mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-08 22:29:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Calling postArtifact once for all artifacts

Browse Source
This commit is contained in:
Kelly Kelly 2019-07-18 10:48:14 -04:00
parent dfd5c8d309
commit c37b61578d
3 changed files with 13 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
InternalPythonModules/android/calllog.py
View File

@ -152,15 +152,6 @@ class CallLogAnalyzer(general.AndroidComponentAnalyzer):
bbartifacts.append(artifact) bbartifacts.append(artifact)
try:
# index the artifact for keyword search
blackboard = Case.getCurrentCase().getSleuthkitCase().getBlackboard()
blackboard.postArtifact(artifact, MODULE_NAME)
except Blackboard.BlackboardException as ex:
self._logger.log(Level.SEVERE, "Unable to index blackboard artifact " + str(artifact.getArtifactID()), ex)
self._logger.log(Level.SEVERE, traceback.format_exc())
MessageNotifyUtil.Notify.error("Failed to index call log artifact for keyword search.", artifact.getDisplayName())
except TskCoreException as ex: except TskCoreException as ex:
self._logger.log(Level.SEVERE, "Error posting call log record to the blackboard", ex) self._logger.log(Level.SEVERE, "Error posting call log record to the blackboard", ex)
self._logger.log(Level.SEVERE, traceback.format_exc()) self._logger.log(Level.SEVERE, traceback.format_exc())
@ -172,12 +163,6 @@ class CallLogAnalyzer(general.AndroidComponentAnalyzer):
# Could not parse call log; error connecting to db. # Could not parse call log; error connecting to db.
pass pass
finally: finally:
try: if bbartifacts:
if resultSet is not None: Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifacts(bbartifacts, general.MODULE_NAME)
resultSet.close()
statement.close()
connection.close()
except Exception as ex:
# Error closing database.
pass

11
InternalPythonModules/android/contact.py
View File

@ -164,15 +164,6 @@ class ContactAnalyzer(general.AndroidComponentAnalyzer):
bbartifacts.append(artifact) bbartifacts.append(artifact)
try:
# index the artifact for keyword search
blackboard = Case.getCurrentCase().getSleuthkitCase().getBlackboard()
blackboard.postArtifact(artifact, MODULE_NAME)
except Blackboard.BlackboardException as ex:
self._logger.log(Level.SEVERE, "Unable to index blackboard artifact " + str(artifact.getArtifactID()), ex)
self._logger.log(Level.SEVERE, traceback.format_exc())
MessageNotifyUtil.Notify.error("Failed to index contact artifact for keyword search.", artifact.getDisplayName())
except SQLException as ex: except SQLException as ex:
# Unable to execute contacts SQL query against database. # Unable to execute contacts SQL query against database.
pass pass
@ -180,6 +171,8 @@ class ContactAnalyzer(general.AndroidComponentAnalyzer):
self._logger.log(Level.SEVERE, "Error posting to blackboard", ex) self._logger.log(Level.SEVERE, "Error posting to blackboard", ex)
self._logger.log(Level.SEVERE, traceback.format_exc()) self._logger.log(Level.SEVERE, traceback.format_exc())
finally: finally:
if bbartifacts:
Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifacts(bbartifacts, general.MODULE_NAME)
try: try:
if resultSet is not None: if resultSet is not None:

19
InternalPythonModules/android/textmessage.py
View File

@ -29,6 +29,7 @@ from java.sql import SQLException
from java.sql import Statement from java.sql import Statement
from java.util.logging import Level from java.util.logging import Level
from java.util import ArrayList from java.util import ArrayList
from java.util import UUID
from org.sleuthkit.autopsy.casemodule import Case from org.sleuthkit.autopsy.casemodule import Case
from org.sleuthkit.autopsy.casemodule.services import FileManager from org.sleuthkit.autopsy.casemodule.services import FileManager
from org.sleuthkit.autopsy.coreutils import Logger from org.sleuthkit.autopsy.coreutils import Logger
@ -95,6 +96,8 @@ class TextMessageAnalyzer(general.AndroidComponentAnalyzer):
ds = Case.getCurrentCase().getSleuthkitCase().getDataSource(datasourceObjId) ds = Case.getCurrentCase().getSleuthkitCase().getDataSource(datasourceObjId)
deviceID = ds.getDeviceId() deviceID = ds.getDeviceId()
deviceAccountInstance = Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().createAccountFileInstance(Account.Type.DEVICE, deviceID, general.MODULE_NAME, abstractFile) deviceAccountInstance = Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().createAccountFileInstance(Account.Type.DEVICE, deviceID, general.MODULE_NAME, abstractFile)
uuid = UUID.randomUUID().toString()
print("Text Message Hello world!")
resultSet = None resultSet = None
try: try:
@ -106,7 +109,7 @@ class TextMessageAnalyzer(general.AndroidComponentAnalyzer):
read = resultSet.getInt("read") # may be unread = 0, read = 1 read = resultSet.getInt("read") # may be unread = 0, read = 1
subject = resultSet.getString("subject") # message subject subject = resultSet.getString("subject") # message subject
body = resultSet.getString("body") # message body body = resultSet.getString("body") # message body
thread_id = "{0}_{1}".format(abstractFile.getId(), resultSet.getInt("thread_id")) thread_id = "{0}-{1}".format(uuid, resultSet.getInt("thread_id"))
attributes = ArrayList() attributes = ArrayList()
artifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); #create Message artifact and then add attributes from result set. artifact = abstractFile.newArtifact(BlackboardArtifact.ARTIFACT_TYPE.TSK_MESSAGE); #create Message artifact and then add attributes from result set.
if resultSet.getString("type") == "1": if resultSet.getString("type") == "1":
@ -131,14 +134,6 @@ class TextMessageAnalyzer(general.AndroidComponentAnalyzer):
Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().addRelationships(deviceAccountInstance, [msgAccountInstance], artifact,Relationship.Type.MESSAGE, date); Case.getCurrentCase().getSleuthkitCase().getCommunicationsManager().addRelationships(deviceAccountInstance, [msgAccountInstance], artifact,Relationship.Type.MESSAGE, date);
bbartifacts.append(artifact) bbartifacts.append(artifact)
try:
# index the artifact for keyword search
blackboard = Case.getCurrentCase().getSleuthkitCase().getBlackboard()
blackboard.postArtifact(artifact, MODULE_NAME)
except Blackboard.BlackboardException as ex:
self._logger.log(Level.SEVERE, "Unable to index blackboard artifact " + str(artifact.getArtifactID()), ex)
self._logger.log(Level.SEVERE, traceback.format_exc())
MessageNotifyUtil.Notify.error("Failed to index text message artifact for keyword search.", artifact.getDisplayName())
except SQLException as ex: except SQLException as ex:
# Unable to execute text messages SQL query against database. # Unable to execute text messages SQL query against database.
@ -147,8 +142,12 @@ class TextMessageAnalyzer(general.AndroidComponentAnalyzer):
self._logger.log(Level.SEVERE, "Error parsing text messages to blackboard", ex) self._logger.log(Level.SEVERE, "Error parsing text messages to blackboard", ex)
self._logger.log(Level.SEVERE, traceback.format_exc()) self._logger.log(Level.SEVERE, traceback.format_exc())
finally: finally:
print("End of Text")
if bbartifacts:
Case.getCurrentCase().getSleuthkitCase().getBlackboard().postArtifacts(bbartifacts, general.MODULE_NAME)
try: try:
print("End of Text Try")
if resultSet is not None: if resultSet is not None:
resultSet.close() resultSet.close()
statement.close() statement.close()