Autopsy  4.17.0
Graphical digital forensics platform for The Sleuth Kit and other tools.
BodyFileReport.java
Go to the documentation of this file.
1  /*
2  *
3  * Autopsy Forensic Browser
4  *
5  * Copyright 2012-2020 Basis Technology Corp.
6  *
7  * Copyright 2012 42six Solutions.
8  * Contact: aebadirad <at> 42six <dot> com
9  * Project Contact/Architect: carrier <at> sleuthkit <dot> org
10  *
11  * Licensed under the Apache License, Version 2.0 (the "License");
12  * you may not use this file except in compliance with the License.
13  * You may obtain a copy of the License at
14  *
15  * http://www.apache.org/licenses/LICENSE-2.0
16  *
17  * Unless required by applicable law or agreed to in writing, software
18  * distributed under the License is distributed on an "AS IS" BASIS,
19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20  * See the License for the specific language governing permissions and
21  * limitations under the License.
22  */
23 package org.sleuthkit.autopsy.report.modules.bodyfile;
24 
26 import java.io.BufferedWriter;
27 import java.io.FileWriter;
28 import java.io.IOException;
29 import java.util.List;
30 import java.util.logging.Level;
31 import java.util.stream.Collectors;
32 import javax.swing.JPanel;
33 
34 import org.openide.util.NbBundle;
42 import org.sleuthkit.datamodel.*;
43 
49 class BodyFileReport implements GeneralReportModule {
50 
51  private static final Logger logger = Logger.getLogger(BodyFileReport.class.getName());
52  private static BodyFileReport instance = null;
53 
54  private Case currentCase;
55  private SleuthkitCase skCase;
56 
57  private String reportPath;
58 
59  // Hidden constructor for the report
60  private BodyFileReport() {
61  }
62 
63  // Get the default implementation of this report
64  public static synchronized BodyFileReport getDefault() {
65  if (instance == null) {
66  instance = new BodyFileReport();
67  }
68  return instance;
69  }
70 
71  @Override
72  public boolean supportsDataSourceSelection() {
73  return true;
74  }
75 
82  @Override
83  public void generateReport(GeneralReportSettings settings, ReportProgressPanel progressPanel) {
84  // Start the progress bar and setup the report
85  try {
86  currentCase = Case.getCurrentCaseThrows();
87  } catch (NoCurrentCaseException ex) {
88  logger.log(Level.SEVERE, "Exception while getting open case.", ex);
89  return;
90  }
91  progressPanel.setIndeterminate(false);
92  progressPanel.start();
93  progressPanel.updateStatusLabel(NbBundle.getMessage(this.getClass(), "ReportBodyFile.progress.querying"));
94  reportPath = settings.getReportDirectoryPath() + getRelativeFilePath(); //NON-NLS
95 
96  skCase = currentCase.getSleuthkitCase();
97 
98  // Run query to get all files
99  try {
100  // exclude non-fs files/dirs and . and .. files
101  final String query = "type = " + TskData.TSK_DB_FILES_TYPE_ENUM.FS.getFileType() //NON-NLS
102  + " AND name != '.' AND name != '..'"; //NON-NLS
103 
104  progressPanel.updateStatusLabel(NbBundle.getMessage(this.getClass(), "ReportBodyFile.progress.loading"));
105  // Filter the list to only include files that are contained within
106  // the set of data sources to process.
107  List<AbstractFile> fs = skCase.findAllFilesWhere(query).stream()
108  .filter((file) -> {
109  if(settings.getSelectedDataSources() == null) {
110  // Assume all data sources if list is null.
111  return true;
112  }
113  return settings.getSelectedDataSources().contains(file.getDataSourceObjectId());
114  })
115  .collect(Collectors.toList());
116 
117  // Check if ingest has finished
118  String ingestwarning = "";
120  ingestwarning = NbBundle.getMessage(this.getClass(), "ReportBodyFile.ingestWarning.text");
121  }
122 
123  int size = fs.size();
124  progressPanel.setMaximumProgress(size / 100);
125 
126  BufferedWriter out = null;
127  try {
128  // MD5|name|inode|mode_as_string|UID|GID|size|atime|mtime|ctime|crtime
129  out = new BufferedWriter(new FileWriter(reportPath, true));
130  out.write(ingestwarning);
131  // Loop files and write info to report
132  int count = 0;
133  for (AbstractFile file : fs) {
134  if (progressPanel.getStatus() == ReportStatus.CANCELED) {
135  break;
136  }
137  if (count++ == 100) {
138  progressPanel.increment();
139  progressPanel.updateStatusLabel(
140  NbBundle.getMessage(this.getClass(), "ReportBodyFile.progress.processing",
141  file.getName()));
142  count = 0;
143  }
144 
145  if (file.getMd5Hash() != null) {
146  out.write(file.getMd5Hash());
147  }
148  out.write("|");
149  if (file.getUniquePath() != null) {
150  out.write(file.getUniquePath());
151  }
152  out.write("|");
153  out.write(Long.toString(file.getMetaAddr()));
154  out.write("|");
155  String modeString = file.getModesAsString();
156  if (modeString != null) {
157  out.write(modeString);
158  }
159  out.write("|");
160  out.write(Long.toString(file.getUid()));
161  out.write("|");
162  out.write(Long.toString(file.getGid()));
163  out.write("|");
164  out.write(Long.toString(file.getSize()));
165  out.write("|");
166  out.write(Long.toString(file.getAtime()));
167  out.write("|");
168  out.write(Long.toString(file.getMtime()));
169  out.write("|");
170  out.write(Long.toString(file.getCtime()));
171  out.write("|");
172  out.write(Long.toString(file.getCrtime()));
173  out.write("\n");
174  }
175  } catch (IOException ex) {
176  logger.log(Level.WARNING, "Could not write the temp body file report.", ex); //NON-NLS
177  } finally {
178  try {
179  if (out != null) {
180  out.flush();
181  out.close();
182  Case.getCurrentCaseThrows().addReport(reportPath,
183  NbBundle.getMessage(this.getClass(),
184  "ReportBodyFile.generateReport.srcModuleName.text"), "");
185 
186  }
187  } catch (IOException ex) {
188  logger.log(Level.WARNING, "Could not flush and close the BufferedWriter.", ex); //NON-NLS
189  } catch (TskCoreException | NoCurrentCaseException ex) {
190  String errorMessage = String.format("Error adding %s to case as a report", reportPath); //NON-NLS
191  logger.log(Level.SEVERE, errorMessage, ex);
192  }
193  }
194  progressPanel.complete(ReportStatus.COMPLETE);
195  } catch (TskCoreException ex) {
196  logger.log(Level.WARNING, "Failed to get the unique path.", ex); //NON-NLS
197  }
198  }
199 
200  @Override
201  public String getName() {
202  String name = NbBundle.getMessage(this.getClass(), "ReportBodyFile.getName.text");
203  return name;
204  }
205 
206  @Override
207  public String getRelativeFilePath() {
208  return NbBundle.getMessage(this.getClass(), "ReportBodyFile.getFilePath.text");
209  }
210 
211  @Override
212  public String getDescription() {
213  String desc = NbBundle.getMessage(this.getClass(), "ReportBodyFile.getDesc.text");
214  return desc;
215  }
216 
217  @Override
218  public JPanel getConfigurationPanel() {
219  return null; // No configuration panel
220  }
221 }
static synchronized IngestManager getInstance()
void addReport(String localPath, String srcModuleName, String reportName)
Definition: Case.java:1654
synchronized static Logger getLogger(String name)
Definition: Logger.java:124

Copyright © 2012-2021 Basis Technology. Generated on: Tue Jan 19 2021
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.