mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-15 01:07:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/develop' into file_typing_module_enhancements

Browse Source
This commit is contained in:
Richard Cordovano 2014-12-04 15:29:46 -05:00
commit bc251c7cce
19 changed files with 238 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
Core/src/org/sleuthkit/autopsy/casemodule/Case.java
View File

@ -18,6 +18,7 @@
*/
package org.sleuthkit.autopsy.casemodule;
import java.awt.EventQueue;
import java.awt.Frame;
import java.beans.PropertyChangeListener;
import java.beans.PropertyChangeSupport;
@ -1077,7 +1078,7 @@ public class Case implements SleuthkitCase.ErrorObserver {
}
//case change helper
private static void doCaseChange(Case toChangeTo) {
private static void doCaseChange(final Case toChangeTo) {
logger.log(Level.INFO, "Changing Case to: " + toChangeTo); //NON-NLS
if (toChangeTo != null) { // new case is open
@ -1085,39 +1086,49 @@ public class Case implements SleuthkitCase.ErrorObserver {
Case.clearTempFolder();
checkSubFolders(toChangeTo);
// enable these menus
CallableSystemAction.get(AddImageAction.class).setEnabled(true);
CallableSystemAction.get(CaseCloseAction.class).setEnabled(true);
CallableSystemAction.get(CasePropertiesAction.class).setEnabled(true);
CallableSystemAction.get(CaseDeleteAction.class).setEnabled(true); // Delete Case menu
EventQueue.invokeLater(new Runnable() {
@Override
public void run() {
// enable these menus
CallableSystemAction.get(AddImageAction.class).setEnabled(true);
CallableSystemAction.get(CaseCloseAction.class).setEnabled(true);
CallableSystemAction.get(CasePropertiesAction.class).setEnabled(true);
CallableSystemAction.get(CaseDeleteAction.class).setEnabled(true); // Delete Case menu
if (toChangeTo.hasData()) {
// open all top components
CoreComponentControl.openCoreWindows();
} else {
// close all top components
CoreComponentControl.closeCoreWindows();
}
}
});
if (toChangeTo.hasData()) {
// open all top components
CoreComponentControl.openCoreWindows();
} else {
// close all top components
CoreComponentControl.closeCoreWindows();
}
} else { // case is closed
// close all top components first
CoreComponentControl.closeCoreWindows();
EventQueue.invokeLater(new Runnable() {
@Override
public void run() {
// close all top components first
CoreComponentControl.closeCoreWindows();
// disable these menus
CallableSystemAction.get(AddImageAction.class).setEnabled(false); // Add Image menu
CallableSystemAction.get(CaseCloseAction.class).setEnabled(false); // Case Close menu
CallableSystemAction.get(CasePropertiesAction.class).setEnabled(false); // Case Properties menu
CallableSystemAction.get(CaseDeleteAction.class).setEnabled(false); // Delete Case menu
// disable these menus
CallableSystemAction.get(AddImageAction.class).setEnabled(false); // Add Image menu
CallableSystemAction.get(CaseCloseAction.class).setEnabled(false); // Case Close menu
CallableSystemAction.get(CasePropertiesAction.class).setEnabled(false); // Case Properties menu
CallableSystemAction.get(CaseDeleteAction.class).setEnabled(false); // Delete Case menu
//clear pending notifications
MessageNotifyUtil.Notify.clear();
//clear pending notifications
MessageNotifyUtil.Notify.clear();
Frame f = WindowManager.getDefault().getMainWindow();
f.setTitle(Case.getAppName()); // set the window name to just application name
Frame f = WindowManager.getDefault().getMainWindow();
f.setTitle(Case.getAppName()); // set the window name to just application name
//try to force gc to happen
System.gc();
System.gc();
//try to force gc to happen
System.gc();
System.gc();
}
});
}
//log memory usage after case changed
@ -1130,8 +1141,13 @@ public class Case implements SleuthkitCase.ErrorObserver {
private static void doCaseNameChange(String newCaseName) {
// update case name
if (!newCaseName.equals("")) {
Frame f = WindowManager.getDefault().getMainWindow();
f.setTitle(newCaseName + " - " + Case.getAppName()); // set the window name to the new value
EventQueue.invokeLater(new Runnable() {
@Override
public void run() {
Frame f = WindowManager.getDefault().getMainWindow();
f.setTitle(newCaseName + " - " + Case.getAppName()); // set the window name to the new value
}
});
}
}

26
Core/src/org/sleuthkit/autopsy/modules/android/AndroidIngestModule.java
View File

@ -57,7 +57,7 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Contacts");
errors.add("Error getting Contacts"); //NON-NLS
}
try {
@ -67,7 +67,7 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Call Logs");
errors.add("Error getting Call Logs"); //NON-NLS
}
try {
@ -77,7 +77,7 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Text Messages");
errors.add("Error getting Text Messages"); //NON-NLS
}
try {
@ -87,7 +87,7 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Tango Messages");
errors.add("Error getting Tango Messages"); //NON-NLS
}
try {
@ -97,7 +97,7 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Words with Friends Messages");
errors.add("Error getting Words with Friends Messages"); //NON-NLS
}
try {
@ -107,7 +107,7 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Google Map Locations");
errors.add("Error getting Google Map Locations"); //NON-NLS
}
try {
@ -117,14 +117,14 @@ class AndroidIngestModule implements DataSourceIngestModule {
return IngestModule.ProcessResult.OK;
}
} catch (Exception e) {
errors.add("Error getting Browser Locations");
errors.add("Error getting Browser Locations"); //NON-NLS
}
try {
CacheLocationAnalyzer.findGeoLocations();
progressBar.progress(8);
} catch (Exception e) {
errors.add("Error getting Cache Locations");
errors.add("Error getting Cache Locations"); //NON-NLS
}
// create the final message for inbox
@ -133,20 +133,20 @@ class AndroidIngestModule implements DataSourceIngestModule {
IngestMessage.MessageType msgLevel = IngestMessage.MessageType.INFO;
if (errors.isEmpty() == false) {
msgLevel = IngestMessage.MessageType.ERROR;
errorMessage.append("Errors were encountered");
errorMessage.append("Errors were encountered"); //NON-NLS
for (String msg : errors) {
errorMessage.append("<li>").append(msg).append("</li>\n"); //NON-NLS
}
errorMessage.append("</ul>\n"); //NON-NLS
if (errors.size() == 1) {
errorMsgSubject = "One error was found";
errorMsgSubject = "One error was found"; //NON-NLS
} else {
errorMsgSubject = "errors found: " + errors.size();
errorMsgSubject = "errors found: " + errors.size(); //NON-NLS
}
} else {
errorMessage.append("No errors");
errorMsgSubject = "No errors";
errorMessage.append("No errors"); //NON-NLS
errorMsgSubject = "No errors"; //NON-NLS
}
services.postMessage(IngestMessage.createMessage(msgLevel, AndroidModuleFactory.getModuleName(), "Finished Analysis: " + errorMsgSubject, errorMessage.toString()));

24
Core/src/org/sleuthkit/autopsy/modules/android/BrowserLocationAnalyzer.java
View File

@ -43,7 +43,7 @@ class BrowserLocationAnalyzer {
public static void findGeoLocations() {
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
List<AbstractFile> abstractFiles = skCase.findAllFilesWhere("name LIKE 'CachedGeoposition%.db'"); //get exact file names
List<AbstractFile> abstractFiles = skCase.findAllFilesWhere("name LIKE 'CachedGeoposition%.db'"); //NON-NLS //get exact file names
for (AbstractFile abstractFile : abstractFiles) {
try {
@ -54,11 +54,11 @@ class BrowserLocationAnalyzer {
ContentUtils.writeToFile(abstractFile, jFile);
findGeoLocationsInDB(jFile.toString(), abstractFile);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Browser Location files", e);
logger.log(Level.SEVERE, "Error parsing Browser Location files", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding Browser Location files", e);
logger.log(Level.SEVERE, "Error finding Browser Location files", e); //NON-NLS
}
}
@ -71,22 +71,22 @@ class BrowserLocationAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error connecting to sql database", e);
logger.log(Level.SEVERE, "Error connecting to sql database", e); //NON-NLS
return;
}
try {
resultSet = statement.executeQuery(
"Select timestamp, latitude, longitude, accuracy FROM CachedPosition;");
"Select timestamp, latitude, longitude, accuracy FROM CachedPosition;"); //NON-NLS
while (resultSet.next()) {
Long timestamp = Long.valueOf(resultSet.getString("timestamp")) / 1000;
double latitude = Double.valueOf(resultSet.getString("latitude"));
double longitude = Double.valueOf(resultSet.getString("longitude"));
Long timestamp = Long.valueOf(resultSet.getString("timestamp")) / 1000; //NON-NLS
double latitude = Double.valueOf(resultSet.getString("latitude")); //NON-NLS
double longitude = Double.valueOf(resultSet.getString("longitude")); //NON-NLS
BlackboardArtifact bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_TRACKPOINT);
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_LATITUDE.getTypeID(), moduleName, latitude));
@ -96,7 +96,7 @@ class BrowserLocationAnalyzer {
// bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_VALUE.getTypeID(),moduleName, accuracy));
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error Putting artifacts to Blackboard", e);
logger.log(Level.SEVERE, "Error Putting artifacts to Blackboard", e); //NON-NLS
} finally {
try {
if (resultSet != null) {
@ -105,7 +105,7 @@ class BrowserLocationAnalyzer {
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}

1
Core/src/org/sleuthkit/autopsy/modules/android/Bundle_ja.properties Normal file
View File

@ -0,0 +1 @@
AndroidModuleFactory.moduleDescription=Android\u30B7\u30B9\u30C6\u30E0\u304A\u3088\u3073\u7B2C\u4E09\u8005\u30A2\u30D7\u30EA\u30C7\u30FC\u30BF\u3092\u62BD\u51FA

8
Core/src/org/sleuthkit/autopsy/modules/android/CacheLocationAnalyzer.java
View File

@ -43,7 +43,7 @@ class CacheLocationAnalyzer {
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
List<AbstractFile> abstractFiles = skCase.findAllFilesWhere("name ='cache.cell' OR name='cache.wifi'"); //get exact file names
List<AbstractFile> abstractFiles = skCase.findAllFilesWhere("name ='cache.cell' OR name='cache.wifi'"); //NON-NLS //get exact file names
for (AbstractFile abstractFile : abstractFiles) {
try {
@ -55,11 +55,11 @@ class CacheLocationAnalyzer {
findGeoLocationsInFile(jFile, abstractFile);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing cached Location files", e);
logger.log(Level.SEVERE, "Error parsing cached Location files", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding cached Location files", e);
logger.log(Level.SEVERE, "Error finding cached Location files", e); //NON-NLS
}
}
@ -124,7 +124,7 @@ class CacheLocationAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Cached GPS locations to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Cached GPS locations to Blackboard", e); //NON-NLS
}
}

32
Core/src/org/sleuthkit/autopsy/modules/android/CallLogAnalyzer.java
View File

@ -47,11 +47,11 @@ class CallLogAnalyzer {
/** the where clause(without 'where' of sql select statement to choose call
* log dbs, update the list of file names to include more files */
private static final String fileNameQuery = Stream.of("'logs.db'", "'contacts2.db'", "'contacts.db'")
.collect(Collectors.joining(" OR name = ", "name = ", ""));
private static final String fileNameQuery = Stream.of("'logs.db'", "'contacts2.db'", "'contacts.db'") //NON-NLS
.collect(Collectors.joining(" OR name = ", "name = ", "")); //NON-NLS
/** the names of tables that potentially hold call logs in the dbs */
private static final Iterable<String> tableNames = Arrays.asList("calls", "logs");
private static final Iterable<String> tableNames = Arrays.asList("calls", "logs"); //NON-NLS
public static void findCallLogs() {
try {
@ -63,11 +63,11 @@ class CallLogAnalyzer {
ContentUtils.writeToFile(abstractFile, file);
findCallLogsInDB(file.toString(), abstractFile);
} catch (IOException e) {
logger.log(Level.SEVERE, "Error writing temporary call log db to disk", e);
logger.log(Level.SEVERE, "Error writing temporary call log db to disk", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding call logs", e);
logger.log(Level.SEVERE, "Error finding call logs", e); //NON-NLS
}
}
@ -76,20 +76,20 @@ class CallLogAnalyzer {
if (DatabasePath == null || DatabasePath.isEmpty()) {
return;
}
try (Connection connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
try (Connection connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
Statement statement = connection.createStatement();) {
for (String tableName : tableNames) {
try (ResultSet resultSet = statement.executeQuery(
"SELECT number,date,duration,type, name FROM " + tableName + " ORDER BY date DESC;");) {
logger.log(Level.INFO, "Reading call log from table {0} in db {1}", new Object[]{tableName, DatabasePath});
"SELECT number,date,duration,type, name FROM " + tableName + " ORDER BY date DESC;");) { //NON-NLS
logger.log(Level.INFO, "Reading call log from table {0} in db {1}", new Object[]{tableName, DatabasePath}); //NON-NLS
while (resultSet.next()) {
Long date = resultSet.getLong("date") / 1000;
final CallDirection direction = CallDirection.fromType(resultSet.getInt("type"));
final CallDirection direction = CallDirection.fromType(resultSet.getInt("type")); //NON-NLS
String directionString = direction != null ? direction.getDisplayName() : "";
final String number = resultSet.getString("number");
final long duration = resultSet.getLong("duration");//duration of call is in seconds
final String name = resultSet.getString("name");// name of person dialed or called. null if unregistered
final String number = resultSet.getString("number"); //NON-NLS
final long duration = resultSet.getLong("duration"); //NON-NLS //duration of call is in seconds
final String name = resultSet.getString("name"); //NON-NLS // name of person dialed or called. null if unregistered
try {
BlackboardArtifact bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_CALLLOG); //create a call log and then add attributes from result set.
@ -104,21 +104,21 @@ class CallLogAnalyzer {
bba.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID(), moduleName, directionString));
bba.addAttribute(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), moduleName, name));
} catch (TskCoreException ex) {
logger.log(Level.SEVERE, "Error posting call log record to the Blackboard", ex);
logger.log(Level.SEVERE, "Error posting call log record to the Blackboard", ex); //NON-NLS
}
}
} catch (SQLException e) {
logger.log(Level.WARNING, "Could not read table {0} in db {1}", new Object[]{tableName, DatabasePath});
logger.log(Level.WARNING, "Could not read table {0} in db {1}", new Object[]{tableName, DatabasePath}); //NON-NLS
}
}
} catch (SQLException e) {
logger.log(Level.SEVERE, "Could not parse call log; error connecting to db " + DatabasePath, e);
logger.log(Level.SEVERE, "Could not parse call log; error connecting to db " + DatabasePath, e); //NON-NLS
}
}
private static enum CallDirection {
INCOMING(1, "Incoming"), OUTGOING(2, "Outgoing"), MISSED(3, "Missed");
INCOMING(1, "Incoming"), OUTGOING(2, "Outgoing"), MISSED(3, "Missed"); //NON-NLS
private final int type;

38
Core/src/org/sleuthkit/autopsy/modules/android/ContactAnalyzer.java
View File

@ -45,7 +45,7 @@ class ContactAnalyzer {
List<AbstractFile> absFiles;
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name ='contacts2.db' OR name ='contacts.db'"); //get exact file names
absFiles = skCase.findAllFilesWhere("name ='contacts2.db' OR name ='contacts.db'"); //NON-NLS //get exact file names
if (absFiles.isEmpty()) {
return;
}
@ -55,11 +55,11 @@ class ContactAnalyzer {
ContentUtils.writeToFile(AF, jFile);
findContactsInDB(jFile.toString(), AF);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Contacts", e);
logger.log(Level.SEVERE, "Error parsing Contacts", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding Contacts", e);
logger.log(Level.SEVERE, "Error finding Contacts", e); //NON-NLS
}
}
@ -78,11 +78,11 @@ class ContactAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
return;
}
@ -90,13 +90,13 @@ class ContactAnalyzer {
// get display_name, mimetype(email or phone number) and data1 (phonenumber or email address depending on mimetype)
//sorted by name, so phonenumber/email would be consecutive for a person if they exist.
resultSet = statement.executeQuery(
"SELECT mimetype,data1, name_raw_contact.display_name AS display_name \n"
+ "FROM raw_contacts JOIN contacts ON (raw_contacts.contact_id=contacts._id) \n"
+ "JOIN raw_contacts AS name_raw_contact ON(name_raw_contact_id=name_raw_contact._id) "
+ "LEFT OUTER JOIN data ON (data.raw_contact_id=raw_contacts._id) \n"
+ "LEFT OUTER JOIN mimetypes ON (data.mimetype_id=mimetypes._id) \n"
+ "WHERE mimetype = 'vnd.android.cursor.item/phone_v2' OR mimetype = 'vnd.android.cursor.item/email_v2'\n"
+ "ORDER BY name_raw_contact.display_name ASC;");
"SELECT mimetype,data1, name_raw_contact.display_name AS display_name \n" //NON-NLS
+ "FROM raw_contacts JOIN contacts ON (raw_contacts.contact_id=contacts._id) \n" //NON-NLS
+ "JOIN raw_contacts AS name_raw_contact ON(name_raw_contact_id=name_raw_contact._id) " //NON-NLS
+ "LEFT OUTER JOIN data ON (data.raw_contact_id=raw_contacts._id) \n" //NON-NLS
+ "LEFT OUTER JOIN mimetypes ON (data.mimetype_id=mimetypes._id) \n" //NON-NLS
+ "WHERE mimetype = 'vnd.android.cursor.item/phone_v2' OR mimetype = 'vnd.android.cursor.item/email_v2'\n" //NON-NLS
+ "ORDER BY name_raw_contact.display_name ASC;"); //NON-NLS
BlackboardArtifact bba;
bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_CONTACT);
@ -105,15 +105,15 @@ class ContactAnalyzer {
String mimetype; // either phone or email
String data1; // the phone number or email
while (resultSet.next()) {
name = resultSet.getString("display_name");
data1 = resultSet.getString("data1");
mimetype = resultSet.getString("mimetype");
name = resultSet.getString("display_name"); //NON-NLS
data1 = resultSet.getString("data1"); //NON-NLS
mimetype = resultSet.getString("mimetype"); //NON-NLS
// System.out.println(resultSet.getString("data1") + resultSet.getString("mimetype") + resultSet.getString("display_name")); //Test code
if (name.equals(oldName) == false) {
bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_CONTACT);
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), moduleName, name));
}
if (mimetype.equals("vnd.android.cursor.item/phone_v2")) {
if (mimetype.equals("vnd.android.cursor.item/phone_v2")) { //NON-NLS
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID(), moduleName, data1));
} else {
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL.getTypeID(), moduleName, data1));
@ -122,7 +122,7 @@ class ContactAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Contacts to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Contacts to Blackboard", e); //NON-NLS
} finally {
try {
if (resultSet != null) {
@ -131,7 +131,7 @@ class ContactAnalyzer {
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}

32
Core/src/org/sleuthkit/autopsy/modules/android/GoogleMapLocationAnalyzer.java
View File

@ -44,7 +44,7 @@ class GoogleMapLocationAnalyzer {
List<AbstractFile> absFiles;
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name ='da_destination_history'"); //get exact file name
absFiles = skCase.findAllFilesWhere("name ='da_destination_history'"); //NON-NLS //get exact file name
if (absFiles.isEmpty()) {
return;
}
@ -54,11 +54,11 @@ class GoogleMapLocationAnalyzer {
ContentUtils.writeToFile(abstractFile, jFile);
findGeoLocationsInDB(jFile.toString(), abstractFile);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Google map locations", e);
logger.log(Level.SEVERE, "Error parsing Google map locations", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding Google map locations", e);
logger.log(Level.SEVERE, "Error finding Google map locations", e); //NON-NLS
}
}
@ -71,27 +71,27 @@ class GoogleMapLocationAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
return;
}
try {
resultSet = statement.executeQuery(
"Select time,dest_lat,dest_lng,dest_title,dest_address,source_lat,source_lng FROM destination_history;");
"Select time,dest_lat,dest_lng,dest_title,dest_address,source_lat,source_lng FROM destination_history;"); //NON-NLS
while (resultSet.next()) {
Long time = Long.valueOf(resultSet.getString("time")) / 1000;
String dest_title = resultSet.getString("dest_title");
String dest_address = resultSet.getString("dest_address");
Long time = Long.valueOf(resultSet.getString("time")) / 1000; //NON-NLS
String dest_title = resultSet.getString("dest_title"); //NON-NLS
String dest_address = resultSet.getString("dest_address"); //NON-NLS
double dest_lat = convertGeo(resultSet.getString("dest_lat"));
double dest_lng = convertGeo(resultSet.getString("dest_lng"));
double source_lat = convertGeo(resultSet.getString("source_lat"));
double source_lng = convertGeo(resultSet.getString("source_lng"));
double dest_lat = convertGeo(resultSet.getString("dest_lat")); //NON-NLS
double dest_lng = convertGeo(resultSet.getString("dest_lng")); //NON-NLS
double source_lat = convertGeo(resultSet.getString("source_lat")); //NON-NLS
double source_lng = convertGeo(resultSet.getString("source_lng")); //NON-NLS
// bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_TRACKPOINT);//src
@ -123,7 +123,7 @@ class GoogleMapLocationAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Google map locations to the Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Google map locations to the Blackboard", e); //NON-NLS
} finally {
try {
if (resultSet != null) {
@ -132,7 +132,7 @@ class GoogleMapLocationAnalyzer {
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing the database", e);
logger.log(Level.SEVERE, "Error closing the database", e); //NON-NLS
}
}
}

32
Core/src/org/sleuthkit/autopsy/modules/android/TangoMessageAnalyzer.java
View File

@ -45,18 +45,18 @@ class TangoMessageAnalyzer {
List<AbstractFile> absFiles;
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name ='tc.db' "); //get exact file names
absFiles = skCase.findAllFilesWhere("name ='tc.db' "); //NON-NLS //get exact file names
for (AbstractFile abstractFile : absFiles) {
try {
File jFile = new File(Case.getCurrentCase().getTempDirectory(), abstractFile.getName());
ContentUtils.writeToFile(abstractFile, jFile);
findTangoMessagesInDB(jFile.toString(), abstractFile);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Tango messages", e);
logger.log(Level.SEVERE, "Error parsing Tango messages", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding Tango messages", e);
logger.log(Level.SEVERE, "Error finding Tango messages", e); //NON-NLS
}
}
@ -69,31 +69,31 @@ class TangoMessageAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
return;
}
try {
resultSet = statement.executeQuery(
"Select conv_id, create_time,direction,payload FROM messages ORDER BY create_time DESC;");
"Select conv_id, create_time,direction,payload FROM messages ORDER BY create_time DESC;"); //NON-NLS
String conv_id; // seems to wrap around the message found in payload after decoding from base-64
String direction; // 1 incoming, 2 outgoing
String payload; // seems to be a base64 message wrapped by the conv_id
while (resultSet.next()) {
conv_id = resultSet.getString("conv_id");
Long create_time = Long.valueOf(resultSet.getString("create_time")) / 1000;
if (resultSet.getString("direction").equals("1")) {
direction = "Incoming";
conv_id = resultSet.getString("conv_id"); //NON-NLS
Long create_time = Long.valueOf(resultSet.getString("create_time")) / 1000; //NON-NLS
if (resultSet.getString("direction").equals("1")) { //NON-NLS
direction = "Incoming"; //NON-NLS
} else {
direction = "Outgoing";
direction = "Outgoing"; //NON-NLS
}
payload = resultSet.getString("payload");
payload = resultSet.getString("payload"); //NON-NLS
BlackboardArtifact bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); //create a call log and then add attributes from result set.
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), moduleName, create_time));
@ -104,7 +104,7 @@ class TangoMessageAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Tango messages to the Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Tango messages to the Blackboard", e); //NON-NLS
} finally {
try {
if (resultSet != null) {
@ -113,7 +113,7 @@ class TangoMessageAnalyzer {
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}
}
@ -126,7 +126,7 @@ class TangoMessageAnalyzer {
String Z = new String(decoded, "UTF-8");
result = Z.split(wrapper)[1];
} catch (Exception e) {
logger.log(Level.SEVERE, "Error decoding a Tango message", e);
logger.log(Level.SEVERE, "Error decoding a Tango message", e); //NON-NLS
}
return result;
}

30
Core/src/org/sleuthkit/autopsy/modules/android/TextMessageAnalyzer.java
View File

@ -43,7 +43,7 @@ class TextMessageAnalyzer {
public static void findTexts() {
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
List<AbstractFile> absFiles = skCase.findAllFilesWhere("name ='mmssms.db'"); //get exact file name
List<AbstractFile> absFiles = skCase.findAllFilesWhere("name ='mmssms.db'"); //NON-NLS //get exact file name
for (AbstractFile abstractFile : absFiles) {
try {
@ -51,11 +51,11 @@ class TextMessageAnalyzer {
ContentUtils.writeToFile(abstractFile, jFile);
findTextsInDB(jFile.toString(), abstractFile);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing text messages", e);
logger.log(Level.SEVERE, "Error parsing text messages", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding text messages", e);
logger.log(Level.SEVERE, "Error finding text messages", e); //NON-NLS
}
}
@ -68,17 +68,17 @@ class TextMessageAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
return;
}
try {
resultSet = statement.executeQuery(
"Select address,date,read,type,subject,body FROM sms;");
"Select address,date,read,type,subject,body FROM sms;"); //NON-NLS
String address; // may be phone number, or other addresses
@ -87,15 +87,15 @@ class TextMessageAnalyzer {
Integer read; // may be unread = 0, read = 1
String body; //message body
while (resultSet.next()) {
address = resultSet.getString("address");
Long date = Long.valueOf(resultSet.getString("date")) / 1000;
address = resultSet.getString("address"); //NON-NLS
Long date = Long.valueOf(resultSet.getString("date")) / 1000; //NON-NLS
read = resultSet.getInt("read");
subject = resultSet.getString("subject");
body = resultSet.getString("body");
read = resultSet.getInt("read"); //NON-NLS
subject = resultSet.getString("subject"); //NON-NLS
body = resultSet.getString("body"); //NON-NLS
BlackboardArtifact bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); //create Message artifact and then add attributes from result set.
if (resultSet.getString("type").equals("1")) {
if (resultSet.getString("type").equals("1")) { //NON-NLS
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DIRECTION.getTypeID(), moduleName, "Incoming"));
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM.getTypeID(), moduleName, address));
} else {
@ -111,7 +111,7 @@ class TextMessageAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing text messages to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing text messages to Blackboard", e); //NON-NLS
} finally {
try {
if (resultSet != null) {
@ -120,7 +120,7 @@ class TextMessageAnalyzer {
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}
}

22
Core/src/org/sleuthkit/autopsy/modules/android/WWFMessageAnalyzer.java
View File

@ -44,7 +44,7 @@ class WWFMessageAnalyzer {
List<AbstractFile> absFiles;
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name ='WordsFramework' "); //get exact file names
absFiles = skCase.findAllFilesWhere("name ='WordsFramework' "); //NON-NLS //get exact file names
for (AbstractFile abstractFile : absFiles) {
try {
@ -53,11 +53,11 @@ class WWFMessageAnalyzer {
findWWFMessagesInDB(jFile.toString(), abstractFile);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing WWF messages", e);
logger.log(Level.SEVERE, "Error parsing WWF messages", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding WWF messages", e);
logger.log(Level.SEVERE, "Error finding WWF messages", e); //NON-NLS
}
}
@ -74,23 +74,23 @@ class WWFMessageAnalyzer {
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
return;
}
try {
resultSet = statement.executeQuery(
"SELECT message,strftime('%s' ,created_at) as datetime,user_id,game_id FROM chat_messages ORDER BY game_id DESC, created_at DESC;");
"SELECT message,strftime('%s' ,created_at) as datetime,user_id,game_id FROM chat_messages ORDER BY game_id DESC, created_at DESC;"); //NON-NLS
String message; // WWF Message
String user_id; // the ID of the user who sent the message.
String game_id; // ID of the game which the the message was sent.
while (resultSet.next()) {
message = resultSet.getString("message");
Long created_at = resultSet.getLong("datetime");
user_id = resultSet.getString("user_id");
game_id = resultSet.getString("game_id");
message = resultSet.getString("message"); //NON-NLS
Long created_at = resultSet.getLong("datetime"); //NON-NLS
user_id = resultSet.getString("user_id"); //NON-NLS
game_id = resultSet.getString("game_id"); //NON-NLS
BlackboardArtifact bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); //create a call log and then add attributes from result set.
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), moduleName, created_at));
@ -100,7 +100,7 @@ class WWFMessageAnalyzer {
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_MESSAGE_TYPE.getTypeID(), moduleName, "Words With Friends Message"));
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing WWF messages to the Blackboard", e);
logger.log(Level.SEVERE, "Error parsing WWF messages to the Blackboard", e); //NON-NLS
} finally {
try {
if (resultSet != null) {
@ -109,7 +109,7 @@ class WWFMessageAnalyzer {
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}
}

2
Core/src/org/sleuthkit/autopsy/modules/iOS/Bundle_ja.properties Normal file
View File

@ -0,0 +1,2 @@
iOSModuleFactory.moduleDescription=\u30B7\u30B9\u30C6\u30E0\u304A\u3088\u3073\u7B2C\u4E09\u8005\u30A2\u30D7\u30EA\u30C7\u30FC\u30BF\u3092\u62BD\u51FA
iOSModuleFactory.moduleName=iOS\u30A2\u30CA\u30E9\u30A4\u30B6

32
Core/src/org/sleuthkit/autopsy/modules/iOS/CallLogAnalyzer.java
View File

@ -49,7 +49,7 @@ class CallLogAnalyzer {
List<AbstractFile> absFiles;
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name ='contacts2.db' OR name ='contacts.db'"); //get exact file names
absFiles = skCase.findAllFilesWhere("name ='contacts2.db' OR name ='contacts.db'"); //NON-NLS //get exact file names
if (absFiles.isEmpty()) {
return;
}
@ -61,11 +61,11 @@ class CallLogAnalyzer {
fileId = AF.getId();
findCallLogsInDB(dbPath, fileId);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Call logs", e);
logger.log(Level.SEVERE, "Error parsing Call logs", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding Call logs", e);
logger.log(Level.SEVERE, "Error finding Call logs", e); //NON-NLS
}
}
@ -74,11 +74,11 @@ class CallLogAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
}
Case currentCase = Case.getCurrentCase();
@ -87,7 +87,7 @@ class CallLogAnalyzer {
AbstractFile f = skCase.getAbstractFileById(fId);
try {
resultSet = statement.executeQuery(
"SELECT number,date,duration,type, name FROM calls ORDER BY date DESC;");
"SELECT number,date,duration,type, name FROM calls ORDER BY date DESC;"); //NON-NLS
BlackboardArtifact bba;
String name; // name of person dialed or called. null if unregistered
@ -97,14 +97,14 @@ class CallLogAnalyzer {
String type; // 1 incoming, 2 outgoing, 3 missed
while (resultSet.next()) {
name = resultSet.getString("name");
number = resultSet.getString("number");
duration = resultSet.getString("duration");
date = resultSet.getString("date");
type = resultSet.getString("type");
name = resultSet.getString("name"); //NON-NLS
number = resultSet.getString("number"); //NON-NLS
duration = resultSet.getString("duration"); //NON-NLS
date = resultSet.getString("date"); //NON-NLS
type = resultSet.getString("type"); //NON-NLS
bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_CALLLOG); //create a call log and then add attributes from result set.
if(type.equalsIgnoreCase("outgoing")) {
if(type.equalsIgnoreCase("outgoing")) { //NON-NLS
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO.getTypeID(), moduleName, number));
}
else { /// Covers INCOMING and MISSED
@ -117,18 +117,18 @@ class CallLogAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Call logs to the Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Call logs to the Blackboard", e); //NON-NLS
} finally {
try {
resultSet.close();
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing the database", e);
logger.log(Level.SEVERE, "Error closing the database", e); //NON-NLS
}
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Call logs to the Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Call logs to the Blackboard", e); //NON-NLS
}
}

44
Core/src/org/sleuthkit/autopsy/modules/iOS/ContactAnalyzer.java
View File

@ -56,7 +56,7 @@ class ContactAnalyzer {
List<AbstractFile> absFiles;
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name LIKE '%call_history%' "); //get exact file names
absFiles = skCase.findAllFilesWhere("name LIKE '%call_history%' "); //NON-NLS //get exact file names
if (absFiles.isEmpty()) { //asdfkjasfakljsdfhlaksdjfhasdlkjf
return;
}
@ -71,11 +71,11 @@ class ContactAnalyzer {
fileId = AF.getId();
//findContactsInDB(dbPath, fileId);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Contacts", e);
logger.log(Level.SEVERE, "Error parsing Contacts", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding Contacts", e);
logger.log(Level.SEVERE, "Error finding Contacts", e); //NON-NLS
}
}
@ -90,11 +90,11 @@ class ContactAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
}
Case currentCase = Case.getCurrentCase();
@ -105,13 +105,13 @@ class ContactAnalyzer {
// get display_name, mimetype(email or phone number) and data1 (phonenumber or email address depending on mimetype)
//sorted by name, so phonenumber/email would be consecutive for a person if they exist.
resultSet = statement.executeQuery(
"SELECT mimetype,data1, name_raw_contact.display_name AS display_name \n"
+ "FROM raw_contacts JOIN contacts ON (raw_contacts.contact_id=contacts._id) \n"
+ "JOIN raw_contacts AS name_raw_contact ON(name_raw_contact_id=name_raw_contact._id) "
+ "LEFT OUTER JOIN data ON (data.raw_contact_id=raw_contacts._id) \n"
+ "LEFT OUTER JOIN mimetypes ON (data.mimetype_id=mimetypes._id) \n"
+ "WHERE mimetype = 'vnd.android.cursor.item/phone_v2' OR mimetype = 'vnd.android.cursor.item/email_v2'\n"
+ "ORDER BY name_raw_contact.display_name ASC;");
"SELECT mimetype,data1, name_raw_contact.display_name AS display_name \n" //NON-NLS
+ "FROM raw_contacts JOIN contacts ON (raw_contacts.contact_id=contacts._id) \n" //NON-NLS
+ "JOIN raw_contacts AS name_raw_contact ON(name_raw_contact_id=name_raw_contact._id) " //NON-NLS
+ "LEFT OUTER JOIN data ON (data.raw_contact_id=raw_contacts._id) \n" //NON-NLS
+ "LEFT OUTER JOIN mimetypes ON (data.mimetype_id=mimetypes._id) \n" //NON-NLS
+ "WHERE mimetype = 'vnd.android.cursor.item/phone_v2' OR mimetype = 'vnd.android.cursor.item/email_v2'\n" //NON-NLS
+ "ORDER BY name_raw_contact.display_name ASC;"); //NON-NLS
BlackboardArtifact bba;
bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_CONTACT);
@ -120,15 +120,15 @@ class ContactAnalyzer {
String mimetype; // either phone or email
String data1; // the phone number or email
while (resultSet.next()) {
name = resultSet.getString("display_name");
data1 = resultSet.getString("data1");
mimetype = resultSet.getString("mimetype");
name = resultSet.getString("display_name"); //NON-NLS
data1 = resultSet.getString("data1"); //NON-NLS
mimetype = resultSet.getString("mimetype"); //NON-NLS
// System.out.println(resultSet.getString("data1") + resultSet.getString("mimetype") + resultSet.getString("display_name")); //Test code
if (name.equals(oldName) == false) {
bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_CONTACT);
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_NAME.getTypeID(), moduleName, name));
}
if (mimetype.equals("vnd.android.cursor.item/phone_v2")) {
if (mimetype.equals("vnd.android.cursor.item/phone_v2")) { //NON-NLS
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PHONE_NUMBER.getTypeID(), moduleName, data1));
} else {
bba.addAttribute(new BlackboardAttribute(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_EMAIL.getTypeID(), moduleName, data1));
@ -137,18 +137,18 @@ class ContactAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Contacts to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Contacts to Blackboard", e); //NON-NLS
} finally {
try {
resultSet.close();
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing Contacts to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing Contacts to Blackboard", e); //NON-NLS
}
}
@ -186,13 +186,13 @@ class ContactAnalyzer {
ostream.write(c);
}
} catch (IOException e) {
System.out.println("Error: " + e.getMessage());
System.out.println("Error: " + e.getMessage()); //NON-NLS
} finally {
try {
istream.close();
ostream.close();
} catch (IOException e) {
System.out.println("File did not close");
System.out.println("File did not close"); //NON-NLS
}
}
}

30
Core/src/org/sleuthkit/autopsy/modules/iOS/TextMessageAnalyzer.java
View File

@ -49,7 +49,7 @@ class TextMessageAnalyzer {
void findTexts() {
try {
SleuthkitCase skCase = Case.getCurrentCase().getSleuthkitCase();
absFiles = skCase.findAllFilesWhere("name ='mmssms.db'"); //get exact file name
absFiles = skCase.findAllFilesWhere("name ='mmssms.db'"); //NON-NLS //get exact file name
if (absFiles.isEmpty()) {
return;
}
@ -61,11 +61,11 @@ class TextMessageAnalyzer {
fileId = AF.getId();
findTextsInDB(dbPath, fileId);
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing text messages", e);
logger.log(Level.SEVERE, "Error parsing text messages", e); //NON-NLS
}
}
} catch (TskCoreException e) {
logger.log(Level.SEVERE, "Error finding text messages", e);
logger.log(Level.SEVERE, "Error finding text messages", e); //NON-NLS
}
}
@ -74,11 +74,11 @@ class TextMessageAnalyzer {
return;
}
try {
Class.forName("org.sqlite.JDBC"); //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath);
Class.forName("org.sqlite.JDBC"); //NON-NLS //load JDBC driver
connection = DriverManager.getConnection("jdbc:sqlite:" + DatabasePath); //NON-NLS
statement = connection.createStatement();
} catch (ClassNotFoundException | SQLException e) {
logger.log(Level.SEVERE, "Error opening database", e);
logger.log(Level.SEVERE, "Error opening database", e); //NON-NLS
}
Case currentCase = Case.getCurrentCase();
@ -87,7 +87,7 @@ class TextMessageAnalyzer {
AbstractFile f = skCase.getAbstractFileById(fId);
try {
resultSet = statement.executeQuery(
"Select address,date,type,subject,body FROM sms;");
"Select address,date,type,subject,body FROM sms;"); //NON-NLS
BlackboardArtifact bba;
String address; // may be phone number, or other addresses
@ -96,11 +96,11 @@ class TextMessageAnalyzer {
String subject;//message subject
String body; //message body
while (resultSet.next()) {
address = resultSet.getString("address");
date = resultSet.getString("date");
type = resultSet.getString("type");
subject = resultSet.getString("subject");
body = resultSet.getString("body");
address = resultSet.getString("address"); //NON-NLS
date = resultSet.getString("date"); //NON-NLS
type = resultSet.getString("type"); //NON-NLS
subject = resultSet.getString("subject"); //NON-NLS
body = resultSet.getString("body"); //NON-NLS
bba = f.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); //create Message artifact and then add attributes from result set.
@ -122,18 +122,18 @@ class TextMessageAnalyzer {
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing text messages to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing text messages to Blackboard", e); //NON-NLS
} finally {
try {
resultSet.close();
statement.close();
connection.close();
} catch (Exception e) {
logger.log(Level.SEVERE, "Error closing database", e);
logger.log(Level.SEVERE, "Error closing database", e); //NON-NLS
}
}
} catch (Exception e) {
logger.log(Level.SEVERE, "Error parsing text messages to Blackboard", e);
logger.log(Level.SEVERE, "Error parsing text messages to Blackboard", e); //NON-NLS
}
}

3
Core/src/org/sleuthkit/autopsy/modules/photoreccarver/Bundle.properties
View File

@ -2,9 +2,10 @@ OpenIDE-Module-Name=PhotoRec Carver Ingest Module
OpenIDE-Module-Display-Category=Ingest Module
OpenIDE-Module-Long-Description=PhotoRec Carver ingest module. \n\n Carves unallocated space and feeds the resulting carved files back into the system for processing.
OpenIDE-Module-Short-Description=Carves unallocated space and feeds carved files back into the system for processing.
unallocatedSpaceProcessingSettingsError.message="Process Unallocated Space" is not checked. This module is designed to carve unallocated space. Either allow processing of unallocated space, or do not use this module.
moduleDisplayName.text=PhotoRec Carver
moduleDescription.text=Runs PhotoRec carver against unallocated space on the system.
unallocatedSpaceProcessingSettingsError.message="Process Unallocated Space" is not checked. This module is designed to carve unallocated space. Either allow processing of unallocated space, or do not use this module.
unsupportedOS.message=Module is not supported for other than Windows platforms
missingExecutable.message=Unable to locate unallocated carver executable.
cannotRunExecutable.message=Unable to execute unallocated carver

6
Core/src/org/sleuthkit/autopsy/modules/photoreccarver/Bundle_ja.properties Normal file
View File

@ -0,0 +1,6 @@
moduleDescription.text=\u30B7\u30B9\u30C6\u30E0\u306E\u672A\u5272\u308A\u5F53\u3066\u9818\u57DF\u306B\u5BFE\u3057\u3066PhotoRec\u30AB\u30FC\u30D0\u3092\u5B9F\u884C\u3057\u307E\u3059\u3002
moduleDisplayName.text=PhotoRec\u30AB\u30FC\u30D0
OpenIDE-Module-Display-Category=\u30A4\u30F3\u30B8\u30A7\u30B9\u30C8\u30E2\u30B8\u30E5\u30FC\u30EB
OpenIDE-Module-Long-Description=PhotoRec\u30AB\u30FC\u30D0\u30A4\u30F3\u30B8\u30A7\u30B9\u30C8\u30E2\u30B8\u30E5\u30FC\u30EB\u3002\n\n\u672A\u5272\u308A\u5F53\u3066\u9818\u57DF\u3092\u5207\u308A\u51FA\u3057\u3001\u51E6\u7406\u3059\u308B\u3081\u306B\u30B7\u30B9\u30C6\u30E0\u3078\u30D5\u30A3\u30FC\u30C9\u3057\u307E\u3059\u3002
OpenIDE-Module-Name=PhotoRec\u30AB\u30FC\u30D0\u30A4\u30F3\u30B8\u30A7\u30B9\u30C8\u30E2\u30B8\u30E5\u30FC\u30EB
OpenIDE-Module-Short-Description=\u51E6\u7406\u3059\u308B\u3081\u306B\u672A\u5272\u308A\u5F53\u3066\u9818\u57DF\u3092\u5207\u308A\u51FA\u3057\u3001\u30B7\u30B9\u30C6\u30E0\u3078\u30D5\u30A3\u30FC\u30C9\u3057\u307E\u3059\u3002

10
Core/src/org/sleuthkit/autopsy/modules/photoreccarver/PhotoRecCarverFileIngestModule.java
View File

@ -113,7 +113,7 @@ final class PhotoRecCarverFileIngestModule implements FileIngestModule {
PhotoRecCarverFileIngestModule.pathsByJob.put(this.context.getJobId(), new WorkingPaths(outputDirPath, tempDirPath));
}
catch (SecurityException | IOException | UnsupportedOperationException ex) {
throw new IngestModule.IngestModuleException(NbBundle.getMessage(this.getClass(), "Utilities.cannotCreateOutputDir.message", ex.getLocalizedMessage()));
throw new IngestModule.IngestModuleException(NbBundle.getMessage(this.getClass(), "cannotCreateOutputDir.message", ex.getLocalizedMessage()));
}
}
}
@ -145,7 +145,7 @@ final class PhotoRecCarverFileIngestModule implements FileIngestModule {
// Check that we have roughly enough disk space left to complete the operation
long freeDiskSpace = IngestServices.getInstance().getFreeDiskSpace();
if ((file.getSize() * 2) > freeDiskSpace) {
logger.log(Level.SEVERE, "PhotoRec error processing {0} with {1} Not enough space on primary disk to carve unallocated space.",
logger.log(Level.SEVERE, "PhotoRec error processing {0} with {1} Not enough space on primary disk to carve unallocated space.", // NON-NLS
new Object[]{file.getName(), PhotoRecCarverIngestModuleFactory.getModuleName()}); // NON-NLS
return IngestModule.ProcessResult.ERROR;
}
@ -163,9 +163,9 @@ final class PhotoRecCarverFileIngestModule implements FileIngestModule {
// Scan the file with Unallocated Carver.
ProcessBuilder processAndSettings = new ProcessBuilder(
"\"" + executableFile + "\"",
"/d",
"/d", // NON-NLS
"\"" + outputDirPath.toAbsolutePath() + File.separator + PHOTOREC_RESULTS_BASE + "\"",
"/cmd",
"/cmd", // NON-NLS
"\"" + tempFilePath.toFile() + "\"",
"search"); // NON_NLS
@ -194,7 +194,7 @@ final class PhotoRecCarverFileIngestModule implements FileIngestModule {
if (null != tempFilePath && Files.exists(tempFilePath)) {
tempFilePath.toFile().delete();
}
logger.log(Level.SEVERE, "PhotoRec carver returned error exit value = {0} when scanning {1}",
logger.log(Level.SEVERE, "PhotoRec carver returned error exit value = {0} when scanning {1}", // NON-NLS
new Object[]{exitValue, file.getName()}); // NON-NLS
return IngestModule.ProcessResult.ERROR;
}

2
Core/src/org/sleuthkit/autopsy/timeline/events/type/MiscTypes.java
View File

@ -62,7 +62,7 @@ public enum MiscTypes implements EventType, ArtifactEventType {
final BlackboardAttribute longEnd = attrMap.get(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_GEO_LONGITUDE_END);
return String.format("from %1$g %2$g to %3$g %4$g", latStart.getValueDouble(), longStart.getValueDouble(), latEnd.getValueDouble(), longEnd.getValueDouble());
}),
GPS_TRACKPOINT("Location History", "gps_trackpoint.png",
GPS_TRACKPOINT("Location History", "gps-trackpoint.png",
BlackboardArtifact.ARTIFACT_TYPE.TSK_GPS_TRACKPOINT,
BlackboardAttribute.ATTRIBUTE_TYPE.TSK_DATETIME,
new AttributeExtractor(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_PROG_NAME),