def carve_file(db_info, image, string):
#icat = icat -o 32 image offset + " > " + output
db_query = "SELECT * FROM files WHERE name LIKE ?"
db_info["db_cursor"].execute(db_query,('%'+string+'%',))
new_directory = image+"_"+string+"_"+str(carver_common.get_time(image))
carver_common.make_directory(new_directory)
log = open(os.getcwd()+"/"+new_directory+"/log","a")
while True:
carve = db_info["db_cursor"].fetchone()
if carve != None:
if re.match('.*/', carve[0]):
out_file = re.sub('.*/','',carve[0])
else:
out_file = carve[0]
icat = "icat -o "+str(carve[3])+" "+image+" "+str(carve[1])+" > "+new_directory+"/"+out_file
carver_common.ipc_shell(icat)
hash = carver_common.hash_file(new_directory+"/"+out_file)
print "File duplicated to "+os.getcwd()+"/"+new_directory+"/"+out_file
print "\t MD5: "+hash[0]
print "\t SHA1: "+hash[1]+"\n"
try:
log.write(out_file+"\n\tMD5: "+hash[0]+"\n\tSHA1: "+hash[1])
except OSError:
pass
else:
break
log.close()
print "\n"
return;
def carve_file(db_info, image, string):
#icat = icat -o 32 image offset + " > " + output
db_query = "SELECT * FROM files WHERE name LIKE ?"
db_info["db_cursor"].execute(db_query, ('%' + string + '%', ))
new_directory = image + "_" + string + "_" + str(
carver_common.get_time(image))
carver_common.make_directory(new_directory)
log = open(os.getcwd() + "/" + new_directory + "/log", "a")
while True:
carve = db_info["db_cursor"].fetchone()
if carve != None:
if re.match('.*/', carve[0]):
out_file = re.sub('.*/', '', carve[0])
else:
out_file = carve[0]
icat = "icat -o " + str(carve[3]) + " " + image + " " + str(
carve[1]) + " > " + new_directory + "/" + out_file
carver_common.ipc_shell(icat)
hash = carver_common.hash_file(new_directory + "/" + out_file)
print "File duplicated to " + os.getcwd(
) + "/" + new_directory + "/" + out_file
print "\t MD5: " + hash[0]
print "\t SHA1: " + hash[1] + "\n"
try:
log.write(out_file + "\n\tMD5: " + hash[0] + "\n\tSHA1: " +
hash[1])
except OSError:
pass
else:
break
log.close()
print "\n"
return
def CarveFiles(self, e):
db_query = "SELECT * FROM files WHERE name LIKE ?"
self.db_info["db_cursor"].execute(db_query, ("%" + self.file + "%",))
tempfile = re.sub("/", "-", self.file)
new_directory = self.image + "_" + tempfile + "_" + str(carver_common.get_time(self.image))
carver_common.make_directory(new_directory)
log = open(os.getcwd() + "/" + new_directory + "/log", "a")
while True:
carve = self.db_info["db_cursor"].fetchone()
if carve != None:
if re.match(".*/", carve[0]):
out_file = re.sub(".*/", "", carve[0])
else:
out_file = carve[0]
pathless_image = re.sub(".*/", "", self.image)
icat = (
"icat -o "
+ str(carve[3])
+ " "
+ self.image
+ " "
+ str(carve[1])
+ " > "
+ new_directory
+ "/"
+ out_file
)
carver_common.ipc_shell(icat)
hash = carver_common.hash_file(new_directory + "/" + out_file)
index = self.details.InsertStringItem(
sys.maxint, "File duplicated to " + os.getcwd() + "/" + new_directory + "/" + out_file
)
index = self.details.InsertStringItem(sys.maxint, "\t MD5: " + hash[0])
index = self.details.InsertStringItem(sys.maxint, "\t SHA1: " + hash[1] + "\n")
try:
log.write(out_file + "\n\tMD5: " + hash[0] + "\n\tSHA1: " + hash[1] + "\n")
except OSError:
pass
else:
break
log.close()
return
def CarveFiles(self, e):
db_query = "SELECT * FROM files WHERE name LIKE ?"
self.db_info["db_cursor"].execute(db_query, ('%' + self.file + '%', ))
tempfile = re.sub("/", "-", self.file)
new_directory = self.image + "_" + tempfile + "_" + str(
carver_common.get_time(self.image))
carver_common.make_directory(new_directory)
log = open(os.getcwd() + "/" + new_directory + "/log", "a")
while True:
carve = self.db_info["db_cursor"].fetchone()
if carve != None:
if re.match('.*/', carve[0]):
out_file = re.sub('.*/', '', carve[0])
else:
out_file = carve[0]
pathless_image = re.sub(".*/", "", self.image)
icat = "icat -o " + str(
carve[3]) + " " + self.image + " " + str(
carve[1]) + " > " + new_directory + "/" + out_file
carver_common.ipc_shell(icat)
hash = carver_common.hash_file(new_directory + "/" + out_file)
index = self.details.InsertStringItem(
sys.maxint, "File duplicated to " + os.getcwd() + "/" +
new_directory + "/" + out_file)
index = self.details.InsertStringItem(sys.maxint,
"\t MD5: " + hash[0])
index = self.details.InsertStringItem(
sys.maxint, "\t SHA1: " + hash[1] + "\n")
try:
log.write(out_file + "\n\tMD5: " + hash[0] +
"\n\tSHA1: " + hash[1] + "\n")
except OSError:
pass
else:
break
log.close()
return