mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-11 23:46:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
autopsy-flatpak/thirdparty/rr/plugins/autopsywinver.pl
Alex Ebadirad e0a9926726 Additional .pl files added, modification of cookie storage value attribute 
Signed-off-by: Alex Ebadirad <aebadirad@42six.com>
2012-03-16 10:05:07 -07:00

109 lines
2.4 KiB
Perl
Raw Blame History

#-----------------------------------------------------------
# winver.pl
#
# copyright 2008-2009 H. Carvey, keydet89@yahoo.com
#-----------------------------------------------------------
package autopsywinver;
use strict;
my %config = (hive => "Software",
osmask => 22,
hasShortDescr => 1,
hasDescr => 0,
hasRefs => 0,
version => 20081210);
sub getConfig{return %config}
sub getShortDescr {
return "Get Windows version";
}
sub getDescr{}
sub getRefs {}
sub getHive {return $config{hive};}
sub getVersion {return $config{version};}
my $VERSION = getVersion();
sub pluginmain {
my $class = shift;
my $hive = shift;
#::logMsg("Launching winver v.".$VERSION);
my $reg = Parse::Win32Registry->new($hive);
my $root_key = $reg->get_root_key;
::rptMsg("<WinVersion>");
::rptMsg("<time>Not Available</time>");
::rptMsg("<artifacts>");
my $key_path = "Microsoft\\Windows NT\\CurrentVersion";
my $key;
if ($key = $root_key->get_subkey($key_path)) {
# ::rptMsg("{name}");
# ::rptMsg($key_path);
# ::rptMsg("LastWrite Time ".gmtime($key->get_timestamp())." (UTC)");
my $prod;
eval {
$prod = $key->get_value("ProductName")->get_data();
};
if ($@) {
# ::rptMsg("ProductName value not found.");
}
else {
::rptMsg("<winver name=\"ProductName\">".$prod ."</winver>");
}
my $csd;
eval {
$csd = $key->get_value("CSDVersion")->get_data();
};
if ($@) {
# ::rptMsg("CSDVersion value not found.");
}
else {
::rptMsg("<winver name=\"CSDVersion\">".$csd."</winver>");
}
my $build;
eval {
$build = $key->get_value("BuildName")->get_data();
};
if ($@) {
# ::rptMsg("BuildName value not found.");
}
else {
::rptMsg("<winver name=\"BuildName\">".$build."</winver>");
}
my $buildex;
eval {
$buildex = $key->get_value("BuildNameEx")->get_data();
};
if ($@) {
# ::rptMsg("BuildName value not found.");
}
else {
::rptMsg("<winver name=\"BuildNameEx\">".$buildex."</winver>");
}
my $install;
eval {
$install = $key->get_value("InstallDate")->get_data();
};
if ($@) {
# ::rptMsg("InstallDate value not found.");
}
else {
::rptMsg("<winver name=\"InstallDate\">".gmtime($install)."</winver>");
}
}
else {
#::rptMsg($key_path." not found.");
#::logMsg($key_path." not found.");
}
::rptMsg("</artifacts></shellfolders>");
}
1;
Reference in New Issue View Git Blame Copy Permalink