diff --git a/RecentActivity/nbproject/project.xml b/RecentActivity/nbproject/project.xml
index 0fd5ec2517..70b71da333 100644
--- a/RecentActivity/nbproject/project.xml
+++ b/RecentActivity/nbproject/project.xml
@@ -115,10 +115,6 @@
ext/gson-2.1.jar
release/modules/ext/gson-2.1.jar
-
- ext/commons-lang3-3.1.jar
- release/modules/ext/commons-lang3-3.1.jar
-
ext/jdom-1.1.2.jar
release/modules/ext/jdom-1.1.2.jar
diff --git a/RecentActivity/release/modules/ext/commons-lang3-3.1.jar b/RecentActivity/release/modules/ext/commons-lang3-3.1.jar
deleted file mode 100644
index a85e539b17..0000000000
Binary files a/RecentActivity/release/modules/ext/commons-lang3-3.1.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/jcalendarbutton-1.4.5.jar b/RecentActivity/release/modules/ext/jcalendarbutton-1.4.5.jar
deleted file mode 100644
index 4128ca1e05..0000000000
Binary files a/RecentActivity/release/modules/ext/jcalendarbutton-1.4.5.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/sqlite-jdbc-3.6.20.jar b/RecentActivity/release/modules/ext/sqlite-jdbc-3.6.20.jar
deleted file mode 100644
index 2009143653..0000000000
Binary files a/RecentActivity/release/modules/ext/sqlite-jdbc-3.6.20.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.2.jar b/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.2.jar
deleted file mode 100644
index b0bec7b000..0000000000
Binary files a/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.2.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.7.1-20110713.014305-1.jar b/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.7.1-20110713.014305-1.jar
deleted file mode 100644
index 4dbeb15cf4..0000000000
Binary files a/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.7.1-20110713.014305-1.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.8-20111025.014814-1.jar b/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.8-20111025.014814-1.jar
deleted file mode 100644
index bcea83745a..0000000000
Binary files a/RecentActivity/release/modules/ext/sqlite-jdbc-3.7.8-20111025.014814-1.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/sqlite4java.jar b/RecentActivity/release/modules/ext/sqlite4java.jar
deleted file mode 100644
index 6622f51c65..0000000000
Binary files a/RecentActivity/release/modules/ext/sqlite4java.jar and /dev/null differ
diff --git a/RecentActivity/release/modules/ext/sqlitejdbc-v056.jar b/RecentActivity/release/modules/ext/sqlitejdbc-v056.jar
deleted file mode 100644
index f95d90eb07..0000000000
Binary files a/RecentActivity/release/modules/ext/sqlitejdbc-v056.jar and /dev/null differ
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java
index e0fc159e8e..1f06a844e5 100644
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/Extract.java
@@ -28,15 +28,23 @@ import java.util.*;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.sleuthkit.autopsy.casemodule.Case;
+import org.sleuthkit.autopsy.ingest.IngestServiceImage;
import org.sleuthkit.datamodel.*;
-abstract public class Extract {
+abstract public class Extract implements IngestServiceImage{
protected Case currentCase = Case.getCurrentCase(); // get the most updated case
protected SleuthkitCase tskCase = currentCase.getSleuthkitCase();
public final Logger logger = Logger.getLogger(this.getClass().getName());
protected ArrayList errorMessages = null;
protected String moduleName = "";
+
+ List getErrorMessages() {
+ if(errorMessages == null) {
+ errorMessages = new ArrayList();
+ }
+ return errorMessages;
+ }
public List extractFiles(Image image, String query) {
@@ -97,6 +105,7 @@ abstract public class Extract {
tempdbconnect.closeConnection();
} catch (Exception ex) {
logger.log(Level.WARNING, "Error while trying to read into a sqlite db." + connectionString, ex);
+ return new ArrayList();
}
return list;
}
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
index 17ab6ac770..1df27dbe55 100755
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractIE.java
@@ -370,7 +370,7 @@ public class ExtractIE extends Extract implements IngestServiceImage {
} catch (Exception e) {
success = false;
- logger.log(Level.SEVERE, "ExtractIE::executePasco() -> ", e.getMessage());
+ logger.log(Level.SEVERE, "ExtractIE::executePasco() -> ", e);
}
return success;
@@ -453,7 +453,7 @@ public class ExtractIE extends Extract implements IngestServiceImage {
ftime = epochtime.longValue();
ftime = ftime/1000;
} catch (ParseException e) {
- logger.log(Level.SEVERE, "ExtractIE::parsePascosResults() -> ", e.getMessage());
+ logger.log(Level.SEVERE, "ExtractIE::parsePascosResults() -> ", e);
}
}
@@ -497,7 +497,7 @@ public class ExtractIE extends Extract implements IngestServiceImage {
boolean bDelete = file.delete();
}
} catch (IOException ioex) {
- logger.log(Level.SEVERE, "ExtractIE::parsePascosResults() -> ", ioex.getMessage());
+ logger.log(Level.SEVERE, "ExtractIE::parsePascosResults() -> ", ioex);
}
}
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java
index 336c5d217e..136f0e1f75 100644
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java
@@ -46,7 +46,7 @@ import org.sleuthkit.datamodel.*;
*
* @author Alex \System32\Config
*/
-public class ExtractRegistry implements IngestServiceImage {
+public class ExtractRegistry extends Extract implements IngestServiceImage {
public Logger logger = Logger.getLogger(this.getClass().getName());
private String RR_PATH;
@@ -56,7 +56,7 @@ public class ExtractRegistry implements IngestServiceImage {
ExtractRegistry() {
final File rrRoot = InstalledFileLocator.getDefault().locate("rr", ExtractRegistry.class.getPackage().getName(), false);
if (rrRoot == null) {
- logger.log(Level.SEVERE, "RegRipper not found");
+ logger.log(Level.WARNING, "RegRipper not found");
rrFound = false;
return;
} else {
@@ -176,7 +176,7 @@ public class ExtractRegistry implements IngestServiceImage {
} catch (Exception e) {
- logger.log(Level.SEVERE, "ExtractRegistry::executeRegRip() -> ", e.getMessage());
+ logger.log(Level.WARNING, "ExtractRegistry::executeRegRip() -> ", e);
}
return txtPath;
@@ -222,7 +222,7 @@ public class ExtractRegistry implements IngestServiceImage {
String Tempdate = time.toString();
time = Long.valueOf(Tempdate)/1000;
} catch (ParseException e) {
- logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage());
+ logger.log(Level.WARNING, "RegRipper::Conversion on DateTime -> ", e);
}
Element artroot = tempnode.getChild("artifacts");
List artlist = artroot.getChildren();
@@ -253,7 +253,7 @@ public class ExtractRegistry implements IngestServiceImage {
utime = Long.valueOf(Tempdate);
utime = utime;
} catch (Exception e) {
- logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage());
+ logger.log(Level.WARNING, "RegRipper::Conversion on DateTime -> ", e);
}
BlackboardArtifact bbart = tempDb.getContentById(orgId).newArtifact(ARTIFACT_TYPE.TSK_DEVICE_ATTACHED);
@@ -269,7 +269,7 @@ public class ExtractRegistry implements IngestServiceImage {
ftime = epochtime.longValue();
ftime = ftime/1000;
} catch (ParseException e) {
- logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage());
+ logger.log(Level.WARNING, "RegRipper::Conversion on DateTime -> ", e);
}
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_LAST_ACCESSED.getTypeID(), "RecentActivity", context, time));
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", context, value));
@@ -293,7 +293,7 @@ public class ExtractRegistry implements IngestServiceImage {
String Tempdate = installtime.toString();
installtime = Long.valueOf(Tempdate)/1000;
} catch (ParseException e) {
- logger.log(Level.SEVERE, "RegRipper::Conversion on DateTime -> ", e.getMessage());
+ logger.log(Level.WARNING, "RegRipper::Conversion on DateTime -> ", e);
}
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_PROG_NAME.getTypeID(), "RecentActivity", context, winver));
bbattributes.add(new BlackboardAttribute(ATTRIBUTE_TYPE.TSK_DATETIME.getTypeID(), "RecentActivity", context, installtime));
diff --git a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java
index 2b0230a4bf..9124d84ffb 100644
--- a/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java
+++ b/RecentActivity/src/org/sleuthkit/autopsy/recentactivity/RAImageIngestService.java
@@ -21,6 +21,7 @@
package org.sleuthkit.autopsy.recentactivity;
import java.util.ArrayList;
+import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.sleuthkit.autopsy.ingest.IngestImageWorkerController;
@@ -40,7 +41,7 @@ public final class RAImageIngestService implements IngestServiceImage {
private static RAImageIngestService defaultInstance = null;
private IngestManagerProxy managerProxy;
private static int messageId = 0;
- private ArrayList errors = null;
+ private ArrayList errors = new ArrayList();
private StringBuilder subCompleted = new StringBuilder();
//public constructor is required
@@ -59,51 +60,22 @@ public final class RAImageIngestService implements IngestServiceImage {
@Override
public void process(Image image, IngestImageWorkerController controller) {
//logger.log(Level.INFO, "process() " + this.toString());
+ List modules = new ArrayList();
+ modules.add(new ExtractRegistry());
+ modules.add(new Firefox());
+ modules.add(new Chrome());
+ modules.add(new ExtractIE());
managerProxy.postMessage(IngestMessage.createMessage(++messageId, MessageType.INFO, this, "Started " + image.getName()));
- try {
- controller.switchToDeterminate(4);
- controller.progress(0);
-
- if (controller.isCancelled() == false) {
- ExtractRegistry eree = new ExtractRegistry();
- eree.process(image, controller);
- controller.progress(1);
- subCompleted.append("Registry extraction complete.
");
- }
- if (controller.isCancelled() == false) {
- Firefox ffre = new Firefox();
- ffre.process(image, controller);
- controller.progress(2);
- subCompleted.append("Firefox extraction complete.
");
- if(ffre.errorMessages != null){
- errors.addAll(ffre.errorMessages);
- }
- }
- if (controller.isCancelled() == false) {
- Chrome chre = new Chrome();
- chre.process(image, controller);
- controller.progress(3);
- subCompleted.append("Chrome extraction complete.
");
- if(chre.errorMessages != null){
- errors.addAll(chre.errorMessages);
- }
- }
- if (controller.isCancelled() == false) {
- ExtractIE eere = new ExtractIE();
- eere.process(image, controller);
- if(eere.errorMessages != null){
- errors.addAll(eere.errorMessages);
- }
- subCompleted.append( "Internet Explorer extraction complete.
");
- controller.progress(4);
- }
-
-
- } catch (Exception e) {
- logger.log(Level.SEVERE, "Error extracting recent activity", e);
- managerProxy.postMessage(IngestMessage.createErrorMessage(++messageId, this, "Error extracting recent activity data", null));
+ controller.switchToDeterminate(modules.size());
+ controller.progress(0);
+
+ for(int i = 0; i < modules.size(); i++) {
+ Extract module = modules.get(i);
+ module.process(image, controller);
+ controller.progress(i+1);
+ subCompleted.append(module.getName()).append(" complete
");
+ errors.addAll(module.getErrorMessages());
}
-
}
@Override
@@ -113,7 +85,7 @@ public final class RAImageIngestService implements IngestServiceImage {
String errorsFound = "";
errorMessage.append(subCompleted);
int i = 0;
- if (errors != null) {
+ if (!errors.isEmpty()) {
errorMessage.append("
There were some errors extracting the data:
");
for (String msg : errors) {
i++;
diff --git a/installer_autopsy/installer_autopsy.aip b/installer_autopsy/installer_autopsy.aip
index 2430baf71d..f396ed1df8 100644
--- a/installer_autopsy/installer_autopsy.aip
+++ b/installer_autopsy/installer_autopsy.aip
@@ -1439,7 +1439,7 @@
|
|
|
- |
+ |
|
|
|
@@ -2040,7 +2040,7 @@
|
|
|
- |
+ |
|
|
|
@@ -2122,7 +2122,7 @@
|
|
|
- |
+ |
|
|
|
@@ -3372,7 +3372,7 @@
|
|
|
- |
+ |
|
|
|
@@ -3785,7 +3785,7 @@
|
|
|
- |
+ |
|
|
|
@@ -4266,14 +4266,14 @@
|
|
|
- |
+ |
|
- |
- |
+ |
+ |
|
|
|
- |
+ |
|
|
|
@@ -4396,7 +4396,7 @@
|
|
|
- |
+ |
|
|
|
@@ -4461,17 +4461,12 @@
|
|
|
- |
- |
|
- |
- |
- |
- |
+ |
|
|
|
- |
+ |
|
|
|
@@ -4683,7 +4678,7 @@
|
|
|
- |
+ |
|
|
|
@@ -4693,7 +4688,7 @@
|
|
|
- |
+ |
|
|
|