def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = os.path.join(os.getcwd(), u'test_data') self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._os_file_system = os_file_system.OSFileSystem(self._resolver_context) # TODO: add RAW volume only test image. test_file = os.path.join(u'test_data', u'vsstest.qcow2') path_spec = os_path_spec.OSPathSpec(location=test_file) self._qcow_path_spec = qcow_path_spec.QcowPathSpec(parent=path_spec) self._tsk_path_spec = tsk_path_spec.TSKPathSpec( location=u'/', parent=self._qcow_path_spec) self._tsk_file_system = tsk_file_system.TSKFileSystem( self._resolver_context) self._tsk_file_system.Open(path_spec=self._tsk_path_spec)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(SplitEWFFileTest, self).setUp() test_file = self._GetTestFilePath(['ext2.split.E01']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._ewf_path_spec = ewf_path_spec.EWFPathSpec( parent=self._os_path_spec)
def testScanForVolumeSystemPartitionedImage(self): """Test the ScanForVolumeSystem function on a partitioned image.""" test_file = self._GetTestFilePath([u'tsk_volume_system.raw']) source_path_spec = os_path_spec.OSPathSpec(location=test_file) path_spec = self._source_scanner.ScanForVolumeSystem(source_path_spec) self.assertIsNotNone(path_spec) self.assertEqual(path_spec.type_indicator, definitions.TYPE_INDICATOR_TSK_PARTITION)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(LUKSDEFileWithPathSpecCredentialsTest, self).setUp() test_file = self._GetTestFilePath(['luks1.raw']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._luksde_path_spec = luksde_path_spec.LUKSDEPathSpec( password=self._LUKSDE_PASSWORD, parent=self._os_path_spec)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(QCOWFileTest, self).setUp() test_file = self._GetTestFilePath(['image.qcow2']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._qcow_path_spec = qcow_path_spec.QCOWPathSpec( parent=self._os_path_spec)
def testGetCompressedStreamTypeIndicators(self): """Function to test the get compressed stream type indicators function.""" test_file = os.path.join(u'test_data', u'syslog.gz') path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_GZIP] type_indicators = analyzer.Analyzer.GetCompressedStreamTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = os.path.join(u'test_data', u'syslog.zlib') self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._compressed_stream_path_spec = ( compressed_stream_path_spec.CompressedStreamPathSpec( compression_method=definitions.COMPRESSION_METHOD_ZLIB, parent=self._os_path_spec))
def testGetStorageMediaImageTypeIndicatorsVMDK(self): """Tests the GetStorageMediaImageTypeIndicator function on a .vmdk file.""" test_file = self._GetTestFilePath(['image.vmdk']) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_VMDK] type_indicators = analyzer.Analyzer.GetStorageMediaImageTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def testGetStorageMediaImageTypeIndicatorsBodyFile(self): """Tests the GetStorageMediaImageTypeIndicator function on a bodyfile.""" test_file = self._GetTestFilePath(['mactime.body']) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [] type_indicators = analyzer.Analyzer.GetStorageMediaImageTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def GetLinkedFileEntry(self): """Retrieves the linked file entry, e.g. for a symbolic link.""" link = self._GetLink() if not link: return path_spec = os_path_spec.OSPathSpec(location=link) return OSFileEntry(self._resolver_context, self._file_system, path_spec)
def testGetCompressedStreamTypeIndicatorsGZIP(self): """Tests the GetCompressedStreamTypeIndicators function on a .gz file.""" test_file = self._GetTestFilePath(['syslog.gz']) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_GZIP] type_indicators = analyzer.Analyzer.GetCompressedStreamTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def testGetArchiveTypeIndicatorsTAR(self): """Tests the GetArchiveTypeIndicators function on a .tar file.""" test_file = self._GetTestFilePath(['syslog.tar']) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_TAR] type_indicators = analyzer.Analyzer.GetArchiveTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = self._GetTestFilePath(['syslog.bin.cpio']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._cpio_path_spec = cpio_path_spec.CPIOPathSpec( location='/syslog', parent=self._os_path_spec)
def testScanForStorageMediaImageVMDK(self): """Test the ScanForStorageMediaImage function on a VMDK image.""" test_file = self._GetTestFilePath(['image.vmdk']) source_path_spec = os_path_spec.OSPathSpec(location=test_file) path_spec = self._source_scanner.ScanForStorageMediaImage(source_path_spec) self.assertIsNotNone(path_spec) self.assertEqual( path_spec.type_indicator, definitions.TYPE_INDICATOR_VMDK)
def setUp(self): """Sets up the needed objects used throughout the test.""" test_file = self._GetTestFilePath(['gpt.raw']) self._SkipIfPathNotExists(test_file) path_spec = os_path_spec.OSPathSpec(location=test_file) path_spec = raw_path_spec.RawPathSpec(parent=path_spec) self._gpt_path_spec = gpt_path_spec.GPTPathSpec( location='/', parent=path_spec)
def testGetVolumeSystemTypeIndicatorsTSK(self): """Tests the GetVolumeSystemTypeIndicators function on partitions.""" test_file = self._GetTestFilePath(['tsk_volume_system.raw']) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_TSK_PARTITION] type_indicators = analyzer.Analyzer.GetVolumeSystemTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def setUp(self): """Sets up the needed objects used throughout the test.""" test_file = self._GetTestFilePath(['vsstest.qcow2']) self._SkipIfPathNotExists(test_file) path_spec = os_path_spec.OSPathSpec(location=test_file) path_spec = qcow_path_spec.QCOWPathSpec(parent=path_spec) self._vshadow_path_spec = vshadow_path_spec.VShadowPathSpec( location='/', parent=path_spec)
def testGetVolumeSystemTypeIndicatorsBDE(self): """Tests the GetVolumeSystemTypeIndicators function on a BDE ToGo drive.""" test_file = self._GetTestFilePath(['bdetogo.raw']) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_BDE] type_indicators = analyzer.Analyzer.GetVolumeSystemTypeIndicators( path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(RawFileTest, self).setUp() test_file = self._GetTestFilePath(['ext2.raw']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._raw_path_spec = raw_path_spec.RawPathSpec( parent=self._os_path_spec)
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = os.path.join(u'test_data', u'syslog.base16') self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._encoded_stream_path_spec = ( encoded_stream_path_spec.EncodedStreamPathSpec( encoding_method=definitions.ENCODING_METHOD_BASE16, parent=self._os_path_spec))
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = self._GetTestFilePath([u'syslog.base32']) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._encoded_stream_path_spec = ( encoded_stream_path_spec.EncodedStreamPathSpec( encoding_method=definitions.ENCODING_METHOD_BASE32, parent=self._os_path_spec))
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = os.path.join(u'test_data', u'bdetogo.raw') path_spec = os_path_spec.OSPathSpec(location=test_file) self._bde_path_spec = bde_path_spec.BDEPathSpec(parent=path_spec) resolver.Resolver.key_chain.SetCredential(self._bde_path_spec, u'password', self._BDE_PASSWORD)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(Version2VHDIFileTest, self).setUp() test_file = self._GetTestFilePath(['ext2.vhdx']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._vhdi_path_spec = vhdi_path_spec.VHDIPathSpec( parent=self._os_path_spec)
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = self._GetTestFilePath([u'syslog.bz2']) path_spec = os_path_spec.OSPathSpec(location=test_file) self._compressed_stream_path_spec = ( compressed_stream_path_spec.CompressedStreamPathSpec( compression_method=definitions.COMPRESSION_METHOD_BZIP2, parent=path_spec))
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = self._GetTestFilePath(['ext2.raw']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._tsk_path_spec = tsk_path_spec.TSKPathSpec( location='/', parent=self._os_path_spec)
def testGetFileEntryByPathSpec(self): """Tests the GetFileEntryByPathSpec function.""" file_system = os_file_system.OSFileSystem(self._resolver_context) test_file = self._GetTestFilePath(['testdir_os', 'file1.txt']) self._SkipIfPathNotExists(test_file) path_spec = os_path_spec.OSPathSpec(location=test_file) file_entry = file_system.GetFileEntryByPathSpec(path_spec) self.assertIsNotNone(file_entry) self.assertEqual(file_entry.name, 'file1.txt') test_file = self._GetTestFilePath(['testdir_os', 'file6.txt']) path_spec = os_path_spec.OSPathSpec(location=test_file) file_entry = file_system.GetFileEntryByPathSpec(path_spec) self.assertIsNone(file_entry)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(VMDKFileTest, self).setUp() test_file = self._GetTestFilePath(['image.vmdk']) self._SkipIfPathNotExists(test_file) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._vmdk_path_spec = vmdk_path_spec.VMDKPathSpec( parent=self._os_path_spec)
def setUp(self): """Sets up the needed objects used throughout the test.""" self._resolver_context = context.Context() test_file = self._GetTestFilePath(['syslog.tar']) self._os_path_spec = os_path_spec.OSPathSpec(location=test_file) self._tar_path_spec = tar_path_spec.TARPathSpec( location='/syslog', parent=self._os_path_spec) self._file_system = tar_file_system.TARFileSystem(self._resolver_context) self._file_system.Open(self._tar_path_spec)
def testGetArchiveTypeIndicatorsZIP(self): """Tests the GetArchiveTypeIndicators function on a .zip file.""" test_file = self._GetTestFilePath(['syslog.zip']) self._SkipIfPathNotExists(test_file) path_spec = os_path_spec.OSPathSpec(location=test_file) expected_type_indicators = [definitions.TYPE_INDICATOR_ZIP] type_indicators = analyzer.Analyzer.GetArchiveTypeIndicators(path_spec) self.assertEqual(type_indicators, expected_type_indicators)
def setUp(self): """Sets up the needed objects used throughout the test.""" super(ZipFileTest, self).setUp() self._resolver_context = context.Context() test_file = self._GetTestFilePath(['syslog.zip']) self._SkipIfPathNotExists(test_file) path_spec = os_path_spec.OSPathSpec(location=test_file) self._zip_path_spec = zip_path_spec.ZipPathSpec(location='/syslog', parent=path_spec)