From cd38f57e4fd1f9c87df6391c6f06b0ab3c7851da Mon Sep 17 00:00:00 2001 From: Raman Date: Tue, 17 Sep 2019 12:47:29 -0400 Subject: [PATCH] 5446: Updated the Xender, Zapya & ShareIt parsers to match the latest helper definition and api. --- InternalPythonModules/android/shareit.py | 16 +++++++++------- InternalPythonModules/android/xender.py | 17 +++++++++-------- InternalPythonModules/android/zapya.py | 18 ++++++++++-------- 3 files changed, 28 insertions(+), 23 deletions(-) diff --git a/InternalPythonModules/android/shareit.py b/InternalPythonModules/android/shareit.py index 9d661fb9c0..ac359f51a3 100644 --- a/InternalPythonModules/android/shareit.py +++ b/InternalPythonModules/android/shareit.py @@ -32,8 +32,6 @@ from org.sleuthkit.autopsy.casemodule import Case from org.sleuthkit.autopsy.coreutils import Logger from org.sleuthkit.autopsy.coreutils import MessageNotifyUtil from org.sleuthkit.autopsy.coreutils import AppSQLiteDB -from org.sleuthkit.autopsy.coreutils import AppDBParserHelper -from org.sleuthkit.autopsy.coreutils.AppDBParserHelper import CommunicationDirection from org.sleuthkit.autopsy.datamodel import ContentUtils from org.sleuthkit.autopsy.ingest import IngestJobContext from org.sleuthkit.datamodel import AbstractFile @@ -42,6 +40,9 @@ from org.sleuthkit.datamodel import BlackboardAttribute from org.sleuthkit.datamodel import Content from org.sleuthkit.datamodel import TskCoreException from org.sleuthkit.datamodel import Account +from org.sleuthkit.datamodel.blackboardutils import CommunicationArtifactsHelper +from org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper import MessageReadStatus +from org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper import CommunicationDirection import traceback import general @@ -62,8 +63,9 @@ class ShareItAnalyzer(general.AndroidComponentAnalyzer): historyDbs = AppSQLiteDB.findAppDatabases(dataSource, "history.db", True, "com.lenovo.anyshare.gps") for historyDb in historyDbs: try: - historyDbHelper = AppDBParserHelper(self.moduleName, historyDb.getDBFile(), - Account.Type.SHAREIT) + historyDbHelper = CommunicationArtifactsHelper(Case.getCurrentCase().getSleuthkitCase(), + self.moduleName, historyDb.getDBFile(), + Account.Type.SHAREIT) queryString = "SELECT history_type, device_id, device_name, description, timestamp, import_path FROM history" historyResultSet = historyDb.runQuery(queryString) @@ -91,7 +93,7 @@ class ShareItAnalyzer(general.AndroidComponentAnalyzer): fromAddress, toAddress, timeStamp, - AppDBParserHelper.MessageReadStatusEnum.UNKNOWN, + MessageReadStatus.UNKNOWN, None, # subject msgBody, "" ) @@ -99,9 +101,9 @@ class ShareItAnalyzer(general.AndroidComponentAnalyzer): # TBD: add the file as attachment ?? except SQLException as ex: - self._logger.log(Level.SEVERE, "Error processing query result for ShareIt history.", ex) + self._logger.log(Level.WARNING, "Error processing query result for ShareIt history.", ex) except TskCoreException as ex: - self._logger.log(Level.SEVERE, "Failed to create AppDBParserHelper for adding artifacts.", ex) + self._logger.log(Level.WARNING, "Failed to create CommunicationArtifactsHelper for adding artifacts.", ex) finally: historyDb.close() diff --git a/InternalPythonModules/android/xender.py b/InternalPythonModules/android/xender.py index f3ea2ad2f3..b59f18dce3 100644 --- a/InternalPythonModules/android/xender.py +++ b/InternalPythonModules/android/xender.py @@ -32,8 +32,6 @@ from org.sleuthkit.autopsy.casemodule import Case from org.sleuthkit.autopsy.coreutils import Logger from org.sleuthkit.autopsy.coreutils import MessageNotifyUtil from org.sleuthkit.autopsy.coreutils import AppSQLiteDB -from org.sleuthkit.autopsy.coreutils import AppDBParserHelper -from org.sleuthkit.autopsy.coreutils.AppDBParserHelper import CommunicationDirection from org.sleuthkit.autopsy.datamodel import ContentUtils from org.sleuthkit.autopsy.ingest import IngestJobContext from org.sleuthkit.datamodel import AbstractFile @@ -42,7 +40,9 @@ from org.sleuthkit.datamodel import BlackboardAttribute from org.sleuthkit.datamodel import Content from org.sleuthkit.datamodel import TskCoreException from org.sleuthkit.datamodel import Account - +from org.sleuthkit.datamodel.blackboardutils import CommunicationArtifactsHelper +from org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper import MessageReadStatus +from org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper import CommunicationDirection import traceback import general @@ -70,8 +70,9 @@ class XenderAnalyzer(general.AndroidComponentAnalyzer): if not selfAccountAddress: selfAccountAddress = Account.Address(profilesResultSet.getString("device_id"), profilesResultSet.getString("nick_name")) - transactionDbHelper = AppDBParserHelper(self.moduleName, transactionDb.getDBFile(), - Account.Type.XENDER, Account.Type.XENDER, selfAccountAddress ) + transactionDbHelper = CommunicationArtifactsHelper(Case.getCurrentCase().getSleuthkitCase(), + self.moduleName, transactionDb.getDBFile(), + Account.Type.XENDER, Account.Type.XENDER, selfAccountAddress ) queryString = "SELECT f_path, f_display_name, f_size_str, f_create_time, c_direction, c_session_id, s_name, s_device_id, r_name, r_device_id FROM new_history " messagesResultSet = transactionDb.runQuery(queryString) @@ -99,7 +100,7 @@ class XenderAnalyzer(general.AndroidComponentAnalyzer): fromAddress, toAddress, timeStamp, - AppDBParserHelper.MessageReadStatusEnum.UNKNOWN, + MessageReadStatus.UNKNOWN, None, msgBody, messagesResultSet.getString("c_session_id") ) @@ -107,9 +108,9 @@ class XenderAnalyzer(general.AndroidComponentAnalyzer): # TBD: add the file as attachment ?? except SQLException as ex: - self._logger.log(Level.SEVERE, "Error processing query result for profiles", ex) + self._logger.log(Level.WARNING, "Error processing query result for profiles", ex) except TskCoreException as ex: - self._logger.log(Level.SEVERE, "Failed to create AppDBParserHelper for adding artifacts.", ex) + self._logger.log(Level.WARNING, "Failed to create CommunicationArtifactsHelper for adding artifacts.", ex) finally: transactionDb.close() diff --git a/InternalPythonModules/android/zapya.py b/InternalPythonModules/android/zapya.py index 9338e47440..fed51dd27d 100644 --- a/InternalPythonModules/android/zapya.py +++ b/InternalPythonModules/android/zapya.py @@ -32,8 +32,6 @@ from org.sleuthkit.autopsy.casemodule import Case from org.sleuthkit.autopsy.coreutils import Logger from org.sleuthkit.autopsy.coreutils import MessageNotifyUtil from org.sleuthkit.autopsy.coreutils import AppSQLiteDB -from org.sleuthkit.autopsy.coreutils import AppDBParserHelper -from org.sleuthkit.autopsy.coreutils.AppDBParserHelper import CommunicationDirection from org.sleuthkit.autopsy.datamodel import ContentUtils from org.sleuthkit.autopsy.ingest import IngestJobContext from org.sleuthkit.datamodel import AbstractFile @@ -42,6 +40,9 @@ from org.sleuthkit.datamodel import BlackboardAttribute from org.sleuthkit.datamodel import Content from org.sleuthkit.datamodel import TskCoreException from org.sleuthkit.datamodel import Account +from org.sleuthkit.datamodel.blackboardutils import CommunicationArtifactsHelper +from org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper import MessageReadStatus +from org.sleuthkit.datamodel.blackboardutils.CommunicationArtifactsHelper import CommunicationDirection import traceback import general @@ -62,8 +63,9 @@ class ZapyaAnalyzer(general.AndroidComponentAnalyzer): transferDbs = AppSQLiteDB.findAppDatabases(dataSource, "transfer20.db", True, "com.dewmobile.kuaiya.play") for transferDb in transferDbs: try: - transferDbHelper = AppDBParserHelper(self.moduleName, transferDb.getDBFile(), - Account.Type.ZAPYA) + transferDbHelper = CommunicationArtifactsHelper(Case.getCurrentCase().getSleuthkitCase(), + self.moduleName, transferDb.getDBFile(), + Account.Type.ZAPYA) queryString = "SELECT device, name, direction, createtime, path, title FROM transfer" transfersResultSet = transferDb.runQuery(queryString) @@ -71,7 +73,7 @@ class ZapyaAnalyzer(general.AndroidComponentAnalyzer): while transfersResultSet.next(): direction = CommunicationDirection.UNKNOWN fromAddress = None - toAdddress = None + toAddress = None if (transfersResultSet.getInt("direction") == 1): direction = CommunicationDirection.OUTGOING @@ -91,7 +93,7 @@ class ZapyaAnalyzer(general.AndroidComponentAnalyzer): fromAddress, toAddress, timeStamp, - AppDBParserHelper.MessageReadStatusEnum.UNKNOWN, + MessageReadStatus.UNKNOWN, None, msgBody, "" ) @@ -99,9 +101,9 @@ class ZapyaAnalyzer(general.AndroidComponentAnalyzer): # TBD: add the file as attachment ?? except SQLException as ex: - self._logger.log(Level.SEVERE, "Error processing query result for transfer", ex) + self._logger.log(Level.WARNING, "Error processing query result for transfer", ex) except TskCoreException as ex: - self._logger.log(Level.SEVERE, "Failed to create AppDBParserHelper for adding artifacts.", ex) + self._logger.log(Level.WARNING, "Failed to create CommunicationArtifactsHelper for adding artifacts.", ex) finally: transferDb.close()