mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add static string to EncryptionDetection

Browse Source 
Added static string to EncryptionDetection module to keep a consistent message that can be called for password protected files.
This commit is contained in:
Mark McKinnon 2021-08-16 13:32:50 -04:00
parent 7b91aa51d0
commit dfccd20491
3 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Core/src/org/sleuthkit/autopsy/modules/embeddedfileextractor/SevenZipExtractor.java
View File

@ -96,7 +96,7 @@ class SevenZipExtractor {
//encryption type strings //encryption type strings
private static final String ENCRYPTION_FILE_LEVEL = NbBundle.getMessage(EmbeddedFileExtractorIngestModule.class, private static final String ENCRYPTION_FILE_LEVEL = NbBundle.getMessage(EmbeddedFileExtractorIngestModule.class,
"EmbeddedFileExtractorIngestModule.ArchiveExtractor.encryptionFileLevel"); "EmbeddedFileExtractorIngestModule.ArchiveExtractor.encryptionFileLevel");
private static final String ENCRYPTION_FULL = EncryptionDetectionModuleFactory.getPasswordProtectMessage(); private static final String ENCRYPTION_FULL = EncryptionDetectionModuleFactory.PASSWORD_PROTECT_MESSAGE;
//zip bomb detection //zip bomb detection
private static final int MAX_DEPTH = 4; private static final int MAX_DEPTH = 4;

3
Core/src/org/sleuthkit/autopsy/modules/encryptiondetection/EncryptionDetectionFileIngestModule.java
View File

@ -119,7 +119,6 @@ final class EncryptionDetectionFileIngestModule extends FileIngestModuleAdapter
} }
@Messages({ @Messages({
// "EncryptionDetectionFileIngestModule.artifactComment.password=Password protection detected.",
"EncryptionDetectionFileIngestModule.artifactComment.suspected=Suspected encryption due to high entropy (%f)." "EncryptionDetectionFileIngestModule.artifactComment.suspected=Suspected encryption due to high entropy (%f)."
}) })
@Override @Override
@ -160,7 +159,7 @@ final class EncryptionDetectionFileIngestModule extends FileIngestModuleAdapter
String.format(Bundle.EncryptionDetectionFileIngestModule_artifactComment_suspected(), calculatedEntropy)); String.format(Bundle.EncryptionDetectionFileIngestModule_artifactComment_suspected(), calculatedEntropy));
} else if (isFilePasswordProtected(file)) { } else if (isFilePasswordProtected(file)) {
return flagFile(file, BlackboardArtifact.Type.TSK_ENCRYPTION_DETECTED, Score.SCORE_NOTABLE, return flagFile(file, BlackboardArtifact.Type.TSK_ENCRYPTION_DETECTED, Score.SCORE_NOTABLE,
EncryptionDetectionModuleFactory.getPasswordProtectMessage()); EncryptionDetectionModuleFactory.PASSWORD_PROTECT_MESSAGE);
} }
} }
} catch (ReadContentInputStreamException | SAXException | TikaException | UnsupportedCodecException ex) { } catch (ReadContentInputStreamException | SAXException | TikaException | UnsupportedCodecException ex) {

8
Core/src/org/sleuthkit/autopsy/modules/encryptiondetection/EncryptionDetectionModuleFactory.java
View File

@ -42,15 +42,13 @@ import org.sleuthkit.autopsy.ingest.IngestModuleIngestJobSettingsPanel;
public class EncryptionDetectionModuleFactory implements IngestModuleFactory { public class EncryptionDetectionModuleFactory implements IngestModuleFactory {
public static final String PASSWORD_PROTECT_MESSAGE = Bundle.EncryptionDetectionFileIngestModule_artifactComment_password();
@Override @Override
public String getModuleDisplayName() { public String getModuleDisplayName() {
return getModuleName(); return getModuleName();
} }
public static String getPasswordProtectMessage() {
return Bundle.EncryptionDetectionFileIngestModule_artifactComment_password();
}
/** /**
* Get the name of the module. * Get the name of the module.
* *