log2timeline / l2tpreg Goto Github PK
View Code? Open in Web Editor NEWInteractive Windows Registry analysis tool
License: Apache License 2.0
l2tpreg's People
Contributors
Stargazers
Watchers
Forkers
sebdravenl2tpreg's Issues
add end-to-end tests
add end-to-end tests
Remove construct from dependencies
After next plaso release remove construct from dependencies
Update setup.py
Update setup.py, replace bdist_msi work around with more elegant solution
Move preg from plaso to stand-alone project
-
move source as-is -
add setup.py and other packaging files -
add Travis and Appveyor tests -
add coveralls - fix CI tests #11
Bug with ls command
Hi,
When i use ls command with interactive console, I've this error:
/home/slarinier/workspace/l2tpreg/scripts/preg.py in ListDirectoryContent(self, line)
1105 # TODO: move this construction into a separate function in OutputWriter.
1106 time_string = timelib.Timestamp.CopyToIsoFormat(
-> 1107 key.last_written_time)
1108 time_string, _, _ = time_string.partition(u'.')
1109
/home/slarinier/Documents/venv/l2treg/local/lib/python2.7/site-packages/plaso/lib/timelib.pyc in CopyToIsoFormat(cls, timestamp, timezone, raise_error)
271 """
272 datetime_object = cls.CopyToDatetime(
--> 273 timestamp, timezone, raise_error=raise_error)
274 return datetime_object.isoformat()
275
/home/slarinier/Documents/venv/l2treg/local/lib/python2.7/site-packages/plaso/lib/timelib.pyc in CopyToDatetime(cls, timestamp, timezone, raise_error)
243 datetime_object = datetime.datetime(1970, 1, 1, 0, 0, 0, 0, tzinfo=pytz.UTC)
244 try:
--> 245 datetime_object += datetime.timedelta(microseconds=timestamp)
246 return datetime_object.astimezone(timezone)
247 except OverflowError as exception:
TypeError: unsupported type for timedelta microseconds component: Filetime
I made a bit debug:
The problem is the type of timestamp.
type(timestamp)
Out[2]: dfdatetime.filetime.Filetime
If I put timestamp.timestamp as parameters in datetime.timedelta, the code is executed correctly.
Opening hive: /WINDOWS/system32/config/system [TSK]
Registry file: system [/WINDOWS/system32/config/system] is available and loaded.
Happy command line console fu-ing.
In [1]: ls
dr-xr-xr-x 6117-08-30 22:38:24 [KEY] ControlSet002
dr-xr-xr-x 6117-08-30 22:38:25 [KEY] Select
dr-xr-xr-x 6117-08-30 22:38:29 [KEY] Setup
dr-xr-xr-x 6117-08-30 22:53:20 [KEY] WPA
dr-xr-xr-x 6117-08-31 15:47:17 [KEY] MountedDevices
dr-xr-xr-x 6117-08-31 15:49:02 [KEY] ControlSet001
dr-xr-xr-x 6117-08-31 19:04:16 [KEY] LastKnownGoodRecovery
preg: clean up and improve
Preg is affected by winreg: clean up and improve and is in need of clean up and improvement. Use this issue to track preg clean up and improvements efforts:
- remove need for PluginsList
- Remove fake storage from preg (Also see: https://codereview.appspot.com/301940043/diff/20001/plaso/frontend/preg.py?context=10&column_width=80)
replace u'' by unicode_literals
Use:
from __future__ import unicode_literals
AttributeError: 'PregTool' object has no attribute 'GetRegistryHelpers'
Hello,
I'm facing an issue with preg.py, I'm unable to use the console session mode with preg.py :
user@workstation -> ~/D/S
$ preg.py -i image.img -c SYSTEM
Traceback (most recent call last):
File "/usr/local/bin/preg.py", line 4, in <module>
__import__('pkg_resources').run_script('l2tpreg==20180329', 'preg.py')
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 658, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1445, in run_script
exec(script_code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/l2tpreg-20180329-py2.7.egg/EGG-INFO/scripts/preg.py", line 838, in <module>
File "/usr/local/lib/python2.7/dist-packages/l2tpreg-20180329-py2.7.egg/EGG-INFO/scripts/preg.py", line 832, in Main
File "/usr/local/lib/python2.7/dist-packages/l2tpreg-20180329-py2.7.egg/EGG-INFO/scripts/preg.py", line 670, in Run
AttributeError: 'PregTool' object has no attribute 'GetRegistryHelpers'
Even if I try to open the console session directly from a mounted image and on one and only one hive :
$ preg.py -c NTUSER.DAT
Traceback (most recent call last):
File "/usr/local/bin/preg.py", line 4, in <module>
__import__('pkg_resources').run_script('l2tpreg==20180329', 'preg.py')
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 658, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/local/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1445, in run_script
exec(script_code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/l2tpreg-20180329-py2.7.egg/EGG-INFO/scripts/preg.py", line 838, in <module>
File "/usr/local/lib/python2.7/dist-packages/l2tpreg-20180329-py2.7.egg/EGG-INFO/scripts/preg.py", line 832, in Main
File "/usr/local/lib/python2.7/dist-packages/l2tpreg-20180329-py2.7.egg/EGG-INFO/scripts/preg.py", line 670, in Run
AttributeError: 'PregTool' object has no attribute 'GetRegistryHelpers'
After that I tried to update the repo and reinstalled the dependencies with the requirement.txt file but still the same issue.
I don't know if something is wrong with l2tpreg==20180329, I can not find any previous version to try mitigate the issue.
Do you have any idea what is wrong ?
Thanks.
Interactive Console isn't compatible with Ipython 5.x and later
In Ipython 5.x The PromptManager class has been removed, and the prompt machinery simplified. See Custom Prompts to customise prompts with the new machinery.
So this code lines 1547 to 1550:
` try:
ipython_config.PromptManager.in_template = r''.join(prompt_strings)
except AttributeError:
ipython_config.prompt_manager.in_template = r''.join(prompt_strings)
`
raises an exception.
If I install ipython 4.0.0, the code is executed correctly.
Improve test coverage
- complete tests/plugin_list.py
- complete tests/front_end.py
- complete tests/helper.py
- appveyor tests do not use prefix
Add dpkg files
Add dpkg files
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.