mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-17 18:17:43 +00:00
Cleanup
This commit is contained in:
Ann Priestman
parent
95cf6fb95f
commit
2e128fcbbd
@ -121,16 +121,6 @@ class IngestModule implements FileIngestModule {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Make a TSK_HASHSET_HIT blackboard artifact for global notable files
|
|
||||||
try {
|
|
||||||
if (dbManager.isArtifactlKnownBadByReference(filesType, md5)) {
|
|
||||||
postCorrelatedHashHitToBlackboard(af);
|
|
||||||
}
|
|
||||||
} catch (EamDbException ex) {
|
|
||||||
LOGGER.log(Level.SEVERE, "Error retrieving global known status.", ex); // NON-NLS
|
|
||||||
return ProcessResult.ERROR;
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
CorrelationAttribute eamArtifact = new CorrelationAttribute(filesType, md5);
|
CorrelationAttribute eamArtifact = new CorrelationAttribute(filesType, md5);
|
||||||
CorrelationAttributeInstance cefi = new CorrelationAttributeInstance(
|
CorrelationAttributeInstance cefi = new CorrelationAttributeInstance(
|
||||||
@ -307,33 +297,6 @@ class IngestModule implements FileIngestModule {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void postCorrelatedHashHitToBlackboard(AbstractFile abstractFile) {
|
|
||||||
try {
|
|
||||||
String MODULE_NAME = IngestModuleFactory.getModuleName();
|
|
||||||
BlackboardArtifact tifArtifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_HASHSET_HIT);
|
|
||||||
BlackboardAttribute att = new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME, MODULE_NAME,
|
|
||||||
Bundle.IngestModule_prevCaseComment_text());
|
|
||||||
tifArtifact.addAttribute(att);
|
|
||||||
|
|
||||||
try {
|
|
||||||
// index the artifact for keyword search
|
|
||||||
blackboard.indexArtifact(tifArtifact);
|
|
||||||
} catch (Blackboard.BlackboardException ex) {
|
|
||||||
LOGGER.log(Level.SEVERE, "Unable to index blackboard artifact " + tifArtifact.getArtifactID(), ex); //NON-NLS
|
|
||||||
}
|
|
||||||
|
|
||||||
// send inbox message
|
|
||||||
sendBadFileInboxMessage(tifArtifact, abstractFile.getName(), abstractFile.getMd5Hash());
|
|
||||||
|
|
||||||
// fire event to notify UI of this new artifact
|
|
||||||
services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT));
|
|
||||||
} catch (TskCoreException ex) {
|
|
||||||
LOGGER.log(Level.SEVERE, "Failed to create BlackboardArtifact.", ex); // NON-NLS
|
|
||||||
} catch (IllegalStateException ex) {
|
|
||||||
LOGGER.log(Level.SEVERE, "Failed to create BlackboardAttribute.", ex); // NON-NLS
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Post a message to the ingest inbox alerting the user that a bad file was
|
* Post a message to the ingest inbox alerting the user that a bad file was
|
||||||
* found.
|
* found.
|
||||||
|
|||||||
@ -37,6 +37,7 @@ import org.sleuthkit.autopsy.centralrepository.datamodel.EamDb;
|
|||||||
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDbException;
|
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDbException;
|
||||||
import org.sleuthkit.autopsy.centralrepository.datamodel.EamOrganization;
|
import org.sleuthkit.autopsy.centralrepository.datamodel.EamOrganization;
|
||||||
import org.sleuthkit.autopsy.centralrepository.optionspanel.AddNewOrganizationDialog;
|
import org.sleuthkit.autopsy.centralrepository.optionspanel.AddNewOrganizationDialog;
|
||||||
|
import org.sleuthkit.autopsy.centralrepository.optionspanel.ManageOrganizationsDialog;
|
||||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||||
import org.sleuthkit.autopsy.coreutils.ModuleSettings;
|
import org.sleuthkit.autopsy.coreutils.ModuleSettings;
|
||||||
import org.sleuthkit.autopsy.coreutils.PlatformUtil;
|
import org.sleuthkit.autopsy.coreutils.PlatformUtil;
|
||||||
@ -127,6 +128,7 @@ final class HashDbImportDatabaseDialog extends javax.swing.JDialog {
|
|||||||
readOnlyCheckbox.setEnabled(! isFileType);
|
readOnlyCheckbox.setEnabled(! isFileType);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@NbBundle.Messages({"HashDbImportDatabaseDialog.populateOrgsError.message=Failure loading organizations."})
|
||||||
private void populateCombobox() {
|
private void populateCombobox() {
|
||||||
orgComboBox.removeAllItems();
|
orgComboBox.removeAllItems();
|
||||||
try {
|
try {
|
||||||
@ -139,8 +141,8 @@ final class HashDbImportDatabaseDialog extends javax.swing.JDialog {
|
|||||||
selectedOrg = orgs.get(0);
|
selectedOrg = orgs.get(0);
|
||||||
}
|
}
|
||||||
} catch (EamDbException ex) {
|
} catch (EamDbException ex) {
|
||||||
ex.printStackTrace();
|
JOptionPane.showMessageDialog(null, Bundle.HashDbImportDatabaseDialog_populateOrgsError_message());
|
||||||
//LOGGER.log(Level.SEVERE, "Failure populating combobox with organizations.", ex);
|
Logger.getLogger(ImportCentralRepoDbProgressDialog.class.getName()).log(Level.SEVERE, "Failure loading organizations", ex);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -530,18 +532,19 @@ final class HashDbImportDatabaseDialog extends javax.swing.JDialog {
|
|||||||
}//GEN-LAST:event_centralRepoRadioButtonActionPerformed
|
}//GEN-LAST:event_centralRepoRadioButtonActionPerformed
|
||||||
|
|
||||||
private void orgButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_orgButtonActionPerformed
|
private void orgButtonActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_orgButtonActionPerformed
|
||||||
AddNewOrganizationDialog dialogO = new AddNewOrganizationDialog();
|
ManageOrganizationsDialog dialog = new ManageOrganizationsDialog();
|
||||||
// update the combobox options
|
// update the combobox options
|
||||||
if (dialogO.isChanged()) {
|
if (dialog.isChanged()) {
|
||||||
populateCombobox();
|
populateCombobox();
|
||||||
}
|
}
|
||||||
}//GEN-LAST:event_orgButtonActionPerformed
|
}//GEN-LAST:event_orgButtonActionPerformed
|
||||||
|
|
||||||
private void orgComboBoxActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_orgComboBoxActionPerformed
|
private void orgComboBoxActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_orgComboBoxActionPerformed
|
||||||
JComboBox<String> cb = (JComboBox<String>)evt.getSource();
|
//JComboBox<String> cb = (JComboBox<String>)evt.getSource();
|
||||||
String orgName = (String)cb.getSelectedItem();
|
//String orgName = (String)cb.getSelectedItem();
|
||||||
if (null == orgName) return;
|
|
||||||
|
|
||||||
|
if (null == orgComboBox.getSelectedItem()) return;
|
||||||
|
String orgName = this.orgComboBox.getSelectedItem().toString();
|
||||||
for (EamOrganization org : orgs) {
|
for (EamOrganization org : orgs) {
|
||||||
if (org.getName().equals(orgName)) {
|
if (org.getName().equals(orgName)) {
|
||||||
selectedOrg = org;
|
selectedOrg = org;
|
||||||
|
|||||||
@ -246,16 +246,6 @@ public class HashDbManager implements PropertyChangeListener {
|
|||||||
return hashDb;
|
return hashDb;
|
||||||
}
|
}
|
||||||
|
|
||||||
static HashDatabase convertHashDbInfo(HashDbInfo info, int handle) throws TskCoreException{
|
|
||||||
if(info.isFileDatabaseType()){
|
|
||||||
return new HashDb(handle, info.getHashSetName(), info.getSearchDuringIngest(), info.getSendIngestMessages(),
|
|
||||||
info.getKnownFilesType());
|
|
||||||
} else if(info.isCentralRepoDatabaseType()){
|
|
||||||
throw new TskCoreException("Not implemented yet");
|
|
||||||
}
|
|
||||||
throw new TskCoreException("Invalid database type in HashDbInfo");
|
|
||||||
}
|
|
||||||
|
|
||||||
private HashDb addFileTypeHashDatabase(int handle, String hashSetName, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws TskCoreException {
|
private HashDb addFileTypeHashDatabase(int handle, String hashSetName, boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType) throws TskCoreException {
|
||||||
// Wrap an object around the handle.
|
// Wrap an object around the handle.
|
||||||
HashDb hashDb = new HashDb(handle, hashSetName, searchDuringIngest, sendIngestMessages, knownFilesType);
|
HashDb hashDb = new HashDb(handle, hashSetName, searchDuringIngest, sendIngestMessages, knownFilesType);
|
||||||
@ -322,93 +312,6 @@ public class HashDbManager implements PropertyChangeListener {
|
|||||||
return db;
|
return db;
|
||||||
|
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
public CentralRepoHashDb importCentralRepoHashSet(String hashSetName, String version, int orgId,
|
|
||||||
boolean searchDuringIngest, boolean sendIngestMessages, HashDb.KnownFilesType knownFilesType,
|
|
||||||
String importFile) throws TskCoreException {
|
|
||||||
|
|
||||||
int crIndex;
|
|
||||||
|
|
||||||
try{
|
|
||||||
// Create an empty hashset in the central repository
|
|
||||||
crIndex = EamDb.getInstance().newReferenceSet(orgId, hashSetName, version);
|
|
||||||
} catch (EamDbException ex){
|
|
||||||
throw new TskCoreException(ex.getLocalizedMessage());
|
|
||||||
}
|
|
||||||
|
|
||||||
try{
|
|
||||||
// Import the hashes
|
|
||||||
|
|
||||||
TskData.FileKnown knownStatus;
|
|
||||||
if (knownFilesType.equals(HashDb.KnownFilesType.KNOWN)) {
|
|
||||||
knownStatus = TskData.FileKnown.KNOWN;
|
|
||||||
} else {
|
|
||||||
knownStatus = TskData.FileKnown.BAD;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Future, make UI handle more than the "FILES" type.
|
|
||||||
|
|
||||||
EamDb dbManager = EamDb.getInstance();
|
|
||||||
CorrelationAttribute.Type contentType = dbManager.getCorrelationTypeById(CorrelationAttribute.FILES_TYPE_ID); // get "FILES" type
|
|
||||||
BufferedReader reader = new BufferedReader(new FileReader(importFile));
|
|
||||||
String line;
|
|
||||||
Set<EamGlobalFileInstance> globalInstances = new HashSet<>();
|
|
||||||
|
|
||||||
long totalLines = Files.lines(new File(importFile).toPath()).count();
|
|
||||||
|
|
||||||
int numLines = 0;
|
|
||||||
while ((line = reader.readLine()) != null) {
|
|
||||||
|
|
||||||
String[] parts = line.split("\\|");
|
|
||||||
|
|
||||||
// Header lines start with a 41 character dummy hash, 1 character longer than a SHA-1 hash
|
|
||||||
if (parts.length != 2 || parts[0].length() == 41) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
EamGlobalFileInstance eamGlobalFileInstance = new EamGlobalFileInstance(
|
|
||||||
crIndex,
|
|
||||||
parts[0].toLowerCase(),
|
|
||||||
knownStatus,
|
|
||||||
"");
|
|
||||||
|
|
||||||
globalInstances.add(eamGlobalFileInstance);
|
|
||||||
|
|
||||||
if(numLines % 1000 == 0){
|
|
||||||
dbManager.bulkInsertReferenceTypeEntries(globalInstances, contentType);
|
|
||||||
globalInstances.clear();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
dbManager.bulkInsertReferenceTypeEntries(globalInstances, contentType);
|
|
||||||
|
|
||||||
// this should wait until after init
|
|
||||||
CentralRepoHashDb hashDb = new CentralRepoHashDb(hashSetName, version, crIndex,
|
|
||||||
searchDuringIngest, sendIngestMessages, knownFilesType);
|
|
||||||
|
|
||||||
// Add the hash database to the collection
|
|
||||||
hashSets.add(hashDb);
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// Let any external listeners know that there's a new set
|
|
||||||
try {
|
|
||||||
changeSupport.firePropertyChange(SetEvt.DB_ADDED.toString(), null, hashSetName);
|
|
||||||
} catch (Exception e) {
|
|
||||||
logger.log(Level.SEVERE, "HashDbManager listener threw exception", e); //NON-NLS
|
|
||||||
MessageNotifyUtil.Notify.show(
|
|
||||||
NbBundle.getMessage(this.getClass(), "HashDbManager.moduleErr"),
|
|
||||||
NbBundle.getMessage(this.getClass(), "HashDbManager.moduleErrorListeningToUpdatesMsg"),
|
|
||||||
MessageNotifyUtil.MessageType.ERROR);
|
|
||||||
}
|
|
||||||
return hashDb;
|
|
||||||
|
|
||||||
} catch (Exception ex){
|
|
||||||
// TODO
|
|
||||||
ex.printStackTrace();
|
|
||||||
throw new TskCoreException(ex.getLocalizedMessage());
|
|
||||||
}
|
|
||||||
}*/
|
|
||||||
|
|
||||||
synchronized void indexHashDatabase(HashDb hashDb) {
|
synchronized void indexHashDatabase(HashDb hashDb) {
|
||||||
hashDb.addPropertyChangeListener(this);
|
hashDb.addPropertyChangeListener(this);
|
||||||
@ -668,7 +571,7 @@ public class HashDbManager implements PropertyChangeListener {
|
|||||||
globalSet.getGlobalSetID(), globalSet.getKnownStatus(), globalSet.isReadOnly(), false, sendIngestMessages));
|
globalSet.getGlobalSetID(), globalSet.getKnownStatus(), globalSet.isReadOnly(), false, sendIngestMessages));
|
||||||
}
|
}
|
||||||
} catch (EamDbException ex){
|
} catch (EamDbException ex){
|
||||||
ex.printStackTrace();
|
Logger.getLogger(HashDbManager.class.getName()).log(Level.SEVERE, "Error loading central repository hash sets", ex); //NON-NLS
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return crHashSets;
|
return crHashSets;
|
||||||
@ -1486,14 +1389,15 @@ public class HashDbManager implements PropertyChangeListener {
|
|||||||
* @throws TskCoreException
|
* @throws TskCoreException
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public boolean isValid() throws TskCoreException {
|
public boolean isValid() {
|
||||||
if(! EamDb.isEnabled()) {
|
if(! EamDb.isEnabled()) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
try{
|
try{
|
||||||
return EamDb.getInstance().referenceSetIsValid(this.centralRepoIndex, this.hashSetName, this.version);
|
return EamDb.getInstance().referenceSetIsValid(this.centralRepoIndex, this.hashSetName, this.version);
|
||||||
} catch (EamDbException ex){
|
} catch (EamDbException ex){
|
||||||
throw new TskCoreException(ex.getLocalizedMessage());
|
Logger.getLogger(CentralRepoHashDb.class.getName()).log(Level.SEVERE, "Error validating hash database " + hashSetName, ex); //NON-NLS
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -174,13 +174,13 @@ public final class HashLookupModuleSettingsPanel extends IngestModuleIngestJobSe
|
|||||||
}
|
}
|
||||||
|
|
||||||
private boolean isHashDbValid(HashDatabase hashDb) {
|
private boolean isHashDbValid(HashDatabase hashDb) {
|
||||||
boolean indexed = false;
|
boolean isValid = false;
|
||||||
try {
|
try {
|
||||||
indexed = hashDb.isValid();
|
isValid = hashDb.isValid();
|
||||||
} catch (TskCoreException ex) {
|
} catch (TskCoreException ex) {
|
||||||
Logger.getLogger(HashLookupModuleSettingsPanel.class.getName()).log(Level.SEVERE, "Error getting indexed status info for hash set (name = " + hashDb.getHashSetName() + ")", ex); //NON-NLS
|
Logger.getLogger(HashLookupModuleSettingsPanel.class.getName()).log(Level.SEVERE, "Error checking validity for hash set (name = " + hashDb.getHashSetName() + ")", ex); //NON-NLS
|
||||||
}
|
}
|
||||||
return indexed;
|
return isValid;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final class HashSetModel {
|
private static final class HashSetModel {
|
||||||
|
|||||||
@ -358,7 +358,7 @@ final class HashLookupSettings implements Serializable {
|
|||||||
} else {
|
} else {
|
||||||
this.path = fileTypeDb.getDatabasePath();
|
this.path = fileTypeDb.getDatabasePath();
|
||||||
}
|
}
|
||||||
} else {// if(db instanceof HashDbManager.CentralRepoHashDb){
|
} else {
|
||||||
HashDbManager.CentralRepoHashDb centralRepoDb = (HashDbManager.CentralRepoHashDb)db;
|
HashDbManager.CentralRepoHashDb centralRepoDb = (HashDbManager.CentralRepoHashDb)db;
|
||||||
this.hashSetName = centralRepoDb.getHashSetName();
|
this.hashSetName = centralRepoDb.getHashSetName();
|
||||||
this.version = centralRepoDb.getVersion();
|
this.version = centralRepoDb.getVersion();
|
||||||
@ -369,9 +369,7 @@ final class HashLookupSettings implements Serializable {
|
|||||||
this.path = "";
|
this.path = "";
|
||||||
this.centralRepoIndex = centralRepoDb.getCentralRepoIndex();
|
this.centralRepoIndex = centralRepoDb.getCentralRepoIndex();
|
||||||
this.dbType = DatabaseType.CENTRAL_REPOSITORY;
|
this.dbType = DatabaseType.CENTRAL_REPOSITORY;
|
||||||
} //else {
|
}
|
||||||
// throw new TskCoreException("Unknown hash database type");
|
|
||||||
//}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -172,7 +172,7 @@ class ImportCentralRepoDbProgressDialog extends javax.swing.JDialog implements P
|
|||||||
*/
|
*/
|
||||||
final long getEstimatedTotalHashes(){
|
final long getEstimatedTotalHashes(){
|
||||||
long fileSize = importFile.length();
|
long fileSize = importFile.length();
|
||||||
return (fileSize / 0x33); // IDX file lines are generally 0x33 bytes long
|
return (fileSize / 0x33 + 1); // IDX file lines are generally 0x33 bytes long, and we don't want this to be zero
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user