2 Features for kape targets #888
Comments
|
One should already be fully supported. I don't know that I'm a fan of two |
|
1 is not supported from my testing |
|
Hmm. I know wild cards in between separators works |
|
Well wildcard C:\Program Files\*\ will catch any folder under Program Files but if you want to match a folder by name it would be more efficient such as C:\Program Files\*SomeApp* |
|
I just tested the TeamViewer Target and it worked as expected.
Specifically, this part: -
Name: TeamViewer Application Logs
Category: ApplicationLogs
Path: C:\Program Files*\TeamViewer\
FileMask: 'TeamViewer*_Logfile*'
Comment: "Includes TeamViewer<version>_Logfile.log and TeamViewer<version>_Logfile_OLD.log"NOTE: I had to copy the file found in I even went futher and added another slightly different file with a different file name to test the double wildcard in the FileMask and it worked.
I then went ANOTHER step further and modified the Target to this: -
Name: TeamViewer Application Logs
Category: ApplicationLogs
Path: C:\Program Files*\*eamViewe*\
FileMask: 'TeamViewer*_Logfile*'
Comment: "Includes TeamViewer<version>_Logfile.log and TeamViewer<version>_Logfile_OLD.log"and it worked!
|
|
interesting @AndrewRathbun, I tried the TeamViewerLogs target on my machine and it didnt find anything under Program Files(x86) even though it exists. I tried running the following command: As you can see they do exist: I tested it with kape 1.3.0.2 on Windows 11. |
|
Enable --debug and see what it shows |
|
@EricZimmerman I have already done that and put the output in the comment above. |
|
11 came out after kape 1.3.0.2 most likely. It's the same family vs
previous versions of windows
… Message ID: ***@***.***>
|
I did my testing with that same version of KAPE and Windows 🤷♂️. To be fair, the Windows Registry shows references to 10 even on 11 systems. Not sure why but it is what it is. I don't think that's a KAPE issue as KAPE is very likely just parsing what Windows is recording. |
KAPE version
latest
Is your feature request related to a problem? Please describe.
WhatsApp.tkape for example
Describe the solution you'd like
Feature 1)
Path variable in the tkape files should have a wildcard option to match a directory, Example:
C:\Program Files\*SomeApp*
Feature 2)
SaveAsFileName variable in the tkape files should have a %destinationFileName% parameter similar to the mkape parameters so the target filename can be altered, Example:
SaveAsFileName: %destinationFileName%.jpg
Describe alternatives you've considered
Would like to know of any.
Additional context
An example can be seen in the PR #887:
Feature 1)
WhatsApp.tkape could be better addressed with using the following path instead:
C:\Users%user%\AppData\Local\Packages\*WhatsAppDesktop*\LocalCache\Roaming\WhatsApp\Cache
Feature 2)
WhatsApp_Media.tkape could be better addressed renaming the target files with a .jpg extension to make them readable:
Path: C:\Users%user%\AppData\Local\Packages\5319275A.WhatsAppDesktop_cv1g1gvanyjgm\LocalState\profilePictures
SaveAsFileName: %destinationFileName%.jpg
The text was updated successfully, but these errors were encountered: