Ejemplo n.º 1
0
 def sort_file(self, file):
     self.filemagic = magic.file(file)
     category = self.filemagic.split('/')[0]
     size = os.stat(file).st_size
     if category in self.dirs:
         try:
             shutil.move(file, self.dirs[category])
         except:
             os.remove(self.dirs[category] + file)
             shutil.move(file, self.dirs[category])
         self.server_stats.addFile(category, size)
     else:
         for filter in self.filters:
             if os.path.splitext(
                     file)[1][1:].upper() in self.filters[filter]:
                 try:
                     shutil.move(file, self.dirs[filter])
                 except:
                     os.remove(self.dirs[filter] + file)
                     shutil.move(file, self.dirs[filter])
                 self.server_stats.addFile(filter, size)
                 return
         try:
             shutil.move(file, self.dirs['Other'])
         except:
             os.remove(self.dirs['Other'] + file)
             shutil.move(file, self.dirs['Other'])
         self.server_stats.addFile("Other", size)
     return
Ejemplo n.º 2
0
	def readMagic(self, item_realpath):

		# check for existence 
		if (os.path.exists(item_realpath) == 0):
			return None
		
		# print file type (from magic numbers)
		filemagic = magic.file(item_realpath)
		return filemagic
Ejemplo n.º 3
0
def readMagic(item_realpath):

    # check for existence
    if (os.path.exists(item_realpath) == 0):
        return None

    # print file type (from magic numbers)
    filemagic = magic.file(item_realpath)
    return filemagic
Ejemplo n.º 4
0
	def OnClick(event=None):
	
		global fileNameForViewer
		global old_label_image
	
		if not tree.selection():
			return;
		
		# remove everything from tables tree
		for item in tablestree.get_children():
			tablestree.delete(item)
		
		# clear notebook additional panes
		notebook.hide(previewcolumn)
		notebook.hide(exifcolumn)
		
		item = tree.selection()[0]
		item_text = tree.item(item, "text")
		item_type = tree.set(item, "type")
		item_id = tree.set(item, "id")
		
		#skip "folders"
		if not item_type:
			return
		
		#clears textarea
		clearmaintext()
		
		# managing "standard" files
		if (item_type == "X"):	
			item_realpath = os.path.join(backup_path, item_text)
			fileNameForViewer = item_realpath
			maintext(u'Selected: ' + item_realpath)
			log(u'Opening file %s' % item_realpath)
			
			if (os.path.exists(item_realpath)):		
				
				filemagic = magic.file(item_realpath)
				
				#print file content (if text file) otherwise only first 50 chars
				if (filemagic == "ASCII text" or filemagic.partition("/")[0] == "text"):
					with open(item_realpath, 'rb') as fh:
						maintext("\n\nASCII content:\n\n")
						line = fh.readline()
						while line:
							line = fh.readline()
							maintext(line)
				else:
					with open(item_realpath, 'rb') as fh:
						text = fh.read(30)
						maintext("\n\nFirst 30 chars from file (string): ")
						maintext("\n" + hex2string(text))
			
				#if binary plist:
				if (filemagic.partition("/")[2] == "binary_plist"):					
					maintext("\n\nDecoding binary Plist file:\n\n")
					maintext(plistutils.readPlist(item_realpath))
			
			else:
				log(u'...troubles while opening file %s (does not exist)' % item_realpath)
			
			return

		maintext(u'Selected: %s (id %s)' % (item_text, item_id))
		
		data = mbdb.fileInformation(item_id)
		if not data:
			return
		
		item_permissions = data['permissions']
		item_userid      = data['userid']
		item_groupid     = data['groupid']
		item_mtime       = unicode(datetime.fromtimestamp(int(data['mtime'])))
		item_atime       = unicode(datetime.fromtimestamp(int(data['atime'])))
		item_ctime       = unicode(datetime.fromtimestamp(int(data['ctime'])))
		item_fileid      = data['fileid']
		item_link_target = data['link_target']
		item_datahash    = data['datahash']
		item_flag        = data['flag']
		
		maintext(u'\n\nElement type: ' + item_type)
		maintext(u'\nPermissions: ' + item_permissions)
		maintext(u'\nData hash: ')
		maintext(u'\n ' + item_datahash)
		maintext(u'\nUser id: ' + item_userid)
		maintext(u'\nGroup id: ' + item_groupid)
		maintext(u'\nLast modify time: ' + item_mtime)
		maintext(u'\nLast access Time: ' + item_atime)
		maintext(u'\nCreation time: ' + item_ctime)
		maintext(u'\nFile Key (obfuscated file name): ' + item_fileid)
		maintext(u'\nFlag: ' + item_flag)

		maintext(u'\n\nElement properties (from mdbd file):')
		for name, value in data['properties'].items():
			maintext(u'\n%s: %s' % (name, value))
		
		# treat sym links
		if (item_type == u'l'):
			maintext(u'\n\nThis item is a symbolic link to another file.')
			maintext(u'\nLink Target: ' + item_link_target)
			fileNameForViewer = u''
			return
			
		# treat directories
		if (item_type == u'd'):
			maintext(u'\n\nThis item represents a directory.')
			fileNameForViewer = u''
			return
		
		# last modification date of the file in the backup directory
		last_mod_time = time.strftime(u'%m/%d/%Y %I:%M:%S %p',time.localtime(os.path.getmtime(os.path.join(backup_path, item_fileid))))
		maintext(u'\n\nLast modification time (in backup dir): %s' % last_mod_time)
		
		maintext(u'\n\nAnalize file: ')
		
		item_realpath = os.path.join(backup_path, item_fileid)
		fileNameForViewer = item_realpath
		
		log(u'Opening file %s (%s)' % (item_realpath, item_text))
		
		# check for existence 
		if (not os.path.exists(item_realpath)):
			maintext(u'unable to analyze file')
			return			
		
		# print file type (from magic numbers)
		filemagic = magic.file(item_realpath)
		maintext(u'\nFile type (from magic numbers): %s' % filemagic)
		
		# print file MD5 hash
		maintext(u'\nFile MD5 hash: ')
		maintext(md5(item_realpath))
		
		#print first 30 bytes from file
		with open(item_realpath, u'rb') as fh:
			first30bytes = fh.read(30)
			maintext(u'\n\nFirst 30 hex bytes from file: ')
			maintext(u'\n' + hex2nums(first30bytes))
			
		#print file content (if ASCII file) otherwise only first 30 bytes
		if (filemagic == u'ASCII text' or filemagic.partition('/')[0] == u'text'):
			with open(item_realpath, 'rb') as fh:
				maintext(u'\n\nASCII content:\n\n')
				line = fh.readline()
				while line:
					line = fh.readline()
					maintext(line)
		else:
			maintext("\n\nFirst 30 chars from file (string): ")
			maintext("\n" + hex2string(first30bytes))					
		
		#if image file:
		if (filemagic.partition("/")[0] == "image"):		
			try:
				del photoImages[:]
				
				im = Image.open(item_realpath)
					
				#tkim = ImageTk.PhotoImage(im)
				#photoImages.append(tkim)
				maintext("\n\nImage preview available.")
				#textarea.image_create(END, image=tkim)
				
				# put image in the "preview" tab
				
				colwidth = 600
				imwidth = im.size[0]
				dimratio1 = (colwidth + 0.0) / (imwidth + 0.0)
				
				colheight = 500
				imheight = im.size[1]
				dimratio2 = (colheight + 0.0) / (imheight + 0.0)
				
				if (dimratio1 >= dimratio2):
					dimratio = dimratio2
				else:
					dimratio = dimratio1
				
				if (dimratio >= 1):
					dimratio = 1
				
				newwidth = int(im.size[0] * dimratio)
				newheight = int(im.size[1] * dimratio)

				im2 = im.resize((newwidth,newheight), Image.ANTIALIAS)
				tkim2 = ImageTk.PhotoImage(im2)
				photoImages.append(tkim2)
				
				label_image = Label(previewcolumn, image=tkim2)
				label_image.place(x=0,y=0)#,width=newwidth,height=newheight)
				if old_label_image is not None:
					old_label_image.destroy()
				old_label_image = label_image
				
				notebook.add(previewcolumn)
				
			except:
				print("Warning: error while trying to analyze image file \"%s\""%item_realpath)
				print sys.exc_info()
			
		#decode EXIF (only JPG)
		if (filemagic == "image/jpeg"):
			exifs = im._getexif()
			
			if (exifs is not None):
				maintext("\nJPG EXIF tags available.")
				exifcolumn_label.delete(1.0, END)
				exifcolumn_label.insert(END, "JPG EXIF tags for file \"%s\":"%item_text)
				exifcolumn_label.insert(END, "\n")
				for tag, value in exifs.items():
					decoded = TAGS.get(tag, tag)
					if (type(value) == type((1,2))):
						value = "%.3f (%i / %i)"%(float(value[0]) / float(value[1]), value[0], value[1])
					exifcolumn_label.insert(END, "\nTag: %s, value: %s"%(decoded, value))
				notebook.add(exifcolumn)
			
			#maintext("\n\nJPG EXIF tags:")
			#for tag, value in exifs.items():
			#	decoded = TAGS.get(tag, tag)
			#	maintext("\nTag: %s, value: %s"%(decoded, value))
				
		#if binary plist:
		if (filemagic.partition("/")[2] == "binary_plist"):			
			maintext("\n\nDecoding binary Plist file:\n\n")
			maintext(plistutils.readPlist(item_realpath))
		
		#if sqlite, print tables list
		if (filemagic.partition("/")[2] == "sqlite"):	
			tempdb = sqlite3.connect(item_realpath) 
			
			try:
				tempcur = tempdb.cursor() 
				tempcur.execute("SELECT name FROM sqlite_master WHERE type=\"table\"")
				tables_list = tempcur.fetchall();
				
				maintext("\n\nTables in database: ")
				
				for i in tables_list:
					table_name = str(i[0])
					maintext("\n- " + table_name);
					
					try:
						tempcur.execute("SELECT count(*) FROM %s" % table_name);
						elem_count = tempcur.fetchone()
						maintext(" (%i elements) " % int(elem_count[0]))
						# inserts table into tables tree
						tablestree.tag_configure('base', font=globalfont)
						tablestree.insert('', 'end', text=table_name, values=(item_realpath, table_name), tag="base")	
					except:
						#probably a virtual table?
						maintext(" (unable to read) ")
						
				tempdb.close()		
				
			except:
				maintext("\n\nSorry, I'm unable to open this database file. It appears to be an issue of some databases in iOS5.")
				maintext("\nUnexpected error: %s"%sys.exc_info()[1])
				tempdb.close()
			
		# if unknown "data", dump hex
		if (filemagic == "data"):
			limit = 10000
			maintext("\n\nDumping hex data (limit %i bytes):\n"%limit)
			content = ""
			with open(item_realpath, 'rb') as fh:
				line = fh.readline()
				while line:
					line = fh.readline()
					content += line;
			
			maintext(dump(content, 16, limit))
Ejemplo n.º 5
0
        if option[0] == '-m' or option[0] == '--universal-activex':
            config.universal_activex = True

        if config.verboselevel >= config.VERBOSE_DEBUG:
            config.universal_activex = True

    config.initial_URL = args[0]

    check_logdirs()

    from DOM.DOM import DOM
    phoneycdom = DOM(config.initial_URL)
    alerts = phoneycdom.analyze()
    if alerts:
        report(alerts)
    else:
        print "No Shellcode/Heapspray Alerts."

    binaries_dir = os.listdir(BINARIES_DIR)
    for file in binaries_dir:
        filename = "%s/%s" % (
            BINARIES_DIR,
            file,
        )
        newname = "%s/%s" % (
            MISC_DIR,
            file,
        )
        if magic.file(filename) in DOWNLOADS_STR:
            shutil.move(filename, newname)
Ejemplo n.º 6
0
    def OnClick(event=None):

        global fileNameForViewer
        global old_label_image

        if not tree.selection():
            return

        # remove everything from tables tree
        for item in tablestree.get_children():
            tablestree.delete(item)

        # clear notebook additional panes
        notebook.hide(previewcolumn)
        notebook.hide(exifcolumn)

        item = tree.selection()[0]
        item_text = tree.item(item, "text")
        item_type = tree.set(item, "type")
        item_id = tree.set(item, "id")

        #skip "folders"
        if not item_type:
            return

        #clears textarea
        clearmaintext()

        # managing "standard" files
        if (item_type == "X"):
            item_realpath = os.path.join(backup_path, item_text)
            fileNameForViewer = item_realpath
            maintext(u'Selected: ' + item_realpath)
            log(u'Opening file %s' % item_realpath)

            if (os.path.exists(item_realpath)):

                filemagic = magic.file(item_realpath)

                #print file content (if text file) otherwise only first 50 chars
                if (filemagic == "ASCII text"
                        or filemagic.partition("/")[0] == "text"):
                    with open(item_realpath, 'rb') as fh:
                        maintext("\n\nASCII content:\n\n")
                        line = fh.readline()
                        while line:
                            line = fh.readline()
                            maintext(line)
                else:
                    with open(item_realpath, 'rb') as fh:
                        text = fh.read(30)
                        maintext("\n\nFirst 30 chars from file (string): ")
                        maintext("\n" + hex2string(text))

                #if binary plist:
                if (filemagic.partition("/")[2] == "binary_plist"):
                    maintext("\n\nDecoding binary Plist file:\n\n")
                    maintext(plistutils.readPlist(item_realpath))

            else:
                log(u'...troubles while opening file %s (does not exist)' %
                    item_realpath)

            return

        maintext(u'Selected: %s (id %s)' % (item_text, item_id))

        data = mbdb.fileInformation(item_id)
        if not data:
            return

        item_permissions = data['permissions']
        item_userid = data['userid']
        item_groupid = data['groupid']
        item_mtime = unicode(datetime.fromtimestamp(int(data['mtime'])))
        item_atime = unicode(datetime.fromtimestamp(int(data['atime'])))
        item_ctime = unicode(datetime.fromtimestamp(int(data['ctime'])))
        item_fileid = data['fileid']
        item_link_target = data['link_target']
        item_datahash = data['datahash']
        item_flag = data['flag']

        maintext(u'\n\nElement type: ' + item_type)
        maintext(u'\nPermissions: ' + item_permissions)
        maintext(u'\nData hash: ')
        maintext(u'\n ' + item_datahash)
        maintext(u'\nUser id: ' + item_userid)
        maintext(u'\nGroup id: ' + item_groupid)
        maintext(u'\nLast modify time: ' + item_mtime)
        maintext(u'\nLast access Time: ' + item_atime)
        maintext(u'\nCreation time: ' + item_ctime)
        maintext(u'\nFile Key (obfuscated file name): ' + item_fileid)
        maintext(u'\nFlag: ' + item_flag)

        maintext(u'\n\nElement properties (from mdbd file):')
        for name, value in data['properties'].items():
            maintext(u'\n%s: %s' % (name, value))

        # treat sym links
        if (item_type == u'l'):
            maintext(u'\n\nThis item is a symbolic link to another file.')
            maintext(u'\nLink Target: ' + item_link_target)
            fileNameForViewer = u''
            return

        # treat directories
        if (item_type == u'd'):
            maintext(u'\n\nThis item represents a directory.')
            fileNameForViewer = u''
            return

        # last modification date of the file in the backup directory
        last_mod_time = time.strftime(
            u'%m/%d/%Y %I:%M:%S %p',
            time.localtime(
                os.path.getmtime(os.path.join(backup_path, item_fileid))))
        maintext(u'\n\nLast modification time (in backup dir): %s' %
                 last_mod_time)

        maintext(u'\n\nAnalize file: ')

        item_realpath = os.path.join(backup_path, item_fileid)
        fileNameForViewer = item_realpath

        log(u'Opening file %s (%s)' % (item_realpath, item_text))

        # check for existence
        if (not os.path.exists(item_realpath)):
            maintext(u'unable to analyze file')
            return

        # print file type (from magic numbers)
        filemagic = magic.file(item_realpath)
        maintext(u'\nFile type (from magic numbers): %s' % filemagic)

        # print file MD5 hash
        maintext(u'\nFile MD5 hash: ')
        maintext(md5(item_realpath))

        #print first 30 bytes from file
        with open(item_realpath, u'rb') as fh:
            first30bytes = fh.read(30)
            maintext(u'\n\nFirst 30 hex bytes from file: ')
            maintext(u'\n' + hex2nums(first30bytes))

        #print file content (if ASCII file) otherwise only first 30 bytes
        if (filemagic == u'ASCII text'
                or filemagic.partition('/')[0] == u'text'):
            with open(item_realpath, 'rb') as fh:
                maintext(u'\n\nASCII content:\n\n')
                line = fh.readline()
                while line:
                    line = fh.readline()
                    maintext(line)
        else:
            maintext("\n\nFirst 30 chars from file (string): ")
            maintext("\n" + hex2string(first30bytes))

        #if image file:
        if (filemagic.partition("/")[0] == "image"):
            try:
                del photoImages[:]

                im = Image.open(item_realpath)

                #tkim = ImageTk.PhotoImage(im)
                #photoImages.append(tkim)
                maintext("\n\nImage preview available.")
                #textarea.image_create(END, image=tkim)

                # put image in the "preview" tab

                colwidth = 600
                imwidth = im.size[0]
                dimratio1 = (colwidth + 0.0) / (imwidth + 0.0)

                colheight = 500
                imheight = im.size[1]
                dimratio2 = (colheight + 0.0) / (imheight + 0.0)

                if (dimratio1 >= dimratio2):
                    dimratio = dimratio2
                else:
                    dimratio = dimratio1

                if (dimratio >= 1):
                    dimratio = 1

                newwidth = int(im.size[0] * dimratio)
                newheight = int(im.size[1] * dimratio)

                im2 = im.resize((newwidth, newheight), Image.ANTIALIAS)
                tkim2 = ImageTk.PhotoImage(im2)
                photoImages.append(tkim2)

                label_image = Label(previewcolumn, image=tkim2)
                label_image.place(x=0, y=0)  #,width=newwidth,height=newheight)
                if old_label_image is not None:
                    old_label_image.destroy()
                old_label_image = label_image

                notebook.add(previewcolumn)

            except:
                print(
                    "Warning: error while trying to analyze image file \"%s\""
                    % item_realpath)
                print sys.exc_info()

        #decode EXIF (only JPG)
        if (filemagic == "image/jpeg"):
            exifs = im._getexif()

            if (exifs is not None):
                maintext("\nJPG EXIF tags available.")
                exifcolumn_label.delete(1.0, END)
                exifcolumn_label.insert(
                    END, "JPG EXIF tags for file \"%s\":" % item_text)
                exifcolumn_label.insert(END, "\n")
                for tag, value in exifs.items():
                    decoded = TAGS.get(tag, tag)
                    if (type(value) == type((1, 2))):
                        value = "%.3f (%i / %i)" % (float(value[0]) / float(
                            value[1]), value[0], value[1])
                    exifcolumn_label.insert(
                        END, "\nTag: %s, value: %s" % (decoded, value))
                notebook.add(exifcolumn)

            #maintext("\n\nJPG EXIF tags:")
            #for tag, value in exifs.items():
            #	decoded = TAGS.get(tag, tag)
            #	maintext("\nTag: %s, value: %s"%(decoded, value))

        #if binary plist:
        if (filemagic.partition("/")[2] == "binary_plist"):
            maintext("\n\nDecoding binary Plist file:\n\n")
            maintext(plistutils.readPlist(item_realpath))

        #if sqlite, print tables list
        if (filemagic.partition("/")[2] == "sqlite"):
            tempdb = sqlite3.connect(item_realpath)

            try:
                tempcur = tempdb.cursor()
                tempcur.execute(
                    "SELECT name FROM sqlite_master WHERE type=\"table\"")
                tables_list = tempcur.fetchall()

                maintext("\n\nTables in database: ")

                for i in tables_list:
                    table_name = str(i[0])
                    maintext("\n- " + table_name)

                    try:
                        tempcur.execute("SELECT count(*) FROM %s" % table_name)
                        elem_count = tempcur.fetchone()
                        maintext(" (%i elements) " % int(elem_count[0]))
                        # inserts table into tables tree
                        tablestree.tag_configure('base', font=globalfont)
                        tablestree.insert('',
                                          'end',
                                          text=table_name,
                                          values=(item_realpath, table_name),
                                          tag="base")
                    except:
                        #probably a virtual table?
                        maintext(" (unable to read) ")

                tempdb.close()

            except:
                maintext(
                    "\n\nSorry, I'm unable to open this database file. It appears to be an issue of some databases in iOS5."
                )
                maintext("\nUnexpected error: %s" % sys.exc_info()[1])
                tempdb.close()

        # if unknown "data", dump hex
        if (filemagic == "data"):
            limit = 10000
            maintext("\n\nDumping hex data (limit %i bytes):\n" % limit)
            content = ""
            with open(item_realpath, 'rb') as fh:
                line = fh.readline()
                while line:
                    line = fh.readline()
                    content += line

            maintext(dump(content, 16, limit))
Ejemplo n.º 7
0
        if option[0] == "-c" or option[0] == "--cache-response":
            config.cache_response = True
        if option[0] == "-n" or option[0] == "--replace-nonascii":
            config.replace_nonascii = True
        if option[0] == "-m" or option[0] == "--universal-activex":
            config.universal_activex = True

        if config.verboselevel >= config.VERBOSE_DEBUG:
            config.universal_activex = True

    config.initial_URL = args[0]

    check_logdirs()

    from DOM.DOM import DOM

    phoneycdom = DOM(config.initial_URL)
    alerts = phoneycdom.analyze()
    if alerts:
        print "There is some Shellcode/Heapspray Alerts but it is not important for this program now."
    #        report(alerts)
    else:
        print "No Shellcode/Heapspray Alerts."

    binaries_dir = os.listdir(BINARIES_DIR)
    for file in binaries_dir:
        filename = "%s/%s" % (BINARIES_DIR, file)
        newname = "%s/%s" % (MISC_DIR, file)
        if magic.file(filename) in DOWNLOADS_STR:
            shutil.move(filename, newname)
Ejemplo n.º 8
0
	def repairDBFiles(self):
	
		if os.name == 'nt':

			print "Checking SQLite files integrity (windows only)..."
		
			zipfilename = os.path.join(self.backup_path, 'original_files.zip')

			# skips this phase if original_files.zip is already present into backup_path
			if (os.path.exists(zipfilename) == 0):   
			
				reply = QtGui.QMessageBox.question(self, 'Repair database files', "On Windows platforms, the SQLite3 files in the iOS backup must be repaired before being read by iPBA2. The original files will be saved in a zip file named original_files.zip in the backup folder. Nonetheless it is STRONGLY advised to work on a copy of the backup dir, not on the original evidence. Are you sure you wanna continue?", QtGui.QMessageBox.Yes, QtGui.QMessageBox.No)
				if (reply == QtGui.QMessageBox.No):
					return False

				#------------------ reading file dir and checking magic for sqlite databases -------------------------------

				# list sqlite files to be repaired
				sqliteFiles = []
				backupFiles = os.listdir(self.backup_path)

				# starts progress window
				progress = QtGui.QProgressDialog("Searching for databases to repair...", "Abort", 0, len(backupFiles), self)
				progress.setWindowModality(QtCore.Qt.WindowModal)
				progress.setMinimumDuration(0)
				progress.show()
				QtGui.QApplication.processEvents()            	
				
				readCount = 0
				for backupFile in backupFiles:
					item_realpath = os.path.join(self.backup_path,backupFile)
					if (os.path.exists(item_realpath) == 0):
						continue	
					filemagic = magic.file(item_realpath)
					if (filemagic.partition("/")[2] == "sqlite"):
						sqliteFiles.append([backupFile, item_realpath])
					readCount += 1
					
					QtGui.QApplication.processEvents() 
					if (progress.wasCanceled()):
						return False
						
					progress.setValue(readCount)
				
				progress.setValue(progress.maximum())

				#------------------- converting sqlite files found in the previous step ----------------------------------

				# starts progress window
				progress = QtGui.QProgressDialog("Repairing databases...", "Abort", 0, len(sqliteFiles), self)
				progress.setWindowModality(QtCore.Qt.WindowModal)
				progress.setMinimumDuration(0)
				progress.setCancelButton(None)
				progress.show()
				QtGui.QApplication.processEvents()
		
				print '\nRepairing the databases ... '
				zf = zipfile.ZipFile(zipfilename, mode='w')
				
				convertedCount = 0
				for sqliteFile in sqliteFiles:
					fname = sqliteFile[0]
					item_realpath = sqliteFile[1]

					print("Repairing database: %s"%fname)

					# dump the database in an SQL text format (Temp.sql temporary file)
					os.system('echo .dump | sqlite3 "%s" > Temp.sql' % item_realpath)

					# saves the original file into the archive and releases the archive handle
					current = os.getcwd()
					os.chdir(self.backup_path)
					zf.write(fname)
					os.chdir(current)

					#Removes original file
					os.remove(item_realpath)

					#Overwrites the original file with the Temp.sql content
					os.system('echo .quit | sqlite3 -init Temp.sql "%s"' % item_realpath)

					#Removes temporary file
					if os.path.exists("Temp.sql"):
						os.remove("Temp.sql")
					
					# update progress bar
					convertedCount += 1
					progress.setValue(convertedCount)
					
					QtGui.QApplication.processEvents()

				progress.setValue(progress.maximum())
				
				zf.close()
				
				return True
			
			else:
				return True
Ejemplo n.º 9
0
	def repairDBFiles(self):
	
		if os.name == 'nt':

			print "Checking SQLite files integrity (windows only)..."
		
			zipfilename = os.path.join(self.backup_path, 'original_files.zip')

			# skips this phase if original_files.zip is already present into backup_path
			if (os.path.exists(zipfilename) == 0):   
			
				reply = QtGui.QMessageBox.question(self, 'Repair database files', "On Windows platforms, the SQLite3 files in the iOS backup must be repaired before being read by iPBA2. The original files will be saved in a zip file named original_files.zip in the backup folder. Nonetheless it is STRONGLY advised to work on a copy of the backup dir, not on the original evidence. Are you sure you wanna continue?", QtGui.QMessageBox.Yes, QtGui.QMessageBox.No)
				if (reply == QtGui.QMessageBox.No):
					return False

				#------------------ reading file dir and checking magic for sqlite databases -------------------------------

				# list sqlite files to be repaired
				sqliteFiles = []
				backupFiles = os.listdir(self.backup_path)

				# starts progress window
				progress = QtGui.QProgressDialog("Searching for databases to repair...", "Abort", 0, len(backupFiles), self)
				progress.setWindowModality(QtCore.Qt.WindowModal)
				progress.setMinimumDuration(0)
				progress.show()
				QtGui.QApplication.processEvents()            	
				
				readCount = 0
				for backupFile in backupFiles:
					item_realpath = os.path.join(self.backup_path,backupFile)
					if (os.path.exists(item_realpath) == 0):
						continue	
					filemagic = magic.file(item_realpath)
					if (filemagic.partition("/")[2] == "sqlite"):
						sqliteFiles.append([backupFile, item_realpath])
					readCount += 1
					
					QtGui.QApplication.processEvents() 
					if (progress.wasCanceled()):
						return False
						
					progress.setValue(readCount)
				
				progress.setValue(progress.maximum())

				#------------------- converting sqlite files found in the previous step ----------------------------------

				# starts progress window
				progress = QtGui.QProgressDialog("Repairing databases...", "Abort", 0, len(sqliteFiles), self)
				progress.setWindowModality(QtCore.Qt.WindowModal)
				progress.setMinimumDuration(0)
				progress.setCancelButton(None)
				progress.show()
				QtGui.QApplication.processEvents()
		
				print '\nRepairing the databases ... '
				zf = zipfile.ZipFile(zipfilename, mode='w')
				
				convertedCount = 0
				for sqliteFile in sqliteFiles:
					fname = sqliteFile[0]
					item_realpath = sqliteFile[1]

					print("Repairing database: %s"%fname)

					# dump the database in an SQL text format (Temp.sql temporary file)
					os.system('echo .dump | sqlite3 "%s" > Temp.sql' % item_realpath)

					# saves the original file into the archive and releases the archive handle
					current = os.getcwd()
					os.chdir(self.backup_path)
					zf.write(fname)
					os.chdir(current)

					#Removes original file
					os.remove(item_realpath)

					#Overwrites the original file with the Temp.sql content
					os.system('echo .quit | sqlite3 -init Temp.sql "%s"' % item_realpath)

					#Removes temporary file
					if os.path.exists("Temp.sql"):
						os.remove("Temp.sql")
					
					# update progress bar
					convertedCount += 1
					progress.setValue(convertedCount)
					
					QtGui.QApplication.processEvents()

				progress.setValue(progress.maximum())
				
				zf.close()
				
				return True
			
			else:
				return True
Ejemplo n.º 10
0
 def test(path):
     return magic.file(path)
Ejemplo n.º 11
0
def goodFileType(f):
  type = magic.file(f)
  return type == 'data' or type.find('text') > -1