mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-08 06:09:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

4961 minor pre-story clean up of some classes

Browse Source
This commit is contained in:
William Schaefer 2019-05-09 15:02:32 -04:00
parent c7fa007a04
commit 3d6475958b
4 changed files with 91 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Core/src/org/sleuthkit/autopsy/contentviewers/MediaFileViewer.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2011-2018 Basis Technology Corp. * Copyright 2011-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
*s *s
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -36,6 +36,7 @@ import org.sleuthkit.datamodel.AbstractFile;
class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer { class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer {
private static final Logger LOGGER = Logger.getLogger(MediaFileViewer.class.getName()); private static final Logger LOGGER = Logger.getLogger(MediaFileViewer.class.getName());
private static final long serialVersionUID = 1L;
private AbstractFile lastFile; private AbstractFile lastFile;
//UI //UI
private MediaPlayerPanel mediaPlayerPanel; private MediaPlayerPanel mediaPlayerPanel;
@ -48,7 +49,7 @@ class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer {
/** /**
* Creates a new MediaFileViewer. * Creates a new MediaFileViewer.
*/ */
public MediaFileViewer() { MediaFileViewer() {
initComponents(); initComponents();

4
Core/src/org/sleuthkit/autopsy/contentviewers/PListViewer.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2018 Basis Technology Corp. * Copyright 2018-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -79,7 +79,7 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
/** /**
* Creates new form PListViewer * Creates new form PListViewer
*/ */
public PListViewer() { PListViewer() {
// Create an Outlineview and add to the panel // Create an Outlineview and add to the panel
outlineView = new org.openide.explorer.view.OutlineView(); outlineView = new org.openide.explorer.view.OutlineView();

16
Core/src/org/sleuthkit/autopsy/contentviewers/SQLiteViewer.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2018 Basis Technology Corp. * Copyright 2018-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -74,7 +74,7 @@ class SQLiteViewer extends javax.swing.JPanel implements FileTypeViewer {
/** /**
* Constructs a file content viewer for SQLite database files. * Constructs a file content viewer for SQLite database files.
*/ */
public SQLiteViewer() { SQLiteViewer() {
initComponents(); initComponents();
jTableDataPanel.add(selectedTableView, BorderLayout.CENTER); jTableDataPanel.add(selectedTableView, BorderLayout.CENTER);
} }
@ -544,19 +544,19 @@ class SQLiteViewer extends javax.swing.JPanel implements FileTypeViewer {
@Override @Override
public void accept(String columnName) { public void accept(String columnName) {
columnIndex++; columnIndex++;
String csvString = columnName;
//Format the value to adhere to the format of a CSV file //Format the value to adhere to the format of a CSV file
if (columnIndex == 1) { if (columnIndex == 1) {
columnName = "\"" + columnName + "\""; csvString = "\"" + csvString + "\"";
} else { } else {
columnName = ",\"" + columnName + "\""; csvString = ",\"" + csvString + "\"";
} }
if (columnIndex == totalColumnCount) { if (columnIndex == totalColumnCount) {
columnName += "\n"; csvString += "\n";
} }
try { try {
out.write(columnName.getBytes()); out.write(csvString.getBytes());
} catch (IOException ex) { } catch (IOException ex) {
/* /*
* If we can no longer write to the output stream, toss a * If we can no longer write to the output stream, toss a
@ -613,7 +613,7 @@ class SQLiteViewer extends javax.swing.JPanel implements FileTypeViewer {
*/ */
throw new RuntimeException(ex); throw new RuntimeException(ex);
} }
rowIndex = rowIndex % totalColumnCount; rowIndex %= totalColumnCount;
} }
}; };
} }

55
Core/src/org/sleuthkit/autopsy/modules/stix/EvalRegistryObj.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2013-2018 Basis Technology Corp. * Copyright 2013-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -18,12 +18,15 @@
*/ */
package org.sleuthkit.autopsy.modules.stix; package org.sleuthkit.autopsy.modules.stix;
import com.williballenthin.rejistry.RegistryHiveFile;
import com.williballenthin.rejistry.RegistryKey;
import com.williballenthin.rejistry.RegistryParseException;
import com.williballenthin.rejistry.RegistryValue;
import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.TskCoreException; import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.datamodel.Content; import org.sleuthkit.datamodel.Content;
import org.sleuthkit.autopsy.datamodel.ContentUtils; import org.sleuthkit.autopsy.datamodel.ContentUtils;
import org.sleuthkit.datamodel.AbstractFile; import org.sleuthkit.datamodel.AbstractFile;
import java.util.List; import java.util.List;
import java.util.ArrayList; import java.util.ArrayList;
import java.io.IOException; import java.io.IOException;
@ -31,10 +34,8 @@ import java.io.UnsupportedEncodingException;
import java.io.File; import java.io.File;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import org.mitre.cybox.objects.WindowsRegistryKey; import org.mitre.cybox.objects.WindowsRegistryKey;
import org.mitre.cybox.common_2.ConditionTypeEnum; import org.mitre.cybox.common_2.ConditionTypeEnum;
import com.williballenthin.rejistry.*;
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException; import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
/** /**
@ -43,9 +44,9 @@ import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
class EvalRegistryObj extends EvaluatableObject { class EvalRegistryObj extends EvaluatableObject {
private final WindowsRegistryKey obj; private final WindowsRegistryKey obj;
private final List<RegistryFileInfo> regFiles = new ArrayList<RegistryFileInfo>(); private final List<RegistryFileInfo> regFiles = new ArrayList<>();
public EvalRegistryObj(WindowsRegistryKey a_obj, String a_id, String a_spacing, List<RegistryFileInfo> a_regFiles) { EvalRegistryObj(WindowsRegistryKey a_obj, String a_id, String a_spacing, List<RegistryFileInfo> a_regFiles) {
obj = a_obj; obj = a_obj;
id = a_id; id = a_id;
spacing = a_spacing; spacing = a_spacing;
@ -80,7 +81,7 @@ class EvalRegistryObj extends EvaluatableObject {
setUnsupportedFieldWarnings(); setUnsupportedFieldWarnings();
// Make a list of hives to test // Make a list of hives to test
List<RegistryFileInfo> hiveList = new ArrayList<RegistryFileInfo>(); List<RegistryFileInfo> hiveList = new ArrayList<>();
if (obj.getHive() == null) { if (obj.getHive() == null) {
// If the hive field is missing, add everything // If the hive field is missing, add everything
hiveList.addAll(regFiles); hiveList.addAll(regFiles);
@ -88,9 +89,9 @@ class EvalRegistryObj extends EvaluatableObject {
// If the hive name is HKEY_LOCAL_MACHINE, add the ones from the config directory. // If the hive name is HKEY_LOCAL_MACHINE, add the ones from the config directory.
// Otherwise, add the others // Otherwise, add the others
for (RegistryFileInfo regFile : regFiles) { for (RegistryFileInfo regFile : regFiles) {
if (regFile.abstractFile.getParentPath() != null) { if (regFile.getAbstractFile().getParentPath() != null) {
Pattern pattern = Pattern.compile("system32", Pattern.CASE_INSENSITIVE); Pattern pattern = Pattern.compile("system32", Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(regFile.abstractFile.getParentPath()); Matcher matcher = pattern.matcher(regFile.getAbstractFile().getParentPath());
if (matcher.find()) { if (matcher.find()) {
// Looking for system files and found one, so add it to the list // Looking for system files and found one, so add it to the list
if (obj.getHive().getValue().toString().equalsIgnoreCase("HKEY_LOCAL_MACHINE")) { //NON-NLS if (obj.getHive().getValue().toString().equalsIgnoreCase("HKEY_LOCAL_MACHINE")) { //NON-NLS
@ -112,7 +113,7 @@ class EvalRegistryObj extends EvaluatableObject {
Pattern pattern = Pattern.compile("Temp.STIX." + stixHiveName, Pattern.CASE_INSENSITIVE); Pattern pattern = Pattern.compile("Temp.STIX." + stixHiveName, Pattern.CASE_INSENSITIVE);
for (RegistryFileInfo hive : regFiles) { for (RegistryFileInfo hive : regFiles) {
Matcher matcher = pattern.matcher(hive.tempFileName); Matcher matcher = pattern.matcher(hive.getTempFileName());
if (matcher.find()) { if (matcher.find()) {
hiveList.add(hive); hiveList.add(hive);
} }
@ -163,7 +164,7 @@ class EvalRegistryObj extends EvaluatableObject {
*/ */
private ObservableResult testRegistryFile(RegistryFileInfo a_regInfo) { private ObservableResult testRegistryFile(RegistryFileInfo a_regInfo) {
try { try {
RegistryKey root = openRegistry(a_regInfo.tempFileName); RegistryKey root = openRegistry(a_regInfo.getTempFileName());
RegistryKey result = findKey(root, obj.getKey().getValue().toString()); RegistryKey result = findKey(root, obj.getKey().getValue().toString());
if (result == null) { if (result == null) {
@ -192,8 +193,8 @@ class EvalRegistryObj extends EvaluatableObject {
if ((obj.getValues() == null) || (obj.getValues().getValues().isEmpty())) { if ((obj.getValues() == null) || (obj.getValues().getValues().isEmpty())) {
// No values to test // No values to test
List<StixArtifactData> artData = new ArrayList<StixArtifactData>(); List<StixArtifactData> artData = new ArrayList<>();
artData.add(new StixArtifactData(a_regInfo.abstractFile.getId(), id, "Registry")); //NON-NLS artData.add(new StixArtifactData(a_regInfo.getAbstractFile().getId(), id, "Registry")); //NON-NLS
return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue(), //NON-NLS return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue(), //NON-NLS
spacing, ObservableResult.ObservableState.TRUE, artData); spacing, ObservableResult.ObservableState.TRUE, artData);
} }
@ -262,8 +263,8 @@ class EvalRegistryObj extends EvaluatableObject {
if (nameSuccess && valueSuccess) { if (nameSuccess && valueSuccess) {
// Found a match for all values // Found a match for all values
List<StixArtifactData> artData = new ArrayList<StixArtifactData>(); List<StixArtifactData> artData = new ArrayList<>();
artData.add(new StixArtifactData(a_regInfo.abstractFile.getId(), id, "Registry")); //NON-NLS artData.add(new StixArtifactData(a_regInfo.getAbstractFile().getId(), id, "Registry")); //NON-NLS
return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue() //NON-NLS return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue() //NON-NLS
+ " and value " + stixRegValue.getName().getValue().toString() //NON-NLS + " and value " + stixRegValue.getName().getValue().toString() //NON-NLS
+ " = " + stixRegValue.getData().getValue().toString(), + " = " + stixRegValue.getData().getValue().toString(),
@ -343,7 +344,7 @@ class EvalRegistryObj extends EvaluatableObject {
List<AbstractFile> regFilesAbstract = findRegistryFiles(); List<AbstractFile> regFilesAbstract = findRegistryFiles();
// List to hold all the extracted file names plus their abstract file // List to hold all the extracted file names plus their abstract file
List<RegistryFileInfo> regFilesLocal = new ArrayList<RegistryFileInfo>(); List<RegistryFileInfo> regFilesLocal = new ArrayList<>();
// Make the temp directory // Make the temp directory
String tmpDir; String tmpDir;
@ -382,7 +383,7 @@ class EvalRegistryObj extends EvaluatableObject {
* RecentActivity * RecentActivity
*/ */
private static List<AbstractFile> findRegistryFiles() throws TskCoreException { private static List<AbstractFile> findRegistryFiles() throws TskCoreException {
List<AbstractFile> registryFiles = new ArrayList<AbstractFile>(); List<AbstractFile> registryFiles = new ArrayList<>();
Case openCase; Case openCase;
try { try {
openCase = Case.getCurrentCaseThrows(); openCase = Case.getCurrentCaseThrows();
@ -413,7 +414,7 @@ class EvalRegistryObj extends EvaluatableObject {
} }
private void setUnsupportedFieldWarnings() { private void setUnsupportedFieldWarnings() {
List<String> fieldNames = new ArrayList<String>(); List<String> fieldNames = new ArrayList<>();
if (obj.getNumberValues() != null) { if (obj.getNumberValues() != null) {
fieldNames.add("Number_Values"); //NON-NLS fieldNames.add("Number_Values"); //NON-NLS
@ -462,5 +463,23 @@ class EvalRegistryObj extends EvaluatableObject {
tempFileName = a_tempFileName; tempFileName = a_tempFileName;
} }
/**
* Get the AbstractFile for this RegistryFileInfo
*
* @return the abstractFile
*/
AbstractFile getAbstractFile() {
return abstractFile;
}
/**
* Get the Temporary file name for this RegistryFileInfo
*
* @return the tempFileName
*/
String getTempFileName() {
return tempFileName;
}
} }
} }