def ParseFiles(self, responses):
"""Take each file we retrieved and get the history from it."""
# Note that some of these Find requests will fail because some paths don't
# exist, e.g. Chromium on most machines, so we don't check for success.
if responses:
for response in responses:
if data_store.RelationalDBReadEnabled("filestore"):
client_path = db.ClientPath.FromPathSpec(self.client_id,
response.stat_entry.pathspec)
fd = file_store.OpenFile(client_path)
else:
fd = aff4.FACTORY.Open(
response.stat_entry.AFF4Path(self.client_urn), token=self.token)
hist = chrome_history.ChromeParser(fd)
count = 0
for epoch64, dtype, url, dat1, dat2, dat3 in hist.Parse():
count += 1
str_entry = "%s %s %s %s %s %s" % (datetime.datetime.utcfromtimestamp(
epoch64 / 1e6), url, dat1, dat2, dat3, dtype)
self.SendReply(rdfvalue.RDFString(utils.SmartStr(str_entry)))
self.Log("Wrote %d Chrome History entries for user %s from %s", count,
self.args.username, response.stat_entry.pathspec.Basename())
self.state.hist_count += count
def testBasicParsingOldFormat(self):
"""Test we can parse a standard file."""
history_file = os.path.join(self.base_path, "parser_test", "History")
with io.open(history_file, mode="rb") as history_filedesc:
history = chrome_history.ChromeParser()
entries = list(history.Parse(history_file, history_filedesc))
try:
dt1 = datetime.datetime(1970, 1, 1)
dt1 += datetime.timedelta(microseconds=entries[0][0])
except (TypeError, ValueError):
dt1 = entries[0][0]
try:
dt2 = datetime.datetime(1970, 1, 1)
dt2 += datetime.timedelta(microseconds=entries[-1][0])
except (TypeError, ValueError):
dt2 = entries[-1][0]
# Check that our results are properly time ordered
time_results = [x[0] for x in entries]
self.assertEqual(time_results, sorted(time_results))
self.assertEqual(str(dt1), "2011-04-07 12:03:11")
self.assertEqual(entries[0][2],
"http://start.ubuntu.com/10.04/Google/")
self.assertEqual(str(dt2), "2011-05-23 08:37:27.061516")
self.assertStartsWith(
entries[-1][2], "https://chrome.google.com/webs"
"tore/detail/mfjkgbjaikamkkojmak"
"jclmkianficch")
self.assertLen(entries, 71)
def testBasicParsing(self):
"""Test we can parse a standard file."""
history_file = os.path.join(self.base_path, "parser_test", "History2")
with io.open(history_file, mode="rb") as history_filedesc:
history = chrome_history.ChromeParser()
entries = list(history.Parse(history_file, history_filedesc))
try:
dt1 = datetime.datetime(1970, 1, 1)
dt1 += datetime.timedelta(microseconds=entries[0][0])
except (TypeError, ValueError):
dt1 = entries[0][0]
try:
dt2 = datetime.datetime(1970, 1, 1)
dt2 += datetime.timedelta(microseconds=entries[-1][0])
except (TypeError, ValueError):
dt2 = entries[-1][0]
# Check that our results are properly time ordered
time_results = [x[0] for x in entries]
self.assertEqual(time_results, sorted(time_results))
self.assertEqual(str(dt1), "2013-05-03 15:11:26.556635")
self.assertStartsWith(
entries[0][2], "https://www.google.ch/search?q=why+you+shouldn")
self.assertEqual(str(dt2), "2013-05-03 15:11:39.763984")
self.assertStartsWith(entries[-1][2], "http://www.test.ch/")
self.assertLen(entries, 4)
def testNonSqliteDatabase(self):
with temp.AutoTempFilePath(suffix="-journal") as filepath:
with io.open(filepath, "wb") as filedesc:
filedesc.write(b"foobar")
with io.open(filepath, "rb") as filedesc:
# This should not fail, but return an empty list of results.
results = list(chrome_history.ChromeParser().Parse(filepath, filedesc))
self.assertEmpty(results)
def testTimeOrderingDownload(self):
"""Test we can correctly time order downloads and visits."""
history_file = os.path.join(self.base_path, "parser_test", "History3")
history = chrome_history.ChromeParser(open(history_file, "rb"))
entries = [x for x in history.Parse()]
# Check that our results are properly time ordered
time_results = [x[0] for x in entries]
self.assertEqual(time_results, sorted(time_results))
self.assertLen(entries, 23)
def ParseFiles(self, responses):
"""Take each file we retrieved and get the history from it."""
# Note that some of these Find requests will fail because some paths don't
# exist, e.g. Chromium on most machines, so we don't check for success.
if responses:
for response in responses:
client_path = db.ClientPath.FromPathSpec(self.client_id,
response.stat_entry.pathspec)
filepath = response.stat_entry.pathspec.CollapsePath()
fd = file_store.OpenFile(client_path)
hist = chrome_history.ChromeParser()
count = 0
for epoch64, dtype, url, dat1, dat2, dat3 in hist.Parse(filepath, fd):
count += 1
str_entry = "%s %s %s %s %s %s" % (datetime.datetime.utcfromtimestamp(
epoch64 / 1e6), url, dat1, dat2, dat3, dtype)
self.SendReply(rdfvalue.RDFString(str_entry))
self.Log("Wrote %d Chrome History entries for user %s from %s", count,
self.args.username, response.stat_entry.pathspec.Basename())
self.state.hist_count += count
