mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

4961 minor pre-story clean up of some classes

Browse Source
This commit is contained in:
William Schaefer 2019-05-09 15:02:32 -04:00
parent c7fa007a04
commit 3d6475958b
4 changed files with 91 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Core/src/org/sleuthkit/autopsy/contentviewers/MediaFileViewer.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2011-2018 Basis Technology Corp. * Copyright 2011-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
*s *s
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -36,6 +36,7 @@ import org.sleuthkit.datamodel.AbstractFile;
class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer { class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer {
private static final Logger LOGGER = Logger.getLogger(MediaFileViewer.class.getName()); private static final Logger LOGGER = Logger.getLogger(MediaFileViewer.class.getName());
private static final long serialVersionUID = 1L;
private AbstractFile lastFile; private AbstractFile lastFile;
//UI //UI
private MediaPlayerPanel mediaPlayerPanel; private MediaPlayerPanel mediaPlayerPanel;
@ -48,7 +49,7 @@ class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer {
/** /**
* Creates a new MediaFileViewer. * Creates a new MediaFileViewer.
*/ */
public MediaFileViewer() { MediaFileViewer() {
initComponents(); initComponents();
@ -69,8 +70,8 @@ class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer {
private void customizeComponents() { private void customizeComponents() {
add(imagePanel, IMAGE_VIEWER_LAYER); add(imagePanel, IMAGE_VIEWER_LAYER);
if(mediaPlayerPanel != null) { if (mediaPlayerPanel != null) {
add(mediaPlayerPanel, MEDIA_PLAYER_LAYER); add(mediaPlayerPanel, MEDIA_PLAYER_LAYER);
} }
@ -103,10 +104,10 @@ class MediaFileViewer extends javax.swing.JPanel implements FileTypeViewer {
List<String> mimeTypes = new ArrayList<>(); List<String> mimeTypes = new ArrayList<>();
mimeTypes.addAll(this.imagePanel.getSupportedMimeTypes()); mimeTypes.addAll(this.imagePanel.getSupportedMimeTypes());
if(mediaPlayerPanel != null) { if (mediaPlayerPanel != null) {
mimeTypes.addAll(this.mediaPlayerPanel.getSupportedMimeTypes()); mimeTypes.addAll(this.mediaPlayerPanel.getSupportedMimeTypes());
} }
return mimeTypes; return mimeTypes;
} }

64
Core/src/org/sleuthkit/autopsy/contentviewers/PListViewer.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2018 Basis Technology Corp. * Copyright 2018-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -79,7 +79,7 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
/** /**
* Creates new form PListViewer * Creates new form PListViewer
*/ */
public PListViewer() { PListViewer() {
// Create an Outlineview and add to the panel // Create an Outlineview and add to the panel
outlineView = new org.openide.explorer.view.OutlineView(); outlineView = new org.openide.explorer.view.OutlineView();
@ -193,16 +193,16 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
Case openCase; Case openCase;
try { try {
openCase = Case.getCurrentCaseThrows(); openCase = Case.getCurrentCaseThrows();
} catch (NoCurrentCaseException ex) { } catch (NoCurrentCaseException ex) {
JOptionPane.showMessageDialog(this, JOptionPane.showMessageDialog(this,
"Failed to export plist file.", "Failed to export plist file.",
Bundle.PListViewer_ExportFailed_message(), Bundle.PListViewer_ExportFailed_message(),
JOptionPane.ERROR_MESSAGE); JOptionPane.ERROR_MESSAGE);
logger.log(Level.SEVERE, "Exception while getting open case.", ex); logger.log(Level.SEVERE, "Exception while getting open case.", ex);
return; return;
} }
final JFileChooser fileChooser = new JFileChooser(); final JFileChooser fileChooser = new JFileChooser();
fileChooser.setCurrentDirectory(new File(openCase.getExportDirectory())); fileChooser.setCurrentDirectory(new File(openCase.getExportDirectory()));
fileChooser.setFileFilter(new FileNameExtensionFilter("XML file", "xml")); fileChooser.setFileFilter(new FileNameExtensionFilter("XML file", "xml"));
@ -289,11 +289,11 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
// Read in and parse the file // Read in and parse the file
final byte[] plistFileBuf = new byte[(int) plistFile.getSize()]; final byte[] plistFileBuf = new byte[(int) plistFile.getSize()];
plistFile.read(plistFileBuf, 0, plistFile.getSize()); plistFile.read(plistFileBuf, 0, plistFile.getSize());
final List<PropKeyValue> plist = parsePList(plistFileBuf); final List<PropKeyValue> plist = parsePList(plistFileBuf);
return plist; return plist;
} }
@Override @Override
protected void done() { protected void done() {
super.done(); super.done();
@ -301,28 +301,28 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
try { try {
plist = get(); plist = get();
setupTable(plist); setupTable(plist);
SwingUtilities.invokeLater(() -> { SwingUtilities.invokeLater(() -> {
setColumnWidths(); setColumnWidths();
}); });
} catch (InterruptedException ex) { } catch (InterruptedException ex) {
logger.log(Level.SEVERE, "Interruption while parsing/dislaying plist file " + plistFile.getName(), ex); logger.log(Level.SEVERE, "Interruption while parsing/dislaying plist file " + plistFile.getName(), ex);
JOptionPane.showMessageDialog(WindowManager.getDefault().getMainWindow(), JOptionPane.showMessageDialog(WindowManager.getDefault().getMainWindow(),
ex.getMessage(), ex.getMessage(),
Bundle.PListViewer_processPlist_interruptedMessage(), Bundle.PListViewer_processPlist_interruptedMessage(),
JOptionPane.ERROR_MESSAGE); JOptionPane.ERROR_MESSAGE);
} catch (ExecutionException ex) { } catch (ExecutionException ex) {
logger.log(Level.SEVERE, "Exception while parsing/dislaying plist file " + plistFile.getName(), ex); logger.log(Level.SEVERE, "Exception while parsing/dislaying plist file " + plistFile.getName(), ex);
JOptionPane.showMessageDialog(WindowManager.getDefault().getMainWindow(), JOptionPane.showMessageDialog(WindowManager.getDefault().getMainWindow(),
ex.getCause().getMessage(), ex.getCause().getMessage(),
Bundle.PListViewer_processPlist_errorMessage(), Bundle.PListViewer_processPlist_errorMessage(),
JOptionPane.ERROR_MESSAGE); JOptionPane.ERROR_MESSAGE);
} }
} }
}.execute(); }.execute();
} }
/** /**
@ -431,16 +431,16 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
* else is unexpected and will be ignored. * else is unexpected and will be ignored.
*/ */
if (rootDict instanceof NSArray) { if (rootDict instanceof NSArray) {
for (int i=0; i < ((NSArray)rootDict).count(); i++) { for (int i = 0; i < ((NSArray) rootDict).count(); i++) {
final PropKeyValue pkv = parseProperty("", ((NSArray)rootDict).objectAtIndex(i)); final PropKeyValue pkv = parseProperty("", ((NSArray) rootDict).objectAtIndex(i));
if (null != pkv) { if (null != pkv) {
plist.add(pkv); plist.add(pkv);
} }
} }
} else if (rootDict instanceof NSDictionary) { } else if (rootDict instanceof NSDictionary) {
final String[] keys = ((NSDictionary)rootDict).allKeys(); final String[] keys = ((NSDictionary) rootDict).allKeys();
for (final String key : keys) { for (final String key : keys) {
final PropKeyValue pkv = parseProperty(key, ((NSDictionary)rootDict).objectForKey(key)); final PropKeyValue pkv = parseProperty(key, ((NSDictionary) rootDict).objectForKey(key));
if (null != pkv) { if (null != pkv) {
plist.add(pkv); plist.add(pkv);
} }
@ -533,7 +533,7 @@ class PListViewer extends javax.swing.JPanel implements FileTypeViewer, Explorer
.map(child -> new PropKeyValue(child)) .map(child -> new PropKeyValue(child))
.toArray(PropKeyValue[]::new); .toArray(PropKeyValue[]::new);
} }
} }
} }

16
Core/src/org/sleuthkit/autopsy/contentviewers/SQLiteViewer.java
View File

@ -1,7 +1,7 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2018 Basis Technology Corp. * Copyright 2018-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
@ -74,7 +74,7 @@ class SQLiteViewer extends javax.swing.JPanel implements FileTypeViewer {
/** /**
* Constructs a file content viewer for SQLite database files. * Constructs a file content viewer for SQLite database files.
*/ */
public SQLiteViewer() { SQLiteViewer() {
initComponents(); initComponents();
jTableDataPanel.add(selectedTableView, BorderLayout.CENTER); jTableDataPanel.add(selectedTableView, BorderLayout.CENTER);
} }
@ -544,19 +544,19 @@ class SQLiteViewer extends javax.swing.JPanel implements FileTypeViewer {
@Override @Override
public void accept(String columnName) { public void accept(String columnName) {
columnIndex++; columnIndex++;
String csvString = columnName;
//Format the value to adhere to the format of a CSV file //Format the value to adhere to the format of a CSV file
if (columnIndex == 1) { if (columnIndex == 1) {
columnName = "\"" + columnName + "\""; csvString = "\"" + csvString + "\"";
} else { } else {
columnName = ",\"" + columnName + "\""; csvString = ",\"" + csvString + "\"";
} }
if (columnIndex == totalColumnCount) { if (columnIndex == totalColumnCount) {
columnName += "\n"; csvString += "\n";
} }
try { try {
out.write(columnName.getBytes()); out.write(csvString.getBytes());
} catch (IOException ex) { } catch (IOException ex) {
/* /*
* If we can no longer write to the output stream, toss a * If we can no longer write to the output stream, toss a
@ -613,7 +613,7 @@ class SQLiteViewer extends javax.swing.JPanel implements FileTypeViewer {
*/ */
throw new RuntimeException(ex); throw new RuntimeException(ex);
} }
rowIndex = rowIndex % totalColumnCount; rowIndex %= totalColumnCount;
} }
}; };
} }

69
Core/src/org/sleuthkit/autopsy/modules/stix/EvalRegistryObj.java
View File

@ -1,15 +1,15 @@
/* /*
* Autopsy Forensic Browser * Autopsy Forensic Browser
* *
* Copyright 2013-2018 Basis Technology Corp. * Copyright 2013-2019 Basis Technology Corp.
* Contact: carrier <at> sleuthkit <dot> org * Contact: carrier <at> sleuthkit <dot> org
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -18,12 +18,15 @@
*/ */
package org.sleuthkit.autopsy.modules.stix; package org.sleuthkit.autopsy.modules.stix;
import com.williballenthin.rejistry.RegistryHiveFile;
import com.williballenthin.rejistry.RegistryKey;
import com.williballenthin.rejistry.RegistryParseException;
import com.williballenthin.rejistry.RegistryValue;
import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.datamodel.TskCoreException; import org.sleuthkit.datamodel.TskCoreException;
import org.sleuthkit.datamodel.Content; import org.sleuthkit.datamodel.Content;
import org.sleuthkit.autopsy.datamodel.ContentUtils; import org.sleuthkit.autopsy.datamodel.ContentUtils;
import org.sleuthkit.datamodel.AbstractFile; import org.sleuthkit.datamodel.AbstractFile;
import java.util.List; import java.util.List;
import java.util.ArrayList; import java.util.ArrayList;
import java.io.IOException; import java.io.IOException;
@ -31,10 +34,8 @@ import java.io.UnsupportedEncodingException;
import java.io.File; import java.io.File;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import org.mitre.cybox.objects.WindowsRegistryKey; import org.mitre.cybox.objects.WindowsRegistryKey;
import org.mitre.cybox.common_2.ConditionTypeEnum; import org.mitre.cybox.common_2.ConditionTypeEnum;
import com.williballenthin.rejistry.*;
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException; import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
/** /**
@ -43,9 +44,9 @@ import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
class EvalRegistryObj extends EvaluatableObject { class EvalRegistryObj extends EvaluatableObject {
private final WindowsRegistryKey obj; private final WindowsRegistryKey obj;
private final List<RegistryFileInfo> regFiles = new ArrayList<RegistryFileInfo>(); private final List<RegistryFileInfo> regFiles = new ArrayList<>();
public EvalRegistryObj(WindowsRegistryKey a_obj, String a_id, String a_spacing, List<RegistryFileInfo> a_regFiles) { EvalRegistryObj(WindowsRegistryKey a_obj, String a_id, String a_spacing, List<RegistryFileInfo> a_regFiles) {
obj = a_obj; obj = a_obj;
id = a_id; id = a_id;
spacing = a_spacing; spacing = a_spacing;
@ -80,7 +81,7 @@ class EvalRegistryObj extends EvaluatableObject {
setUnsupportedFieldWarnings(); setUnsupportedFieldWarnings();
// Make a list of hives to test // Make a list of hives to test
List<RegistryFileInfo> hiveList = new ArrayList<RegistryFileInfo>(); List<RegistryFileInfo> hiveList = new ArrayList<>();
if (obj.getHive() == null) { if (obj.getHive() == null) {
// If the hive field is missing, add everything // If the hive field is missing, add everything
hiveList.addAll(regFiles); hiveList.addAll(regFiles);
@ -88,9 +89,9 @@ class EvalRegistryObj extends EvaluatableObject {
// If the hive name is HKEY_LOCAL_MACHINE, add the ones from the config directory. // If the hive name is HKEY_LOCAL_MACHINE, add the ones from the config directory.
// Otherwise, add the others // Otherwise, add the others
for (RegistryFileInfo regFile : regFiles) { for (RegistryFileInfo regFile : regFiles) {
if (regFile.abstractFile.getParentPath() != null) { if (regFile.getAbstractFile().getParentPath() != null) {
Pattern pattern = Pattern.compile("system32", Pattern.CASE_INSENSITIVE); Pattern pattern = Pattern.compile("system32", Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(regFile.abstractFile.getParentPath()); Matcher matcher = pattern.matcher(regFile.getAbstractFile().getParentPath());
if (matcher.find()) { if (matcher.find()) {
// Looking for system files and found one, so add it to the list // Looking for system files and found one, so add it to the list
if (obj.getHive().getValue().toString().equalsIgnoreCase("HKEY_LOCAL_MACHINE")) { //NON-NLS if (obj.getHive().getValue().toString().equalsIgnoreCase("HKEY_LOCAL_MACHINE")) { //NON-NLS
@ -112,7 +113,7 @@ class EvalRegistryObj extends EvaluatableObject {
Pattern pattern = Pattern.compile("Temp.STIX." + stixHiveName, Pattern.CASE_INSENSITIVE); Pattern pattern = Pattern.compile("Temp.STIX." + stixHiveName, Pattern.CASE_INSENSITIVE);
for (RegistryFileInfo hive : regFiles) { for (RegistryFileInfo hive : regFiles) {
Matcher matcher = pattern.matcher(hive.tempFileName); Matcher matcher = pattern.matcher(hive.getTempFileName());
if (matcher.find()) { if (matcher.find()) {
hiveList.add(hive); hiveList.add(hive);
} }
@ -163,7 +164,7 @@ class EvalRegistryObj extends EvaluatableObject {
*/ */
private ObservableResult testRegistryFile(RegistryFileInfo a_regInfo) { private ObservableResult testRegistryFile(RegistryFileInfo a_regInfo) {
try { try {
RegistryKey root = openRegistry(a_regInfo.tempFileName); RegistryKey root = openRegistry(a_regInfo.getTempFileName());
RegistryKey result = findKey(root, obj.getKey().getValue().toString()); RegistryKey result = findKey(root, obj.getKey().getValue().toString());
if (result == null) { if (result == null) {
@ -192,8 +193,8 @@ class EvalRegistryObj extends EvaluatableObject {
if ((obj.getValues() == null) || (obj.getValues().getValues().isEmpty())) { if ((obj.getValues() == null) || (obj.getValues().getValues().isEmpty())) {
// No values to test // No values to test
List<StixArtifactData> artData = new ArrayList<StixArtifactData>(); List<StixArtifactData> artData = new ArrayList<>();
artData.add(new StixArtifactData(a_regInfo.abstractFile.getId(), id, "Registry")); //NON-NLS artData.add(new StixArtifactData(a_regInfo.getAbstractFile().getId(), id, "Registry")); //NON-NLS
return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue(), //NON-NLS return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue(), //NON-NLS
spacing, ObservableResult.ObservableState.TRUE, artData); spacing, ObservableResult.ObservableState.TRUE, artData);
} }
@ -262,8 +263,8 @@ class EvalRegistryObj extends EvaluatableObject {
if (nameSuccess && valueSuccess) { if (nameSuccess && valueSuccess) {
// Found a match for all values // Found a match for all values
List<StixArtifactData> artData = new ArrayList<StixArtifactData>(); List<StixArtifactData> artData = new ArrayList<>();
artData.add(new StixArtifactData(a_regInfo.abstractFile.getId(), id, "Registry")); //NON-NLS artData.add(new StixArtifactData(a_regInfo.getAbstractFile().getId(), id, "Registry")); //NON-NLS
return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue() //NON-NLS return new ObservableResult(id, "RegistryObject: Found key " + obj.getKey().getValue() //NON-NLS
+ " and value " + stixRegValue.getName().getValue().toString() //NON-NLS + " and value " + stixRegValue.getName().getValue().toString() //NON-NLS
+ " = " + stixRegValue.getData().getValue().toString(), + " = " + stixRegValue.getData().getValue().toString(),
@ -343,13 +344,13 @@ class EvalRegistryObj extends EvaluatableObject {
List<AbstractFile> regFilesAbstract = findRegistryFiles(); List<AbstractFile> regFilesAbstract = findRegistryFiles();
// List to hold all the extracted file names plus their abstract file // List to hold all the extracted file names plus their abstract file
List<RegistryFileInfo> regFilesLocal = new ArrayList<RegistryFileInfo>(); List<RegistryFileInfo> regFilesLocal = new ArrayList<>();
// Make the temp directory // Make the temp directory
String tmpDir; String tmpDir;
try { try {
tmpDir = Case.getCurrentCaseThrows().getTempDirectory() + File.separator + "STIX"; //NON-NLS tmpDir = Case.getCurrentCaseThrows().getTempDirectory() + File.separator + "STIX"; //NON-NLS
} catch (NoCurrentCaseException ex) { } catch (NoCurrentCaseException ex) {
throw new TskCoreException(ex.getLocalizedMessage()); throw new TskCoreException(ex.getLocalizedMessage());
} }
File dir = new File(tmpDir); File dir = new File(tmpDir);
@ -382,11 +383,11 @@ class EvalRegistryObj extends EvaluatableObject {
* RecentActivity * RecentActivity
*/ */
private static List<AbstractFile> findRegistryFiles() throws TskCoreException { private static List<AbstractFile> findRegistryFiles() throws TskCoreException {
List<AbstractFile> registryFiles = new ArrayList<AbstractFile>(); List<AbstractFile> registryFiles = new ArrayList<>();
Case openCase; Case openCase;
try { try {
openCase = Case.getCurrentCaseThrows(); openCase = Case.getCurrentCaseThrows();
} catch (NoCurrentCaseException ex) { } catch (NoCurrentCaseException ex) {
throw new TskCoreException(ex.getLocalizedMessage()); throw new TskCoreException(ex.getLocalizedMessage());
} }
org.sleuthkit.autopsy.casemodule.services.FileManager fileManager = openCase.getServices().getFileManager(); org.sleuthkit.autopsy.casemodule.services.FileManager fileManager = openCase.getServices().getFileManager();
@ -413,7 +414,7 @@ class EvalRegistryObj extends EvaluatableObject {
} }
private void setUnsupportedFieldWarnings() { private void setUnsupportedFieldWarnings() {
List<String> fieldNames = new ArrayList<String>(); List<String> fieldNames = new ArrayList<>();
if (obj.getNumberValues() != null) { if (obj.getNumberValues() != null) {
fieldNames.add("Number_Values"); //NON-NLS fieldNames.add("Number_Values"); //NON-NLS
@ -462,5 +463,23 @@ class EvalRegistryObj extends EvaluatableObject {
tempFileName = a_tempFileName; tempFileName = a_tempFileName;
} }
/**
* Get the AbstractFile for this RegistryFileInfo
*
* @return the abstractFile
*/
AbstractFile getAbstractFile() {
return abstractFile;
}
/**
* Get the Temporary file name for this RegistryFileInfo
*
* @return the tempFileName
*/
String getTempFileName() {
return tempFileName;
}
} }
} }