Imanol-Mikel Barba Sabariego / gravedigger · Commits

Commit 36718063832b1edf41e85f286bfdd054753bfe16

Authored by Imanol-Mikel Barba Sabariego
1 parent 2a93f649

MFT module completed

Inline Side-by-side
Showing 5 changed files with 77 additions and 49 deletions
.idea/workspace.xml
  View file @3671806
@@ -2,15 +2,9 @@ @@ -2,15 +2,9 @@
2 <project version="4"> 2 <project version="4">
3 <component name="ChangeListManager"> 3 <component name="ChangeListManager">
4 <list default="true" id="33419617-7da8-422e-9ac6-68e0b317ebf8" name="Default" comment=""> 4 <list default="true" id="33419617-7da8-422e-9ac6-68e0b317ebf8" name="Default" comment="">
5 - <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/runcmd.py" />  
6 - <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/scripts/list_ntfs.sh" /> 5 + <change type="NEW" beforePath="" afterPath="$PROJECT_DIR$/tomb.py" />
7 <change type="MODIFICATION" beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" /> 6 <change type="MODIFICATION" beforePath="$PROJECT_DIR$/.idea/workspace.xml" afterPath="$PROJECT_DIR$/.idea/workspace.xml" />
8 - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/digger.py" afterPath="$PROJECT_DIR$/digger.py" />  
9 - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/module.py" afterPath="$PROJECT_DIR$/module.py" />  
10 <change type="MODIFICATION" beforePath="$PROJECT_DIR$/modules/mft.py" afterPath="$PROJECT_DIR$/modules/mft.py" /> 7 <change type="MODIFICATION" beforePath="$PROJECT_DIR$/modules/mft.py" afterPath="$PROJECT_DIR$/modules/mft.py" />
11 - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/modulevar.py" afterPath="$PROJECT_DIR$/modulevar.py" />  
12 - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/scripts/digger.sh" afterPath="$PROJECT_DIR$/scripts/digger.sh" />  
13 - <change type="MODIFICATION" beforePath="$PROJECT_DIR$/vars/ntfsvol.py" afterPath="$PROJECT_DIR$/vars/ntfsvol.py" />  
14 </list> 8 </list>
15 <ignored path="gravedigger.iws" /> 9 <ignored path="gravedigger.iws" />
16 <ignored path=".idea/workspace.xml" /> 10 <ignored path=".idea/workspace.xml" />
@@ -48,18 +42,20 @@ @@ -48,18 +42,20 @@
48 <file leaf-file-name="digger.py" pinned="false" current-in-tab="false"> 42 <file leaf-file-name="digger.py" pinned="false" current-in-tab="false">
49 <entry file="file://$PROJECT_DIR$/digger.py"> 43 <entry file="file://$PROJECT_DIR$/digger.py">
50 <provider selected="true" editor-type-id="text-editor"> 44 <provider selected="true" editor-type-id="text-editor">
51 - <state relative-caret-position="-152">  
52 - <caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="23" />  
53 - <folding /> 45 + <state relative-caret-position="-190">
  46 + <caret line="11" column="0" selection-start-line="11" selection-start-column="0" selection-end-line="11" selection-end-column="0" />
  47 + <folding>
  48 + <element signature="e#25#38#0" expanded="true" />
  49 + </folding>
54 </state> 50 </state>
55 </provider> 51 </provider>
56 </entry> 52 </entry>
57 </file> 53 </file>
58 - <file leaf-file-name="runcmd.py" pinned="false" current-in-tab="true"> 54 + <file leaf-file-name="runcmd.py" pinned="false" current-in-tab="false">
59 <entry file="file://$PROJECT_DIR$/runcmd.py"> 55 <entry file="file://$PROJECT_DIR$/runcmd.py">
60 <provider selected="true" editor-type-id="text-editor"> 56 <provider selected="true" editor-type-id="text-editor">
61 - <state relative-caret-position="38">  
62 - <caret line="2" column="18" selection-start-line="2" selection-start-column="18" selection-end-line="2" selection-end-column="18" /> 57 + <state relative-caret-position="76">
  58 + <caret line="4" column="22" selection-start-line="4" selection-start-column="22" selection-end-line="4" selection-end-column="22" />
63 <folding /> 59 <folding />
64 </state> 60 </state>
65 </provider> 61 </provider>
@@ -97,11 +93,23 @@ @@ -97,11 +93,23 @@
97 </provider> 93 </provider>
98 </entry> 94 </entry>
99 </file> 95 </file>
100 - <file leaf-file-name="mft.py" pinned="false" current-in-tab="false"> 96 + <file leaf-file-name="mft.py" pinned="false" current-in-tab="true">
101 <entry file="file://$PROJECT_DIR$/modules/mft.py"> 97 <entry file="file://$PROJECT_DIR$/modules/mft.py">
102 <provider selected="true" editor-type-id="text-editor"> 98 <provider selected="true" editor-type-id="text-editor">
103 - <state relative-caret-position="285">  
104 - <caret line="15" column="52" selection-start-line="15" selection-start-column="52" selection-end-line="15" selection-end-column="52" /> 99 + <state relative-caret-position="190">
  100 + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" />
  101 + <folding>
  102 + <element signature="e#0#25#0" expanded="true" />
  103 + </folding>
  104 + </state>
  105 + </provider>
  106 + </entry>
  107 + </file>
  108 + <file leaf-file-name="tomb.py" pinned="false" current-in-tab="false">
  109 + <entry file="file://$PROJECT_DIR$/tomb.py">
  110 + <provider selected="true" editor-type-id="text-editor">
  111 + <state relative-caret-position="190">
  112 + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" />
105 <folding /> 113 <folding />
106 </state> 114 </state>
107 </provider> 115 </provider>
@@ -127,16 +135,6 @@ @@ -127,16 +135,6 @@
127 </provider> 135 </provider>
128 </entry> 136 </entry>
129 </file> 137 </file>
130 - <file leaf-file-name="dig.service" pinned="false" current-in-tab="false">  
131 - <entry file="file://$PROJECT_DIR$/scripts/dig.service">  
132 - <provider selected="true" editor-type-id="text-editor">  
133 - <state relative-caret-position="133">  
134 - <caret line="7" column="35" selection-start-line="7" selection-start-column="35" selection-end-line="7" selection-end-column="35" />  
135 - <folding />  
136 - </state>  
137 - </provider>  
138 - </entry>  
139 - </file>  
140 </leaf> 138 </leaf>
141 </component> 139 </component>
142 <component name="FileTemplateManagerImpl"> 140 <component name="FileTemplateManagerImpl">
@@ -161,8 +159,9 @@ @@ -161,8 +159,9 @@
161 <option value="$PROJECT_DIR$/scripts/digger.sh" /> 159 <option value="$PROJECT_DIR$/scripts/digger.sh" />
162 <option value="$PROJECT_DIR$/runcmd.py" /> 160 <option value="$PROJECT_DIR$/runcmd.py" />
163 <option value="$PROJECT_DIR$/vars/ntfsvol.py" /> 161 <option value="$PROJECT_DIR$/vars/ntfsvol.py" />
164 - <option value="$PROJECT_DIR$/modules/mft.py" />  
165 <option value="$PROJECT_DIR$/scripts/list_ntfs.sh" /> 162 <option value="$PROJECT_DIR$/scripts/list_ntfs.sh" />
  163 + <option value="$PROJECT_DIR$/tomb.py" />
  164 + <option value="$PROJECT_DIR$/modules/mft.py" />
166 </list> 165 </list>
167 </option> 166 </option>
168 </component> 167 </component>
@@ -577,14 +576,6 @@ @@ -577,14 +576,6 @@
577 </state> 576 </state>
578 </provider> 577 </provider>
579 </entry> 578 </entry>
580 - <entry file="file://$PROJECT_DIR$/digger.py">  
581 - <provider selected="true" editor-type-id="text-editor">  
582 - <state relative-caret-position="-152">  
583 - <caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="23" />  
584 - <folding />  
585 - </state>  
586 - </provider>  
587 - </entry>  
588 <entry file="file://$PROJECT_DIR$/scripts/digger.sh"> 579 <entry file="file://$PROJECT_DIR$/scripts/digger.sh">
589 <provider selected="true" editor-type-id="text-editor"> 580 <provider selected="true" editor-type-id="text-editor">
590 <state relative-caret-position="133"> 581 <state relative-caret-position="133">
@@ -593,18 +584,18 @@ @@ -593,18 +584,18 @@
593 </state> 584 </state>
594 </provider> 585 </provider>
595 </entry> 586 </entry>
596 - <entry file="file://$PROJECT_DIR$/module.py"> 587 + <entry file="file://$PROJECT_DIR$/scripts/list_ntfs.sh">
597 <provider selected="true" editor-type-id="text-editor"> 588 <provider selected="true" editor-type-id="text-editor">
598 - <state relative-caret-position="304">  
599 - <caret line="16" column="58" selection-start-line="16" selection-start-column="58" selection-end-line="16" selection-end-column="58" /> 589 + <state relative-caret-position="38">
  590 + <caret line="2" column="83" selection-start-line="2" selection-start-column="83" selection-end-line="2" selection-end-column="83" />
600 <folding /> 591 <folding />
601 </state> 592 </state>
602 </provider> 593 </provider>
603 </entry> 594 </entry>
604 - <entry file="file://$PROJECT_DIR$/modules/mft.py"> 595 + <entry file="file://$PROJECT_DIR$/runcmd.py">
605 <provider selected="true" editor-type-id="text-editor"> 596 <provider selected="true" editor-type-id="text-editor">
606 - <state relative-caret-position="285">  
607 - <caret line="15" column="52" selection-start-line="15" selection-start-column="52" selection-end-line="15" selection-end-column="52" /> 597 + <state relative-caret-position="76">
  598 + <caret line="4" column="22" selection-start-line="4" selection-start-column="22" selection-end-line="4" selection-end-column="22" />
608 <folding /> 599 <folding />
609 </state> 600 </state>
610 </provider> 601 </provider>
@@ -619,21 +610,41 @@ @@ -619,21 +610,41 @@
619 </state> 610 </state>
620 </provider> 611 </provider>
621 </entry> 612 </entry>
622 - <entry file="file://$PROJECT_DIR$/scripts/list_ntfs.sh"> 613 + <entry file="file://$PROJECT_DIR$/module.py">
623 <provider selected="true" editor-type-id="text-editor"> 614 <provider selected="true" editor-type-id="text-editor">
624 - <state relative-caret-position="38">  
625 - <caret line="2" column="83" selection-start-line="2" selection-start-column="83" selection-end-line="2" selection-end-column="83" /> 615 + <state relative-caret-position="304">
  616 + <caret line="16" column="58" selection-start-line="16" selection-start-column="58" selection-end-line="16" selection-end-column="58" />
626 <folding /> 617 <folding />
627 </state> 618 </state>
628 </provider> 619 </provider>
629 </entry> 620 </entry>
630 - <entry file="file://$PROJECT_DIR$/runcmd.py"> 621 + <entry file="file://$PROJECT_DIR$/digger.py">
631 <provider selected="true" editor-type-id="text-editor"> 622 <provider selected="true" editor-type-id="text-editor">
632 - <state relative-caret-position="38">  
633 - <caret line="2" column="18" selection-start-line="2" selection-start-column="18" selection-end-line="2" selection-end-column="18" /> 623 + <state relative-caret-position="-190">
  624 + <caret line="11" column="0" selection-start-line="11" selection-start-column="0" selection-end-line="11" selection-end-column="0" />
  625 + <folding>
  626 + <element signature="e#25#38#0" expanded="true" />
  627 + </folding>
  628 + </state>
  629 + </provider>
  630 + </entry>
  631 + <entry file="file://$PROJECT_DIR$/tomb.py">
  632 + <provider selected="true" editor-type-id="text-editor">
  633 + <state relative-caret-position="190">
  634 + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" />
634 <folding /> 635 <folding />
635 </state> 636 </state>
636 </provider> 637 </provider>
637 </entry> 638 </entry>
  639 + <entry file="file://$PROJECT_DIR$/modules/mft.py">
  640 + <provider selected="true" editor-type-id="text-editor">
  641 + <state relative-caret-position="190">
  642 + <caret line="10" column="25" selection-start-line="10" selection-start-column="25" selection-end-line="10" selection-end-column="25" />
  643 + <folding>
  644 + <element signature="e#0#25#0" expanded="true" />
  645 + </folding>
  646 + </state>
  647 + </provider>
  648 + </entry>
638 </component> 649 </component>
639 </project> 650 </project>
640 \ No newline at end of file 651 \ No newline at end of file
__pycache__/tomb.cpython-34.pyc 0 → 100644
View file @3671806
No preview for this file type
modules/__pycache__/mft.cpython-34.pyc
View file @3671806
No preview for this file type
modules/mft.py
  View file @3671806
1 from module import Module 1 from module import Module
  2 +from runcmd import runProcess
  3 +import tomb
2 4
3 def getInstance(): 5 def getInstance():
4 return MFTModule() 6 return MFTModule()
@@ -12,6 +14,9 @@ class MFTModule(Module): @@ -12,6 +14,9 @@ class MFTModule(Module):
12 self.vars = {} 14 self.vars = {}
13 15
14 def run(self): 16 def run(self):
15 - for x in self.vars:  
16 - print(x + ": " + str(self.vars[x].value)) 17 + for vol in self.vars['ntfsvol'].value:
  18 + result = runProcess(["icat","/dev/" + vol,"0"])
  19 + mftbin = open(tomb.getPath() + "mft/" + vol + ".bin",'wb')
  20 + mftbin.write(result[0])
  21 + mftbin.close()
17 22
tomb.py 0 → 100644
  View file @3671806
  1 +import os
  2 +
  3 +__ROOT_PATH__ = "/bones/"
  4 +
  5 +def __getTomb__():
  6 + return "test"
  7 +
  8 +def getPath():
  9 + path = __ROOT_PATH__ + __getTomb__() + "/"
  10 + if not os.path.exists(path):
  11 + os.makedirs(path)
  12 + return path
0 \ No newline at end of file 13 \ No newline at end of file