"dfrg", "direct", "run", "tracing", "trappoll", "wbem")
#set up array for security plugins
security_plugins = ("lsasecrets", "auditpol", "polacdms")
#get datetime
now = datetime.datetime.now()
#set Mount Point
mount_point = "/mnt/" + now.strftime("%Y-%m-%d_%H_%M_%S")
#get case number
case_number = get_case_number()
#get output location
folder_path = get_output_location(case_number)
#open a log file for output
log_file = folder_path + "/" + case_number + "_logfile.txt"
outfile = open(log_file, 'wt+')
#select dd image to process
Image_Path = select_file_to_process(outfile)
#check if Image file is in Encase format
if re.search(".E01", Image_Path):
#strip out single quotes from the quoted path
#no_quotes_path = Image_Path.replace("'","")
#print("THe no quotes path is: " + no_quotes_path)
#call mount_ewf function
#set up array for security plugins
security_plugins = ("lsasecrets", "auditpol", "polacdms")
#get datetime
now = datetime.datetime.now()
#set Mount Point
mount_point = "/mnt/" + now.strftime("%Y-%m-%d_%H_%M_%S")
#get case number
case_number = get_case_number()
#get output location
folder_path = get_output_location(case_number)
#open a log file for output
log_file = folder_path + "/" + case_number + "_logfile.txt"
outfile = open(log_file, 'wt+')
#select dd image to process
Image_Path = select_file_to_process(outfile)
#check if Image file is in Encase format
if re.search(".E01", Image_Path):
#strip out single quotes from the quoted path
#no_quotes_path = Image_Path.replace("'","")
#print("THe no quotes path is: " + no_quotes_path)
#call mount_ewf function