mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-15 09:17:42 +00:00
Merge pull request #1862 from narfindustries/1501-ja-core-mod-vmext
1501 ja core mod vmext
This commit is contained in:
Richard Cordovano
commit
1c89c7f53c
@ -5,4 +5,8 @@ VMExtractorIngestModule.cannotCreateOutputDir.message=Unable to create output di
|
|||||||
VMExtractorIngestModule.addedVirtualMachineImage.message=Added virtual machine image {0}
|
VMExtractorIngestModule.addedVirtualMachineImage.message=Added virtual machine image {0}
|
||||||
VMExtractorIngestModule.searchingImage.message=Searching image for virtual machine files
|
VMExtractorIngestModule.searchingImage.message=Searching image for virtual machine files
|
||||||
VMExtractorIngestModule.exportingToDisk.message=Exporting virtual machine files to disk
|
VMExtractorIngestModule.exportingToDisk.message=Exporting virtual machine files to disk
|
||||||
VMExtractorIngestModule.queuingIngestJobs.message=Queuing ingest jobs for extracted virtual machines
|
VMExtractorIngestModule.queuingIngestJobs.message=Queuing ingest jobs for extracted virtual machines
|
||||||
|
VMExtractorIngestModule.msgNotify.failedExtractVM.title.txt=Failed to extract virtual machine file
|
||||||
|
VMExtractorIngestModule.msgNotify.failedExtractVM.msg.txt=Failed to write virtual machine file {0} to disk.
|
||||||
|
VMExtractorIngestModule.msgNotify.failedIngestVM.title.txt=Failed to ingest virtual machine
|
||||||
|
VMExtractorIngestModule.msgNotify.failedIngestVM.msg.txt=Failed to ingest virtual machine file {0}
|
||||||
@ -81,7 +81,7 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (null == parentDataSourceId) {
|
if (null == parentDataSourceId) {
|
||||||
throw new IngestModuleException(String.format("Data source %s missing unique id", context.getDataSource().getName()));
|
throw new IngestModuleException(String.format("Data source %s missing unique id", context.getDataSource().getName())); //NON-NLS
|
||||||
}
|
}
|
||||||
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy_MM_dd_HH_mm_ss");
|
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy_MM_dd_HH_mm_ss");
|
||||||
String timeStamp = dateFormat.format(Calendar.getInstance().getTime());
|
String timeStamp = dateFormat.format(Calendar.getInstance().getTime());
|
||||||
@ -108,19 +108,19 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
// Not sure how long it will take for search to complete.
|
// Not sure how long it will take for search to complete.
|
||||||
progressBar.switchToIndeterminate();
|
progressBar.switchToIndeterminate();
|
||||||
|
|
||||||
logger.log(Level.INFO, "Looking for virtual machine files in data source {0}", dataSource.getName());
|
logger.log(Level.INFO, "Looking for virtual machine files in data source {0}", dataSource.getName()); //NON-NLS
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// look for all VM files
|
// look for all VM files
|
||||||
vmFiles = findVirtualMachineFiles(dataSource);
|
vmFiles = findVirtualMachineFiles(dataSource);
|
||||||
} catch (TskCoreException ex) {
|
} catch (TskCoreException ex) {
|
||||||
logger.log(Level.SEVERE, "Error querying case database", ex);
|
logger.log(Level.SEVERE, "Error querying case database", ex); //NON-NLS
|
||||||
return ProcessResult.ERROR;
|
return ProcessResult.ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (vmFiles.isEmpty()) {
|
if (vmFiles.isEmpty()) {
|
||||||
// no VM files found
|
// no VM files found
|
||||||
logger.log(Level.INFO, "No virtual machine files found in data source {0}", dataSource.getName());
|
logger.log(Level.INFO, "No virtual machine files found in data source {0}", dataSource.getName()); //NON-NLS
|
||||||
return ProcessResult.OK;
|
return ProcessResult.OK;
|
||||||
}
|
}
|
||||||
// display progress for saving each VM file to disk
|
// display progress for saving each VM file to disk
|
||||||
@ -133,7 +133,7 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
logger.log(Level.INFO, "Saving virtual machine file {0} to disk", vmFile.getName());
|
logger.log(Level.INFO, "Saving virtual machine file {0} to disk", vmFile.getName()); //NON-NLS
|
||||||
|
|
||||||
// get vmFolderPathInsideTheImage to the folder where VM is located
|
// get vmFolderPathInsideTheImage to the folder where VM is located
|
||||||
String vmFolderPathInsideTheImage = vmFile.getParentPath();
|
String vmFolderPathInsideTheImage = vmFile.getParentPath();
|
||||||
@ -155,15 +155,16 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
try {
|
try {
|
||||||
writeVirtualMachineToDisk(vmFile, outputFolderForThisVM);
|
writeVirtualMachineToDisk(vmFile, outputFolderForThisVM);
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
logger.log(Level.SEVERE, "Failed to write virtual machine file "+vmFile.getName()+" to folder "+outputFolderForThisVM, ex);
|
logger.log(Level.SEVERE, "Failed to write virtual machine file "+vmFile.getName()+" to folder "+outputFolderForThisVM, ex); //NON-NLS
|
||||||
MessageNotifyUtil.Notify.error("Failed to extract virtual machine file", String.format("Failed to write virtual machine file %s to disk", vmFile.getName()));
|
MessageNotifyUtil.Notify.error(NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.msgNotify.failedExtractVM.title.txt"),
|
||||||
|
NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.msgNotify.failedExtractVM.msg.txt", vmFile.getName()));
|
||||||
}
|
}
|
||||||
|
|
||||||
// Update progress bar
|
// Update progress bar
|
||||||
numFilesSaved++;
|
numFilesSaved++;
|
||||||
progressBar.progress(NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.exportingToDisk.message"), numFilesSaved);
|
progressBar.progress(NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.exportingToDisk.message"), numFilesSaved);
|
||||||
}
|
}
|
||||||
logger.log(Level.INFO, "Finished saving virtual machine files to disk");
|
logger.log(Level.INFO, "Finished saving virtual machine files to disk"); //NON-NLS
|
||||||
|
|
||||||
// update progress bar
|
// update progress bar
|
||||||
progressBar.switchToDeterminate(imageFolderToOutputFolder.size());
|
progressBar.switchToDeterminate(imageFolderToOutputFolder.size());
|
||||||
@ -180,26 +181,27 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
List<String> vmFilesToIngest = VirtualMachineFinder.identifyVirtualMachines(Paths.get(folder));
|
List<String> vmFilesToIngest = VirtualMachineFinder.identifyVirtualMachines(Paths.get(folder));
|
||||||
for (String file : vmFilesToIngest) {
|
for (String file : vmFilesToIngest) {
|
||||||
try {
|
try {
|
||||||
logger.log(Level.INFO, "Ingesting virtual machine file {0} in folder {1}", new Object[]{file, folder});
|
logger.log(Level.INFO, "Ingesting virtual machine file {0} in folder {1}", new Object[]{file, folder}); //NON-NLS
|
||||||
|
|
||||||
// for extracted virtual machines there is no manifest XML file to read data source ID from so we need to create one
|
// for extracted virtual machines there is no manifest XML file to read data source ID from so we need to create one
|
||||||
numDataSourcesQueued++;
|
numDataSourcesQueued++;
|
||||||
String dataSourceID = parentDataSourceId + "-VM" + numDataSourcesQueued;
|
String dataSourceID = parentDataSourceId + "-VM" + numDataSourcesQueued; //NON-NLS
|
||||||
// ingest the data sources
|
// ingest the data sources
|
||||||
ingestVirtualMachineImage(Paths.get(folder, file), dataSourceID);
|
ingestVirtualMachineImage(Paths.get(folder, file), dataSourceID);
|
||||||
logger.log(Level.INFO, "Ingest complete for virtual machine file {0} in folder {1}", new Object[]{file, folder});
|
logger.log(Level.INFO, "Ingest complete for virtual machine file {0} in folder {1}", new Object[]{file, folder}); //NON-NLS
|
||||||
} catch (InterruptedException ex) {
|
} catch (InterruptedException ex) {
|
||||||
logger.log(Level.INFO, "Interrupted while ingesting virtual machine file "+file+" in folder "+folder, ex);
|
logger.log(Level.INFO, "Interrupted while ingesting virtual machine file "+file+" in folder "+folder, ex); //NON-NLS
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
logger.log(Level.SEVERE, "Failed to ingest virtual machine file "+file+" in folder "+folder, ex);
|
logger.log(Level.SEVERE, "Failed to ingest virtual machine file "+file+" in folder "+folder, ex); //NON-NLS
|
||||||
MessageNotifyUtil.Notify.error("Failed to ingest virtual machine", String.format("Failed to ingest virtual machine file %s", file));
|
MessageNotifyUtil.Notify.error(NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.msgNotify.failedIngestVM.title.txt"),
|
||||||
|
NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.msgNotify.failedIngestVM.msg.txt", file));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Update progress bar
|
// Update progress bar
|
||||||
numJobsQueued++;
|
numJobsQueued++;
|
||||||
progressBar.progress(NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.queuingIngestJobs.message"), numJobsQueued);
|
progressBar.progress(NbBundle.getMessage(this.getClass(), "VMExtractorIngestModule.queuingIngestJobs.message"), numJobsQueued);
|
||||||
}
|
}
|
||||||
logger.log(Level.INFO, "VMExtractorIngestModule completed processing of data source {0}", dataSource.getName());
|
logger.log(Level.INFO, "VMExtractorIngestModule completed processing of data source {0}", dataSource.getName()); //NON-NLS
|
||||||
return ProcessResult.OK;
|
return ProcessResult.OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -278,7 +280,7 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
List<Content> dataSourceContent = new ArrayList<>(dspCallback.vmDataSources);
|
List<Content> dataSourceContent = new ArrayList<>(dspCallback.vmDataSources);
|
||||||
IngestJobSettings ingestJobSettings = new IngestJobSettings(context.getExecutionContext());
|
IngestJobSettings ingestJobSettings = new IngestJobSettings(context.getExecutionContext());
|
||||||
for (String warning : ingestJobSettings.getWarnings()) {
|
for (String warning : ingestJobSettings.getWarnings()) {
|
||||||
logger.log(Level.WARNING, String.format("Ingest job settings warning for virtual machine file %s : %s", vmFile.toString(), warning));
|
logger.log(Level.WARNING, String.format("Ingest job settings warning for virtual machine file %s : %s", vmFile.toString(), warning)); //NON-NLS
|
||||||
}
|
}
|
||||||
IngestServices.getInstance().postMessage(IngestMessage.createMessage(IngestMessage.MessageType.INFO,
|
IngestServices.getInstance().postMessage(IngestMessage.createMessage(IngestMessage.MessageType.INFO,
|
||||||
VMExtractorIngestModuleFactory.getModuleName(),
|
VMExtractorIngestModuleFactory.getModuleName(),
|
||||||
@ -333,7 +335,7 @@ final class VMExtractorIngestModule extends DataSourceIngestModuleAdapter {
|
|||||||
@Override
|
@Override
|
||||||
public void done(DataSourceProcessorCallback.DataSourceProcessorResult result, List<String> errList, List<Content> content) {
|
public void done(DataSourceProcessorCallback.DataSourceProcessorResult result, List<String> errList, List<Content> content) {
|
||||||
for (String error : errList) {
|
for (String error : errList) {
|
||||||
String logMessage = String.format("Data source processor error for virtual machine file %s: %s", vmFile.toString(), error);
|
String logMessage = String.format("Data source processor error for virtual machine file %s: %s", vmFile.toString(), error); //NON-NLS
|
||||||
if (DataSourceProcessorCallback.DataSourceProcessorResult.CRITICAL_ERRORS == result) {
|
if (DataSourceProcessorCallback.DataSourceProcessorResult.CRITICAL_ERRORS == result) {
|
||||||
logger.log(Level.SEVERE, logMessage);
|
logger.log(Level.SEVERE, logMessage);
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -50,7 +50,7 @@ public final class VirtualMachineFinder {
|
|||||||
vmFiltersList.add(virtualMachineFilter);
|
vmFiltersList.add(virtualMachineFilter);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final List<String> VMDK_EXTS = Arrays.asList(new String[]{".vmdk"});
|
private static final List<String> VMDK_EXTS = Arrays.asList(new String[]{".vmdk"}); //NON-NLS
|
||||||
private static final GeneralFilter vmdkFilter = new GeneralFilter(VMDK_EXTS, "");
|
private static final GeneralFilter vmdkFilter = new GeneralFilter(VMDK_EXTS, "");
|
||||||
private static final List<FileFilter> vmdkFiltersList = new ArrayList<>();
|
private static final List<FileFilter> vmdkFiltersList = new ArrayList<>();
|
||||||
|
|
||||||
@ -135,7 +135,7 @@ public final class VirtualMachineFinder {
|
|||||||
// line doesn't have enough fields, can't be an extent descriptor
|
// line doesn't have enough fields, can't be an extent descriptor
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (splited[0].equals("RW") || splited[0].equals("RDONLY") || splited[0].equals("NOACCESS")) {
|
if (splited[0].equals("RW") || splited[0].equals("RDONLY") || splited[0].equals("NOACCESS")) { //NON-NLS
|
||||||
// found an extent descriptor
|
// found an extent descriptor
|
||||||
// remove quotation marks around the file name
|
// remove quotation marks around the file name
|
||||||
String extentFileName = splited[FILE_NAME_FIELD_INDX_IN_EXTENT_DESCRIPTOR].replace("\"", "");
|
String extentFileName = splited[FILE_NAME_FIELD_INDX_IN_EXTENT_DESCRIPTOR].replace("\"", "");
|
||||||
@ -145,7 +145,7 @@ public final class VirtualMachineFinder {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
logger.log(Level.WARNING, String.format("Error while parsing vmdk descriptor file %s", file.toString()), ex);
|
logger.log(Level.WARNING, String.format("Error while parsing vmdk descriptor file %s", file.toString()), ex); //NON-NLS
|
||||||
}
|
}
|
||||||
return extentFiles;
|
return extentFiles;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user