"dfrg", "direct", "run", "tracing", "trappoll", "wbem") #set up array for security plugins security_plugins = ("lsasecrets", "auditpol", "polacdms") #get datetime now = datetime.datetime.now() #set Mount Point mount_point = "/mnt/" + now.strftime("%Y-%m-%d_%H_%M_%S") #get case number case_number = get_case_number() #get output location folder_path = get_output_location(case_number) #open a log file for output log_file = folder_path + "/" + case_number + "_logfile.txt" outfile = open(log_file, 'wt+') #select dd image to process Image_Path = select_file_to_process(outfile) #check if Image file is in Encase format if re.search(".E01", Image_Path): #strip out single quotes from the quoted path #no_quotes_path = Image_Path.replace("'","") #print("THe no quotes path is: " + no_quotes_path) #call mount_ewf function
#set up array for security plugins security_plugins = ("lsasecrets", "auditpol", "polacdms") #get datetime now = datetime.datetime.now() #set Mount Point mount_point = "/mnt/" + now.strftime("%Y-%m-%d_%H_%M_%S") #get case number case_number = get_case_number() #get output location folder_path = get_output_location(case_number) #open a log file for output log_file = folder_path + "/" + case_number + "_logfile.txt" outfile = open(log_file, 'wt+') #select dd image to process Image_Path = select_file_to_process(outfile) #check if Image file is in Encase format if re.search(".E01", Image_Path): #strip out single quotes from the quoted path #no_quotes_path = Image_Path.replace("'","") #print("THe no quotes path is: " + no_quotes_path) #call mount_ewf function