Imanol-Mikel Barba Sabariego / gravedigger · Commits

Commit 956444ddd8ce823af60a06efe849e94b023cbf07

Authored by root
1 parent 375d9939

Fixed evidence type handling

Inline Side-by-side
Showing 2 changed files with 11 additions and 8 deletions
bonetypes.py
  View file @956444d
1   -typeDefinitions = {
2   - "mft": 0x00,
3   - "winreg": 0x01,
4   - "evt": 0x02,
5   - "edb": 0x03,
6   - "info": 0x04
7   -}
8 1 \ No newline at end of file
  2 +global definitions
  3 +definitions = {
  4 + "mft": '00',
  5 + "winreg": '01',
  6 + "evt": '02',
  7 + "edb": '03',
  8 + "info": '04'
  9 +}
  10 +
... ...
digger.py
  View file @956444d
... ... @@ -20,6 +20,7 @@ from filelogger import FileLogger
20 20 from hashlib import sha256
21 21 import bonetypes
22 22 import xml.etree.ElementTree
  23 +import binascii
23 24  
24 25 def getModules():
25 26 choiceList = []
... ... @@ -73,7 +74,7 @@ def bagAndTag():
73 74 for dir in dirnames:
74 75 for subroot, subdirnames, subfilenames in os.walk(tombPath + dir):
75 76 for filename in subfilenames:
76   - boneList.append({"path" : subroot + "/" + filename, "type": dir})
  77 + boneList.append({"path" : subroot + "/" + filename, "type": bonetypes.definitions[dir]})
77 78  
78 79 d.gauge_start(title="Hashing all collected artifacts...",width=60,height=10)
79 80 boneCount = 0
... ...