def testCollect(self):
"""Tests the Collect function."""
registry = self._CreateTestRegistry()
collector_object = shellfolders.ShellFoldersCollector()
test_output_writer = TestOutputWriter()
collector_object.Collect(registry, test_output_writer)
test_output_writer.Close()
self.assertEqual(len(test_output_writer.shell_folders), 2)
shell_folders = sorted(test_output_writer.shell_folders,
key=lambda folder: folder.guid)
shell_folder = shell_folders[0]
self.assertIsNotNone(shell_folder)
self.assertEqual(shell_folder.guid, self._GUID1)
self.assertEqual(shell_folder.name, self._NAME1)
self.assertEqual(shell_folder.localized_string,
self._LOCALIZED_STRING1)
shell_folder = shell_folders[1]
self.assertIsNotNone(shell_folder)
self.assertEqual(shell_folder.guid, self._GUID2)
self.assertEqual(shell_folder.name, '')
self.assertEqual(shell_folder.localized_string, '')
def testCollectEmpty(self):
"""Tests the Collect function on an empty Registry."""
registry = dfwinreg_registry.WinRegistry()
collector_object = shellfolders.ShellFoldersCollector()
test_output_writer = TestOutputWriter()
collector_object.Collect(registry, test_output_writer)
test_output_writer.Close()
self.assertEqual(len(test_output_writer.shell_folders), 0)
def Main():
"""The main program function.
Returns:
bool: True if successful or False if not.
"""
argument_parser = argparse.ArgumentParser(description=(
'Extracts the shell folder class identifiers from a SOFTWARE Registry '
'file.'))
argument_parser.add_argument(
'-d', '--debug', dest='debug', action='store_true', default=False,
help='enable debug output.')
argument_parser.add_argument(
'--db', dest='database', action='store', metavar='shellitems.db',
default=None, help='path of the sqlite3 database to write to.')
argument_parser.add_argument(
'--winver', dest='windows_version', action='store', metavar='xp',
default=None, help=(
'string that identifies the Windows version in the database.'))
argument_parser.add_argument(
'source', nargs='?', action='store', metavar='PATH', default=None,
help=(
'path of the volume containing C:\\Windows, the filename of '
'a storage media image containing the C:\\Windows directory, '
'or the path of a SOFTWARE Registry file.'))
options = argument_parser.parse_args()
if not options.source:
print('Source value is missing.')
print('')
argument_parser.print_help()
print('')
return False
if options.database and not options.windows_version:
print('Windows version missing.')
print('')
argument_parser.print_help()
print('')
return False
logging.basicConfig(
level=logging.INFO, format='[%(levelname)s] %(message)s')
if not options.database:
output_writer_object = StdoutWriter()
else:
output_writer_object = Sqlite3Writer(
options.database, options.windows_version)
if not output_writer_object.Open():
print('Unable to open output writer.')
print('')
return False
volume_scanner_mediator = dfvfs_command_line.CLIVolumeScannerMediator()
registry_collector = collector.WindowsRegistryCollector(
mediator=volume_scanner_mediator)
if not registry_collector.ScanForWindowsVolume(options.source):
print('Unable to retrieve the Windows Registry from: {0:s}.'.format(
options.source))
print('')
return False
# TODO: map collector to available Registry keys.
collector_object = shellfolders.ShellFoldersCollector(
debug=options.debug)
result = collector_object.Collect(
registry_collector.registry, output_writer_object)
if not result:
print('No shell folder identifier keys found.')
output_writer_object.Close()
return True
def Main():
"""The main program function.
Returns:
bool: True if successful or False if not.
"""
argument_parser = argparse.ArgumentParser(description=(
'Extracts the shell folder class identifiers from the Windows Registry.'))
argument_parser.add_argument(
'-d', '--debug', dest='debug', action='store_true', default=False,
help='enable debug output.')
argument_parser.add_argument(
'--db', dest='database', action='store', metavar='shellitems.db',
default=None, help='path of the sqlite3 database to write to.')
argument_parser.add_argument(
'-w', '--windows_version', '--windows-version',
dest='windows_version', action='store', metavar='Windows XP',
default=None, help='string that identifies the Windows version.')
argument_parser.add_argument(
'source', nargs='?', action='store', metavar='PATH', default=None,
help=(
'path of the volume containing C:\\Windows, the filename of '
'a storage media image containing the C:\\Windows directory, '
'or the path of a SOFTWARE Registry file.'))
options = argument_parser.parse_args()
if not options.source:
print('Source value is missing.')
print('')
argument_parser.print_help()
print('')
return False
if options.database and not options.windows_version:
print('Windows version missing.')
print('')
argument_parser.print_help()
print('')
return False
logging.basicConfig(
level=logging.INFO, format='[%(levelname)s] %(message)s')
mediator = volume_scanner.WindowsRegistryVolumeScannerMediator()
scanner = volume_scanner.WindowsRegistryVolumeScanner(mediator=mediator)
volume_scanner_options = dfvfs_volume_scanner.VolumeScannerOptions()
volume_scanner_options.partitions = ['all']
volume_scanner_options.snapshots = ['none']
volume_scanner_options.volumes = ['none']
if not scanner.ScanForWindowsVolume(
options.source, options=volume_scanner_options):
print(('Unable to retrieve the volume with the Windows directory from: '
'{0:s}.').format(options.source))
print('')
return False
# TODO: map collector to available Registry keys.
collector_object = shellfolders.ShellFoldersCollector(
debug=options.debug)
if options.database:
output_writer_object = Sqlite3DatabaseFileWriter(
options.database, options.windows_version)
else:
output_writer_object = StdoutWriter()
if not output_writer_object.Open():
print('Unable to open output writer.')
print('')
return False
try:
has_results = False
for shell_folder in collector_object.Collect(scanner.registry):
output_writer_object.WriteShellFolder(shell_folder)
has_results = True
finally:
output_writer_object.Close()
if not has_results:
print('No shell folder identifiers found.')
return True