from Database import SQLiteDb def removeChars(text): return ''.join([i if (ord(i) > 31 and ord(i) < 128) else '' for i in text]) args = sys.argv[1:] if len(args) != 2: print ("Wrong Parameters need 2, LevelDB directory and output csv file") exit() levelDbDir = args[0] outputFile = args[1] SQLitedb = SQLiteDb() SQLitedb.RemoveDB_File(outputFile + ".db3") SQLitedb.Open(outputFile + ".db3") SQLitedb.CreateTable("Leveldb", 'key text, value text, byte_key text, byte_value text') try: levelDb = leveldb.LevelDB(levelDbDir) try: print (levelDb.GetStats()) except: print ("No Stats") numRecords = 0 with open(outputFile + ".csv", 'w') as f: for key, value in levelDb2.RangeIter(): key2 = str(key, 'utf-8', 'ignore')
acb_desc = "" for x in acb_flags_dict: if (x & user_acb_flags): acb_desc = acb_desc + acb_flags_dict[x] + "\n" sql_val_columns.append(acb_desc) SQLitedb.InsertBindValues(table_name, sql_ins_columns, sql_bind, sql_val_columns) except: print("Bad Character") args = sys.argv[1:] Registry_To_Parse = args[0] SQLite_DB_Name = args[1] print('Registry is ', str(Registry_To_Parse)) print('DB file is ', SQLite_DB_Name) #Directory_To_Parse = input('List the directory you want to parse:') #File_To_Parse = input("What File do you want to parse: ") #SQLite_DB_Name = input("What is the Name of the SQLite DB to create: ") #SQLite_DB_Name = "Test1.db3" #registry_file = "sam" SQLitedb = SQLiteDb() SQLitedb.RemoveDB_File(SQLite_DB_Name) SQLitedb.Open(SQLite_DB_Name) SQLitedb.CreateTable(table_name, table_columns) parse_registry_file(Registry_To_Parse) SQLitedb.Close()
fileMetricsColumns = "Prefetch_file_name, file_metric_number, file_metric_path, file_metric_name" fileMetricsBindVals = "?, ?, ?, ?" fileTabName = "file_names" fileColumnNames = "Prefetch_file_name text, file_path text, file_name text" fileColumns = "Prefetch_file_name, file_path, file_name" fileBindVals = "?, ?, ?" args = sys.argv[1:] prefetchDirectory = args[0] SQLiteDbName = args[1] print('Prefetch Directory is ', str(prefetchDirectory)) print('DB file is ', SQLiteDbName) SQLitedb = SQLiteDb() SQLitedb.RemoveDB_File(SQLiteDbName) SQLitedb.Open(SQLiteDbName) SQLitedb.CreateTable(tableName, tableColumns) SQLitedb.CreateTable(fileMetricsTabName, fileMetricsColumnNames) SQLitedb.CreateTable(volumeTabName, volumeColumnNames) SQLitedb.CreateTable(fileTabName, fileColumnNames) for root, dirs, files in os.walk(prefetchDirectory): # print ("root = > " + str(root)) # print ("dirs = > " + str(dirs)) # print ("files = > " + str(files)) for file in files: if ".pf" in file: prefetchRecord = [] try: scca = pyscca.open(os.path.join(root, file)) #print("File Name is ==> " + file)