file open fix

504ensicsLabs · Nov 3, 2011 · 2304dc1 · 2304dc1
1 parent b1f95ce
commit 2304dc1
Show file tree

Hide file tree

Showing 10 changed files with 97 additions and 115 deletions.
diff --git a/__init__.py b/__init__.py
@@ -22,4 +22,5 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
 #
-__all__= ["acquirers", "common", "GUI", "registryparser", "strings", "templates", "tree", "values", "datastructures", "initial_processing", "reporting", "errorclasses"]
+__all__ = ["acquirers", "common", "GUI", "registryparser", "templates", "datastructures", "initial_processing", "reporting", "errorclasses", "template_manager". "opencase"]
+
diff --git a/common.py b/common.py
@@ -26,6 +26,18 @@
 
 from datetime import date, datetime
 
+import common
+
+import opencase
+
+import template_manager as tmmod
+
+def usage():
+
+    print "python opencase.py <case directory> <plugin name> <file id> <extra plugin directory (optional)>"
+    print "See the instructions file for complete description"
+    sys.exit(1)
+
 def parse_cmdline(gui, args):
 
     try:
@@ -63,4 +75,47 @@ def die(str):
 
 hive_types =  ["SOFTWARE", "SYSTEM", "SECURITY", "NTUSER", "SAM", "USRCLASS"]
 
+def plugin_cmdline():
+
+    try:
+        case_dir    = sys.argv[1]
+        plugin_name = sys.argv[2]
+        fileid      = int(sys.argv[3])
+    except:
+        usage()
+
+    try:
+        extra = sys.argv[4]
+        extra = extra.split(";") 
+    except:
+        extra = []
+
+    # open the case and get the tree
+    o = opencase.opencase(case_dir)
+    o.current_fileid = fileid
+
+    tm = tmmod.TemplateManager()
+    tm.load_templates(o, extra)
+
+    templates = tm.get_loaded_templates()
+
+    ran = 0
+
+    for t in templates:
+        if t.pluginname == plugin_name:
+            t.run_me()
+            ran = 1
+            break
+
+    if ran:
+        print "------output for %s------" % plugin_name
+
+        for val_list in tm.report_data:
+            for val in val_list:
+                print val,
+            print ""
+
+    else:
+        print "invalid plugin given" 
+
 
diff --git a/datastructures/strings/stringdatabase/dbhandler.py b/datastructures/strings/stringdatabase/dbhandler.py
@@ -22,29 +22,28 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
 #
-#!/usr/bin/python
 
-import common, sqlite3handler
+import sqlite3handler
 
 class dbhandler:
 
-	def __init__(self, dbtype, case_dir):
+    def __init__(self, dbtype, case_dir):
 
-		self.databases = { "sqlite3" : sqlite3handler.sqlite3class	}
+        self.databases = { "sqlite3" : sqlite3handler.sqlite3class    }
 
-		self.handle = self.set_dbhandle(dbtype, case_dir)
+        self.handle = self.set_dbhandle(dbtype, case_dir)
 
-	def get_dbhandle(self):
+    def get_dbhandle(self):
 
-		return self.handle
+        return self.handle
 
-	def set_dbhandle(self, dbtype, case_dir):
+    def set_dbhandle(self, dbtype, case_dir):
 
-		if dbtype in self.databases:
-			ret = self.databases[dbtype](case_dir)
-		else:
-			common.die("Invalid database type sent to get_dbhandle %s" % dbtype)
-	
-		return ret
+        if dbtype in self.databases:
+            ret = self.databases[dbtype](case_dir)
+        else:
+            print "Invalid database type sent to get_dbhandle %s" % dbtype
+    
+        return ret
 
 
diff --git a/guimain.py b/guimain.py
@@ -24,7 +24,7 @@
 #
 # contains all of the code for the case creation UI and event handlers
 
-import sys, os
+import sys, os, cProfile
 
 # If we're in a pyinstaller executable, from volatility
 if hasattr(sys, "frozen"):
@@ -502,7 +502,7 @@ def msgBox(self, message, warn=1):
 
         qb.show()
 
-def do_main():
+def do_gui_main():
 
     global guidrawn
 
@@ -516,15 +516,30 @@ def do_main():
 
     app.exec_()
 
-def main():
+def gui_main():
 
     if profile:
-        import cProfile
-        cProfile.run('do_main()')
+        cProfile.run('do_gui_main()')
     else:
-        do_main()
+        do_gui_main()
+
+def cmdline_main():
+
+    if profile:
+        cProfile.run('common.plugin_cmdline()')
+    else:
+        common.plugin_cmdline()
 
 if __name__ == "__main__":
-    main()
+
+    if len(sys.argv) > 3:
+        cmdline_main()
+    else:
+        gui_main()
 
 
+
+
+
+
+
diff --git a/initial_processing/evidence_database.py b/initial_processing/evidence_database.py
@@ -57,6 +57,8 @@ def compute_md5(self, filename):
 
             pos = pos + oneMB
 
+        fd.close()
+
         return md5.hexdigest()
 
     def get_file_contents(self, path, filename):

diff --git a/opencase.py b/opencase.py
@@ -26,10 +26,6 @@
 
 from datastructures.tree.paralleltree import *
 
-import template_manager as tmmod
-
-profile = 0
-
 class objclass:
     pass
 
@@ -90,64 +86,3 @@ def opencaseobj(self):
 
 
 
-def usage():
-
-    print "python openmain.py <case directory> <plugin name> <file id> <extra plugin directory (optional)>"
-    print "See the instructions file for complete description"
-    sys.exit(1)
-
-def main():
-
-
-    try:
-        case_dir    = sys.argv[1]
-        plugin_name = sys.argv[2]
-        fileid      = int(sys.argv[3])
-    except:
-        usage()
-
-    try:
-        extra = sys.argv[4]
-        extra = extra.split(";") 
-    except:
-        extra = []
-
-    # open the case and get the tree
-    o = opencase(case_dir)
-    o.current_fileid = fileid
-
-    tm = tmmod.TemplateManager()
-    tm.load_templates(o, extra)
-
-    templates = tm.get_loaded_templates()
-
-    ran = 0
-
-    for t in templates:
-        if t.pluginname == plugin_name:
-            t.run_me()
-            ran = 1
-            break
-
-    if ran:
-        print "------output for %s------" % plugin_name
-
-        for val_list in tm.report_data:
-            for val in val_list:
-                print val,
-            print ""
-
-    else:
-        print "invalid plugin given" 
-
-
-if __name__ == "__main__":
-
-    if profile:
-        import cProfile
-        cProfile.run('main()')
-    else:
-        main()
-
-
-
diff --git a/report_manager.py b/report_manager.py
@@ -282,7 +282,7 @@ def load_reports(self, file_based):
                     modname = fd.rsplit(".")[0]
 
                     mod = __import__(modname)       
-
+                    
                     valid = 1
                     for attr in required_attrs:
                         if not hasattr(mod, attr):

diff --git a/reporting/report_formats/__init__.py b/reporting/report_formats/__init__.py
diff --git a/templates/__init__.py b/templates/__init__.py
@@ -22,4 +22,4 @@
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
 #
-__all__ = [ "template", "util"]
+__all__ = ["util"]
diff --git a/templates/util/util.py b/templates/util/util.py
@@ -25,7 +25,7 @@
 from datastructures.strings.stringtable import *
 from errorclasses import *
 
-import common, datetime, binascii, struct
+import datetime, binascii, struct
 from string import ascii_uppercase, ascii_lowercase
 
 # CODING CONVENTION: