mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-17 10:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated attributes associated with encryption artifact.

Browse Source
This commit is contained in:
Jeff Wallace 2013-12-13 13:28:17 -05:00
parent 78d44473f8
commit 199c347a79
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Core/src/org/sleuthkit/autopsy/report/ReportGenerator.java
View File

@ -998,7 +998,7 @@ public class ReportGenerator {
columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Program Name", "Text", "Source File"}));
break;
case TSK_ENCRYPTION_DETECTED:
columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Program Name", "Entropy", "Source File"}));
columnHeaders = new ArrayList<>(Arrays.asList(new String[] {"Name", "Source File"}));
break;
default:
return null;
@ -1324,6 +1324,10 @@ public class ReportGenerator {
orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_TEXT.getTypeID()));
orderedRowData.add(getFileUniquePath(getObjectID()));
break;
case TSK_ENCRYPTION_DETECTED:
orderedRowData.add(mappedAttributes.get(ATTRIBUTE_TYPE.TSK_NAME.getTypeID()));
orderedRowData.add(getFileUniquePath(getObjectID()));
break;
}
orderedRowData.add(makeCommaSeparatedList(getTags()));

6
SevenZip/src/org/sleuthkit/autopsy/sevenzip/SevenZipIngestModule.java
View File

@ -555,11 +555,7 @@ public final class SevenZipIngestModule extends IngestModuleAbstractFile {
String encryptionType = fullEncryption ? ENCRYPTION_FULL : ENCRYPTION_FILE_LEVEL;
try {
BlackboardArtifact artifact = archiveFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED);
artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID(),
MODULE_NAME, encryptionType));
//artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), MODULE_NAME, ...);
//artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ENTROPY.getTypeID(), MODULE_NAME, ...);
//@@@ We don't fire here because GEN_INFO isn't displayed in the tree.... Need to address how these should be displayed
artifact.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), MODULE_NAME, encryptionType));
services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED));
} catch (TskCoreException ex) {
logger.log(Level.SEVERE, "Error creating blackboard artifact for encryption detected for file: " + archiveFile, ex);