresent(scheme
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_CARD_SCHEME, scheme));
|
||||
binInfo.getCardType().ifPresent(cardType
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_CARD_TYPE, cardType));
|
||||
binInfo.getBrand().ifPresent(brand
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_BRAND_NAME, brand));
|
||||
binInfo.getBankName().ifPresent(bankName
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_BANK_NAME, bankName));
|
||||
iinInfo.getBankPhoneNumber().ifPresent(phoneNumber
|
||||
binInfo.getBankPhoneNumber().ifPresent(phoneNumber
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER, phoneNumber));
|
||||
iinInfo.getBankURL().ifPresent(url
|
||||
binInfo.getBankURL().ifPresent(url
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_URL, url));
|
||||
iinInfo.getCountry().ifPresent(country
|
||||
binInfo.getCountry().ifPresent(country
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_COUNTRY, country));
|
||||
iinInfo.getBankCity().ifPresent(city
|
||||
binInfo.getBankCity().ifPresent(city
|
||||
-> addAttributeSafe(newArtifact, ATTRIBUTE_TYPE.TSK_CITY, city));
|
||||
}
|
||||
} else {
|
||||
@ -323,7 +328,7 @@ final class TermComponentQuery implements KeywordSearchQuery {
|
||||
for (Term term : terms) {
|
||||
final String termStr = KeywordSearchUtil.escapeLuceneQuery(term.getTerm());
|
||||
|
||||
if (keyword.getType() == ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER) {
|
||||
if (keyword.getType() == ATTRIBUTE_TYPE.TSK_CARD_NUMBER) {
|
||||
//If the keyword is a credit card number, pass it through luhn validator
|
||||
Matcher matcher = CCN_PATTERN.matcher(term.getTerm());
|
||||
matcher.find();
|
||||
@ -383,7 +388,7 @@ final class TermComponentQuery implements KeywordSearchQuery {
|
||||
BlackboardAttribute.Type type = new BlackboardAttribute.Type(attrType);
|
||||
if (artifact.getAttribute(type) == null) {
|
||||
String value = matcher.group(groupName);
|
||||
if (attrType.equals(ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER)) {
|
||||
if (attrType.equals(ATTRIBUTE_TYPE.TSK_CARD_NUMBER)) {
|
||||
value = CharMatcher.anyOf(" -").removeFrom(value);
|
||||
}
|
||||
if (StringUtils.isNotBlank(value)) {
|
||||
@ -404,11 +409,11 @@ final class TermComponentQuery implements KeywordSearchQuery {
|
||||
*/
|
||||
static private void parseTrack2Data(BlackboardArtifact artifact, Matcher matcher) throws IllegalArgumentException, TskCoreException {
|
||||
//try to add all the attrributes common to track 1 and 2
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_ACCOUNT_NUMBER, "accountNumber", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CREDIT_CARD_EXPIRATION, "expiration", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CREDIT_CARD_SERVICE_CODE, "serviceCode", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CREDIT_CARD_DISCRETIONARY, "discretionary", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CREDIT_CARD_LRC, "LRC", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CARD_NUMBER, "accountNumber", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CARD_EXPIRATION, "expiration", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CARD_SERVICE_CODE, "serviceCode", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CARD_DISCRETIONARY, "discretionary", matcher);
|
||||
addAttributeIfNotAlreadyCaptured(artifact, ATTRIBUTE_TYPE.TSK_CARD_LRC, "LRC", matcher);
|
||||
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user