mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-17 10:17:41 +00:00
Merge branch 'develop' into 5395-Problems-re-adding-logical-imager-results-after-cancellation-
This commit is contained in:
Joe Ho
commit
7d88ae9788
@ -24,7 +24,6 @@ import java.awt.event.ActionListener;
|
||||
import java.io.File;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.logging.Level;
|
||||
import javax.swing.JDialog;
|
||||
import javax.swing.JFileChooser;
|
||||
import javax.swing.JOptionPane;
|
||||
import javax.swing.SwingWorker;
|
||||
@ -62,8 +61,6 @@ public final class CaseOpenAction extends CallableSystemAction implements Action
|
||||
private static final String DISPLAY_NAME = Bundle.CTL_CaseOpenAction();
|
||||
private static final String PROP_BASECASE = "LBL_BaseCase_PATH"; //NON-NLS
|
||||
private static final Logger LOGGER = Logger.getLogger(CaseOpenAction.class.getName());
|
||||
private static JDialog multiUserCaseWindow;
|
||||
private final JFileChooser fileChooser = new JFileChooser();
|
||||
private final FileFilter caseMetadataFileFilter;
|
||||
|
||||
/**
|
||||
@ -74,13 +71,6 @@ public final class CaseOpenAction extends CallableSystemAction implements Action
|
||||
*/
|
||||
public CaseOpenAction() {
|
||||
caseMetadataFileFilter = new FileNameExtensionFilter(NbBundle.getMessage(CaseOpenAction.class, "CaseOpenAction.autFilter.title", Version.getName(), CaseMetadata.getFileExtension()), CaseMetadata.getFileExtension().substring(1));
|
||||
fileChooser.setDragEnabled(false);
|
||||
fileChooser.setFileSelectionMode(JFileChooser.FILES_ONLY);
|
||||
fileChooser.setMultiSelectionEnabled(false);
|
||||
fileChooser.setFileFilter(caseMetadataFileFilter);
|
||||
if (null != ModuleSettings.getConfigSetting(ModuleSettings.MAIN_SETTINGS, PROP_BASECASE)) {
|
||||
fileChooser.setCurrentDirectory(new File(ModuleSettings.getConfigSetting("Case", PROP_BASECASE))); //NON-NLS
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -89,6 +79,15 @@ public final class CaseOpenAction extends CallableSystemAction implements Action
|
||||
* to open the case described by the file.
|
||||
*/
|
||||
void openCaseSelectionWindow() {
|
||||
JFileChooser fileChooser = new JFileChooser();
|
||||
fileChooser.setDragEnabled(false);
|
||||
fileChooser.setFileSelectionMode(JFileChooser.FILES_ONLY);
|
||||
fileChooser.setMultiSelectionEnabled(false);
|
||||
fileChooser.setFileFilter(caseMetadataFileFilter);
|
||||
if (null != ModuleSettings.getConfigSetting(ModuleSettings.MAIN_SETTINGS, PROP_BASECASE)) {
|
||||
fileChooser.setCurrentDirectory(new File(ModuleSettings.getConfigSetting("Case", PROP_BASECASE))); //NON-NLS
|
||||
}
|
||||
|
||||
String optionsDlgTitle = NbBundle.getMessage(Case.class, "CloseCaseWhileIngesting.Warning.title");
|
||||
String optionsDlgMessage = NbBundle.getMessage(Case.class, "CloseCaseWhileIngesting.Warning");
|
||||
if (IngestRunningCheck.checkAndConfirmProceed(optionsDlgTitle, optionsDlgMessage)) {
|
||||
@ -106,9 +105,7 @@ public final class CaseOpenAction extends CallableSystemAction implements Action
|
||||
/*
|
||||
* Close the Open Multi-User Case window, if it is open.
|
||||
*/
|
||||
if (multiUserCaseWindow != null) {
|
||||
multiUserCaseWindow.setVisible(false);
|
||||
}
|
||||
OpenMultiUserCaseDialog.getInstance().setVisible(false);
|
||||
|
||||
/*
|
||||
* Try to open the case associated with the case metadata file
|
||||
@ -160,9 +157,7 @@ public final class CaseOpenAction extends CallableSystemAction implements Action
|
||||
if (UserPreferences.getIsMultiUserModeEnabled()) {
|
||||
WindowManager.getDefault().getMainWindow().setCursor(Cursor.getPredefinedCursor(Cursor.WAIT_CURSOR));
|
||||
|
||||
if (multiUserCaseWindow == null) {
|
||||
multiUserCaseWindow = OpenMultiUserCaseDialog.getInstance();
|
||||
}
|
||||
OpenMultiUserCaseDialog multiUserCaseWindow = OpenMultiUserCaseDialog.getInstance();
|
||||
multiUserCaseWindow.setLocationRelativeTo(WindowManager.getDefault().getMainWindow());
|
||||
multiUserCaseWindow.setVisible(true);
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2018 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -21,7 +21,6 @@ package org.sleuthkit.autopsy.casemodule;
|
||||
import java.awt.Cursor;
|
||||
import java.util.logging.Level;
|
||||
import javax.swing.JComboBox;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.NbBundle.Messages;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationCase;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDb;
|
||||
@ -573,7 +572,7 @@ final class OptionalCasePropertiesPanel extends javax.swing.JPanel {
|
||||
examinerTextField.getText(), tfExaminerPhoneText.getText(),
|
||||
tfExaminerEmailText.getText(), taNotesText.getText()));
|
||||
} catch (CaseActionException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error updating case details", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2013 Basis Technology Corp.
|
||||
* Copyright 2013-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -62,7 +62,6 @@ public class StartupWindowProvider implements StartupWindowInterface {
|
||||
if (isRunningFromCommandLine()) {
|
||||
// Autopsy is running from command line
|
||||
logger.log(Level.INFO, "Running from command line"); //NON-NLS
|
||||
System.out.println("Running from command line");
|
||||
startupWindowToUse = new CommandLineStartupWindow();
|
||||
// kick off command line processing
|
||||
new CommandLineIngestManager().start();
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Central Repository
|
||||
*
|
||||
* Copyright 2015-2018 Basis Technology Corp.
|
||||
* Copyright 2015-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -26,7 +26,6 @@ import javax.swing.event.TableModelEvent;
|
||||
import javax.swing.event.TableModelListener;
|
||||
import javax.swing.table.DefaultTableModel;
|
||||
import javax.swing.table.TableModel;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.NbBundle.Messages;
|
||||
import org.openide.windows.WindowManager;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
@ -74,7 +73,7 @@ final class ManageCorrelationPropertiesDialog extends javax.swing.JDialog {
|
||||
correlationTypes.clear();
|
||||
correlationTypes.addAll(dbManager.getDefinedCorrelationTypes());
|
||||
} catch (EamDbException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
LOGGER.log(Level.WARNING, "Error loading data", ex);
|
||||
}
|
||||
|
||||
correlationTypes.forEach((aType) -> {
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Central Repository
|
||||
*
|
||||
* Copyright 2015-2018 Basis Technology Corp.
|
||||
* Copyright 2015-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -28,7 +28,6 @@ import javax.swing.JFrame;
|
||||
import javax.swing.JOptionPane;
|
||||
import javax.swing.event.ListSelectionEvent;
|
||||
import javax.swing.event.ListSelectionListener;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.NbBundle.Messages;
|
||||
import org.openide.windows.WindowManager;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDb;
|
||||
@ -78,7 +77,7 @@ public final class ManageOrganizationsDialog extends JDialog {
|
||||
setButtonsEnabled(organizationList.getSelectedValue());
|
||||
newOrg = null;
|
||||
} catch (EamDbException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error getting Central Repo for Organizations dialog", ex);
|
||||
}
|
||||
display();
|
||||
}
|
||||
|
||||
@ -27,10 +27,11 @@ import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.Observable;
|
||||
import java.util.Observer;
|
||||
import java.util.logging.Level;
|
||||
import javax.swing.ComboBoxModel;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationAttributeInstance;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDbException;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
|
||||
/**
|
||||
* UI controls for Common Files Search scenario where the user intends to find
|
||||
@ -38,6 +39,7 @@ import org.sleuthkit.autopsy.centralrepository.datamodel.EamDbException;
|
||||
*/
|
||||
public final class InterCasePanel extends javax.swing.JPanel {
|
||||
|
||||
private final static Logger logger = Logger.getLogger(InterCasePanel.class.getName());
|
||||
private static final long serialVersionUID = 1L;
|
||||
private final Observable fileTypeFilterObservable;
|
||||
static final int NO_CASE_SELECTED = -1;
|
||||
@ -121,7 +123,7 @@ public final class InterCasePanel extends javax.swing.JPanel {
|
||||
this.correlationTypeComboBox.addItem(type.getDisplayName());
|
||||
}
|
||||
} catch (EamDbException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error getting correlation types", ex);
|
||||
}
|
||||
this.correlationTypeComboBox.setSelectedIndex(0);
|
||||
}
|
||||
|
||||
@ -47,7 +47,6 @@ import org.openide.nodes.Children;
|
||||
import org.openide.nodes.Node;
|
||||
import org.openide.nodes.Node.Property;
|
||||
import org.openide.nodes.Node.PropertySet;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.Lookup;
|
||||
import org.openide.util.NbBundle.Messages;
|
||||
import org.sleuthkit.autopsy.communications.ModifiableProxyLookup;
|
||||
@ -397,7 +396,7 @@ public class MessageViewer extends JPanel implements RelationshipsViewer {
|
||||
try {
|
||||
rootTablePane.getExplorerManager().setSelectedNodes(new Node[0]);
|
||||
} catch (PropertyVetoException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error setting selected nodes", ex);
|
||||
}
|
||||
showThreadsPane();
|
||||
}//GEN-LAST:event_backButtonActionPerformed
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2018 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-18 Basis Technology Corp.
|
||||
* Copyright 2011-19 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -47,7 +47,6 @@ import org.openide.nodes.AbstractNode;
|
||||
import org.openide.nodes.Children;
|
||||
import org.openide.nodes.FilterNode;
|
||||
import org.openide.nodes.Node;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.NbBundle;
|
||||
import org.openide.util.lookup.Lookups;
|
||||
import org.sleuthkit.autopsy.corecomponents.ResultViewerPersistence.SortCriterion;
|
||||
@ -197,7 +196,7 @@ class ThumbnailViewChildren extends Children.Keys<Integer> {
|
||||
}
|
||||
|
||||
} catch (IllegalAccessException | InvocationTargetException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error getting value for thumbnail children", ex);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2012-2018 Basis Technology Corp.
|
||||
* Copyright 2012-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2017 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -24,9 +24,10 @@ import java.nio.file.Files;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.logging.Level;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.commons.io.FilenameUtils;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.autopsy.coreutils.ModuleSettings;
|
||||
import org.sleuthkit.autopsy.coreutils.PlatformUtil;
|
||||
|
||||
@ -40,7 +41,7 @@ public final class IngestProfiles {
|
||||
private static final String PROFILE_DESC_KEY = "Profile_Description";
|
||||
private static final String PROFILE_FILTER_KEY = "Profile_Filter";
|
||||
private static final String PROFILE_FILE_EXT = ".properties";
|
||||
|
||||
private static final Logger logger = Logger.getLogger(IngestProfiles.class.getName());
|
||||
/**
|
||||
* Gets the collection of profiles which currently exist.
|
||||
*
|
||||
@ -143,7 +144,7 @@ public final class IngestProfiles {
|
||||
Files.deleteIfExists(Paths.get(PlatformUtil.getUserConfigDirectory(), selectedProfile.getName() + PROFILE_FILE_EXT));
|
||||
FileUtils.deleteDirectory(IngestJobSettings.getSavedModuleSettingsFolder(selectedProfile.getName() + File.separator).toFile());
|
||||
} catch (IOException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error deleting directory for profile " + selectedProfile.getName(), ex);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2018 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -22,12 +22,14 @@ import org.sleuthkit.autopsy.ingest.runIngestModuleWizard.RunIngestModulesAction
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.logging.Level;
|
||||
import javax.swing.JComponent;
|
||||
import javax.swing.JMenuItem;
|
||||
import org.openide.awt.DynamicMenuContent;
|
||||
import org.openide.util.NbBundle;
|
||||
import org.sleuthkit.autopsy.casemodule.Case;
|
||||
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.datamodel.Content;
|
||||
import org.sleuthkit.datamodel.TskCoreException;
|
||||
|
||||
@ -37,6 +39,8 @@ import org.sleuthkit.datamodel.TskCoreException;
|
||||
*/
|
||||
final class RunIngestSubMenu extends JMenuItem implements DynamicMenuContent {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(RunIngestSubMenu.class.getName());
|
||||
|
||||
/**
|
||||
* Creates main menu/popup menu items. It's called each time a popup menu is
|
||||
* constructed and just once for the main menu. Main menu updates happen
|
||||
@ -54,7 +58,7 @@ final class RunIngestSubMenu extends JMenuItem implements DynamicMenuContent {
|
||||
// No open Cases, create a disabled empty menu
|
||||
return getEmpty();
|
||||
} catch (TskCoreException | NoCurrentCaseException e) {
|
||||
System.out.println("Exception getting images: " + e.getMessage()); //NON-NLS
|
||||
logger.log(Level.INFO, "Exception getting images: " + e.getMessage());
|
||||
}
|
||||
JComponent[] comps = new JComponent[dataSources.size()];
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2014-2018 Basis Technology Corp.
|
||||
* Copyright 2014-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -216,7 +216,6 @@ final class ContactAnalyzer {
|
||||
try {
|
||||
while ((length = is.read(buffer)) != -1) {
|
||||
os.write(buffer, 0, length);
|
||||
System.out.println(length);
|
||||
os.flush();
|
||||
|
||||
}
|
||||
@ -239,13 +238,13 @@ final class ContactAnalyzer {
|
||||
ostream.write(c);
|
||||
}
|
||||
} catch (IOException e) {
|
||||
System.out.println("Error: " + e.getMessage()); //NON-NLS
|
||||
logger.log(Level.WARNING, "Error copying file", e);
|
||||
} finally {
|
||||
try {
|
||||
istream.close();
|
||||
ostream.close();
|
||||
} catch (IOException e) {
|
||||
System.out.println("File did not close"); //NON-NLS
|
||||
logger.log(Level.WARNING, "File did not close", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2013-2018 Basis Technology Corp.
|
||||
* Copyright 2013-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -70,7 +70,7 @@ class StixArtifactData {
|
||||
|
||||
@Messages({"StixArtifactData.indexError.message=Failed to index STIX interesting file hit artifact for keyword search.",
|
||||
"StixArtifactData.noOpenCase.errMsg=No open case available."})
|
||||
public void createArtifact(String a_title) throws TskCoreException {
|
||||
void createArtifact(String a_title) throws TskCoreException {
|
||||
Blackboard blackboard;
|
||||
try {
|
||||
blackboard = Case.getCurrentCaseThrows().getSleuthkitCase().getBlackboard();
|
||||
@ -104,8 +104,4 @@ class StixArtifactData {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public void print() {
|
||||
System.out.println(" " + observableId + " " + file.getName());
|
||||
}
|
||||
}
|
||||
|
||||
@ -42,6 +42,7 @@ import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
|
||||
import org.sleuthkit.autopsy.coreutils.PlatformUtil;
|
||||
import org.sleuthkit.autopsy.datamodel.ContentUtils;
|
||||
import org.sleuthkit.autopsy.coreutils.FileTypeUtils.FileTypeCategory;
|
||||
import org.sleuthkit.autopsy.report.caseuco.CaseUcoFormatExporter;
|
||||
import org.sleuthkit.datamodel.AbstractFile;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifactTag;
|
||||
@ -355,6 +356,19 @@ class PortableCaseReportModule implements ReportModule {
|
||||
return;
|
||||
}
|
||||
|
||||
File reportsFolder = Paths.get(caseFolder.toString(), "Reports").toFile();
|
||||
if(!reportsFolder.mkdir()) {
|
||||
handleError("Could not make report folder", "Could not make report folder", null, progressPanel); // NON-NLS
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
CaseUcoFormatExporter.export(tagNames, setNames, reportsFolder, progressPanel);
|
||||
} catch (IOException | SQLException | NoCurrentCaseException | TskCoreException ex) {
|
||||
handleError("Problem while generating CASE-UCO report",
|
||||
"Problem while generating CASE-UCO report", ex, progressPanel); // NON-NLS
|
||||
}
|
||||
|
||||
// Compress the case (if desired)
|
||||
if (options.shouldCompress()) {
|
||||
progressPanel.updateStatusLabel(Bundle.PortableCaseReportModule_generateReport_compressingCase());
|
||||
|
||||
@ -1,3 +1,6 @@
|
||||
CaseUcoFormatExporter.datasourceMsg=Generating CASE-UCO Report for %s
|
||||
CaseUcoFormatExporter.finishMsg=Finished generating CASE-UCO Report
|
||||
CaseUcoFormatExporter.startMsg=Generating CASE-UCO Report
|
||||
OpenIDE-Module-Name=CaseUcoModule
|
||||
ReportCaseUco.getName.text=CASE-UCO
|
||||
ReportCaseUco.getDesc.text=CASE-UCO format report with basic property fields for every file.
|
||||
|
||||
@ -23,24 +23,39 @@ import com.fasterxml.jackson.core.JsonFactory;
|
||||
import com.fasterxml.jackson.core.JsonGenerator;
|
||||
import com.fasterxml.jackson.core.util.DefaultIndenter;
|
||||
import com.fasterxml.jackson.core.util.DefaultPrettyPrinter;
|
||||
import com.google.common.collect.Lists;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.util.List;
|
||||
import java.util.SimpleTimeZone;
|
||||
import java.util.TimeZone;
|
||||
import java.util.logging.Level;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.openide.util.NbBundle;
|
||||
import org.sleuthkit.autopsy.casemodule.Case;
|
||||
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
|
||||
import org.sleuthkit.autopsy.casemodule.services.TagsManager;
|
||||
import org.sleuthkit.autopsy.coreutils.Logger;
|
||||
import org.sleuthkit.autopsy.coreutils.MessageNotifyUtil;
|
||||
import org.sleuthkit.autopsy.datamodel.ContentUtils;
|
||||
import org.sleuthkit.autopsy.ingest.IngestManager;
|
||||
import org.sleuthkit.autopsy.report.ReportProgressPanel;
|
||||
import org.sleuthkit.datamodel.AbstractFile;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifact;
|
||||
import org.sleuthkit.datamodel.BlackboardArtifactTag;
|
||||
import org.sleuthkit.datamodel.BlackboardAttribute;
|
||||
import org.sleuthkit.datamodel.Content;
|
||||
import org.sleuthkit.datamodel.ContentTag;
|
||||
import org.sleuthkit.datamodel.DataSource;
|
||||
import org.sleuthkit.datamodel.SleuthkitCase;
|
||||
import org.sleuthkit.datamodel.TskCoreException;
|
||||
import org.sleuthkit.datamodel.TskData;
|
||||
import org.sleuthkit.datamodel.TagName;
|
||||
|
||||
/**
|
||||
* Generates CASE-UCO report file for a data source
|
||||
@ -49,6 +64,11 @@ public final class CaseUcoFormatExporter {
|
||||
|
||||
private static final Logger logger = Logger.getLogger(CaseUcoFormatExporter.class.getName());
|
||||
|
||||
private static final BlackboardAttribute.Type SET_NAME = new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME);
|
||||
private static final BlackboardArtifact.ARTIFACT_TYPE INTERESTING_FILE_HIT = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT;
|
||||
private static final BlackboardArtifact.ARTIFACT_TYPE INTERESTING_ARTIFACT_HIT = BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_ARTIFACT_HIT;
|
||||
private static final String TEMP_DIR_NAME = "case_uco_tmp";
|
||||
|
||||
private CaseUcoFormatExporter() {
|
||||
}
|
||||
|
||||
@ -177,6 +197,136 @@ public final class CaseUcoFormatExporter {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Exports files that are tagged w/ the following TagNames and that belong to
|
||||
* the following interesting file sets (set name attributes of TSK_INTERSTING_FILE_HIT
|
||||
* and TSK_INTERESTING_ARTIFACT_HIT). Artifacts that are tagged with
|
||||
* the following TagNames also have their associated source files included.
|
||||
*
|
||||
* Duplicate files are excluded.
|
||||
*
|
||||
* @param tagTypes Collection of TagNames to match
|
||||
* @param interestingItemSets Collection of SET_NAMEs to match on in TSK_INTERESTING_FILE_HITs
|
||||
* and TSK_INTERESTING_ARTIFACT_HITs.
|
||||
* @param outputFilePath Path to the folder that the CASE-UCO report should be written into
|
||||
* @param progressPanel UI Component to be updated with current processing status
|
||||
*/
|
||||
@NbBundle.Messages({
|
||||
"CaseUcoFormatExporter.startMsg=Generating CASE-UCO Report",
|
||||
"CaseUcoFormatExporter.datasourceMsg=Generating CASE-UCO Report for %s",
|
||||
"CaseUcoFormatExporter.finishMsg=Finished generating CASE-UCO Report"
|
||||
})
|
||||
public static void export(List<TagName> tagTypes, List<String> interestingItemSets,
|
||||
File caseReportFolder, ReportProgressPanel progressPanel) throws IOException, SQLException,
|
||||
NoCurrentCaseException, TskCoreException {
|
||||
|
||||
progressPanel.updateStatusLabel(Bundle.CaseUcoFormatExporter_startMsg());
|
||||
//Acquire references for file discovery
|
||||
Case currentCase = Case.getCurrentCaseThrows();
|
||||
String caseTempDirectory = currentCase.getTempDirectory();
|
||||
SleuthkitCase skCase = currentCase.getSleuthkitCase();
|
||||
TagsManager tagsManager = currentCase.getServices().getTagsManager();
|
||||
|
||||
//Create temp directory to filter out duplicate files.
|
||||
Path tmpDir = Paths.get(caseTempDirectory, TEMP_DIR_NAME);
|
||||
FileUtils.deleteDirectory(tmpDir.toFile());
|
||||
Files.createDirectory(tmpDir);
|
||||
|
||||
//Create our report file
|
||||
Path reportFile = Paths.get(caseReportFolder.toString(),
|
||||
ReportCaseUco.getReportFileName());
|
||||
|
||||
//Timezone for formatting file creation, modification, and accessed times
|
||||
SimpleTimeZone timeZone = new SimpleTimeZone(0, "GMT");
|
||||
|
||||
try (JsonGenerator jsonGenerator = createJsonGenerator(reportFile.toFile())) {
|
||||
initializeJsonOutputFile(jsonGenerator);
|
||||
//Make the case the first entity in the report file.
|
||||
String caseTraceId = saveCaseInfo(skCase, jsonGenerator);
|
||||
|
||||
for (DataSource ds : skCase.getDataSources()) {
|
||||
progressPanel.updateStatusLabel(String.format(
|
||||
Bundle.CaseUcoFormatExporter_datasourceMsg(), ds.getName()));
|
||||
String dataSourceTraceId = saveDataSourceInfo(ds.getId(),
|
||||
caseTraceId, skCase, jsonGenerator);
|
||||
for (TagName tn : tagTypes) {
|
||||
for (ContentTag ct : tagsManager.getContentTagsByTagName(tn, ds.getId())) {
|
||||
saveUniqueFilesToCaseUcoFormat(ct.getContent(), tmpDir,
|
||||
jsonGenerator, timeZone, dataSourceTraceId);
|
||||
}
|
||||
for (BlackboardArtifactTag bat : tagsManager.getBlackboardArtifactTagsByTagName(tn, ds.getId())) {
|
||||
saveUniqueFilesToCaseUcoFormat(bat.getContent(), tmpDir,
|
||||
jsonGenerator, timeZone, dataSourceTraceId);
|
||||
}
|
||||
}
|
||||
if(!interestingItemSets.isEmpty()) {
|
||||
List<BlackboardArtifact.ARTIFACT_TYPE> typesToQuery = Lists.newArrayList(
|
||||
INTERESTING_FILE_HIT, INTERESTING_ARTIFACT_HIT);
|
||||
for(BlackboardArtifact.ARTIFACT_TYPE artType : typesToQuery) {
|
||||
for(BlackboardArtifact bArt : skCase.getBlackboardArtifacts(artType)) {
|
||||
if(bArt.getDataSource().getId() != ds.getId()) {
|
||||
continue;
|
||||
}
|
||||
BlackboardAttribute setAttr = bArt.getAttribute(SET_NAME);
|
||||
if (interestingItemSets.contains(setAttr.getValueString())) {
|
||||
Content content = skCase.getContentById(bArt.getObjectID());
|
||||
saveUniqueFilesToCaseUcoFormat(content, tmpDir,
|
||||
jsonGenerator, timeZone, dataSourceTraceId);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
finilizeJsonOutputFile(jsonGenerator);
|
||||
progressPanel.updateStatusLabel(Bundle.CaseUcoFormatExporter_finishMsg());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Saves only unique abstract files to the report. Uniqueness is
|
||||
* determined by object id. The tmpDir Path is used to stored object
|
||||
* ids that have already been visited.
|
||||
*
|
||||
* @param content Abstractfile isntance
|
||||
* @param tmpDir Directory to write object ids
|
||||
* @param jsonGenerator Report generator
|
||||
* @param timeZone Time zore for ctime, atime, and mtime formatting
|
||||
* @param dataSourceTraceId TraceID number for the parent data source
|
||||
* @throws IOException
|
||||
*/
|
||||
private static void saveUniqueFilesToCaseUcoFormat(Content content, Path tmpDir, JsonGenerator jsonGenerator,
|
||||
TimeZone timeZone, String dataSourceTraceId) throws IOException {
|
||||
if (content instanceof AbstractFile && !(content instanceof DataSource)) {
|
||||
AbstractFile absFile = (AbstractFile) content;
|
||||
Path filePath = tmpDir.resolve(Long.toString(absFile.getId()));
|
||||
if (!Files.exists(filePath) && !absFile.isDir()) {
|
||||
saveFileInCaseUcoFormat(
|
||||
absFile.getId(),
|
||||
absFile.getName(),
|
||||
absFile.getParentPath(),
|
||||
absFile.getMd5Hash(),
|
||||
absFile.getMIMEType(),
|
||||
absFile.getSize(),
|
||||
ContentUtils.getStringTimeISO8601(absFile.getCtime(), timeZone),
|
||||
ContentUtils.getStringTimeISO8601(absFile.getAtime(), timeZone),
|
||||
ContentUtils.getStringTimeISO8601(absFile.getMtime(), timeZone),
|
||||
absFile.getNameExtension(),
|
||||
jsonGenerator,
|
||||
dataSourceTraceId
|
||||
);
|
||||
filePath.toFile().createNewFile();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private static JsonGenerator createJsonGenerator(File reportFile) throws IOException {
|
||||
JsonFactory jsonGeneratorFactory = new JsonFactory();
|
||||
JsonGenerator jsonGenerator = jsonGeneratorFactory.createGenerator(reportFile, JsonEncoding.UTF8);
|
||||
// instert \n after each field for more readable formatting
|
||||
jsonGenerator.setPrettyPrinter(new DefaultPrettyPrinter().withObjectIndenter(new DefaultIndenter(" ", "\n")));
|
||||
return jsonGenerator;
|
||||
}
|
||||
|
||||
private static void initializeJsonOutputFile(JsonGenerator catalog) throws IOException {
|
||||
catalog.writeStartObject();
|
||||
catalog.writeFieldName("@graph");
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2018 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -21,8 +21,6 @@ package org.sleuthkit.autopsy.test;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.logging.Level;
|
||||
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.NbBundle;
|
||||
import org.sleuthkit.autopsy.casemodule.Case;
|
||||
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
|
||||
@ -128,7 +126,7 @@ final class InterestingArtifactCreatorIngestModule extends FileIngestModuleAdapt
|
||||
logger.log(Level.SEVERE, String.format("Failed to process file (obj_id = %d)", file.getId()), ex);
|
||||
return ProcessResult.ERROR;
|
||||
} catch (Blackboard.BlackboardException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Blackboard Exception processing file with obj_id = " + file.getId(), ex);
|
||||
}
|
||||
return ProcessResult.OK;
|
||||
}
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2018 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -454,7 +454,6 @@ final class StringsTextExtractor implements TextExtractor {
|
||||
convertBuffRemain = bytesInConvertBuff - convertBuffOffset;
|
||||
}
|
||||
} catch (TskCoreException ex) {
|
||||
//Exceptions.printStackTrace(ex);
|
||||
fileEOF = true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2018 Basis Technology Corp.
|
||||
* Copyright 2018-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -46,19 +46,11 @@ import org.sleuthkit.autopsy.testutils.CaseUtils;
|
||||
import org.sleuthkit.autopsy.testutils.IngestUtils;
|
||||
import org.sleuthkit.datamodel.TskCoreException;
|
||||
import junit.framework.Assert;
|
||||
import org.sleuthkit.autopsy.casemodule.CaseActionException;
|
||||
import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationAttributeInstance;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.CorrelationCase;
|
||||
import org.sleuthkit.autopsy.centralrepository.datamodel.EamDb;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.AbstractCommonAttributeInstance;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.CaseDBCommonAttributeInstanceNode;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.CentralRepoCommonAttributeInstance;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.CentralRepoCommonAttributeInstanceNode;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.CommonAttributeCountSearchResults;
|
||||
import org.sleuthkit.autopsy.datamodel.utils.DataSourceLoader;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.CommonAttributeValue;
|
||||
import org.sleuthkit.autopsy.commonpropertiessearch.CommonAttributeValueList;
|
||||
import org.sleuthkit.autopsy.coreutils.TimeStampUtils;
|
||||
import org.sleuthkit.autopsy.datamodel.DisplayableItemNode;
|
||||
import org.sleuthkit.autopsy.modules.dataSourceIntegrity.DataSourceIntegrityModuleFactory;
|
||||
@ -279,10 +271,8 @@ class InterCaseTestUtils {
|
||||
for (CorrelationCase correlationCase : EamDb.getInstance().getCases()) {
|
||||
mapOfCaseIdsToCase.put(correlationCase.getDisplayName(), correlationCase.getID());
|
||||
}
|
||||
System.out.println("EAM IS ENABLED");
|
||||
return mapOfCaseIdsToCase;
|
||||
} else {
|
||||
System.out.println("EAMDB NOT ENABLED");
|
||||
//it is reasonable that this might happen...
|
||||
// for example when we test the feature in the absence of an enabled eamdb
|
||||
return new HashMap<>(0);
|
||||
|
||||
@ -85,8 +85,7 @@ public class BingTranslatorTest {
|
||||
// /*
|
||||
// //It's unrealistic to expect the same answer every time, but sometimes
|
||||
// //it's helpful to have this in your debug process.
|
||||
// System.out.println(translation);
|
||||
// assertEquals(expectedTranslation, translation);
|
||||
// assertEquals("Result did not match expected result", expectedTranslation, translation);
|
||||
// */
|
||||
// }
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ public class GoogleTranslatorTest {
|
||||
// //it's helpful to have this in your debug process.
|
||||
//
|
||||
// String expResult = "translate"; assertEquals(expResult, result);
|
||||
// System.out.println(result);
|
||||
// assertEquals("Result did not match expected result" expResult, result);
|
||||
|
||||
}
|
||||
//Commented out because using TranslateOption with the current version of Guava is not supported JIRA-5063
|
||||
@ -63,7 +63,6 @@ public class GoogleTranslatorTest {
|
||||
// //It's unrealistic to expect the same answer every time, but sometimes
|
||||
// //it's helpful to have this in your debug process.
|
||||
// String expResult = "¡Hola Mundo!";
|
||||
// assertEquals(expResult, result);
|
||||
// System.out.println(result);
|
||||
// assertEquals("Result did not match expected result", expResult, result);
|
||||
// }
|
||||
}
|
||||
|
||||
@ -64,7 +64,6 @@ import static org.apache.commons.collections4.CollectionUtils.isNotEmpty;
|
||||
import static org.apache.commons.lang3.ObjectUtils.notEqual;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.commons.lang3.concurrent.BasicThreadFactory;
|
||||
import org.openide.util.Exceptions;
|
||||
import org.openide.util.NbBundle;
|
||||
import org.sleuthkit.autopsy.casemodule.Case;
|
||||
import org.sleuthkit.autopsy.casemodule.events.ContentTagAddedEvent;
|
||||
@ -658,7 +657,7 @@ public class GroupManager {
|
||||
|
||||
updateCurrentPathGroup(pathGroupKey);
|
||||
} catch (TskCoreException | TskDataException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error getting drawabledb for fileId " + fileId, ex);
|
||||
}
|
||||
|
||||
// Update all the groups that this file belongs to
|
||||
@ -986,7 +985,7 @@ public class GroupManager {
|
||||
.findAny().ifPresent(obj_id -> types.add(mimeType));
|
||||
}
|
||||
} catch (SQLException | TskCoreException ex) {
|
||||
Exceptions.printStackTrace(ex);
|
||||
logger.log(Level.WARNING, "Error getting group by MIME type", ex);
|
||||
}
|
||||
results.putAll(null, types);
|
||||
|
||||
|
||||
@ -174,7 +174,6 @@ public class SortChooser<X, Y extends Comparator<X>> extends HBox {
|
||||
Image icon = (Image) item.getClass().getMethod("getIcon").invoke(item);
|
||||
setGraphic(new ImageView(icon));
|
||||
} catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException ex) {
|
||||
// Exceptions.printStackTrace(ex);
|
||||
setText(item.toString());
|
||||
setGraphic(null);
|
||||
}
|
||||
|
||||
@ -561,10 +561,13 @@
|
||||
leading wildcard queries. -->
|
||||
<!--<field name="text_rev" type="text_general_rev" indexed="true" stored="false" multiValued="true"/>-->
|
||||
|
||||
<!-- field with white-space tokenized words for TermsComponent regex search (useful for fast search of IP addresses, URLs, certain phone numbers)
|
||||
also be useful for Lucene based queries containing special characters-->
|
||||
<!-- populated via copyField -->
|
||||
<!-- field with white-space tokenized words for TermsComponent regex search.
|
||||
No longer being populated by Autopsy, but remains for backward compatability.
|
||||
content_str is used instead to better deal with regex that have white space. -->
|
||||
<field name="content_ws" type="text_ws" indexed="true" stored="false" multiValued="true" />
|
||||
|
||||
<!-- field that contains the raw string form of the chunk. Used for regular expression
|
||||
matching. Populated by Autopsy using lower-case text and a copyField for file name. -->
|
||||
<field name="content_str" type="string" indexed="true" stored="true" multiValued="true" />
|
||||
|
||||
<!-- Uncommenting the following will create a "timestamp" field using
|
||||
|
||||
@ -101,25 +101,29 @@ public class Server {
|
||||
return "image_id"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// This is not stored or index . it is copied to Text and Content_Ws
|
||||
// This is not stored or indexed. it is copied to text by the schema
|
||||
CONTENT {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "content"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// String representation for regular expression searching
|
||||
CONTENT_STR {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "content_str"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// default search field. Populated by schema
|
||||
TEXT {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "text"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// no longer populated. Was used for regular expression searching.
|
||||
// Should not be used.
|
||||
CONTENT_WS {
|
||||
@Override
|
||||
public String toString() {
|
||||
@ -132,28 +136,28 @@ public class Server {
|
||||
return "file_name"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// note that we no longer index this field
|
||||
// note that we no longer store or index this field
|
||||
CTIME {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "ctime"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// note that we no longer index this field
|
||||
// note that we no longer store or index this field
|
||||
ATIME {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "atime"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// note that we no longer index this field
|
||||
// note that we no longer store or index this field
|
||||
MTIME {
|
||||
@Override
|
||||
public String toString() {
|
||||
return "mtime"; //NON-NLS
|
||||
}
|
||||
},
|
||||
// note that we no longer index this field
|
||||
// note that we no longer store or index this field
|
||||
CRTIME {
|
||||
@Override
|
||||
public String toString() {
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2011-2017 Basis Technology Corp.
|
||||
* Copyright 2011-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -48,8 +48,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testLengthMatchesBin() {
|
||||
System.out.println("lengthMatchesBin");
|
||||
|
||||
//amex must be 15
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("3431 136294 58529"));
|
||||
assertEquals(false, CreditCardValidator.isValidCCN("3431-136294-5850")); //too short
|
||||
@ -95,8 +93,6 @@ public class CreditCardValidatorTest {
|
||||
*/
|
||||
@Test
|
||||
public void testIsValidCCN16() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
//rules for separators and grouping for 16 digits
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234567890318342"));// dashes
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234-5678-9031-8342"));// dashes
|
||||
@ -111,8 +107,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN15() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
//amex are fifteen digits, and grouped 4 6 5
|
||||
//amex cards that strart with 34
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("3431 136294 58529"));
|
||||
@ -143,7 +137,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN19() {
|
||||
System.out.println("isValidCCN");
|
||||
//nineteen digit (visa) cards 4-4-4-4-3
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("4539747947839518654"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("4539-7479-4783-9518-654"));
|
||||
@ -168,8 +161,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN18() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("123456789031834267"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234 5678 9031 8342 67"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234-56789031834-267"));
|
||||
@ -181,8 +172,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN17() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("12345678903183426"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234 5678 9031 8342 6"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234-56789031834-26"));
|
||||
@ -194,8 +183,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN14() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("12345678903183"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234 5678 9031 83"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234-5678903183"));
|
||||
@ -207,8 +194,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN13() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234567890318"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234 5678 9031 8"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234-567890318"));
|
||||
@ -220,8 +205,6 @@ public class CreditCardValidatorTest {
|
||||
|
||||
@Test
|
||||
public void testIsValidCCN12() {
|
||||
System.out.println("isValidCCN");
|
||||
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("123456789031"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234 5678 9031"));
|
||||
assertEquals(true, CreditCardValidator.isValidCCN("1234-56789031"));
|
||||
|
||||
@ -2,14 +2,9 @@ cannotBuildXmlParser=Unable to build XML parser:
|
||||
cannotLoadSEUQA=Unable to load Search Engine URL Query Analyzer settings file, SEUQAMappings.xml:
|
||||
cannotParseXml=Unable to parse XML file:
|
||||
ChromeCacheExtractor.moduleName=ChromeCacheExtractor
|
||||
# {0} - module name
|
||||
# {1} - row number
|
||||
# {2} - table length
|
||||
# {3} - cache path
|
||||
ChromeCacheExtractor.progressMsg={0}: Extracting cache entry {1} of {2} entries from {3}
|
||||
DataSourceUsage_AndroidMedia=Android Media Card
|
||||
DataSourceUsage_FlashDrive=Flash Drive
|
||||
# {0} - OS name
|
||||
DataSourceUsageAnalyzer.customVolume.label=OS Drive ({0})
|
||||
DataSourceUsageAnalyzer.parentModuleName=Recent Activity
|
||||
Extract.indexError.message=Failed to index artifact for keyword search.
|
||||
@ -64,7 +59,7 @@ ExtractZone_progress_Msg=Extracting :Zone.Identifer files
|
||||
ExtractZone_Restricted=Restricted Sites Zone
|
||||
ExtractZone_Trusted=Trusted Sites Zone
|
||||
OpenIDE-Module-Display-Category=Ingest Module
|
||||
OpenIDE-Module-Long-Description=Recent Activity ingest module.\n\n\The module extracts useful information about the recent user activity on the disk image being ingested, such as:\n\n- Recently open documents,\n- Web activity (sites visited, stored cookies, book marked sites, search engine queries, file downloads),\n- Recently attached devices,\n- Installed programs.\n\nThe module currently supports Windows only disk images.\nThe plugin is also fully functional when deployed on Windows version of Autopsy.
|
||||
OpenIDE-Module-Long-Description=Recent Activity ingest module.\n\nThe module extracts useful information about the recent user activity on the disk image being ingested, such as:\n\n- Recently open documents,\n- Web activity (sites visited, stored cookies, book marked sites, search engine queries, file downloads),\n- Recently attached devices,\n- Installed programs.\n\nThe module currently supports Windows only disk images.\nThe plugin is also fully functional when deployed on Windows version of Autopsy.
|
||||
OpenIDE-Module-Name=RecentActivity
|
||||
OpenIDE-Module-Short-Description=Recent Activity finder ingest module
|
||||
Chrome.moduleName=Chrome
|
||||
@ -187,7 +182,6 @@ RecentDocumentsByLnk.parentModuleName.noSpace=RecentActivity
|
||||
RecentDocumentsByLnk.parentModuleName=Recent Activity
|
||||
RegRipperFullNotFound=Full version RegRipper executable not found.
|
||||
RegRipperNotFound=Autopsy RegRipper executable not found.
|
||||
# {0} - file name
|
||||
SearchEngineURLQueryAnalyzer.init.exception.msg=Unable to find {0}.
|
||||
SearchEngineURLQueryAnalyzer.moduleName.text=Search Engine
|
||||
SearchEngineURLQueryAnalyzer.engineName.none=NONE
|
||||
|
||||
@ -390,12 +390,6 @@ class ExtractRegistry extends Extract {
|
||||
Element oroot = doc.getDocumentElement();
|
||||
NodeList children = oroot.getChildNodes();
|
||||
int len = children.getLength();
|
||||
// Add all "usb" dataType nodes to collection of BlackboardArtifacts
|
||||
// that we will submit in a ModuleDataEvent for additional processing.
|
||||
Collection<BlackboardArtifact> usbBBartifacts = new ArrayList<>();
|
||||
// Add all "ssid" dataType nodes to collection of BlackboardArtifacts
|
||||
// that we will submit in a ModuleDataEvent for additional processing.
|
||||
Collection<BlackboardArtifact> wifiBBartifacts = new ArrayList<>();
|
||||
for (int i = 0; i < len; i++) {
|
||||
|
||||
if (context.dataSourceIngestIsCancelled()) {
|
||||
@ -652,10 +646,8 @@ class ExtractRegistry extends Extract {
|
||||
|
||||
// index the artifact for keyword search
|
||||
postArtifact(bbart);
|
||||
// add to collection for ModuleDataEvent
|
||||
usbBBartifacts.add(bbart);
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Error adding device attached artifact to blackboard."); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error adding device attached artifact to blackboard.", ex); //NON-NLS
|
||||
}
|
||||
break;
|
||||
case "uninstall": //NON-NLS
|
||||
@ -666,8 +658,8 @@ class ExtractRegistry extends Extract {
|
||||
itemMtime = new SimpleDateFormat("EEE MMM d HH:mm:ss yyyy").parse(mTimeAttr).getTime(); //NON-NLS
|
||||
itemMtime /= MS_IN_SEC;
|
||||
}
|
||||
} catch (ParseException e) {
|
||||
logger.log(Level.WARNING, "Failed to parse epoch time for installed program artifact."); //NON-NLS
|
||||
} catch (ParseException ex) {
|
||||
logger.log(Level.WARNING, "Failed to parse epoch time for installed program artifact.", ex); //NON-NLS
|
||||
}
|
||||
|
||||
try {
|
||||
@ -679,7 +671,7 @@ class ExtractRegistry extends Extract {
|
||||
// index the artifact for keyword search
|
||||
postArtifact(bbart);
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Error adding installed program artifact to blackboard."); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error adding installed program artifact to blackboard.", ex); //NON-NLS
|
||||
}
|
||||
break;
|
||||
case "office": //NON-NLS
|
||||
@ -699,7 +691,7 @@ class ExtractRegistry extends Extract {
|
||||
// index the artifact for keyword search
|
||||
postArtifact(bbart);
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Error adding recent object artifact to blackboard."); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error adding recent object artifact to blackboard.", ex); //NON-NLS
|
||||
}
|
||||
break;
|
||||
|
||||
@ -766,7 +758,7 @@ class ExtractRegistry extends Extract {
|
||||
// index the artifact for keyword search
|
||||
postArtifact(bbart);
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Error adding account artifact to blackboard."); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error adding account artifact to blackboard.", ex); //NON-NLS
|
||||
}
|
||||
break;
|
||||
|
||||
@ -783,7 +775,7 @@ class ExtractRegistry extends Extract {
|
||||
// index the artifact for keyword search
|
||||
postArtifact(bbart);
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Error adding network artifact to blackboard."); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error adding network artifact to blackboard.", ex); //NON-NLS
|
||||
}
|
||||
break;
|
||||
case "SSID": // NON-NLS
|
||||
@ -798,9 +790,8 @@ class ExtractRegistry extends Extract {
|
||||
bbart.addAttributes(bbattributes);
|
||||
// index the artifact for keyword search
|
||||
postArtifact(bbart);
|
||||
wifiBBartifacts.add(bbart);
|
||||
} catch (TskCoreException ex) {
|
||||
logger.log(Level.SEVERE, "Error adding SSID artifact to blackboard."); //NON-NLS
|
||||
logger.log(Level.SEVERE, "Error adding SSID artifact to blackboard.", ex); //NON-NLS
|
||||
}
|
||||
break;
|
||||
case "shellfolders": // NON-NLS
|
||||
@ -818,9 +809,6 @@ class ExtractRegistry extends Extract {
|
||||
break;
|
||||
}
|
||||
} // for
|
||||
|
||||
postArtifacts(usbBBartifacts);
|
||||
postArtifacts(wifiBBartifacts);
|
||||
return true;
|
||||
} catch (FileNotFoundException ex) {
|
||||
logger.log(Level.SEVERE, "Error finding the registry file.", ex); //NON-NLS
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Autopsy Forensic Browser
|
||||
*
|
||||
* Copyright 2013 Basis Technology Corp.
|
||||
* Copyright 2013-2019 Basis Technology Corp.
|
||||
* Contact: carrier <at> sleuthkit <dot> org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@ -79,11 +79,9 @@ public class ScalpelCarver {
|
||||
success = true;
|
||||
} catch (UnsatisfiedLinkError ex) {
|
||||
String msg = NbBundle.getMessage(ScalpelCarver.class, "ScalpelCarver.loadLib.errMsg.cannotLoadLib", id);
|
||||
System.out.println(msg + ex.toString());
|
||||
logger.log(Level.SEVERE, msg, ex);
|
||||
} catch (Exception ex) {
|
||||
String msg = NbBundle.getMessage(ScalpelCarver.class, "ScalpelCarver.loadLib.errMsg.cannotLoadLib2", id);
|
||||
System.out.println(msg + ex.toString());
|
||||
logger.log(Level.SEVERE, msg, ex);
|
||||
}
|
||||
|
||||
|
||||
@ -437,7 +437,26 @@ def normalize_db_entry(line, files_table, vs_parts_table, vs_info_table, fs_info
|
||||
ig_groups_seen_index = line.find('INSERT INTO "image_gallery_groups_seen"') > -1 or line.find('INSERT INTO image_gallery_groups_seen ') > -1
|
||||
|
||||
parens = line[line.find('(') + 1 : line.rfind(')')]
|
||||
fields_list = list(csv.reader([parens.replace(" ", "")], quotechar="'"))[0]
|
||||
no_space_parens = parens.replace(" ", "")
|
||||
fields_list = list(csv.reader([no_space_parens], quotechar="'"))[0]
|
||||
#Add back in the quotechar for values that were originally wrapped (csv reader consumes this character)
|
||||
fields_list_with_quotes = []
|
||||
ptr = 0
|
||||
for field in fields_list:
|
||||
if(len(field) == 0):
|
||||
field = "'" + field + "'"
|
||||
else:
|
||||
start = no_space_parens.find(field, ptr)
|
||||
if((start - 1) >= 0 and no_space_parens[start - 1] == '\''):
|
||||
if((start + len(field)) < len(no_space_parens) and no_space_parens[start + len(field)] == '\''):
|
||||
field = "'" + field + "'"
|
||||
fields_list_with_quotes.append(field)
|
||||
if(ptr > 0):
|
||||
#Add one for each comma that is used to separate values in the original string
|
||||
ptr+=1
|
||||
ptr += len(field)
|
||||
|
||||
fields_list = fields_list_with_quotes
|
||||
|
||||
# remove object ID
|
||||
if files_index:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user