mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-11 23:46:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/Seb2lyon/autopsy into develop

Browse Source
This commit is contained in:
Seb2lyon 2021-05-12 18:32:22 +02:00
commit ead3e37ad2
1 changed files with 24 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
RecentActivity/src/org/sleuthkit/autopsy/recentactivity/ExtractRegistry.java
View File

@ -742,7 +742,7 @@ class ExtractRegistry extends Extract {
} else { } else {
results.get(0).addAttributes(bbattributes); results.get(0).addAttributes(bbattributes);
} }
for (Map.Entry userMap : userNameMap.entrySet()) { for (Map.Entry userMap : getUserNameMap().entrySet()) {
String sid = ""; String sid = "";
try{ try{
sid = (String)userMap.getKey(); sid = (String)userMap.getKey();
@ -1116,17 +1116,6 @@ class ExtractRegistry extends Extract {
accountMgr.newOsAccountInstance(osAccount, (DataSource)dataSource, OsAccountInstance.OsAccountInstanceType.LAUNCHED); accountMgr.newOsAccountInstance(osAccount, (DataSource)dataSource, OsAccountInstance.OsAccountInstanceType.LAUNCHED);
updateOsAccount(osAccount, userInfo, groupMap.get(userInfo.get(SID_KEY)), regAbstractFile); updateOsAccount(osAccount, userInfo, groupMap.get(userInfo.get(SID_KEY)), regAbstractFile);
} }
// Get a mapping of user sids to user names and save globally so it can be used for other areas
// of the registry, ie: BAM key
try {
userNameMap = makeUserNameMap(dataSource);
} catch (TskCoreException ex) {
logger.log(Level.WARNING, "Unable to create OS Account user name map", ex);
// This is not the end of the world we will just continue without
// user names
userNameMap = new HashMap<>();
}
return true; return true;
} catch (FileNotFoundException ex) { } catch (FileNotFoundException ex) {
logger.log(Level.WARNING, "Error finding the registry file.", ex); //NON-NLS logger.log(Level.WARNING, "Error finding the registry file.", ex); //NON-NLS
@ -1261,7 +1250,7 @@ class ExtractRegistry extends Extract {
// We can add the S- back to the string that we split on since S- is a valid beginning of a User SID // We can add the S- back to the string that we split on since S- is a valid beginning of a User SID
String fileNameSid[] = tokens[4].split("\\s+\\(S-"); String fileNameSid[] = tokens[4].split("\\s+\\(S-");
String userSid = "S-" + fileNameSid[1].substring(0, fileNameSid[1].length() - 1); String userSid = "S-" + fileNameSid[1].substring(0, fileNameSid[1].length() - 1);
String userName = userNameMap.get(userSid); String userName = getUserNameMap().get(userSid);
if (userName == null) { if (userName == null) {
userName = userSid; userName = userSid;
} }
@ -1738,6 +1727,28 @@ class ExtractRegistry extends Extract {
return map; return map;
} }
/**
* Returns a mapping of user sids to user names.
*
* @return username man or empty list if none where found.
*/
private Map<String, String> getUserNameMap() {
if(userNameMap == null) {
// Get a mapping of user sids to user names and save globally so it can be used for other areas
// of the registry, ie: BAM key
try {
userNameMap = makeUserNameMap(dataSource);
} catch (TskCoreException ex) {
logger.log(Level.WARNING, "Unable to create OS Account user name map", ex);
// This is not the end of the world we will just continue without
// user names
userNameMap = new HashMap<>();
}
}
return userNameMap;
}
/** /**
* Gets the attribute for the given type from the given artifact. * Gets the attribute for the given type from the given artifact.