mirror of
https://github.com/overcuriousity/autopsy-flatpak.git
synced 2025-07-06 21:00:22 +00:00
Merge pull request #1200 from karlmortensen/blackboard_attributes
Blackboard Artifacts
This commit is contained in:
commit
d346cb79ef
@ -149,6 +149,7 @@ CaseOpenAction.msgDlg.fileNotExist.msg=Error\: File does not exist.
|
|||||||
CaseOpenAction.msgDlg.fileNotExist.title=Error
|
CaseOpenAction.msgDlg.fileNotExist.title=Error
|
||||||
CaseOpenAction.msgDlg.cantOpenCase.msg=Error\: could not open the case in folder {0}\: {1}
|
CaseOpenAction.msgDlg.cantOpenCase.msg=Error\: could not open the case in folder {0}\: {1}
|
||||||
CaseOpenAction.msgDlg.cantOpenCase.title=Error
|
CaseOpenAction.msgDlg.cantOpenCase.title=Error
|
||||||
|
CaseCreateAction.msgDlg.cantCreateCase.msg=Cannot create case
|
||||||
CasePropertiesAction.window.title=Case Properties
|
CasePropertiesAction.window.title=Case Properties
|
||||||
CasePropertiesForm.updateCaseName.msgDlg.empty.msg=The caseName cannot be empty.
|
CasePropertiesForm.updateCaseName.msgDlg.empty.msg=The caseName cannot be empty.
|
||||||
CasePropertiesForm.updateCaseName.msgDlg.empty.title=Error
|
CasePropertiesForm.updateCaseName.msgDlg.empty.title=Error
|
||||||
|
@ -30,8 +30,6 @@
|
|||||||
<Component id="rbSingleUserCase" min="-2" max="-2" attributes="0"/>
|
<Component id="rbSingleUserCase" min="-2" max="-2" attributes="0"/>
|
||||||
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
||||||
<Component id="rbMultiUserCase" min="-2" max="-2" attributes="0"/>
|
<Component id="rbMultiUserCase" min="-2" max="-2" attributes="0"/>
|
||||||
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
|
||||||
<Component id="lbBadMultiUserSettings" max="32767" attributes="0"/>
|
|
||||||
</Group>
|
</Group>
|
||||||
<Component id="jLabel1" alignment="0" min="-2" max="-2" attributes="0"/>
|
<Component id="jLabel1" alignment="0" min="-2" max="-2" attributes="0"/>
|
||||||
<Group type="102" alignment="0" attributes="0">
|
<Group type="102" alignment="0" attributes="0">
|
||||||
@ -44,7 +42,8 @@
|
|||||||
<EmptySpace max="32767" attributes="0"/>
|
<EmptySpace max="32767" attributes="0"/>
|
||||||
<Component id="caseNameTextField" min="-2" pref="296" max="-2" attributes="0"/>
|
<Component id="caseNameTextField" min="-2" pref="296" max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
<Component id="caseDirTextField" alignment="0" min="-2" pref="380" max="-2" attributes="1"/>
|
<Component id="caseDirTextField" alignment="0" max="32767" attributes="1"/>
|
||||||
|
<Component id="lbBadMultiUserSettings" alignment="1" min="-2" pref="372" max="-2" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
<EmptySpace type="unrelated" max="-2" attributes="0"/>
|
||||||
<Component id="caseDirBrowseButton" min="-2" max="-2" attributes="0"/>
|
<Component id="caseDirBrowseButton" min="-2" max="-2" attributes="0"/>
|
||||||
@ -78,9 +77,10 @@
|
|||||||
<Group type="103" groupAlignment="3" attributes="0">
|
<Group type="103" groupAlignment="3" attributes="0">
|
||||||
<Component id="rbSingleUserCase" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="rbSingleUserCase" alignment="3" min="-2" max="-2" attributes="0"/>
|
||||||
<Component id="rbMultiUserCase" alignment="3" min="-2" max="-2" attributes="0"/>
|
<Component id="rbMultiUserCase" alignment="3" min="-2" max="-2" attributes="0"/>
|
||||||
<Component id="lbBadMultiUserSettings" alignment="3" min="-2" max="-2" attributes="0"/>
|
|
||||||
</Group>
|
</Group>
|
||||||
<EmptySpace pref="16" max="32767" attributes="0"/>
|
<EmptySpace min="-2" max="-2" attributes="0"/>
|
||||||
|
<Component id="lbBadMultiUserSettings" min="-2" pref="23" max="-2" attributes="0"/>
|
||||||
|
<EmptySpace max="32767" attributes="0"/>
|
||||||
</Group>
|
</Group>
|
||||||
</Group>
|
</Group>
|
||||||
</DimensionLayout>
|
</DimensionLayout>
|
||||||
|
@ -198,9 +198,7 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener {
|
|||||||
.addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
|
.addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
|
||||||
.addComponent(rbSingleUserCase)
|
.addComponent(rbSingleUserCase)
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
||||||
.addComponent(rbMultiUserCase)
|
.addComponent(rbMultiUserCase))
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
|
||||||
.addComponent(lbBadMultiUserSettings, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
|
|
||||||
.addComponent(jLabel1, javax.swing.GroupLayout.Alignment.LEADING)
|
.addComponent(jLabel1, javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
.addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
|
.addGroup(javax.swing.GroupLayout.Alignment.LEADING, layout.createSequentialGroup()
|
||||||
.addComponent(caseDirLabel)
|
.addComponent(caseDirLabel)
|
||||||
@ -210,7 +208,8 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener {
|
|||||||
.addComponent(caseNameLabel)
|
.addComponent(caseNameLabel)
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
||||||
.addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 296, javax.swing.GroupLayout.PREFERRED_SIZE))
|
.addComponent(caseNameTextField, javax.swing.GroupLayout.PREFERRED_SIZE, 296, javax.swing.GroupLayout.PREFERRED_SIZE))
|
||||||
.addComponent(caseDirTextField, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 380, javax.swing.GroupLayout.PREFERRED_SIZE))
|
.addComponent(caseDirTextField, javax.swing.GroupLayout.Alignment.LEADING)
|
||||||
|
.addComponent(lbBadMultiUserSettings, javax.swing.GroupLayout.PREFERRED_SIZE, 372, javax.swing.GroupLayout.PREFERRED_SIZE))
|
||||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED)
|
||||||
.addComponent(caseDirBrowseButton)))
|
.addComponent(caseDirBrowseButton)))
|
||||||
.addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
|
.addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
|
||||||
@ -236,9 +235,10 @@ final class NewCaseVisualPanel1 extends JPanel implements DocumentListener {
|
|||||||
.addGap(18, 18, 18)
|
.addGap(18, 18, 18)
|
||||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
|
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
|
||||||
.addComponent(rbSingleUserCase)
|
.addComponent(rbSingleUserCase)
|
||||||
.addComponent(rbMultiUserCase)
|
.addComponent(rbMultiUserCase))
|
||||||
.addComponent(lbBadMultiUserSettings))
|
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||||
.addContainerGap(16, Short.MAX_VALUE))
|
.addComponent(lbBadMultiUserSettings, javax.swing.GroupLayout.PREFERRED_SIZE, 23, javax.swing.GroupLayout.PREFERRED_SIZE)
|
||||||
|
.addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
|
||||||
);
|
);
|
||||||
}// </editor-fold>//GEN-END:initComponents
|
}// </editor-fold>//GEN-END:initComponents
|
||||||
|
|
||||||
|
@ -22,12 +22,13 @@ package org.sleuthkit.autopsy.casemodule;
|
|||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
import java.util.logging.Level;
|
||||||
|
import javax.swing.JOptionPane;
|
||||||
import javax.swing.SwingUtilities;
|
import javax.swing.SwingUtilities;
|
||||||
import javax.swing.event.ChangeEvent;
|
import javax.swing.event.ChangeEvent;
|
||||||
import javax.swing.event.ChangeListener;
|
import javax.swing.event.ChangeListener;
|
||||||
import org.openide.WizardDescriptor;
|
import org.openide.WizardDescriptor;
|
||||||
import org.openide.WizardValidationException;
|
import org.openide.WizardValidationException;
|
||||||
import org.openide.util.Exceptions;
|
|
||||||
import org.openide.util.HelpCtx;
|
import org.openide.util.HelpCtx;
|
||||||
import org.openide.util.NbBundle;
|
import org.openide.util.NbBundle;
|
||||||
import org.sleuthkit.autopsy.casemodule.Case.CaseType;
|
import org.sleuthkit.autopsy.casemodule.Case.CaseType;
|
||||||
@ -174,30 +175,29 @@ class NewCaseWizardPanel2 implements WizardDescriptor.ValidatingPanel<WizardDesc
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void validate() throws WizardValidationException {
|
public void validate() throws WizardValidationException {
|
||||||
|
|
||||||
NewCaseVisualPanel2 currentComponent = getComponent();
|
NewCaseVisualPanel2 currentComponent = getComponent();
|
||||||
final String caseNumber = currentComponent.getCaseNumber();
|
final String caseNumber = currentComponent.getCaseNumber();
|
||||||
final String examiner = currentComponent.getExaminer();
|
final String examiner = currentComponent.getExaminer();
|
||||||
try {
|
try {
|
||||||
SwingUtilities.invokeLater(new Runnable(){
|
SwingUtilities.invokeLater(new Runnable() {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void run() {
|
public void run() {
|
||||||
try {
|
try {
|
||||||
Case.create(createdDirectory, caseName, caseNumber, examiner, caseType);
|
Case.create(createdDirectory, caseName, caseNumber, examiner, caseType);
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
Exceptions.printStackTrace(ex);
|
JOptionPane.showMessageDialog(null, NbBundle.getMessage(this.getClass(),
|
||||||
|
"CaseCreateAction.msgDlg.cantCreateCase.msg")+" "+caseName,
|
||||||
|
NbBundle.getMessage(this.getClass(),
|
||||||
|
"CaseOpenAction.msgDlg.cantOpenCase.title"),
|
||||||
|
JOptionPane.ERROR_MESSAGE);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
});
|
||||||
});
|
} catch (Exception ex) {
|
||||||
|
|
||||||
//Case.create(createdDirectory, caseName, caseNumber, examiner);
|
|
||||||
} catch(Exception ex) {
|
|
||||||
throw new WizardValidationException(this.getComponent(),
|
throw new WizardValidationException(this.getComponent(),
|
||||||
NbBundle.getMessage(this.getClass(),
|
NbBundle.getMessage(this.getClass(), "NewCaseWizardPanel2.validate.errCreateCase.msg"), null);
|
||||||
"NewCaseWizardPanel2.validate.errCreateCase.msg"),
|
|
||||||
null);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -18,7 +18,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
|
|||||||
@OptionsPanelController.TopLevelRegistration(
|
@OptionsPanelController.TopLevelRegistration(
|
||||||
categoryName = "#OptionsCategory_Name_FileExtMismatchOptions",
|
categoryName = "#OptionsCategory_Name_FileExtMismatchOptions",
|
||||||
iconBase = "org/sleuthkit/autopsy/modules/fileextmismatch/options-icon.png",
|
iconBase = "org/sleuthkit/autopsy/modules/fileextmismatch/options-icon.png",
|
||||||
position = 4,
|
position = 5,
|
||||||
keywords = "#OptionsCategory_FileExtMismatch",
|
keywords = "#OptionsCategory_FileExtMismatch",
|
||||||
keywordsCategory = "KeywordSearchOptions")
|
keywordsCategory = "KeywordSearchOptions")
|
||||||
public final class FileExtMismatchOptionsPanelController extends OptionsPanelController {
|
public final class FileExtMismatchOptionsPanelController extends OptionsPanelController {
|
||||||
|
@ -174,6 +174,9 @@ class FileType {
|
|||||||
* @return True or false.
|
* @return True or false.
|
||||||
*/
|
*/
|
||||||
boolean containedIn(final AbstractFile file) {
|
boolean containedIn(final AbstractFile file) {
|
||||||
|
if(file.getSize() < (offset+signatureBytes.length)) {
|
||||||
|
return false; /// too small, can't contain this signature
|
||||||
|
}
|
||||||
try {
|
try {
|
||||||
byte[] buffer = new byte[signatureBytes.length];
|
byte[] buffer = new byte[signatureBytes.length];
|
||||||
int bytesRead = file.read(buffer, offset, signatureBytes.length);
|
int bytesRead = file.read(buffer, offset, signatureBytes.length);
|
||||||
|
@ -17,7 +17,7 @@ import org.openide.util.Lookup;
|
|||||||
iconBase = "org/sleuthkit/autopsy/modules/filetypeid/user-defined-file-types-settings.png",
|
iconBase = "org/sleuthkit/autopsy/modules/filetypeid/user-defined-file-types-settings.png",
|
||||||
keywords = "#OptionsCategory_Keywords_FileTypeId",
|
keywords = "#OptionsCategory_Keywords_FileTypeId",
|
||||||
keywordsCategory = "FileTypeId",
|
keywordsCategory = "FileTypeId",
|
||||||
position = 5
|
position = 6
|
||||||
)
|
)
|
||||||
// moved messages to Bundle.properties
|
// moved messages to Bundle.properties
|
||||||
//@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_FileTypeId=FileTypeId", "OptionsCategory_Keywords_FileTypeId=FileTypeId"})
|
//@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_FileTypeId=FileTypeId", "OptionsCategory_Keywords_FileTypeId=FileTypeId"})
|
||||||
|
@ -33,7 +33,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
|
|||||||
@OptionsPanelController.TopLevelRegistration(
|
@OptionsPanelController.TopLevelRegistration(
|
||||||
categoryName = "#OptionsCategory_Name_HashDatabase",
|
categoryName = "#OptionsCategory_Name_HashDatabase",
|
||||||
iconBase = "org/sleuthkit/autopsy/modules/hashdatabase/options_icon.png",
|
iconBase = "org/sleuthkit/autopsy/modules/hashdatabase/options_icon.png",
|
||||||
position = 3,
|
position = 4,
|
||||||
keywords = "#OptionsCategory_Keywords_HashDatabase",
|
keywords = "#OptionsCategory_Keywords_HashDatabase",
|
||||||
keywordsCategory = "HashDatabase",
|
keywordsCategory = "HashDatabase",
|
||||||
id = "HashDatabase")
|
id = "HashDatabase")
|
||||||
|
@ -31,7 +31,7 @@ import org.openide.util.Lookup;
|
|||||||
iconBase = "org/sleuthkit/autopsy/images/interesting_item_32x32.png",
|
iconBase = "org/sleuthkit/autopsy/images/interesting_item_32x32.png",
|
||||||
keywords = "#OptionsCategory_Keywords_InterestingItemDefinitions",
|
keywords = "#OptionsCategory_Keywords_InterestingItemDefinitions",
|
||||||
keywordsCategory = "InterestingItemDefinitions",
|
keywordsCategory = "InterestingItemDefinitions",
|
||||||
position = 6
|
position = 7
|
||||||
)
|
)
|
||||||
public final class InterestingItemDefsOptionsPanelController extends OptionsPanelController {
|
public final class InterestingItemDefsOptionsPanelController extends OptionsPanelController {
|
||||||
|
|
||||||
|
@ -31,7 +31,8 @@ import org.openide.util.Lookup;
|
|||||||
categoryName = "#OptionsCategory_Name_Options",
|
categoryName = "#OptionsCategory_Name_Options",
|
||||||
iconBase = "org/sleuthkit/autopsy/imagegallery/images/polaroid_48_silhouette.png",
|
iconBase = "org/sleuthkit/autopsy/imagegallery/images/polaroid_48_silhouette.png",
|
||||||
keywords = "#OptionsCategory_Keywords_Options",
|
keywords = "#OptionsCategory_Keywords_Options",
|
||||||
keywordsCategory = "Options"
|
keywordsCategory = "Options",
|
||||||
|
position = 10
|
||||||
)
|
)
|
||||||
@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_Options=Image / Video Gallery", "OptionsCategory_Keywords_Options=image video gallery category "})
|
@org.openide.util.NbBundle.Messages({"OptionsCategory_Name_Options=Image / Video Gallery", "OptionsCategory_Keywords_Options=image video gallery category "})
|
||||||
public final class ImageGalleryOptionsPanelController extends OptionsPanelController {
|
public final class ImageGalleryOptionsPanelController extends OptionsPanelController {
|
||||||
|
@ -32,7 +32,7 @@ import org.sleuthkit.autopsy.coreutils.Logger;
|
|||||||
@OptionsPanelController.TopLevelRegistration(
|
@OptionsPanelController.TopLevelRegistration(
|
||||||
categoryName = "#OptionsCategory_Name_KeywordSearchOptions",
|
categoryName = "#OptionsCategory_Name_KeywordSearchOptions",
|
||||||
iconBase = "org/sleuthkit/autopsy/keywordsearch/options-icon.png",
|
iconBase = "org/sleuthkit/autopsy/keywordsearch/options-icon.png",
|
||||||
position = 2,
|
position = 3,
|
||||||
keywords = "#OptionsCategory_Keywords_KeywordSearchOptions",
|
keywords = "#OptionsCategory_Keywords_KeywordSearchOptions",
|
||||||
keywordsCategory = "KeywordSearchOptions")
|
keywordsCategory = "KeywordSearchOptions")
|
||||||
public final class KeywordSearchOptionsPanelController extends OptionsPanelController {
|
public final class KeywordSearchOptionsPanelController extends OptionsPanelController {
|
||||||
|
@ -273,8 +273,8 @@ class SearchEngineURLQueryAnalyzer extends Extract {
|
|||||||
int totalQueries = 0;
|
int totalQueries = 0;
|
||||||
try {
|
try {
|
||||||
//from blackboard_artifacts
|
//from blackboard_artifacts
|
||||||
Collection<BlackboardArtifact> listArtifacts = currentCase.getSleuthkitCase().getMatchingArtifacts("WHERE (`artifact_type_id` = '" + ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID() //NON-NLS
|
Collection<BlackboardArtifact> listArtifacts = currentCase.getSleuthkitCase().getMatchingArtifacts("WHERE (artifact_type_id = '" + ARTIFACT_TYPE.TSK_WEB_BOOKMARK.getTypeID() //NON-NLS
|
||||||
+ "' OR `artifact_type_id` = '" + ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID() + "') "); //List of every 'web_history' and 'bookmark' artifact NON-NLS
|
+ "' OR artifact_type_id = '" + ARTIFACT_TYPE.TSK_WEB_HISTORY.getTypeID() + "') "); //List of every 'web_history' and 'bookmark' artifact NON-NLS
|
||||||
logger.log(Level.INFO, "Processing {0} blackboard artifacts.", listArtifacts.size()); //NON-NLS
|
logger.log(Level.INFO, "Processing {0} blackboard artifacts.", listArtifacts.size()); //NON-NLS
|
||||||
|
|
||||||
for (BlackboardArtifact artifact : listArtifacts) {
|
for (BlackboardArtifact artifact : listArtifacts) {
|
||||||
@ -302,7 +302,7 @@ class SearchEngineURLQueryAnalyzer extends Extract {
|
|||||||
|
|
||||||
SearchEngineURLQueryAnalyzer.SearchEngine se = null;
|
SearchEngineURLQueryAnalyzer.SearchEngine se = null;
|
||||||
//from blackboard_attributes
|
//from blackboard_attributes
|
||||||
Collection<BlackboardAttribute> listAttributes = currentCase.getSleuthkitCase().getMatchingAttributes("Where `artifact_id` = " + artifact.getArtifactID()); //NON-NLS
|
Collection<BlackboardAttribute> listAttributes = currentCase.getSleuthkitCase().getMatchingAttributes("Where artifact_id = " + artifact.getArtifactID()); //NON-NLS
|
||||||
|
|
||||||
for (BlackboardAttribute attribute : listAttributes) {
|
for (BlackboardAttribute attribute : listAttributes) {
|
||||||
if (attribute.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID()) {
|
if (attribute.getAttributeTypeID() == BlackboardAttribute.ATTRIBUTE_TYPE.TSK_URL.getTypeID()) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user