diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties-MERGED b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties-MERGED index c0e7554219..f511f854d8 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties-MERGED +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Bundle.properties-MERGED @@ -11,6 +11,7 @@ DataSourceUsage_FlashDrive=Flash Drive # {0} - OS name DataSourceUsageAnalyzer.customVolume.label=OS Drive ({0}) DataSourceUsageAnalyzer.displayName=Data Source Usage Analyzer +DefaultPriorityDomainCategorizer_searchEngineCategory=Search Engine DomainCategoryRunner_moduleName_text=Domain Category Analyzer DomainCategoryRunner_parentModuleName=Recent Activity DomainCategoryRunner_Progress_Message_Domain_Types=Finding Domain Types diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java index e34f37fc51..bbbf128c72 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Chromium.java @@ -252,7 +252,7 @@ class Chromium extends Extract { break; } List> tempList; - tempList = this.dbConnect(temps, HISTORY_QUERY); + tempList = this.querySQLiteDb(temps, HISTORY_QUERY); logger.log(Level.INFO, "{0}- Now getting history from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { Collection bbattributes = new ArrayList<>(); @@ -494,7 +494,7 @@ class Chromium extends Extract { break; } - List> tempList = this.dbConnect(temps, COOKIE_QUERY); + List> tempList = this.querySQLiteDb(temps, COOKIE_QUERY); logger.log(Level.INFO, "{0}- Now getting cookies from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { Collection bbattributes = new ArrayList<>(); @@ -596,9 +596,9 @@ class Chromium extends Extract { List> tempList; if (isChromePreVersion30(temps)) { - tempList = this.dbConnect(temps, DOWNLOAD_QUERY); + tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY); } else { - tempList = this.dbConnect(temps, DOWNLOAD_QUERY_V30); + tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY_V30); } logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS @@ -710,7 +710,7 @@ class Chromium extends Extract { dbFile.delete(); break; } - List> tempList = this.dbConnect(temps, LOGIN_QUERY); + List> tempList = this.querySQLiteDb(temps, LOGIN_QUERY); logger.log(Level.INFO, "{0}- Now getting login information from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { Collection bbattributes = new ArrayList<>(); @@ -869,7 +869,7 @@ class Chromium extends Extract { String autoFillquery = (isSchemaV8X) ? AUTOFILL_QUERY_V8X : AUTOFILL_QUERY; - List> autofills = this.dbConnect(dbFilePath, autoFillquery); + List> autofills = this.querySQLiteDb(dbFilePath, autoFillquery); logger.log(Level.INFO, "{0}- Now getting Autofill information from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), dbFilePath, autofills.size()}); //NON-NLS for (HashMap result : autofills) { Collection bbattributes = new ArrayList<>(); @@ -943,7 +943,7 @@ class Chromium extends Extract { ); // Get Web form addresses - List> addresses = this.dbConnect(dbFilePath, webformAddressQuery); + List> addresses = this.querySQLiteDb(dbFilePath, webformAddressQuery); logger.log(Level.INFO, "{0}- Now getting Web form addresses from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), dbFilePath, addresses.size()}); //NON-NLS for (HashMap result : addresses) { @@ -1031,7 +1031,7 @@ class Chromium extends Extract { private boolean isChromePreVersion30(String temps) { String query = "PRAGMA table_info(downloads)"; //NON-NLS - List> columns = this.dbConnect(temps, query); + List> columns = this.querySQLiteDb(temps, query); for (HashMap col : columns) { if (col.get("name").equals("url")) { //NON-NLS return true; diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java index 103c7ce406..5964cc0bae 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java @@ -201,7 +201,7 @@ abstract class Extract { * consists of a column name as a key and an Object as a column * value, with empty strings substituted for nulls. */ - protected List> dbConnect(String path, String query) { + protected List> querySQLiteDb(String path, String query) { ResultSet resultSet; List> list; String connectionString = "jdbc:sqlite:" + path; //NON-NLS @@ -233,7 +233,7 @@ abstract class Extract { private List> resultSetToArrayList(ResultSet rs) throws SQLException { ResultSetMetaData md = rs.getMetaData(); int columns = md.getColumnCount(); - List> list = new ArrayList<>(50); + List> results = new ArrayList<>(50); while (rs.next()) { HashMap row = new HashMap<>(columns); for (int i = 1; i <= columns; ++i) { @@ -243,10 +243,9 @@ abstract class Extract { row.put(md.getColumnName(i), rs.getObject(i)); } } - list.add(row); + results.add(row); } - - return list; + return results; } /** @@ -297,19 +296,21 @@ abstract class Extract { } /** - * Creates a list of attributes for a history artifact. + * Creates a list of attributes for a web history artifact. * - * @param url - * @param accessTime Time url was accessed - * @param referrer referred url - * @param title title of the page - * @param programName module name - * @param domain domain of the url - * @param user user that accessed url + * @param url The URL, may be null. + * @param accessTime The time the URL was accessed, may be null. + * @param referrer The referring URL, may be null. + * @param title Title of the returned resource, may be null. + * @param programName The program that executed the request, may be the + * empty string, may be null. + * @param domain The domain of the URL, may be null. + * @param user The user that accessed URL, may be null. * - * @return List of BlackboardAttributes for giving attributes + * @return The list of attributes. * - * @throws TskCoreException + * @throws TskCoreException The exception is thrown if there is an issue + * creating the attributes. */ protected Collection createHistoryAttributes(String url, Long accessTime, String referrer, String title, String programName, String domain, String user) throws TskCoreException { @@ -348,16 +349,16 @@ abstract class Extract { } /** - * Creates a list of attributes for a cookie. + * Creates a list of attributes for a web cookie artifact. * - * @param url cookie url - * @param creationTime cookie creation time - * @param name cookie name - * @param value cookie value - * @param programName Name of the module creating the attribute - * @param domain Domain of the URL + * @param url The cookie url, may be null. + * @param creationTime The cookie creation time, may be null. + * @param name The cookie name, may be null. + * @param value The cookie value, may be null. + * @param programName The program that created the cookie, may be null. + * @param domain The domain of the cookie URL, may be null. * - * @return List of BlackboarAttributes for the passed in attributes + * @return The list of attributes. */ protected Collection createCookieAttributes(String url, Long creationTime, Long accessTime, Long endTime, String name, String value, String programName, String domain) { @@ -402,15 +403,16 @@ abstract class Extract { } /** - * Creates a list of bookmark attributes from the passed in parameters. + * Creates a list of attributes for a web bookmark artifact. * - * @param url Bookmark url. - * @param title Title of the bookmarked page. - * @param creationTime Date and time at which the bookmark was created - * @param programName Name of the program creating the attribute RJCTODO - * @param domain The domain of the bookmark's url + * @param url The bookmark URL, may be null. + * @param title The title of the bookmarked page, may be null. + * @param creationTime The date and time at which the bookmark was created, + * may be null. + * @param programName The program that created the bookmark, may be null. + * @param domain The domain of the bookmark's URL, may be null. * - * @return A collection of bookmark attributes + * @return The list of attributes. */ protected Collection createBookmarkAttributes(String url, String title, Long creationTime, String programName, String domain) { Collection bbattributes = new ArrayList<>(); @@ -440,15 +442,15 @@ abstract class Extract { } /** - * Creates a list of the attributes of a downloaded file + * Creates a list of attributes for a web download artifact. * - * @param path - * @param url URL of the downloaded file - * @param accessTime Time the download occurred - * @param domain Domain of the URL - * @param programName Name of the module creating the attribute + * @param path The path of the downloaded file, may be null. + * @param url The URL of the downloaded file, may be null. + * @param accessTime The time the download occurred, may be null. + * @param domain The domain of the URL, may be null. + * @param programName The program that downloaded the file, may be null. * - * @return A collection of attributes of a downloaded file + * @return The list of attributes. */ protected Collection createDownloadAttributes(String path, Long pathID, String url, Long accessTime, String domain, String programName) { Collection bbattributes = new ArrayList<>(); @@ -483,21 +485,6 @@ abstract class Extract { return bbattributes; } - /** - * Creates a list of the attributes for source of a downloaded file - * - * @param url source URL of the downloaded file - * - * @return A collection of attributes for source of a downloaded file - */ - protected Collection createDownloadSourceAttributes(String url) { - Collection bbattributes = new ArrayList<>(); - bbattributes.add(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL, - RecentActivityExtracterModuleFactory.getModuleName(), - (url != null) ? url : "")); //NON-NLS - return bbattributes; - } - /** * Writes a file to disk in this extractor's dedicated temp directory within * the Recent Activity ingest modules temp directory. The object ID of the diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSafari.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSafari.java index 2470d5419e..196eced932 100755 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSafari.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractSafari.java @@ -395,7 +395,7 @@ final class ExtractSafari extends Extract { * @throws TskCoreException */ private Collection getHistoryArtifacts(AbstractFile origFile, Path tempFilePath) throws TskCoreException { - List> historyList = this.dbConnect(tempFilePath.toString(), HISTORY_QUERY); + List> historyList = this.querySQLiteDb(tempFilePath.toString(), HISTORY_QUERY); if (historyList == null || historyList.isEmpty()) { return null; diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java index fcd1ca3bee..c3ff5017fe 100644 --- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java +++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Firefox.java @@ -208,7 +208,7 @@ class Firefox extends Extract { dbFile.delete(); break; } - List> tempList = this.dbConnect(temps, HISTORY_QUERY); + List> tempList = this.querySQLiteDb(temps, HISTORY_QUERY); logger.log(Level.INFO, "{0} - Now getting history from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { @@ -310,7 +310,7 @@ class Firefox extends Extract { dbFile.delete(); break; } - List> tempList = this.dbConnect(temps, BOOKMARK_QUERY); + List> tempList = this.querySQLiteDb(temps, BOOKMARK_QUERY); logger.log(Level.INFO, "{0} - Now getting bookmarks from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { @@ -421,7 +421,7 @@ class Firefox extends Extract { query = COOKIE_QUERY_V3; } - List> tempList = this.dbConnect(temps, query); + List> tempList = this.querySQLiteDb(temps, query); logger.log(Level.INFO, "{0} - Now getting cookies from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { @@ -542,7 +542,7 @@ class Firefox extends Extract { break; } - List> tempList = this.dbConnect(temps, DOWNLOAD_QUERY); + List> tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY); logger.log(Level.INFO, "{0}- Now getting downloads from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { @@ -678,7 +678,7 @@ class Firefox extends Extract { break; } - List> tempList = this.dbConnect(temps, DOWNLOAD_QUERY_V24); + List> tempList = this.querySQLiteDb(temps, DOWNLOAD_QUERY_V24); logger.log(Level.INFO, "{0} - Now getting downloads from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), temps, tempList.size()}); //NON-NLS for (HashMap result : tempList) { @@ -824,7 +824,7 @@ class Firefox extends Extract { boolean isFirefoxV64 = Util.checkColumn("timesUsed", "moz_formhistory", tempFilePath); String formHistoryQuery = (isFirefoxV64) ? FORMHISTORY_QUERY_V64 : FORMHISTORY_QUERY; - List> tempList = this.dbConnect(tempFilePath, formHistoryQuery); + List> tempList = this.querySQLiteDb(tempFilePath, formHistoryQuery); logger.log(Level.INFO, "{0} - Now getting history from {1} with {2} artifacts identified.", new Object[]{getDisplayName(), tempFilePath, tempList.size()}); //NON-NLS for (HashMap result : tempList) {