Autopsy 4.22.1
Graphical digital forensics platform for The Sleuth Kit and other tools.
BodyFileReport.java
Go to the documentation of this file.
1 /*
2 *
3 * Autopsy Forensic Browser
4 *
5 * Copyright 2012-2020 Basis Technology Corp.
6 *
7 * Copyright 2012 42six Solutions.
8 * Contact: aebadirad <at> 42six <dot> com
9 * Project Contact/Architect: carrier <at> sleuthkit <dot> org
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License");
12 * you may not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23package org.sleuthkit.autopsy.report.modules.bodyfile;
24
25import org.sleuthkit.autopsy.report.GeneralReportModule;
26import java.io.BufferedWriter;
27import java.io.FileWriter;
28import java.io.IOException;
29import java.util.List;
30import java.util.logging.Level;
31import java.util.stream.Collectors;
32import javax.swing.JPanel;
33
34import org.openide.util.NbBundle;
35import org.sleuthkit.autopsy.casemodule.Case;
36import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;
37import org.sleuthkit.autopsy.coreutils.Logger;
38import org.sleuthkit.autopsy.ingest.IngestManager;
39import org.sleuthkit.autopsy.report.GeneralReportSettings;
40import org.sleuthkit.autopsy.report.ReportProgressPanel;
41import org.sleuthkit.autopsy.report.ReportProgressPanel.ReportStatus;
42import org.sleuthkit.datamodel.*;
43
49class BodyFileReport implements GeneralReportModule {
50
51 private static final Logger logger = Logger.getLogger(BodyFileReport.class.getName());
52 private static BodyFileReport instance = null;
53
54 private Case currentCase;
55 private SleuthkitCase skCase;
56
57 private String reportPath;
58
59 // Hidden constructor for the report
60 private BodyFileReport() {
61 }
62
63 // Get the default implementation of this report
64 public static synchronized BodyFileReport getDefault() {
65 if (instance == null) {
66 instance = new BodyFileReport();
67 }
68 return instance;
69 }
70
71 @Override
72 public boolean supportsDataSourceSelection() {
73 return true;
74 }
75
82 @Override
83 public void generateReport(GeneralReportSettings settings, ReportProgressPanel progressPanel) {
84 // Start the progress bar and setup the report
85 try {
86 currentCase = Case.getCurrentCaseThrows();
87 } catch (NoCurrentCaseException ex) {
88 logger.log(Level.SEVERE, "Exception while getting open case.", ex);
89 return;
90 }
91 progressPanel.setIndeterminate(false);
92 progressPanel.start();
93 progressPanel.updateStatusLabel(NbBundle.getMessage(this.getClass(), "ReportBodyFile.progress.querying"));
94 reportPath = settings.getReportDirectoryPath() + getRelativeFilePath(); //NON-NLS
95
96 skCase = currentCase.getSleuthkitCase();
97
98 // Run query to get all files
99 try {
100 // exclude non-fs files/dirs and . and .. files
101 final String query = "type = " + TskData.TSK_DB_FILES_TYPE_ENUM.FS.getFileType() //NON-NLS
102 + " AND name != '.' AND name != '..'"; //NON-NLS
103
104 progressPanel.updateStatusLabel(NbBundle.getMessage(this.getClass(), "ReportBodyFile.progress.loading"));
105 // Filter the list to only include files that are contained within
106 // the set of data sources to process.
107 List<AbstractFile> fs = skCase.findAllFilesWhere(query).stream()
108 .filter((file) -> {
109 if(settings.getSelectedDataSources() == null) {
110 // Assume all data sources if list is null.
111 return true;
112 }
113 return settings.getSelectedDataSources().contains(file.getDataSourceObjectId());
114 })
115 .collect(Collectors.toList());
116
117 // Check if ingest has finished
118 String ingestwarning = "";
119 if (IngestManager.getInstance().isIngestRunning()) {
120 ingestwarning = NbBundle.getMessage(this.getClass(), "ReportBodyFile.ingestWarning.text");
121 }
122
123 int size = fs.size();
124 progressPanel.setMaximumProgress(size / 100);
125
126 BufferedWriter out = null;
127 try {
128 // MD5|name|inode|mode_as_string|UID|GID|size|atime|mtime|ctime|crtime
129 out = new BufferedWriter(new FileWriter(reportPath, true));
130 out.write(ingestwarning);
131 // Loop files and write info to report
132 int count = 0;
133 for (AbstractFile file : fs) {
134 if (progressPanel.getStatus() == ReportStatus.CANCELED) {
135 break;
136 }
137 if (count++ == 100) {
138 progressPanel.increment();
139 progressPanel.updateStatusLabel(
140 NbBundle.getMessage(this.getClass(), "ReportBodyFile.progress.processing",
141 file.getName()));
142 count = 0;
143 }
144
145 if (file.getMd5Hash() != null) {
146 out.write(file.getMd5Hash());
147 }
148 out.write("|");
149 if (file.getUniquePath() != null) {
150 out.write(file.getUniquePath());
151 }
152 out.write("|");
153 out.write(Long.toString(file.getMetaAddr()));
154 out.write("|");
155 String modeString = file.getModesAsString();
156 if (modeString != null) {
157 out.write(modeString);
158 }
159 out.write("|");
160 out.write(Long.toString(file.getUid()));
161 out.write("|");
162 out.write(Long.toString(file.getGid()));
163 out.write("|");
164 out.write(Long.toString(file.getSize()));
165 out.write("|");
166 out.write(Long.toString(file.getAtime()));
167 out.write("|");
168 out.write(Long.toString(file.getMtime()));
169 out.write("|");
170 out.write(Long.toString(file.getCtime()));
171 out.write("|");
172 out.write(Long.toString(file.getCrtime()));
173 out.write("\n");
174 }
175 } catch (IOException ex) {
176 logger.log(Level.WARNING, "Could not write the temp body file report.", ex); //NON-NLS
177 } finally {
178 try {
179 if (out != null) {
180 out.flush();
181 out.close();
182 Case.getCurrentCaseThrows().addReport(reportPath,
183 NbBundle.getMessage(this.getClass(),
184 "ReportBodyFile.generateReport.srcModuleName.text"), "");
185
186 }
187 } catch (IOException ex) {
188 logger.log(Level.WARNING, "Could not flush and close the BufferedWriter.", ex); //NON-NLS
189 } catch (TskCoreException | NoCurrentCaseException ex) {
190 String errorMessage = String.format("Error adding %s to case as a report", reportPath); //NON-NLS
191 logger.log(Level.SEVERE, errorMessage, ex);
192 }
193 }
194 progressPanel.complete(ReportStatus.COMPLETE);
195 } catch (TskCoreException ex) {
196 logger.log(Level.WARNING, "Failed to get the unique path.", ex); //NON-NLS
197 }
198 }
199
200 @Override
201 public String getName() {
202 String name = NbBundle.getMessage(this.getClass(), "ReportBodyFile.getName.text");
203 return name;
204 }
205
206 @Override
207 public String getRelativeFilePath() {
208 return NbBundle.getMessage(this.getClass(), "ReportBodyFile.getFilePath.text");
209 }
210
211 @Override
212 public String getDescription() {
213 String desc = NbBundle.getMessage(this.getClass(), "ReportBodyFile.getDesc.text");
214 return desc;
215 }
216
217 @Override
218 public JPanel getConfigurationPanel() {
219 return null; // No configuration panel
220 }
221}
org.sleuthkit.autopsy.casemodule.Case.addReport
void addReport(String localPath, String srcModuleName, String reportName)
Definition Case.java:1929
org.sleuthkit.autopsy.coreutils.Logger.getLogger
synchronized static Logger getLogger(String name)
Definition Logger.java:124
org.sleuthkit.autopsy.ingest.IngestManager.getInstance
static synchronized IngestManager getInstance()
Definition IngestManager.java:161

Copyright © 2012-2024 Sleuth Kit Labs. Generated on:
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.