mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pulled strings into Bundle.

Browse Source 
Created _ja.
Added NbBundle dep to project.xml.
This commit is contained in:
Nick Davis 2014-03-03 16:59:01 -05:00
parent 63e0f24581
commit 46e93d7129
6 changed files with 81 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
thunderbirdparser/nbproject/project.xml
View File

@ -6,6 +6,14 @@
<code-name-base>org.sleuthkit.autopsy.thunderbirdparser</code-name-base> <code-name-base>org.sleuthkit.autopsy.thunderbirdparser</code-name-base>
<suite-component/> <suite-component/>
<module-dependencies> <module-dependencies>
<dependency>
<code-name-base>org.openide.util</code-name-base>
<build-prerequisite/>
<compile-dependency/>
<run-dependency>
<specification-version>8.25.1</specification-version>
</run-dependency>
</dependency>
<dependency> <dependency>
<code-name-base>org.sleuthkit.autopsy.core</code-name-base> <code-name-base>org.sleuthkit.autopsy.core</code-name-base>
<build-prerequisite/> <build-prerequisite/>

21
thunderbirdparser/src/org/sleuthkit/autopsy/thunderbirdparser/Bundle.properties
View File

@ -4,3 +4,24 @@ OpenIDE-Module-Long-Description=\
The module extracts Thunderbird e-mail folder hierarchy from the ingested disk image and posts the folder hierarchy and e-mail messages found as results. The module extracts Thunderbird e-mail folder hierarchy from the ingested disk image and posts the folder hierarchy and e-mail messages found as results.
OpenIDE-Module-Name=ThunderbirdParser OpenIDE-Module-Name=ThunderbirdParser
OpenIDE-Module-Short-Description=Thunderbird Parser e-mail extractor ingest module OpenIDE-Module-Short-Description=Thunderbird Parser e-mail extractor ingest module
MboxParser.parse.errMsg.failedToReadFile=Failed to read mbox file from disk.
MboxParser.parse.errMsg.couldntFindCharset=Couldn't find appropriate charset encoder.
MboxParser.parse.errMsg.failedToParseNMsgs=Failed to extract {0} email messages.
MboxParser.handleAttch.errMsg.failedToCreateOnDisk=Failed to extract attachment to disk\: {0}
MboxParser.handleAttch.failedWriteToDisk=Failed to extract attachment to disk\: {0}
PstParser.parse.errMsg.failedToParseNMsgs=Failed to extract {0} email messages.
PstParser.extractAttch.errMsg.failedToExtractToDisk=Failed to extract attachment to disk\: {0}
ThunderbirdMboxFileIngestModule.moduleName=Email Parser
ThunderbirdMboxFileIngestModule.hashDbModuleName=Hash Lookup
ThunderbirdMboxFileIngestModule.processPst.errMsg.outOfDiskSpace=Out of disk space. Can''t copy {0} to parse.
ThunderbirdMboxFileIngestModule.encryptionFileLevel=File-level Encryption
ThunderbirdMboxFileIngestModule.processPst.errProcFile.msg=Error while processing {0}
ThunderbirdMboxFileIngestModule.processPst.errProcFile.details=Only files from Outlook 2003 and later are supported.
ThunderbirdMboxFileIngestModule.processPst.errProcFile.msg2=Error while processing {0}
ThunderbirdMboxFileIngestModule.processMBox.errProcFile.msg=Error while processing {0}
ThunderbirdMboxFileIngestModule.processMBox.errProfFile.details=Out of disk space. Can't copy file to parse.
ThunderbirdMboxFileIngestModule.processMBox.errProcFile.msg2=Error while processing {0}
ThunderbirdMboxFileIngestModule.getDesc.text=This module detects and parses mbox and pst/ost files and populates email artifacts in the blackboard.
ThunderbirdMboxFileIngestModule.handleAttch.errMsg=Error processing {0}
ThunderbirdMboxFileIngestModule.handleAttch.errMsg.details=Failed to add attachment named {0} to the case.
ThunderbirdMboxFileIngestModule.notAvail=Not available

0
thunderbirdparser/src/org/sleuthkit/autopsy/thunderbirdparser/Bundle_ja.properties Normal file
View File

14
thunderbirdparser/src/org/sleuthkit/autopsy/thunderbirdparser/MboxParser.java
View File

@ -54,6 +54,7 @@ import org.apache.james.mime4j.message.DefaultMessageBuilder;
import org.apache.james.mime4j.stream.MimeConfig; import org.apache.james.mime4j.stream.MimeConfig;
import org.apache.tika.parser.txt.CharsetDetector; import org.apache.tika.parser.txt.CharsetDetector;
import org.apache.tika.parser.txt.CharsetMatch; import org.apache.tika.parser.txt.CharsetMatch;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.ingest.IngestServices; import org.sleuthkit.autopsy.ingest.IngestServices;
/** /**
@ -116,14 +117,14 @@ import org.sleuthkit.autopsy.ingest.IngestServices;
// Not the right encoder // Not the right encoder
} catch (IOException ex) { } catch (IOException ex) {
logger.log(Level.WARNING, "couldn't find mbox file.", ex); logger.log(Level.WARNING, "couldn't find mbox file.", ex);
addErrorMessage("Failed to read mbox file from disk."); addErrorMessage(NbBundle.getMessage(this.getClass(), "MboxParser.parse.errMsg.failedToReadFile"));
return Collections.EMPTY_LIST; return Collections.EMPTY_LIST;
} }
} }
// If no encoders work, post an error message and return. // If no encoders work, post an error message and return.
if (mboxIterator == null || theEncoder == null) { if (mboxIterator == null || theEncoder == null) {
addErrorMessage("Couldn't find appropriate charset encoder."); addErrorMessage(NbBundle.getMessage(this.getClass(), "MboxParser.parse.errMsg.couldntFindCharset"));
return Collections.EMPTY_LIST; return Collections.EMPTY_LIST;
} }
@ -142,7 +143,8 @@ import org.sleuthkit.autopsy.ingest.IngestServices;
} }
if (failCount > 0) { if (failCount > 0) {
addErrorMessage("Failed to extract " + failCount + " email messages."); addErrorMessage(
NbBundle.getMessage(this.getClass(), "MboxParser.parse.errMsg.failedToParseNMsgs", failCount));
} }
return emails; return emails;
} }
@ -255,7 +257,9 @@ import org.sleuthkit.autopsy.ingest.IngestServices;
try { try {
fos = new FileOutputStream(outPath); fos = new FileOutputStream(outPath);
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
addErrorMessage("Failed to extract attachment to disk: " + filename); addErrorMessage(
NbBundle.getMessage(this.getClass(),
"MboxParser.handleAttch.errMsg.failedToCreateOnDisk", filename));
logger.log(Level.INFO, "Failed to create file output stream for: " + outPath, ex); logger.log(Level.INFO, "Failed to create file output stream for: " + outPath, ex);
return; return;
} }
@ -270,7 +274,7 @@ import org.sleuthkit.autopsy.ingest.IngestServices;
} }
} catch (IOException ex) { } catch (IOException ex) {
logger.log(Level.INFO, "Failed to write mbox email attachment to disk.", ex); logger.log(Level.INFO, "Failed to write mbox email attachment to disk.", ex);
addErrorMessage("Failed to extract attachment to disk: " + filename); addErrorMessage(NbBundle.getMessage(this.getClass(), "MboxParser.handleAttch.failedWriteToDisk", filename));
return; return;
} finally { } finally {
try { try {

9
thunderbirdparser/src/org/sleuthkit/autopsy/thunderbirdparser/PstParser.java
View File

@ -33,6 +33,8 @@ import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.ingest.IngestServices; import org.sleuthkit.autopsy.ingest.IngestServices;
import static org.sleuthkit.autopsy.thunderbirdparser.ThunderbirdMboxFileIngestModule.getRelModuleOutputPath; import static org.sleuthkit.autopsy.thunderbirdparser.ThunderbirdMboxFileIngestModule.getRelModuleOutputPath;
import org.sleuthkit.datamodel.AbstractFile; import org.sleuthkit.datamodel.AbstractFile;
@ -80,7 +82,8 @@ class PstParser {
pstFile = new PSTFile(file); pstFile = new PSTFile(file);
failures = processFolder(pstFile.getRootFolder(), "\\", true); failures = processFolder(pstFile.getRootFolder(), "\\", true);
if (failures > 0) { if (failures > 0) {
addErrorMessage("Failed to extract " + failures + " email messages."); addErrorMessage(
NbBundle.getMessage(this.getClass(), "PstParser.parse.errMsg.failedToParseNMsgs", failures));
} }
return ParseResult.OK; return ParseResult.OK;
} catch (PSTException | IOException ex) { } catch (PSTException | IOException ex) {
@ -219,7 +222,9 @@ class PstParser {
attachment.setSize(attach.getFilesize()); attachment.setSize(attach.getFilesize());
email.addAttachment(attachment); email.addAttachment(attachment);
} catch (PSTException | IOException ex) { } catch (PSTException | IOException ex) {
addErrorMessage("Failed to extract attachment to disk: " + filename); addErrorMessage(
NbBundle.getMessage(this.getClass(), "PstParser.extractAttch.errMsg.failedToExtractToDisk",
filename));
logger.log(Level.WARNING, "Failed to extract attachment from pst file.", ex); logger.log(Level.WARNING, "Failed to extract attachment from pst file.", ex);
} }
} }

50
thunderbirdparser/src/org/sleuthkit/autopsy/thunderbirdparser/ThunderbirdMboxFileIngestModule.java
View File

@ -23,6 +23,8 @@ import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.logging.Level; import java.util.logging.Level;
import org.openide.util.NbBundle;
import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.casemodule.services.FileManager; import org.sleuthkit.autopsy.casemodule.services.FileManager;
import org.sleuthkit.autopsy.coreutils.Logger; import org.sleuthkit.autopsy.coreutils.Logger;
@ -53,8 +55,10 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
private static final Logger logger = Logger.getLogger(ThunderbirdMboxFileIngestModule.class.getName()); private static final Logger logger = Logger.getLogger(ThunderbirdMboxFileIngestModule.class.getName());
private static ThunderbirdMboxFileIngestModule instance = null; private static ThunderbirdMboxFileIngestModule instance = null;
private IngestServices services; private IngestServices services;
private static final String MODULE_NAME = "Email Parser"; private static final String MODULE_NAME = NbBundle.getMessage(ThunderbirdMboxFileIngestModule.class,
private final String hashDBModuleName = "Hash Lookup"; "ThunderbirdMboxFileIngestModule.moduleName");
private final String hashDBModuleName = NbBundle.getMessage(ThunderbirdMboxFileIngestModule.class,
"ThunderbirdMboxFileIngestModule.hashDbModuleName");
final public static String MODULE_VERSION = Version.getVersion(); final public static String MODULE_VERSION = Version.getVersion();
private int messageId = 0; private int messageId = 0;
private FileManager fileManager; private FileManager fileManager;
@ -132,7 +136,10 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
if (abstractFile.getSize() >= services.getFreeDiskSpace()) { if (abstractFile.getSize() >= services.getFreeDiskSpace()) {
logger.log(Level.WARNING, "Not enough disk space to write file to disk."); logger.log(Level.WARNING, "Not enough disk space to write file to disk.");
IngestMessage msg = IngestMessage.createErrorMessage(messageId++, this, getName(), "Out of disk space. Can't copy " + abstractFile.getName() + " to parse."); IngestMessage msg = IngestMessage.createErrorMessage(messageId++, this, getName(),
NbBundle.getMessage(this.getClass(),
"ThunderbirdMboxFileIngestModule.processPst.errMsg.outOfDiskSpace",
abstractFile.getName()));
services.postMessage(msg); services.postMessage(msg);
return ProcessResult.OK; return ProcessResult.OK;
} }
@ -155,14 +162,18 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
try { try {
BlackboardArtifact generalInfo = abstractFile.getGenInfoArtifact(); BlackboardArtifact generalInfo = abstractFile.getGenInfoArtifact();
generalInfo.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID(), generalInfo.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID(),
MODULE_NAME, "File-level Encryption")); MODULE_NAME,
NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.encryptionFileLevel")));
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
logger.log(Level.INFO, "Failed to add encryption attribute to file: " + abstractFile.getName()); logger.log(Level.INFO, "Failed to add encryption attribute to file: " + abstractFile.getName());
} }
} else { } else {
// parsing error: log message // parsing error: log message
postErrorMessage("Error while processing " + abstractFile.getName(), postErrorMessage(
"Only files from Outlook 2003 and later are supported."); NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.processPst.errProcFile.msg",
abstractFile.getName()),
NbBundle.getMessage(this.getClass(),
"ThunderbirdMboxFileIngestModule.processPst.errProcFile.details"));
logger.log(Level.INFO, "PSTParser failed to parse " + abstractFile.getName()); logger.log(Level.INFO, "PSTParser failed to parse " + abstractFile.getName());
return ProcessResult.ERROR; return ProcessResult.ERROR;
} }
@ -173,7 +184,9 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
String errors = parser.getErrors(); String errors = parser.getErrors();
if (errors.isEmpty() == false) { if (errors.isEmpty() == false) {
postErrorMessage("Error while processing " + abstractFile.getName(), errors); postErrorMessage(
NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.processPst.errProcFile.msg2",
abstractFile.getName()), errors);
} }
return ProcessResult.OK; return ProcessResult.OK;
@ -206,8 +219,11 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
if (abstractFile.getSize() >= services.getFreeDiskSpace()) { if (abstractFile.getSize() >= services.getFreeDiskSpace()) {
logger.log(Level.WARNING, "Not enough disk space to write file to disk."); logger.log(Level.WARNING, "Not enough disk space to write file to disk.");
postErrorMessage("Error while processing " + abstractFile.getName(), postErrorMessage(
"Out of disk space. Can't copy file to parse."); NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.processMBox.errProcFile.msg",
abstractFile.getName()),
NbBundle.getMessage(this.getClass(),
"ThunderbirdMboxFileIngestModule.processMBox.errProfFile.details"));
return ProcessResult.OK; return ProcessResult.OK;
} }
@ -229,7 +245,9 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
String errors = parser.getErrors(); String errors = parser.getErrors();
if (errors.isEmpty() == false) { if (errors.isEmpty() == false) {
postErrorMessage("Error while processing " + abstractFile.getName(), errors); postErrorMessage(
NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.processMBox.errProcFile.msg2",
abstractFile.getName()), errors);
} }
return ProcessResult.OK; return ProcessResult.OK;
@ -275,7 +293,7 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
@Override @Override
public String getDescription() { public String getDescription() {
return "This module detects and parses mbox and pst/ost files and populates email artifacts in the blackboard."; return NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.getDesc.text");
} }
@Override @Override
@ -347,8 +365,11 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
MODULE_NAME, MODULE_VERSION, ""); MODULE_NAME, MODULE_VERSION, "");
files.add(df); files.add(df);
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
postErrorMessage("Error processing " + abstractFile.getName(), postErrorMessage(
"Failed to add attachment named " + filename + " to the case."); NbBundle.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.handleAttch.errMsg",
abstractFile.getName()),
NbBundle.getMessage(this.getClass(),
"ThunderbirdMboxFileIngestModule.handleAttch.errMsg.details", filename));
logger.log(Level.INFO, "", ex); logger.log(Level.INFO, "", ex);
} }
} }
@ -399,7 +420,8 @@ public class ThunderbirdMboxFileIngestModule extends IngestModuleAbstractFile {
if (rtf.isEmpty() == false) { if (rtf.isEmpty() == false) {
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_EMAIL_CONTENT_RTF.getTypeID(), MODULE_NAME, rtf)); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_EMAIL_CONTENT_RTF.getTypeID(), MODULE_NAME, rtf));
} }
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_MSG_ID.getTypeID(), MODULE_NAME, ((id < 0L) ? "Not available" : String.valueOf(id)))); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_MSG_ID.getTypeID(), MODULE_NAME, ((id < 0L) ? NbBundle
.getMessage(this.getClass(), "ThunderbirdMboxFileIngestModule.notAvail") : String.valueOf(id))));
if (subject.isEmpty() == false) { if (subject.isEmpty() == false) {
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_SUBJECT.getTypeID(), MODULE_NAME, subject)); bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_SUBJECT.getTypeID(), MODULE_NAME, subject));
} }