def call_returning_exit_and_output(exec_args, **popen_args): def readInputStream(inputStream): reader = BufferedReader(InputStreamReader(inputStream)) builder = StringBuilder() line = None while True: line = reader.readLine() if line is None: break builder.append(line) builder.append(System.getProperty("line.separator")) return builder.toString() # WORKAOUND: because capturing output of Jython's subprocess module at testing with # pytest is not possible using Java implementation pb = ProcessBuilder(exec_args) env = popen_args.get('env') if env: process_env = pb.environment() for key in list(process_env.keySet()): if key not in env: _log.debug("remove from process-env: %s", key) process_env.remove(key) for key in env: process_env.put(key, env[key]) pb.redirectErrorStream(True) process = pb.start() stdout = readInputStream(process.getInputStream()) exitValue = process.waitFor() return exitValue, (stdout, stdout)
def runJob(cmdArray, hosts, sleepTime=60, maxWaits=60, interimResult=None): finished = HashSet() failures = HashSet() pb = ProcessBuilder(cmdArray) done = False # first wait is short in case job finishes quickly waitTime = 10 while not done: p = pb.start() dataOut = DataOutputStream(p.getOutputStream()) try: for host in hosts: dataOut.writeBytes(host + "\n") finally: dataOut.close() p.waitFor() (curFinished, curFailures) = processJobResults(p.getInputStream(), interimResult) finished.addAll(curFinished) failures.addAll(curFailures) done = finished.size() == len(hosts) if not done: maxWaits = maxWaits - 1 done == maxWaits == 0 if not done: time.sleep(waitTime) waitTime = sleepTime return failures
def process(self, dataSource, progressBar): # Set the ogress bar to an Indeterminate state for now progressBar.switchToIndeterminate() # Return if we're not running on a windows sytem if not PlatformUtil.isWindowsOS(): self.log(Level.INFO, "Ignoring data source. Not running on Windows") return IngestModule.ProcessResult.OK # Verify we have a disk image and not a folder of files if not isinstance(dataSource, Image): self.log(Level.INFO, "Ignoring data source. Not an image") return IngestModule.ProcessResult.OK # Get disk image paths imagePaths = dataSource.getPaths() # Save our output to a file in the reports folder # named based on EXE and data source ID reportFile = File(Case.getCurrentCase().getCaseDirectory() + "\\Reports" + "\\img_stat-" + str(dataSource.getId()) + ".txt") # Run the EXE, saving output to the report # Check if the ingest is terminated and # delete the incomplete report file self.log(Level.INFO, "Running program on data source") cmd = ArrayList() cmd.add(self.pathToEXE.toString()) cmd.add(imagePaths[0]) processBuilder = ProcessBuilder(cmd) processBuilder.redirectOutput(reportFile) ExecUtil.execute(processBuilder, DataSourceIngestModuleProcessTerminator(self.context)) # Add the report to the case, so it shows up in the tree if not self.context.dataSourceIngestIsCancelled(): Case.getCurrentCase().addReport(reportFile.toString(), "Run EXE", "img_stat output") else: if reportFile.exists(): if not reportFile.delete(): self.log(LEVEL.warning, "Error deleting the incomplete report file") return IngestModule.ProcessResult.OK
def process(self, dataSource, progressBar): # we don't know how much work there will be progressBar.switchToIndeterminate() # Example has only a Windows EXE, so bail if we aren't on Windows if not PlatformUtil.isWindowsOS(): self.log(Level.INFO, "Ignoring data source. Not running on Windows") return IngestModule.ProcessResult.OK # Verify we have a disk image and not a folder of files if not isinstance(dataSource, Image): self.log(Level.INFO, "Ignoring data source. Not an image") return IngestModule.ProcessResult.OK # Get disk image paths imagePaths = dataSource.getPaths() # We'll save our output to a file in the reports folder, named based on EXE and data source ID reportFile = File(Case.getCurrentCase().getCaseDirectory() + "\\Reports" + "\\img_stat-" + str(dataSource.getId()) + ".txt") # Run the EXE, saving output to the report # Check if the ingest is terminated and delete the incomplete report file # Do not add report to the case tree if the ingest is cancelled before finish. # This can be done by using IngestJobContext.dataSourceIngestIsCancelled # See: http://sleuthkit.org/autopsy/docs/api-docs/4.7.0/_ingest_job_context_8java.html self.log(Level.INFO, "Running program on data source") cmd = ArrayList() cmd.add(self.pathToEXE.toString()) cmd.add(imagePaths[0]) processBuilder = ProcessBuilder(cmd) processBuilder.redirectOutput(reportFile) ExecUtil.execute(processBuilder, DataSourceIngestModuleProcessTerminator(self.context)) # Add the report to the case, so it shows up in the tree if not self.context.dataSourceIngestIsCancelled(): Case.getCurrentCase().addReport(reportFile.toString(), "Run EXE", "img_stat output") else: if reportFile.exists(): if not reportFile.delete(): self.log(LEVEL.warning, "Error deleting the incomplete report file") return IngestModule.ProcessResult.OK
def process(self, dataSource, progressBar): # we don't know how much work there will be progressBar.switchToIndeterminate() # Example has only a Windows EXE, so bail if we aren't on Windows if not PlatformUtil.isWindowsOS(): self.log(Level.INFO, "Ignoring data source. Not running on Windows") return IngestModule.ProcessResult.OK # Verify we have a disk image and not a folder of files if not isinstance(dataSource, Image): self.log(Level.INFO, "Ignoring data source. Not an image") return IngestModule.ProcessResult.OK # Get disk image paths imagePaths = dataSource.getPaths() # We'll save our output to a file in the reports folder, named based on EXE and data source ID reportFile = File(Case.getCurrentCase().getCaseDirectory() + "\\Reports" + "\\img_stat-" + str(dataSource.getId()) + ".txt") # Run the EXE, saving output to the report # Check if the ingest is terminated and delete the incomplete report file # Do not add report to the case tree if the ingest is cancelled before finish. # This can be done by using IngestJobContext.dataSourceIngestIsCancelled # See: http://sleuthkit.org/autopsy/docs/api-docs/4.7.0/_ingest_job_context_8java.html self.log(Level.INFO, "Running program on data source") cmd = ArrayList() cmd.add(self.pathToEXE.toString()) cmd.add(imagePaths[0]) processBuilder = ProcessBuilder(cmd); processBuilder.redirectOutput(reportFile) ExecUtil.execute(processBuilder,DataSourceIngestModuleProcessTerminator(self.context)) # Add the report to the case, so it shows up in the tree if not self.context.dataSourceIngestIsCancelled(): Case.getCurrentCase().addReport(reportFile.toString(), "Run EXE", "img_stat output") else: if reportFile.exists(): if not reportFile.delete(): self.log(LEVEL.warning,"Error deleting the incomplete report file") return IngestModule.ProcessResult.OK
def process(self, dataSource, progressBar): # we don't know how much work there will be progressBar.switchToIndeterminate() # Example has only a Windows EXE, so bail if we aren't on Windows if not PlatformUtil.isWindowsOS(): self.log(Level.INFO, "Ignoring data source. Not running on Windows") return IngestModule.ProcessResult.OK # Verify we have a disk image and not a folder of files if not isinstance(dataSource, Image): self.log(Level.INFO, "Ignoring data source. Not an image") return IngestModule.ProcessResult.OK # Get disk image paths imagePaths = dataSource.getPaths() # We'll save our output to a file in the reports folder, named based on EXE and data source ID reportFile = File(Case.getCurrentCase().getCaseDirectory() + "\\Reports" + "\\img_stat-" + str(dataSource.getId()) + ".txt") # Run the EXE, saving output to reportFile # We use ExecUtil because it will deal with the user cancelling the job self.log(Level.INFO, "Running program on data source") cmd = ArrayList() cmd.add(self.pathToEXE.toString()) # Add each argument in its own line. I.e. "-f foo" would be two calls to .add() cmd.add(imagePaths[0]) processBuilder = ProcessBuilder(cmd); processBuilder.redirectOutput(reportFile) ExecUtil.execute(processBuilder, DataSourceIngestModuleProcessTerminator(self.context)) # Add the report to the case, so it shows up in the tree # Do not add report to the case tree if the ingest is cancelled before finish. if not self.context.dataSourceIngestIsCancelled(): Case.getCurrentCase().addReport(reportFile.toString(), "Run EXE", "img_stat output") else: if reportFile.exists(): if not reportFile.delete(): self.log(LEVEL.warning,"Error deleting the incomplete report file") return IngestModule.ProcessResult.OK
def _analyze(self, content, path): # w10-facemessenger.exe must point to a user profile directory # 'path' should resemble '...\autopsy\cases\<Case>\Temp\<DataSourceId>\Users\<Username>\AppData\Local\Packages\Facebook.FacebookMessenger_8xx8rvfyw5nnt' # So we ought to remove '\AppData\Local\Packages\Facebook.FacebookMessenger_8xx8rvfyw5nnt' from it pathParts = path.split("\\") pathToUserProfile = "\\".join(pathParts[:-4]) # We use ExecUtil because it will deal with the user cancelling the job self.log( Level.INFO, "Running => {} --input {} --output {} --format csv".format( self.EXE_PATH, pathToUserProfile, pathToUserProfile)) cmd = ArrayList() cmd.add(self.EXE_PATH) cmd.add("--input") cmd.add(pathToUserProfile) cmd.add("--output") cmd.add(pathToUserProfile) cmd.add("--format") cmd.add("csv") cmd.add("--delimiter") cmd.add(self.CSV_DELIMITER) processBuilder = ProcessBuilder(cmd) ExecUtil.execute(processBuilder, DataSourceIngestModuleProcessTerminator(self.context)) # If w10-facemessenger.exe was successful it should have generated a report directory pathToReports = os.path.join(pathToUserProfile, "report") pathToCachedImagesReport = os.path.join(pathToReports, "cache") self._analyzeCachedImages(content, pathToCachedImagesReport) facebookUserReports = [ report for report in os.listdir(pathToReports) if report != "cache" ] for facebookUserId in facebookUserReports: pathToFacebookUserReport = os.path.join(pathToReports, facebookUserId) self._analyzeLostFound(content, pathToFacebookUserReport, facebookUserId) self._analyzeContacts(content, pathToFacebookUserReport, facebookUserId) self._analyzeMessagesAndCalllogs(content, pathToFacebookUserReport, facebookUserId)
x = input_stream.read() try: x = chr(x) f.write(x) except: break finally: f.close() print(f.closed) #q = System.getenv() #for k in q.items(): # print (k) #System.getenv("user.dir") import os from java.io import File builder = ProcessBuilder(["python", "prog.py"]) builder.directory(File(os.getcwd())) process = builder.start() x = br1(br(process.getInputStream())) y = bw1(bw(process.getOutputStream())) y.write(10) y.flush() y.close() from java.util import Scanner as S X = S(x) print(X.nextLine()) print(X.nextLine()) t.sleep(5000) print(X.nextLine()) #while x!=-1: # b = x.read()