mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-19 11:07:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge git://github.com/sleuthkit/autopsy

Browse Source
This commit is contained in:
Devin148 2012-09-24 08:55:58 -04:00
commit 82e75e0739
2 changed files with 84 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/KeywordSearchIngestModule.java
View File

@ -39,6 +39,7 @@ import org.netbeans.api.progress.ProgressHandle;
import org.netbeans.api.progress.ProgressHandleFactory; import org.netbeans.api.progress.ProgressHandleFactory;
import org.openide.util.Cancellable; import org.openide.util.Cancellable;
import org.sleuthkit.autopsy.casemodule.Case; import org.sleuthkit.autopsy.casemodule.Case;
import org.sleuthkit.autopsy.coreutils.ModuleSettings;
import org.sleuthkit.autopsy.coreutils.StopWatch; import org.sleuthkit.autopsy.coreutils.StopWatch;
import org.sleuthkit.autopsy.coreutils.StringExtract.StringExtractUnicodeTable.SCRIPT; import org.sleuthkit.autopsy.coreutils.StringExtract.StringExtractUnicodeTable.SCRIPT;
import org.sleuthkit.autopsy.ingest.IngestServices; import org.sleuthkit.autopsy.ingest.IngestServices;
@ -92,6 +93,9 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
private static final Logger logger = Logger.getLogger(KeywordSearchIngestModule.class.getName()); private static final Logger logger = Logger.getLogger(KeywordSearchIngestModule.class.getName());
public static final String MODULE_NAME = "Keyword Search"; public static final String MODULE_NAME = "Keyword Search";
public static final String MODULE_DESCRIPTION = "Performs file indexing and periodic search using keywords and regular expressions in lists."; final public static String MODULE_VERSION = "1.0"; public static final String MODULE_DESCRIPTION = "Performs file indexing and periodic search using keywords and regular expressions in lists."; final public static String MODULE_VERSION = "1.0";
public static final String PROP_SCRIPTS = MODULE_NAME + "_Scripts";
public static final String PROP_OPTIONS = MODULE_NAME + "_Options";
public static final String PROP_NSRL = MODULE_NAME + "_NSRL";
private String args; private String args;
private static KeywordSearchIngestModule instance = null; private static KeywordSearchIngestModule instance = null;
private IngestServices services; private IngestServices services;
@ -122,6 +126,7 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
private final List<SCRIPT> stringExtractScripts = new ArrayList<SCRIPT>(); private final List<SCRIPT> stringExtractScripts = new ArrayList<SCRIPT>();
private Map<String,String> stringExtractOptions = new HashMap<String,String>(); private Map<String,String> stringExtractOptions = new HashMap<String,String>();
private final GetIsFileKnownV getIsFileKnown = new GetIsFileKnownV(); private final GetIsFileKnownV getIsFileKnown = new GetIsFileKnownV();
private KeywordSearchConfigurationPanel panel; private KeywordSearchConfigurationPanel panel;
@ -134,10 +139,18 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
//private constructor to ensure singleton instance //private constructor to ensure singleton instance
private KeywordSearchIngestModule() { private KeywordSearchIngestModule() {
//set default script //set default script
stringExtractScripts.add(SCRIPT.LATIN_1);
stringExtractOptions.put(AbstractFileExtract.ExtractOptions.EXTRACT_UTF8.toString(), Boolean.TRUE.toString()); if(ModuleSettings.getConfigSetting(PROP_OPTIONS, AbstractFileExtract.ExtractOptions.EXTRACT_UTF8.toString()) == null){
stringExtractOptions.put(AbstractFileExtract.ExtractOptions.EXTRACT_UTF8.toString(), Boolean.TRUE.toString());
}
if(ModuleSettings.getConfigSetting(PROP_SCRIPTS, SCRIPT.LATIN_1.name()) == null){
ModuleSettings.setConfigSetting(PROP_SCRIPTS, SCRIPT.LATIN_1.name(), Boolean.toString(true));
stringExtractScripts.add(SCRIPT.LATIN_1);
}
if(ModuleSettings.getConfigSetting(PROP_OPTIONS, AbstractFileExtract.ExtractOptions.EXTRACT_UTF16.toString()) == null){
stringExtractOptions.put(AbstractFileExtract.ExtractOptions.EXTRACT_UTF16.toString(), Boolean.TRUE.toString()); stringExtractOptions.put(AbstractFileExtract.ExtractOptions.EXTRACT_UTF16.toString(), Boolean.TRUE.toString());
}
} }
/** /**
@ -354,11 +367,44 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
logger.log(Level.INFO, "init()"); logger.log(Level.INFO, "init()");
services = IngestServices.getDefault(); services = IngestServices.getDefault();
initialized = false; initialized = false;
caseHandle = Case.getCurrentCase().getSleuthkitCase(); caseHandle = Case.getCurrentCase().getSleuthkitCase();
ingester = Server.getIngester(); ingester = Server.getIngester();
//use the settings files to set values
//Grabbing skipKnown
if(! ModuleSettings.getConfigSettings(PROP_NSRL).isEmpty()){
try{
skipKnown = Boolean.parseBoolean(ModuleSettings.getConfigSetting(PROP_NSRL, "SkipKnown"));
}
catch(Exception e){
Logger.getLogger(KeywordSearchIngestModule.class.getName()).log(Level.WARNING, "Could not parse boolean value from properties file.", e);
}
}
//populating stringExtractOptions
if(! ModuleSettings.getConfigSettings(PROP_OPTIONS).isEmpty()){
stringExtractOptions = ModuleSettings.getConfigSettings(PROP_OPTIONS);
}
//populating stringExtractScripts
if(! ModuleSettings.getConfigSettings(PROP_SCRIPTS).isEmpty()){
try{
for(Map.Entry<String,String> kvp: ModuleSettings.getConfigSettings(PROP_SCRIPTS).entrySet()){
if(kvp.getKey() != null && Boolean.parseBoolean(kvp.getValue())){
stringExtractScripts.add(SCRIPT.valueOf(kvp.getKey()));
}
}
}
catch(Exception e ){
Logger.getLogger(KeywordSearchIngestModule.class.getName()).log(Level.WARNING, "Could not parse boolean value from properties file.", e);
}
}
//initialize extractors //initialize extractors
stringExtractor = new AbstractFileStringExtract(); stringExtractor = new AbstractFileStringExtract();
stringExtractor.setScripts(stringExtractScripts); stringExtractor.setScripts(stringExtractScripts);
@ -1114,10 +1160,19 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
* reported by HashDB module * reported by HashDB module
*/ */
void setSkipKnown(boolean skip) { void setSkipKnown(boolean skip) {
this.skipKnown = skip; ModuleSettings.setConfigSetting(PROP_NSRL, "SkipKnown", Boolean.toString(skip));
skipKnown = skip;
} }
boolean getSkipKnown() { boolean getSkipKnown() {
try{
if(ModuleSettings.getConfigSetting(PROP_NSRL, "SkipKnown") != null){
skipKnown = Boolean.parseBoolean(ModuleSettings.getConfigSetting(PROP_NSRL, "SkipKnown"));
}
}
catch(Exception e ){
Logger.getLogger(KeywordSearchIngestModule.class.getName()).log(Level.WARNING, "Could not parse boolean value from properties file.", e);
}
return skipKnown; return skipKnown;
} }
@ -1131,6 +1186,15 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
void setStringExtractScripts(List<SCRIPT> scripts) { void setStringExtractScripts(List<SCRIPT> scripts) {
this.stringExtractScripts.clear(); this.stringExtractScripts.clear();
this.stringExtractScripts.addAll(scripts); this.stringExtractScripts.addAll(scripts);
for(String s : ModuleSettings.getConfigSettings(PROP_SCRIPTS).keySet()){
if (! scripts.contains(SCRIPT.valueOf(s))){
ModuleSettings.setConfigSetting(PROP_SCRIPTS, s, "false");
}
}
for(SCRIPT s : stringExtractScripts){
ModuleSettings.setConfigSetting(PROP_SCRIPTS, s.name(), "true");
}
} }
@ -1139,7 +1203,17 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
* *
* @return the list of currently used script * @return the list of currently used script
*/ */
List<SCRIPT> getStringExtractScripts() { List<SCRIPT> getStringExtractScripts(){
if(ModuleSettings.getConfigSettings(PROP_SCRIPTS) != null && !ModuleSettings.getConfigSettings(PROP_SCRIPTS).isEmpty()){
List<SCRIPT> scripts = new ArrayList<SCRIPT>();
for(Map.Entry<String,String> kvp : ModuleSettings.getConfigSettings(PROP_SCRIPTS).entrySet()){
if(kvp.getValue().equals("true")){
scripts.add(SCRIPT.valueOf(kvp.getKey()));
}
}
return scripts;
}
//if it failed, try to return the built-in list maintained by the singleton.
return new ArrayList<SCRIPT>(this.stringExtractScripts); return new ArrayList<SCRIPT>(this.stringExtractScripts);
} }
@ -1150,6 +1224,7 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
*/ */
void setStringExtractOption(String key, String val) { void setStringExtractOption(String key, String val) {
this.stringExtractOptions.put(key, val); this.stringExtractOptions.put(key, val);
ModuleSettings.setConfigSetting(PROP_OPTIONS, key, val);
} }
/** /**
@ -1158,12 +1233,13 @@ public final class KeywordSearchIngestModule implements IngestModuleAbstractFile
* @return option string value, or empty string if the option is not set * @return option string value, or empty string if the option is not set
*/ */
String getStringExtractOption(String key) { String getStringExtractOption(String key) {
if (this.stringExtractOptions.containsKey(key)) { if (ModuleSettings.getConfigSetting(PROP_OPTIONS, key) != null){
return this.stringExtractOptions.get(key); return ModuleSettings.getConfigSetting(PROP_OPTIONS, key);
} }
else { else {
return ""; return this.stringExtractOptions.get(key);
} }
} }
} }

1
KeywordSearch/src/org/sleuthkit/autopsy/keywordsearch/KeywordSearchListsAbstract.java
View File

@ -26,7 +26,6 @@ import java.util.Date;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import org.sleuthkit.autopsy.coreutils.ModuleSettings;
import org.sleuthkit.autopsy.coreutils.Logger; import org.sleuthkit.autopsy.coreutils.Logger;
import org.sleuthkit.autopsy.coreutils.PlatformUtil; import org.sleuthkit.autopsy.coreutils.PlatformUtil;
import org.sleuthkit.datamodel.BlackboardAttribute; import org.sleuthkit.datamodel.BlackboardAttribute;