def _parse_sim_info(database, result_path):
"""Parse SIM Information.
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('SIM Information not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
data['title'] = 'sim_info'
header = ('icc_id', 'sim_id','display_name', 'carrier_name')
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results >0:
for row in results:
data_list.append((row['icc_id'], row['sim_id'], row['display_name'], row['carrier_name']))
data['data'] = data_list
else:
logger.warning('NO SIM Information found!')
return data
def _parse_contacts(database, result_path):
"""Parse contacts2.db
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('Contacts not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
data['title'] = 'contact'
header = ('name', 'number')
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results > 0:
for row in results:
data_list.append((row[0], row[1]))
data['data'] = data_list
else:
logger.warning('NO Contacts found!')
return data
def _parse_user_dict(database, result_path):
"""Parse User Dictionary.
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('User Dictionary not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
data['title'] = 'user_dict'
header = ('word', 'frequency', 'locale', 'app_id', 'shortcut')
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results > 0:
for row in results:
data_list.append((row[0], row[1], row[2], row[3], row[4]))
data['data'] = data_list
else:
logger.warning('NO User Dictionary found!')
return data
def _parse_sms(database, result_path):
"""Parse SMS messages.
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
cursor.execute(sms_query)
results = cursor.fetchall()
num_of_results = len(results)
data = {}
data['title'] = 'sms'
header = ('msg_id', 'thread_id', 'address', 'contact_id', 'date',
'date_sent', 'read', 'type', 'body', 'service_center',
'error_code')
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results > 0:
for row in results:
if row['date_sent'] != 0:
data_list.append((row['msg_id'], row['thread_id'],
row['address'], row['person'],
datetime.datetime.fromtimestamp(
row['date'] / 1000,
datetime.timezone.utc).strftime(
'%Y-%m-%dT%H:%M:%S.%fZ'),
datetime.datetime.fromtimestamp(
row['date_sent'] / 1000,
datetime.timezone.utc).strftime(
'%Y-%m-%dT%H:%M:%S.%fZ'),
row['read'], row['type'], row['body'],
row['service_center'], row['error_code']))
else:
data_list.append((row['msg_id'], row['thread_id'],
row['address'], row['person'],
datetime.datetime.fromtimestamp(
row['date'] / 1000,
datetime.timezone.utc).strftime(
'%Y-%m-%dT%H:%M:%S.%fZ'), '',
row['read'], row['type'], row['body'],
row['service_center'], row['error_code']))
data['data'] = data_list
else:
logger.warning('NO SMS Messages found!')
return data
def _parse_recent_files(database, result_path):
"""Parse myfiles.db.
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('Recent Files not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
header = ('name', 'size', 'timestamp', 'data', 'ext', 'source',
'description', 'recent_timestamp')
data['title'] = 'recent_files'
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results > 0:
for row in results:
data_list.append(
(row[0], row[1],
datetime.datetime.fromtimestamp(
row[2] / 1000,
datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%S.%fZ'),
row[3], row[4], row[5], row[6],
datetime.datetime.fromtimestamp(
row[7] / 1000,
datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%S.%fZ')))
data['data'] = data_list
else:
logger.warning('NO Recent Files found!')
return data
def _parse_file_cache(database, result_path):
"""Parse FileCache.db.
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('File cache not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
header = ('storage', 'path', 'size', 'timestamp', 'latest')
data['title'] = 'file_cache'
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results > 0:
for row in results:
data_list.append(
(row[0], row[1], row[2],
datetime.datetime.fromtimestamp(
row[3] / 1000,
datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%S.%fZ'),
datetime.datetime.fromtimestamp(
row[4] / 1000,
datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%S.%fZ')))
data['data'] = data_list
else:
logger.warning('NO File cache found!')
return data
def _parse_accounts_de(database, uid, result_path):
"""Parse accounts_de.db.
Args:
database (SQLite3): target SQLite3 database.
uid (str): user id.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('Accounts not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
header = ('name', 'type', 'last_password_entry')
data['title'] = 'accounts_de' + f'_{uid}'
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results > 0:
for row in results:
data_list.append(
(row[0], row[1],
datetime.datetime.fromtimestamp(
row[2] / 1000,
datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%S.%fZ')))
data['data'] = data_list
else:
logger.warning('NO Accounts found!')
return data
def _parse_call_logs(database, result_path):
"""Parse Call Logs.
Args:
database (SQLite3): target SQLite3 database.
result_path (str): result path.
"""
cursor = database.cursor()
try:
cursor.execute(query)
except sqlite3.Error as exception:
logger.error('Call Logs not found! {0!s}'.format(exception))
results = cursor.fetchall()
num_of_results = len(results)
data = {}
data['title'] = 'call_logs'
header = ('phone_account_address', 'partner', 'call_date', 'type', 'duration_in_secs', 'partner_location',
'country_iso', 'data', 'mime_type', 'transcription', 'deleted')
data['number_of_data_headers'] = len(header)
data['number_of_data'] = num_of_results
data['data_header'] = header
data_list = []
if num_of_results >0:
for row in results:
data_list.append((row[0], row[1],
datetime.datetime.fromtimestamp(row[2]/1000, datetime.timezone.utc).strftime('%Y-%m-%dT%H:%M:%S.%fZ'),
row[3], str(row[4]), row[5], row[6], row[7], row[8], row[9],
str(row[10])))
data['data'] = data_list
else:
logger.warning('NO Call Logs found!')
return data