def testCollectEmpty(self): """Tests the Collect function on an empty Registry.""" registry = dfwinreg_registry.WinRegistry() collector_object = msie_zone_info.MSIEZoneInfoCollector() test_output_writer = TestOutputWriter() collector_object.Collect(registry, test_output_writer) test_output_writer.Close() self.assertEqual(len(test_output_writer.text), 0)
def testCollect(self): """Tests the Collect function.""" registry_collector = collector.WindowsRegistryCollector() test_path = self._GetTestFilePath(['SOFTWARE']) registry_collector.ScanForWindowsVolume(test_path) self.assertIsNotNone(registry_collector.registry) collector_object = msie_zone_info.MSIEZoneInfoCollector() test_output_writer = TestOutputWriter() collector_object.Collect(registry_collector.registry, test_output_writer) test_output_writer.Close() # TODO: fix test. self.assertEqual(test_output_writer.text, [])
def Main(): """The main program function. Returns: bool: True if successful or False if not. """ argument_parser = argparse.ArgumentParser(description=( 'Extracts the MSIE zone information from a NTUSER.DAT or SYSTEM ' 'Registry file.')) argument_parser.add_argument('-d', '--debug', dest='debug', action='store_true', default=False, help='enable debug output.') argument_parser.add_argument( 'source', nargs='?', action='store', metavar='PATH', default=None, help=('path of the volume containing C:\\Windows, the filename of ' 'a storage media image containing the C:\\Windows directory, ' 'or the path of a SOFTWARE Registry file.')) options = argument_parser.parse_args() if not options.source: print('Source value is missing.') print('') argument_parser.print_help() print('') return False logging.basicConfig(level=logging.INFO, format='[%(levelname)s] %(message)s') output_writer_object = StdoutWriter() if not output_writer_object.Open(): print('Unable to open output writer.') print('') return False volume_scanner_mediator = dfvfs_command_line.CLIVolumeScannerMediator() registry_collector = collector.WindowsRegistryCollector( mediator=volume_scanner_mediator) if not registry_collector.ScanForWindowsVolume(options.source): print('Unable to retrieve the Windows Registry from: {0:s}.'.format( options.source)) print('') return False # TODO: map collector to available Registry keys. collector_object = msie_zone_info.MSIEZoneInfoCollector( debug=options.debug) result = collector_object.Collect(registry_collector.registry, output_writer_object) if not result: # print('No lockdown and zones key found.') pass output_writer_object.Close() return True