mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/markmckinnon/autopsy into develop

Browse Source
This commit is contained in:
Mark McKinnon 2025-01-21 13:28:32 -05:00
commit 7540b6f647
3 changed files with 82 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Tools/ManifestTool/ManifestGenerationAlgorithms.au3
View File

@ -100,11 +100,11 @@ Func GenerateCaseNameAndWriteManifestFile($caseDir, $subDirName, $manifestFile)
$caseName = $splitCaseDir[$splitCaseDir[0]]
Local $manfiestFilePath = $caseDir & "\" & $manifestName & "_" & $manifestFileNameEnd & $manifestExtension
WriteManifestFile($manfiestFilePath, $manifestName, $caseName, $dataSourcePath)
WriteManifestFile($manfiestFilePath, $manifestName, $caseName, "", $dataSourcePath)
EndFunc
;Write the specified manifest file.
Func WriteManifestFile($manifestFilePath, $manifestName, $caseName, $dataSourcePath)
Func WriteManifestFile($manifestFilePath, $manifestName, $caseName, $password, $dataSourcePath)
_FileCreate($manifestFilePath)
Local $fileHandle = FileOpen($manifestFilePath, $FO_APPEND)
If $fileHandle == -1 Then
@ -114,6 +114,9 @@ Func WriteManifestFile($manifestFilePath, $manifestName, $caseName, $dataSourceP
FileWrite($fileHandle,'<?xml version="1.0" encoding="UTF-8" standalone="no"?>' & @CRLF)
FileWrite($fileHandle,'<AutopsyManifest>' & @CRLF)
FileWrite($fileHandle,'<CaseName>' & $caseName &'</CaseName>' & @CRLF)
if Not($password == "") or Not(StringLen($password) == 0) Then
FileWrite($fileHandle,'<Password>' & $password &'</Password>' & @CRLF)
EndIf
;Device ID is not a required field
FileWrite($fileHandle,'<DataSource>' & $dataSourcePath & '</DataSource>' & @CRLF)
FileWrite($fileHandle,'</AutopsyManifest>' & @CRLF)
@ -123,8 +126,11 @@ EndFunc
;get the extension of a file
Func GetFileExtension($fileName)
Local $drive
Local $dir
Local $fName
Local $fileExtension
_PathSplit ($fileName, "", "", "", $fileExtension)
local $pathSplit = _PathSplit ($fileName, $drive, $dir, $fName, $fileExtension)
Return $fileExtension
EndFunc
@ -132,8 +138,10 @@ EndFunc
Func ManifestFilesAlreadyExist($fileList)
Local $fileName
Local $fileExtension
Local $drive
Local $dir
For $i = 1 To $fileList[0] Step 1
_PathSplit ($fileList[$i], "", "", $fileName, $fileExtension)
_PathSplit ($fileList[$i], $drive, $dir, $fileName, $fileExtension)
If StringCompare($fileExtension, $manifestExtension, $STR_NOCASESENSE) == 0 Then
Local $splitFileName = StringSplit($fileName, "_", $STR_ENTIRESPLIT)
if $splitFileName[0] > 1 Then ;It split into more than one chunk so the last chunk should match our _Manifest
@ -241,10 +249,11 @@ Func SingleDataSource($settings)
_PathSplit ($dataSourcePath, $caseDrive, $caseDir, $dsName, $dsExtension)
$caseDir = $caseDrive & $caseDir
Local $caseName = $settings[1]
Local $password = $settings[2]
Local $manfiestFilePath = $caseDir & "\" & $dsName & "_" & $manifestFileNameEnd & $manifestExtension
If (ManifestAlreadyExists($manfiestFilePath) <> 1) Then
;should only be one file and it should end with a valid extension add as image file, or the whole directory is added as a logical file set
WriteManifestFile($manfiestFilePath, $dsName, $caseName, $dsName & $dsExtension)
WriteManifestFile($manfiestFilePath, $dsName, $caseName, $password, $dsName & $dsExtension)
Else
UpdateProgressArea($dsName & " manifest exists, skipping")
EndIf

29
Tools/ManifestTool/ManifestTool.au3
View File

@ -91,7 +91,15 @@ $distanceFromTop = $distanceFromTop + $fieldHeight + $gapBetweenHeight
Global $caseNameLabel = GUICtrlCreateLabel("Case Name", $distanceFromLeft, $distanceFromTop+$labelOffset)
$distanceFromLeft = $distanceFromLeft+$labelWidth+$gapBetweenWidth
Global $caseNameField = GUICtrlCreateInput("", $distanceFromLeft, $distanceFromTop, $fieldWidth, $fieldHeight)
$distanceFromLeft = $leftMargin
$distanceFromTop = $distanceFromTop + $fieldHeight + $gapBetweenHeight
Global $passwordLabel = GUICtrlCreateLabel("Password", $distanceFromLeft, $distanceFromTop+$labelOffset)
$distanceFromLeft = $distanceFromLeft+$labelWidth+$gapBetweenWidth
Global $passwordField = GUICtrlCreateInput("", $distanceFromLeft, $distanceFromTop, $fieldWidth, $fieldHeight)
$distanceFromLeft = $distanceFromLeft +$fieldWidth+$gapBetweenWidth
Global $optionalLabel = GUICtrlCreateLabel("* Optional", $distanceFromLeft, $distanceFromTop)
;$distanceFromLeft = $distanceFromLeft-$fieldWidth+$gapBetweenWidth
$distanceFromTop = $distanceFromTop + $fieldHeight + $gapBetweenHeight
$distanceFromTop = $distanceFromTop + $gapBetweenHeight ;add an extra gap before Generate Manifest button
@ -195,6 +203,9 @@ Func ChangeToSingleDataSourceGUI()
GUICtrlSetData($caseDirectoryLabel, "Data Source")
GUICtrlSetState($caseNameField, $GUI_SHOW)
GUICtrlSetState($caseNameLabel, $GUI_SHOW)
GUICtrlSetState($passwordField, $GUI_SHOW)
GUICtrlSetState($passwordLabel, $GUI_SHOW)
GUICtrlSetState($optionalLabel, $GUI_SHOW)
GUICtrlSetOnEvent($browseButton, "BrowseForDataSourceFile")
GUICtrlSetState($generateManifestButton, $GUI_DISABLE)
@ -207,6 +218,9 @@ Func ChangeToFolderOfLogicalFilesGUI()
GUICtrlSetData($caseDirectoryLabel, "Data Source")
GUICtrlSetState($caseNameField, $GUI_SHOW)
GUICtrlSetState($caseNameLabel, $GUI_SHOW)
GUICtrlSetState($passwordField, $GUI_HIDE)
GUICtrlSetState($passwordLabel, $GUI_HIDE)
GUICtrlSetState($optionalLabel, $GUI_HIDE)
GUICtrlSetOnEvent($browseButton, "Browse")
GUICtrlSetState($generateManifestButton, $GUI_DISABLE)
EndFunc
@ -219,6 +233,9 @@ Func ChangeToDefaultGUI()
GUICtrlSetState($caseDirectoryLabel, $GUI_SHOW)
GUICtrlSetState($caseNameField, $GUI_HIDE)
GUICtrlSetState($caseNameLabel, $GUI_HIDE)
GUICtrlSetState($passwordField, $GUI_HIDE)
GUICtrlSetState($passwordLabel, $GUI_HIDE)
GUICtrlSetState($optionalLabel, $GUI_HIDE)
GUICtrlSetOnEvent($browseButton, "Browse")
;rename to RootDirectory to root directory
;hide case name field
@ -263,6 +280,7 @@ EndFunc
Func ClearFields()
GUICtrlSetData($rootFolderField, "")
GUICtrlSetData($caseNameField, "")
GUICtrlSetData($passwordField, "")
EndFunc
;Open a directory chooser
@ -272,8 +290,10 @@ Func Browse()
Local $selectedDirectory = FileSelectFolder("Select Folder", $defaultDirectory)
Local $caseDir = ""
Local $caseDrive = ""
Local $fileName = ""
Local $fileExtension = ""
If (FileExists($selectedDirectory)) Then
_PathSplit($selectedDirectory, $caseDrive, $caseDir, "", "")
_PathSplit($selectedDirectory, $caseDrive, $caseDir, $fileName, $fileExtension)
$defaultDirectory = $caseDrive & $caseDir
GUICtrlSetData($rootFolderField, $selectedDirectory)
EndIf
@ -294,8 +314,10 @@ Func BrowseForDataSourceFile()
Local $selectedDataSource = FileOpenDialog("Select Data Source", $defaultDirectory, "All Supported Types (*.img; *.dd; *.001; *.aa; *.raw; *.bin; *.E01; *.vmdk; *.vhd) |Raw Images (*.img; *.dd; *.001; *.aa; *.raw; *.bin) |Encase Images (*.E01) |Virtual Machines (*.vmdk; *.vhd) |Logical Evidence File (*.L01) |All Files (*.*)", $FD_FILEMUSTEXIST)
Local $caseDir = ""
Local $caseDrive = ""
Local $fileName = ""
Local $fileExtension = ""
If (FileExists($selectedDataSource)) Then
_PathSplit ($selectedDataSource, $caseDrive, $caseDir, "", "")
_PathSplit ($selectedDataSource, $caseDrive, $caseDir, $fileName, $fileExtension)
$defaultDirectory = $caseDrive & $caseDir
GUICtrlSetData($rootFolderField, $selectedDataSource)
EndIf
@ -313,9 +335,10 @@ EndFunc ;==>GenerateManifestButton
;Get an array of settings as they are set on this panel
Func GetSettings()
Local $settings[2]
Local $settings[3]
$settings[0] = GUICtrlRead($rootFolderField)
$settings[1] = GUICtrlRead($caseNameField)
$settings[2] = GUICtrlRead($passwordField)
Return $settings
EndFunc

BIN
Tools/ManifestTool/ManifestTool.exe
View File

Binary file not shown.