Implemented info module (Issue #2. Issue #4 is already fixed.. Issue #1 is fixed

Imanol-Mikel Barba Sabariego
1 parent 4877251c
Showing 4 changed files with 19 additions and 8 deletions
README.md
modules/info.py
modules/mft.py
modules/winreg.py
@@ -5,4 +5,5 @@ REQUIRED PACKAGES
 * python3-dialog
 * sleuthkit
 * pev
-* ntfs-3g
 \ No newline at end of file
+* ntfs-3g
+* lshw
 \ No newline at end of file
@@ -16,6 +16,14 @@ class INFOModule(Module):
     def run(self):
         path = tomb.getPath() + self.name + "/"
-        os.mkdir(path)
-        #TODO
-        #getinfo
+        if(not os.path.exists(path)):
+            os.mkdir(path)
+        output,code = runProcess("lshw")
+        lshw = open(path + "lshw.txt", 'wb')
+        lshw.write(output)
+        lshw.close()
+
+        output,code = runProcess("dmidecode")
+        lshw = open(path + "dmidecode.txt", 'wb')
+        lshw.write(output)
+        lshw.close()
 \ No newline at end of file
@@ -16,10 +16,11 @@ class MFTModule(Module):
     def run(self):
         path = tomb.getPath() + self.name + "/"
-        os.mkdir(path)
+        if(not os.path.exists(path)):
+            os.mkdir(path)
         for vol in self.vars['ntfsvol'].value:
-            result = runProcess(["icat","/dev/" + vol,"0"])
+            result,code = runProcess(["icat","/dev/" + vol,"0"])
             mftbin = open(path + vol + ".bin",'wb')
-            mftbin.write(result[0])
+            mftbin.write(result)
             mftbin.close()
@@ -18,7 +18,8 @@ class RegistryModule(Module):
     def run(self):
         path = tomb.getPath() + self.name + "/"
-        os.mkdir(path)
+        if(not os.path.exists(path)):
+            os.mkdir(path)
         for vol in self.vars['winvol'].value:
             mntpoint = "/mnt/"
             mntid = mount("/dev/" + vol)