Commit 36718063832b1edf41e85f286bfdd054753bfe16
1 parent
2a93f649
MFT module completed
Showing
5 changed files
with
77 additions
and
49 deletions
.idea/workspace.xml
| ... | ... | @@ -2,15 +2,9 @@ |
| 2 | 2 | <project version="4"> |
| 3 | 3 | <component name="ChangeListManager"> |
| 4 | 4 | <list default="true" id="33419617-7da8-422e-9ac6-68e0b317ebf8" name="Default" comment=""> |
| 5 | - <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/runcmd.py" /> | |
| 6 | - <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/scripts/list_ntfs.sh" /> | |
| 5 | + <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/tomb.py" /> | |
| 7 | 6 | <change type="MODIFICATION" beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" /> |
| 8 | - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/digger.py" afterPath="$PROJECT_DIR$/digger.py" /> | |
| 9 | - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/module.py" afterPath="$PROJECT_DIR$/module.py" /> | |
| 10 | 7 | <change type="MODIFICATION" beforePath="$PROJECT_DIR$/modules/mft.py" afterPath="$PROJECT_DIR$/modules/mft.py" /> |
| 11 | - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/modulevar.py" afterPath="$PROJECT_DIR$/modulevar.py" /> | |
| 12 | - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/scripts/digger.sh" afterPath="$PROJECT_DIR$/scripts/digger.sh" /> | |
| 13 | - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/vars/ntfsvol.py" afterPath="$PROJECT_DIR$/vars/ntfsvol.py" /> | |
| 14 | 8 | </list> |
| 15 | 9 | <ignored path="gravedigger.iws" /> |
| 16 | 10 | <ignored path=".idea/workspace.xml" /> |
| ... | ... | @@ -48,18 +42,20 @@ |
| 48 | 42 | <file leaf-file-name="digger.py" pinned="false" current-in-tab="false"> |
| 49 | 43 | <entry file="file://$PROJECT_DIR$/digger.py"> |
| 50 | 44 | <provider selected="true" editor-type-id="text-editor"> |
| 51 | - <state relative-caret-position="-152"> | |
| 52 | - <caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="23" /> | |
| 53 | - <folding /> | |
| 45 | + <state relative-caret-position="-190"> | |
| 46 | + <caret line="11" column="0" selection-start-line="11" selection-start-column="0" selection-end-line="11" selection-end-column="0" /> | |
| 47 | + <folding> | |
| 48 | + <element signature="e#25#38#0" expanded="true" /> | |
| 49 | + </folding> | |
| 54 | 50 | </state> |
| 55 | 51 | </provider> |
| 56 | 52 | </entry> |
| 57 | 53 | </file> |
| 58 | - <file leaf-file-name="runcmd.py" pinned="false" current-in-tab="true"> | |
| 54 | + <file leaf-file-name="runcmd.py" pinned="false" current-in-tab="false"> | |
| 59 | 55 | <entry file="file://$PROJECT_DIR$/runcmd.py"> |
| 60 | 56 | <provider selected="true" editor-type-id="text-editor"> |
| 61 | - <state relative-caret-position="38"> | |
| 62 | - <caret line="2" column="18" selection-start-line="2" selection-start-column="18" selection-end-line="2" selection-end-column="18" /> | |
| 57 | + <state relative-caret-position="76"> | |
| 58 | + <caret line="4" column="22" selection-start-line="4" selection-start-column="22" selection-end-line="4" selection-end-column="22" /> | |
| 63 | 59 | <folding /> |
| 64 | 60 | </state> |
| 65 | 61 | </provider> |
| ... | ... | @@ -97,11 +93,23 @@ |
| 97 | 93 | </provider> |
| 98 | 94 | </entry> |
| 99 | 95 | </file> |
| 100 | - <file leaf-file-name="mft.py" pinned="false" current-in-tab="false"> | |
| 96 | + <file leaf-file-name="mft.py" pinned="false" current-in-tab="true"> | |
| 101 | 97 | <entry file="file://$PROJECT_DIR$/modules/mft.py"> |
| 102 | 98 | <provider selected="true" editor-type-id="text-editor"> |
| 103 | - <state relative-caret-position="285"> | |
| 104 | - <caret line="15" column="52" selection-start-line="15" selection-start-column="52" selection-end-line="15" selection-end-column="52" /> | |
| 99 | + <state relative-caret-position="190"> | |
| 100 | + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" /> | |
| 101 | + <folding> | |
| 102 | + <element signature="e#0#25#0" expanded="true" /> | |
| 103 | + </folding> | |
| 104 | + </state> | |
| 105 | + </provider> | |
| 106 | + </entry> | |
| 107 | + </file> | |
| 108 | + <file leaf-file-name="tomb.py" pinned="false" current-in-tab="false"> | |
| 109 | + <entry file="file://$PROJECT_DIR$/tomb.py"> | |
| 110 | + <provider selected="true" editor-type-id="text-editor"> | |
| 111 | + <state relative-caret-position="190"> | |
| 112 | + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" /> | |
| 105 | 113 | <folding /> |
| 106 | 114 | </state> |
| 107 | 115 | </provider> |
| ... | ... | @@ -127,16 +135,6 @@ |
| 127 | 135 | </provider> |
| 128 | 136 | </entry> |
| 129 | 137 | </file> |
| 130 | - <file leaf-file-name="dig.service" pinned="false" current-in-tab="false"> | |
| 131 | - <entry file="file://$PROJECT_DIR$/scripts/dig.service"> | |
| 132 | - <provider selected="true" editor-type-id="text-editor"> | |
| 133 | - <state relative-caret-position="133"> | |
| 134 | - <caret line="7" column="35" selection-start-line="7" selection-start-column="35" selection-end-line="7" selection-end-column="35" /> | |
| 135 | - <folding /> | |
| 136 | - </state> | |
| 137 | - </provider> | |
| 138 | - </entry> | |
| 139 | - </file> | |
| 140 | 138 | </leaf> |
| 141 | 139 | </component> |
| 142 | 140 | <component name="FileTemplateManagerImpl"> |
| ... | ... | @@ -161,8 +159,9 @@ |
| 161 | 159 | <option value="$PROJECT_DIR$/scripts/digger.sh" /> |
| 162 | 160 | <option value="$PROJECT_DIR$/runcmd.py" /> |
| 163 | 161 | <option value="$PROJECT_DIR$/vars/ntfsvol.py" /> |
| 164 | - <option value="$PROJECT_DIR$/modules/mft.py" /> | |
| 165 | 162 | <option value="$PROJECT_DIR$/scripts/list_ntfs.sh" /> |
| 163 | + <option value="$PROJECT_DIR$/tomb.py" /> | |
| 164 | + <option value="$PROJECT_DIR$/modules/mft.py" /> | |
| 166 | 165 | </list> |
| 167 | 166 | </option> |
| 168 | 167 | </component> |
| ... | ... | @@ -577,14 +576,6 @@ |
| 577 | 576 | </state> |
| 578 | 577 | </provider> |
| 579 | 578 | </entry> |
| 580 | - <entry file="file://$PROJECT_DIR$/digger.py"> | |
| 581 | - <provider selected="true" editor-type-id="text-editor"> | |
| 582 | - <state relative-caret-position="-152"> | |
| 583 | - <caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="23" /> | |
| 584 | - <folding /> | |
| 585 | - </state> | |
| 586 | - </provider> | |
| 587 | - </entry> | |
| 588 | 579 | <entry file="file://$PROJECT_DIR$/scripts/digger.sh"> |
| 589 | 580 | <provider selected="true" editor-type-id="text-editor"> |
| 590 | 581 | <state relative-caret-position="133"> |
| ... | ... | @@ -593,18 +584,18 @@ |
| 593 | 584 | </state> |
| 594 | 585 | </provider> |
| 595 | 586 | </entry> |
| 596 | - <entry file="file://$PROJECT_DIR$/module.py"> | |
| 587 | + <entry file="file://$PROJECT_DIR$/scripts/list_ntfs.sh"> | |
| 597 | 588 | <provider selected="true" editor-type-id="text-editor"> |
| 598 | - <state relative-caret-position="304"> | |
| 599 | - <caret line="16" column="58" selection-start-line="16" selection-start-column="58" selection-end-line="16" selection-end-column="58" /> | |
| 589 | + <state relative-caret-position="38"> | |
| 590 | + <caret line="2" column="83" selection-start-line="2" selection-start-column="83" selection-end-line="2" selection-end-column="83" /> | |
| 600 | 591 | <folding /> |
| 601 | 592 | </state> |
| 602 | 593 | </provider> |
| 603 | 594 | </entry> |
| 604 | - <entry file="file://$PROJECT_DIR$/modules/mft.py"> | |
| 595 | + <entry file="file://$PROJECT_DIR$/runcmd.py"> | |
| 605 | 596 | <provider selected="true" editor-type-id="text-editor"> |
| 606 | - <state relative-caret-position="285"> | |
| 607 | - <caret line="15" column="52" selection-start-line="15" selection-start-column="52" selection-end-line="15" selection-end-column="52" /> | |
| 597 | + <state relative-caret-position="76"> | |
| 598 | + <caret line="4" column="22" selection-start-line="4" selection-start-column="22" selection-end-line="4" selection-end-column="22" /> | |
| 608 | 599 | <folding /> |
| 609 | 600 | </state> |
| 610 | 601 | </provider> |
| ... | ... | @@ -619,21 +610,41 @@ |
| 619 | 610 | </state> |
| 620 | 611 | </provider> |
| 621 | 612 | </entry> |
| 622 | - <entry file="file://$PROJECT_DIR$/scripts/list_ntfs.sh"> | |
| 613 | + <entry file="file://$PROJECT_DIR$/module.py"> | |
| 623 | 614 | <provider selected="true" editor-type-id="text-editor"> |
| 624 | - <state relative-caret-position="38"> | |
| 625 | - <caret line="2" column="83" selection-start-line="2" selection-start-column="83" selection-end-line="2" selection-end-column="83" /> | |
| 615 | + <state relative-caret-position="304"> | |
| 616 | + <caret line="16" column="58" selection-start-line="16" selection-start-column="58" selection-end-line="16" selection-end-column="58" /> | |
| 626 | 617 | <folding /> |
| 627 | 618 | </state> |
| 628 | 619 | </provider> |
| 629 | 620 | </entry> |
| 630 | - <entry file="file://$PROJECT_DIR$/runcmd.py"> | |
| 621 | + <entry file="file://$PROJECT_DIR$/digger.py"> | |
| 631 | 622 | <provider selected="true" editor-type-id="text-editor"> |
| 632 | - <state relative-caret-position="38"> | |
| 633 | - <caret line="2" column="18" selection-start-line="2" selection-start-column="18" selection-end-line="2" selection-end-column="18" /> | |
| 623 | + <state relative-caret-position="-190"> | |
| 624 | + <caret line="11" column="0" selection-start-line="11" selection-start-column="0" selection-end-line="11" selection-end-column="0" /> | |
| 625 | + <folding> | |
| 626 | + <element signature="e#25#38#0" expanded="true" /> | |
| 627 | + </folding> | |
| 628 | + </state> | |
| 629 | + </provider> | |
| 630 | + </entry> | |
| 631 | + <entry file="file://$PROJECT_DIR$/tomb.py"> | |
| 632 | + <provider selected="true" editor-type-id="text-editor"> | |
| 633 | + <state relative-caret-position="190"> | |
| 634 | + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" /> | |
| 634 | 635 | <folding /> |
| 635 | 636 | </state> |
| 636 | 637 | </provider> |
| 637 | 638 | </entry> |
| 639 | + <entry file="file://$PROJECT_DIR$/modules/mft.py"> | |
| 640 | + <provider selected="true" editor-type-id="text-editor"> | |
| 641 | + <state relative-caret-position="190"> | |
| 642 | + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" /> | |
| 643 | + <folding> | |
| 644 | + <element signature="e#0#25#0" expanded="true" /> | |
| 645 | + </folding> | |
| 646 | + </state> | |
| 647 | + </provider> | |
| 648 | + </entry> | |
| 638 | 649 | </component> |
| 639 | 650 | </project> |
| 640 | 651 | \ No newline at end of file | ... | ... |
__pycache__/tomb.cpython-34.pyc
0 → 100644
No preview for this file type
modules/__pycache__/mft.cpython-34.pyc
No preview for this file type
modules/mft.py
| 1 | 1 | from module import Module |
| 2 | +from runcmd import runProcess | |
| 3 | +import tomb | |
| 2 | 4 | |
| 3 | 5 | def getInstance(): |
| 4 | 6 | return MFTModule() |
| ... | ... | @@ -12,6 +14,9 @@ class MFTModule(Module): |
| 12 | 14 | self.vars = {} |
| 13 | 15 | |
| 14 | 16 | def run(self): |
| 15 | - for x in self.vars: | |
| 16 | - print(x + ": " + str(self.vars[x].value)) | |
| 17 | + for vol in self.vars['ntfsvol'].value: | |
| 18 | + result = runProcess(["icat","/dev/" + vol,"0"]) | |
| 19 | + mftbin = open(tomb.getPath() + "mft/" + vol + ".bin",'wb') | |
| 20 | + mftbin.write(result[0]) | |
| 21 | + mftbin.close() | |
| 17 | 22 | ... | ... |
tomb.py
0 → 100644