Skip to content

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also .
...
Commits on Apr 26, 2012
@bcarrier bcarrier started work on removing need for modules to have to call open. Open …
…is called in the pipeline code each time
55476d0
@bcarrier bcarrier started work on removing need for modules to have to call open. Open …
…is called in the pipeline code each time
98b10c7
@esaunders esaunders If any module encounters a failure while processing a file we will se…
…t the file status to failed once the pipeline is complete.
be8c9a9
@esaunders esaunders Replaced TskImgDB::getUniqueCarvedFileIds with TskImgDB::getUniqueCar…
…vedFiles. The new method returns both the file ids and the carved file names.
46988ff
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 32ae347
Commits on Apr 27, 2012
@bcarrier bcarrier Updated TskFile and TskFileManager and doxygen updates 0988326
@bcarrier bcarrier Removed TskFileTsk constructor that takes in path, made constructor p…
…rotected, doxygen cleanup
c873f1a
@bcarrier bcarrier merging conflicts in pipeline 4a9c4b0
Commits on Apr 28, 2012
@esaunders esaunders Only create files if an executable module exists in the pipeline. Del…
…ete files once pipeline is done (except for carved and derived).
1cd4e9e
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 479cdf6
Commits on Apr 30, 2012
@esaunders esaunders Fixed typo. e94adf4
@esaunders esaunders Fixed typo 55c3f0f
@esaunders esaunders Removed call to pFile->close() since that will be handled by the pipe…
…line.
af5938c
@esaunders esaunders Modified TskFileManager interface to more clearly distinguish between…
… saving file content locally, copying file content to another location and introducing a new file into the system. Also made File Manager a service.
7918ddf
@esaunders esaunders Use Poco::File::copyTo when adding new file instead of implementing i…
…t in terms of the existing addFile method that takes a stream. Performance is a lot better if you just do a file system copy.
593957a
@esaunders esaunders Added a TskFile::save() method which is simply a convenience wrapper …
…around TskFileManager::saveFile()
673043b
@esaunders esaunders Added TskFile::tell() and TskFile::seek() methods. Modified TskFileAn…
…alysisPipeline::run() to reset the file by calling seek() instead of close()
3b77a52
Commits on May 01, 2012
@esaunders esaunders Add a primary key to the unused_sectors table. 7975946
Commits on May 03, 2012
@bcarrier bcarrier Updated read error to help debug 708ada6
@bcarrier bcarrier Added more details to read error messages 0577b9f
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 0b300da
Commits on May 04, 2012
@bcarrier bcarrier Added get_attr method that specifies only ID 32c73e4
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 392cee8
@alawrence alawrence Added new getFileRecords API 51f205d
@esaunders esaunders Updated addModule() to test for the existence of the module before at…
…tempting to insert. Updated some methods to take parameters by reference instead of by value.
bdef8ef
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit d9b5523
Commits on May 07, 2012
@jkho jkho MAY-360. Breakup 7zip archive when uncompress file size > 10 GB or fi…
…le count > 1 million, which ever comes first. The zip files have the following naming conventions: carved_files_1.zip, carved_files_2.zip etc.
4c330c4
Commits on May 08, 2012
@richardfickling richardfickling initial multi-hashset prototype 0dcaf37
@esaunders esaunders Updated TskImageFileTsk to handle file attribute types other than the…
… default. Prior to this change an attempt to read content for an alternate data stream would result in an error if the size of the file was larger than the size of the ADS.
84f0cee
@esaunders esaunders Pass vector of bytes by reference instead of by value. 44808ae
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 27f2e08
@bcarrier bcarrier mactime displays times as 0 instead of 1970 if they are not set 146cd93
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit cf882b4
@richardfickling richardfickling Stop using TSK_TCHAR, start using char 05f082c
@bcarrier bcarrier Updated README to reflect autotool requirements ad8067f
@richardfickling richardfickling 0 padding for encase, improve performance for others 82e33b3
@richardfickling richardfickling abstract 'get file name from path' method aab182f
@esaunders esaunders Added TskFile::getKnownStatus() 1504949
@esaunders esaunders Removed _ART from artifacts, removed TSK_WEB_BOOKMARK attribute. Upda…
…ted .gitignore. Renamed framework library to libtskframework.
41aa55d
@esaunders esaunders Make sure fsAttr is not NULL before attempting to determine its size. d4fcdb5
@esaunders esaunders Merge remote-tracking branch 'upstream/master' 280109b
@richardfickling richardfickling small tweaks: #define max name length, pass max databases 9186a74
Commits on May 09, 2012
@richardfickling richardfickling header update d8f129a
@richardfickling richardfickling use strrchr and strcpy, rename name_from_path function 4a5aff1
@bcarrier bcarrier UPdated scheduler API to remove scheduleTask and add nextTask() 95545ba
@bcarrier bcarrier Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 5c82df2
@richardfickling richardfickling set db name on hdb_open, only one NSRL (duh),
simplify tsk_hdb_name_from_path
988e895
@richardfickling richardfickling fix unix compatibility 7a6b053
@bcarrier bcarrier Added copy constructors to C++ classes and renamed DB enums ba18d07
@richardfickling richardfickling set index headers from constants f120172
@richardfickling richardfickling comments, syntax f3c1ea3
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit into ne…
…w-features-20120503

Conflicts:
	bindings/java/jni/dataModel_SleuthkitJNI.cpp
25103d5
@richardfickling richardfickling Revert changes overwritten by merge b79ed46
@richardfickling richardfickling use pointer to store and pass information about hash sets, not strings fd61645
@bcarrier bcarrier Updated doxygen, copyright 750a6b3
@bcarrier bcarrier Merge remote-tracking branch 'upstream/master' b8dd944
@bcarrier bcarrier Renamed TskAuto::openImage to avoid overloaded virtual methods c9064fd
@bcarrier bcarrier Fix for issue 3453765 re: needing bigger buffer for printing times d390d03
@bcarrier bcarrier Added C++ warning flags to Makefile 46772a8
@esaunders esaunders Test tsk_error_get() return value before logging error message. 6a38903
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 0f56ea1
Commits on May 10, 2012
@adam-m adam-m Fix formatting of error messages and add missing error message to tsk…
… exception
dfb5212
@adam-m adam-m Use tsk_error_get and handle null ptr case baeca7e
@bcarrier bcarrier Merge pull request #55 from adam-m/master
Fix error message formatting and reporting
20dfe56
@bcarrier bcarrier closes #7 by moving methods to .cpp file and removing uneeded const c3d6232
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit e62f575
@bcarrier bcarrier fixed compiler error with std::string 3afda18
@richardfickling richardfickling api changes to hash lookup, now require handle to known bad database fa628f8
@richardfickling richardfickling fix TSK error handling 4e58674
@richardfickling richardfickling move error check to beginning of function 0f1808d
@richardfickling richardfickling fix signed/unsigned comparison c701d37
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit f3e74a8
@bcarrier bcarrier Merge pull request #54 from dickfickling/master
Add support for multiple known bad hashsets to Sleuthkit
2f9d9d2
@esaunders esaunders Merge remote-tracking branch 'upstream/master' be2cbfc
@adam-m adam-m Fix errorRecordToString() to reset after copy string, do not revert i…
…mage and allow to continue if errors occured in addFilesInImgToDb()
bf9e8ae
Commits on May 11, 2012
@bcarrier bcarrier Fixed doxygen error 2c35781
@bcarrier bcarrier more doxygen / javadoc fixes 7753ed4
@bcarrier bcarrier Updated win release script for git -- not tested yet 3ae70a8
Brian Carrier Made it warning instead of error if Java does not exist on Unix-like …
…system
cc436a1
@bcarrier bcarrier Fixed compiler warnings a995833
@richardfickling richardfickling Better error handling for db name functions 18b99c9
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit 446d4f8
@bcarrier bcarrier Updated TskModule Readme to reflect how to get the modules code 05f934b
@richardfickling richardfickling Add return value to {databasetype}_name
now backward compatible with old index style (will use file name)
72f212b
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit 588e63a
@esaunders esaunders Merge remote-tracking branch 'upstream/master' b85cd41
@esaunders esaunders Added new Zip Exxtraction module. 01b4533
@adam-m adam-m remove commented out code 593f431
@adam-m adam-m Merge https://github.com/sleuthkit/sleuthkit 6825598
@esaunders esaunders Added c_ZIPExtractionModule b036900
Commits on May 13, 2012
@bcarrier bcarrier Changed values for adding heart beat message -- not static variable a…
…nymore
5e7de03
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 9cc6e20
Commits on May 14, 2012
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit a5f663b
@alawrence alawrence Updated TskFile get methods to be more consistent. 4a9fe24
@bcarrier bcarrier Fixed release script issues 44d4499
@adam-m adam-m Merge git://github.com/sleuthkit/sleuthkit 9d5f6b0
@adam-m adam-m Java bindings: new method to make a case db copy 56463aa
Commits on May 15, 2012
@adam-m adam-m Handle possible exception in finally block 1f96c02
@bcarrier bcarrier Test newline 14020ef
@bcarrier bcarrier Changed moduels to ReadOnly link 3f07ef0
@esaunders esaunders Merge remote-tracking branch 'upstream/master' 922b2a5
@esaunders esaunders Revert Zip Extraction module change. 158976c
@esaunders esaunders Reset c_ZIPExtractionModule pointer. 550946a
Commits on May 16, 2012
@bcarrier bcarrier module docs update 355e6b8
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 3799ff7
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit efc981d
@adam-m adam-m Merge https://github.com/sleuthkit/sleuthkit c312cd7
@bcarrier bcarrier Merge pull request #58 from adam-m/master
Error handling improvements
598b956
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit 55dcca7
@richardfickling richardfickling database name methods no longer return error value
logic to use file name moved to encase and index
684480e
@richardfickling richardfickling use index name if available 8653f55
@bcarrier bcarrier Merge pull request #57 from dickfickling/master
Better error handling for db name functions
03263f3
@alawrence alawrence edited construct statement to handle conditions starting with order by 5f1bbe3
@alawrence alawrence Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 14d4856
@esaunders esaunders Added PocoNet to the post build copy step and updated release configu…
…ration to copy release versions of Poco libraries.
bca08b0
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 9f7d71e
@bcarrier bcarrier updated script 1fce2b0
Commits on May 17, 2012
@bcarrier bcarrier Added error log to release script 7c3148f
@bcarrier bcarrier Added BuildErrors code 85f889c
@bcarrier bcarrier More release script updates 0e35f2c
@bcarrier bcarrier Started to add release script for framework 1d3d227
Commits on May 18, 2012
@bcarrier bcarrier Load config from local dir, set prog dir ef8a723
@esaunders esaunders Merge remote-tracking branch 'upstream/master' 6a27540
@bcarrier bcarrier Added warning flags to C++ classes b925be1
@esaunders esaunders Merge remote-tracking branch 'upstream/master' f7c0d07
@bcarrier bcarrier Removed autotools intermediate files -- too many issues on diff platf…
…orms
a9314a7
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 79f7242
@adam-m adam-m Unescape back the string attribute value when getting text back from …
…blackboard (quotes were escaped as needed for SQL inserts)
b2b2a67
@alawrence alawrence Updated blackboard docs and added checks for valid artifact and attri…
…bute types
2b6c7b7
@alawrence alawrence Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 35441f6
@alawrence alawrence fixed a few bugs and got rid of a leftover method definition f90e38d
@rcordovano rcordovano Addition of first set of submodules 0d666c3
@rcordovano rcordovano Update submodule versions e029aaa
@rcordovano rcordovano Addition of summary report submodule c3d6f73
Commits on May 21, 2012
@bcarrier bcarrier Added markdown version of tsk_analyzeimg man page f84a253
@bcarrier bcarrier Updated validatePipeline usage message to be consistent with analyzeImg 7443ff8
@bcarrier bcarrier Merge branch 'master' of github.com:basis-technology-corp/sleuthkit a5a4c7a
@bcarrier bcarrier Updated man pages 1c9603d
@rcordovano rcordovano Merge branch 'master' of https://github.com/basis-technology-corp/sle… b293b66
@adam-m adam-m Merge https://github.com/sleuthkit/sleuthkit b9968a7
@adam-m adam-m SleutkitCase use proper escaping of sqlite single quotes when writing…
… attributes strings
1931e42
@rcordovano rcordovano Renamed pipeline validation files for consistency with naming convent…
…ion used to name tsk_analyzeimg
729bee6
@bcarrier bcarrier Merge pull request #59 from adam-m/master
SleuthkitCase JNI: escaped attributes strings were never unescaped when getting back from blackboard
ccd35d2
@rcordovano rcordovano Changes to sample config files and working towards synchingup module …
…commits
bc1385c
@rcordovano rcordovano Synch with latest commit of zip extraction module 9d06cfd
@rcordovano rcordovano Completed updates to sample pipeline config files, adjusting paths an…
…d referring to README file for TskHashLookupModule.
6624b07
Commits on May 22, 2012
@bcarrier bcarrier Various release and doc updates d36b794
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 61a1dd4
@bcarrier bcarrier various doc updates 0c87c88
@bcarrier bcarrier doc updates feec991
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 147d762
@esaunders esaunders Updating to latest versions of c_RegRipperModule, c_TskHashLookupModu…
…le and c_ZIPExtractionModule.
f974cd3
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit b78d904
@bcarrier bcarrier Fixed line endings 1443bd9
@bcarrier bcarrier Updated schema for unallocblocks, etc c528682
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit e8ef02b
@richardfickling richardfickling Add 'fromID' method to blackboard attribute types d41eda1
@alawrence alawrence Added a missing type to the artifact type map c61be65
@richardfickling richardfickling Keep track of timezone in sleuthkit sqlite db (db schema change) ab91cd5
@richardfickling richardfickling Remove unnecessary method f82a522
@esaunders esaunders Fixed error message in TskFileTsk::seek() 51e2751
@esaunders esaunders Moved call to file->seek() after call to file->open() since it is pos…
…sible that a module has closed the file which would result in an exception on the call to seek.
aaf1103
@esaunders esaunders Merge remote-tracking branch 'origin' 96a7757
@esaunders esaunders Updating to latest versions of Interesting Files and Hash Lookup modu…
…les.
9b65b88
@bcarrier bcarrier Updated submodule versions after README updates c417fd7
@bcarrier bcarrier Updated TSK to use new module version 6c130c8
Commits on May 23, 2012
@bcarrier bcarrier Updated man and framework docs c4dc335
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 15e6998
@bcarrier bcarrier Added man pages to framework 1595709
@bcarrier bcarrier Fixed doxygen warning d4c120e
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit 7593840
@adam-m adam-m tsk auto db API additions (stubs) for adding unalloc, unused, carved …
…files
5671ae1
@bcarrier bcarrier Merge pull request #62 from adam-m/master
Adding unalloc files API additions (stubs)
c19cfb9
@richardfickling richardfickling Merge branch 'master' of git://github.com/sleuthkit/sleuthkit
Conflicts:
	tsk3/auto/tsk_db_sqlite.h
5ffe337
@bcarrier bcarrier Merge pull request #61 from dickfickling/master
Correct time zone handling
4a74e3f
@bcarrier bcarrier Updated submodule versions b92689f
@bcarrier bcarrier Updated release script bf741a7
@bcarrier bcarrier Updated submodule version 2c782ba
@bcarrier bcarrier Merge remote-tracking branch 'upstream/master' dbc632b
@bcarrier bcarrier Updated submodule and release script 0e79bc2
@bcarrier bcarrier Upated config file 669caa7
Commits on May 24, 2012
@esaunders esaunders Updated to latest version of HashCalcModule. 2e50393
@esaunders esaunders Added dependencies between modules and libtskframework. 4d40f00
@esaunders esaunders Merge branch 'master' of github.com:basis-technology-corp/sleuthkit eaeb4df
@bcarrier bcarrier various debug statments and fixes to get sample modules all running 9e0ae4e
@bcarrier bcarrier Merge branch 'master' of github.com:basis-technology-corp/sleuthkit a98d2f0
@bcarrier bcarrier New sumodule version 4d450c3
@rcordovano rcordovano Synch with submodule commits 6a5ee7f
@rcordovano rcordovano Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 0e881ae
@rcordovano rcordovano Fixed problem with post-build copying of framework config file 68f714b
@rcordovano rcordovano Updated copyright notices for 2012 b18f7a0
@bcarrier bcarrier Revised pipeline manager to allow gaps in ordering c25ab4a
@bcarrier bcarrier Fixed bug so that it stops if no pipelines exist 9939024
@bcarrier bcarrier Fix copy statment for framework_config file in devenv 6d4234b
@rcordovano rcordovano Modified TskPipeline class to prohibit copying of TskPipeline objects 968356a
@rcordovano rcordovano Synch up submodule commits 059f39a
@bcarrier bcarrier Updated submodule versions 0694769
@bcarrier bcarrier Merged changes e2a0356
@bcarrier bcarrier Updated submodule versions 7666236
@bcarrier bcarrier Removed RegRipper from default pipeline config ed174b6
Commits on May 25, 2012
@rcordovano rcordovano Save Brian's changes to extraction of DB name from DB filename 09d787a
@rcordovano rcordovano Merge branch 'master' of github.com:basis-technology-corp/sleuthkit ba8fb00
Commits on May 29, 2012
@bcarrier bcarrier Updated NEWS to 4.0 66149d0
@bcarrier bcarrier updated submodule 70bc3b5
@bcarrier bcarrier Merge remote-tracking branch 'upstream/master' 5ff5ff0
@bcarrier bcarrier New version files for 4.0.0b1 b7a3179
@bcarrier bcarrier Updated Makefile.am to include framework files 8931314
@bcarrier bcarrier Updated Makefile.am files to include new non-compiled files 459edda
@rcordovano rcordovano Synch Sleuthkit with interesting files and save interesting files mod…
…ules commits
edd929e
@rcordovano rcordovano Corrected typo in comment in CarvePrep.h 53911a1
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit f38d79b
@bcarrier bcarrier release script updates 88604cf
@bcarrier bcarrier Merge remote-tracking branch 'upstream/master' 5f37226
@bcarrier bcarrier Updated release script ee1ccb4
@bcarrier bcarrier Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 6eb3066
@bcarrier bcarrier Made release script non-testing 61ae094
@bcarrier bcarrier Merge branch 'master' of github.com:sleuthkit/sleuthkit 02f92e4
@rcordovano rcordovano Changed CalcFileSizeModule project to use TSK_HOME environment variab…
…le, provided README file, and added header comments to CalcFileSizeModule.cpp placing it in the public domain.
9890b12
@rcordovano rcordovano Merge branch 'master' of github.com:basis-technology-corp/sleuthkit 0a2eac4
@bcarrier bcarrier get release script ready to use 3562caf
Commits on May 30, 2012
@bcarrier bcarrier updated release script -- dirs 8fd8246
Commits on May 31, 2012
@bcarrier bcarrier Added new attributes and artfiacts 75936dd
@bcarrier bcarrier Merge remote-tracking branch 'upstream/master' c5844f2
@bcarrier bcarrier Merge branch 'master' of github.com:basis-technology-corp/sleuthkit b62e06d
@bcarrier bcarrier was not registering errors for AutoDB/utf8 c6440b5
Commits on Jun 01, 2012
@bcarrier bcarrier relaxed table contraints for image names 51d3cc8
@robjoyce Merge branch 'master' of git://github.com/sleuthkit/sleuthkit
Conflicts:
	tsk3/base/tsk_base.h
	tsk3/fs/hfs.c
7119280
@robjoyce Merge branch 'master' of git://github.com/sleuthkit/sleuthkit f1df788