mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-14 17:06:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Mismatch module now uses new public artifact TSK_MISMATCH_DETECTED.

Browse Source
This commit is contained in:
Samuel H. Kenyon 2013-12-17 15:27:26 -05:00
parent 82a05228d2
commit 5ae5fb97db
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
FileExtMismatch/src/org/sleuthkit/autopsy/fileextmismatch/FileExtMismatchIngestModule.java
View File

@ -75,7 +75,6 @@ public class FileExtMismatchIngestModule extends org.sleuthkit.autopsy.ingest.In
private static long numFiles = 0; private static long numFiles = 0;
private static boolean skipKnown = false; private static boolean skipKnown = false;
private int artId = -1;
private int attrId = -1; private int attrId = -1;
private FileExtMismatchSimpleConfigPanel simpleConfigPanel; private FileExtMismatchSimpleConfigPanel simpleConfigPanel;
private IngestServices services; private IngestServices services;
@ -110,7 +109,6 @@ public class FileExtMismatchIngestModule extends org.sleuthkit.autopsy.ingest.In
} catch (TskCoreException ex) { } catch (TskCoreException ex) {
// create it if not // create it if not
try { try {
artId = sleuthkitCase.addArtifactType(ART_NAME, "A filename extension mismatch detection hit.");
attrId = sleuthkitCase.addAttrType(ATTR_NAME, "Flag for detected mismatch between filename extension and file signature."); attrId = sleuthkitCase.addAttrType(ATTR_NAME, "Flag for detected mismatch between filename extension and file signature.");
} catch (TskCoreException ex1) { } catch (TskCoreException ex1) {
logger.log(Level.SEVERE, "Error adding artifact and attribute types: " + ex1.getLocalizedMessage()); logger.log(Level.SEVERE, "Error adding artifact and attribute types: " + ex1.getLocalizedMessage());
@ -148,12 +146,12 @@ public class FileExtMismatchIngestModule extends org.sleuthkit.autopsy.ingest.In
numFiles++; numFiles++;
if (flag) { if (flag) {
// add artifact // add artifact
BlackboardArtifact bart = abstractFile.newArtifact(artId); BlackboardArtifact bart = abstractFile.newArtifact(ARTIFACT_TYPE.TSK_MISMATCH_DETECTED);
BlackboardAttribute batt = new BlackboardAttribute(attrId, MODULE_NAME, "", ATTR_VALUE_WRONG); BlackboardAttribute batt = new BlackboardAttribute(attrId, MODULE_NAME, "", ATTR_VALUE_WRONG);
bart.addAttribute(batt); bart.addAttribute(batt);
services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, ARTIFACT_TYPE.fromID(artId), Collections.singletonList(bart))); services.fireModuleDataEvent(new ModuleDataEvent(MODULE_NAME, ARTIFACT_TYPE.TSK_MISMATCH_DETECTED, Collections.singletonList(bart)));
} }
return ProcessResult.OK; return ProcessResult.OK;
} catch (TskException ex) { } catch (TskException ex) {