def run(self, session: CbLRSessionBase):
"""
Execute the file transfer.
Args:
session (CbLRSessionBase): The Live Response session being used.
Returns:
File content
"""
if "{WILDMATCH}" in self._file_path:
# split on "{WILDMATCH}" and search for the first match to collect
from cbinterface.helpers import get_os_independent_filepath
file_path_parts = [self.fill_placeholders(fpp) for fpp in self._file_path.split("{WILDMATCH}")]
dir_path = get_os_independent_filepath(file_path_parts[0]).parent
dir_path = f"{dir_path}\\" if "\\" in str(dir_path) else f"{dir_path}/"
LOGGER.info(f"attempting to find item at '{dir_path}' like {file_path_parts}")
for item in session.list_directory(dir_path):
if item["attributes"] == "DIRECTORY":
continue
if [part for part in file_path_parts if part in item["filename"]]:
LOGGER.info(f"found potential match: {item['filename']}")
self._file_path = f"{dir_path}{item['filename']}"
break
self._file_path = self.fill_placeholders(self._file_path)
return session.get_raw_file(self._file_path)
def run(self, session: CbLRSessionBase):
return session.list_directory(self.dir_path)