From 36718063832b1edf41e85f286bfdd054753bfe16 Mon Sep 17 00:00:00 2001 From: Imanol-Mikel Barba Sabariego Date: Mon, 24 Oct 2016 16:06:36 +0200 Subject: [PATCH] MFT module completed --- .idea/workspace.xml | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------- __pycache__/tomb.cpython-34.pyc | Bin 0 -> 490 bytes modules/__pycache__/mft.cpython-34.pyc | Bin 840 -> 0 bytes modules/mft.py | 9 +++++++-- tomb.py | 12 ++++++++++++ 5 files changed, 77 insertions(+), 49 deletions(-) create mode 100644 __pycache__/tomb.cpython-34.pyc create mode 100644 tomb.py diff --git a/.idea/workspace.xml b/.idea/workspace.xml index 6d5b456..2a01b66 100644 --- a/.idea/workspace.xml +++ b/.idea/workspace.xml @@ -2,15 +2,9 @@ - - + - - - - - @@ -48,18 +42,20 @@ - - - + + + + + - + - - + + @@ -97,11 +93,23 @@ - + - - + + + + + + + + + + + + + + @@ -127,16 +135,6 @@ - - - - - - - - - - @@ -161,8 +159,9 @@ @@ -577,14 +576,6 @@ - - - - - - - - @@ -593,18 +584,18 @@ - + - - + + - + - - + + @@ -619,21 +610,41 @@ - + - - + + - + - - + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/__pycache__/tomb.cpython-34.pyc b/__pycache__/tomb.cpython-34.pyc new file mode 100644 index 0000000..4e8a3e4 Binary files /dev/null and b/__pycache__/tomb.cpython-34.pyc differ diff --git a/modules/__pycache__/mft.cpython-34.pyc b/modules/__pycache__/mft.cpython-34.pyc index 4ebbb03..edffb1d 100644 Binary files a/modules/__pycache__/mft.cpython-34.pyc and b/modules/__pycache__/mft.cpython-34.pyc differ diff --git a/modules/mft.py b/modules/mft.py index dd42588..61e334f 100644 --- a/modules/mft.py +++ b/modules/mft.py @@ -1,4 +1,6 @@ from module import Module +from runcmd import runProcess +import tomb def getInstance(): return MFTModule() @@ -12,6 +14,9 @@ class MFTModule(Module): self.vars = {} def run(self): - for x in self.vars: - print(x + ": " + str(self.vars[x].value)) + for vol in self.vars['ntfsvol'].value: + result = runProcess(["icat","/dev/" + vol,"0"]) + mftbin = open(tomb.getPath() + "mft/" + vol + ".bin",'wb') + mftbin.write(result[0]) + mftbin.close() diff --git a/tomb.py b/tomb.py new file mode 100644 index 0000000..df3276a --- /dev/null +++ b/tomb.py @@ -0,0 +1,12 @@ +import os + +__ROOT_PATH__ = "/bones/" + +def __getTomb__(): + return "test" + +def getPath(): + path = __ROOT_PATH__ + __getTomb__() + "/" + if not os.path.exists(path): + os.makedirs(path) + return path \ No newline at end of file -- libgit2 0.22.2