Skip to content
Snippets Groups Projects
Commit 5a255edc authored by Kelly Kelly's avatar Kelly Kelly
Browse files

Fixed custom artifact issue

parent 8a11aae1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
bindings/java/src/org/sleuthkit/datamodel/BlackboardArtifact.java
+ 101
99
View file @ 5a255edc
...@@ -232,106 +232,108 @@ public String getDisplayName() { ...@@ -232,106 +232,108 @@ public String getDisplayName() {
public String getShortDescription() throws TskCoreException { public String getShortDescription() throws TskCoreException {
BlackboardAttribute attr = null; BlackboardAttribute attr = null;
StringBuilder shortDescription = new StringBuilder(""); StringBuilder shortDescription = new StringBuilder("");
switch (ARTIFACT_TYPE.fromID(artifactTypeId)) { if(BlackboardArtifact.Type.STANDARD_TYPES.get(artifactTypeId) != null) {
case TSK_WIFI_NETWORK_ADAPTER: switch (ARTIFACT_TYPE.fromID(artifactTypeId)) {
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_MAC_ADDRESS)); case TSK_WIFI_NETWORK_ADAPTER:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_MAC_ADDRESS));
case TSK_WIFI_NETWORK: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SSID)); case TSK_WIFI_NETWORK:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SSID));
case TSK_REMOTE_DRIVE: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_REMOTE_PATH)); case TSK_REMOTE_DRIVE:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_REMOTE_PATH));
case TSK_SERVICE_ACCOUNT: break;
case TSK_SCREEN_SHOTS: case TSK_SERVICE_ACCOUNT:
case TSK_DELETED_PROG: case TSK_SCREEN_SHOTS:
case TSK_METADATA: case TSK_DELETED_PROG:
case TSK_OS_INFO: case TSK_METADATA:
case TSK_PROG_NOTIFICATIONS: case TSK_OS_INFO:
case TSK_PROG_RUN: case TSK_PROG_NOTIFICATIONS:
case TSK_RECENT_OBJECT: case TSK_PROG_RUN:
case TSK_USER_DEVICE_EVENT: case TSK_RECENT_OBJECT:
case TSK_WEB_SEARCH_QUERY: case TSK_USER_DEVICE_EVENT:
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME)); case TSK_WEB_SEARCH_QUERY:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_PROG_NAME));
case TSK_BLUETOOTH_PAIRING: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_NAME)); case TSK_BLUETOOTH_PAIRING:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_NAME));
case TSK_ACCOUNT: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE)); case TSK_ACCOUNT:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_ACCOUNT_TYPE));
case TSK_WEB_CATEGORIZATION: break;
case TSK_BLUETOOTH_ADAPTER: case TSK_WEB_CATEGORIZATION:
case TSK_GPS_AREA: case TSK_BLUETOOTH_ADAPTER:
case TSK_GPS_BOOKMARK: case TSK_GPS_AREA:
case TSK_GPS_LAST_KNOWN_LOCATION: case TSK_GPS_BOOKMARK:
case TSK_GPS_ROUTE: case TSK_GPS_LAST_KNOWN_LOCATION:
case TSK_GPS_SEARCH: case TSK_GPS_ROUTE:
case TSK_GPS_TRACK: case TSK_GPS_SEARCH:
case TSK_WEB_FORM_AUTOFILL: case TSK_GPS_TRACK:
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_NAME)); case TSK_WEB_FORM_AUTOFILL:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_NAME));
case TSK_WEB_ACCOUNT_TYPE: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_TEXT)); case TSK_WEB_ACCOUNT_TYPE:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_TEXT));
case TSK_HASHSET_HIT: break;
case TSK_INTERESTING_ARTIFACT_HIT: case TSK_HASHSET_HIT:
case TSK_INTERESTING_FILE_HIT: case TSK_INTERESTING_ARTIFACT_HIT:
case TSK_YARA_HIT: case TSK_INTERESTING_FILE_HIT:
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SET_NAME)); case TSK_YARA_HIT:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_SET_NAME));
case TSK_ENCRYPTION_DETECTED: break;
case TSK_ENCRYPTION_SUSPECTED: case TSK_ENCRYPTION_DETECTED:
case TSK_OBJECT_DETECTED: case TSK_ENCRYPTION_SUSPECTED:
case TSK_USER_CONTENT_SUSPECTED: case TSK_OBJECT_DETECTED:
case TSK_VERIFICATION_FAILED: case TSK_USER_CONTENT_SUSPECTED:
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_COMMENT)); case TSK_VERIFICATION_FAILED:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_COMMENT));
case TSK_DATA_SOURCE_USAGE: break;
case TSK_CALENDAR_ENTRY: case TSK_DATA_SOURCE_USAGE:
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DESCRIPTION)); case TSK_CALENDAR_ENTRY:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DESCRIPTION));
case TSK_WEB_BOOKMARK: //web_bookmark, web_cookie, web_download, and web_history are the same attribute for now break;
case TSK_WEB_COOKIE: case TSK_WEB_BOOKMARK: //web_bookmark, web_cookie, web_download, and web_history are the same attribute for now
case TSK_WEB_DOWNLOAD: case TSK_WEB_COOKIE:
case TSK_WEB_HISTORY: case TSK_WEB_DOWNLOAD:
case TSK_WEB_CACHE: case TSK_WEB_HISTORY:
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DOMAIN)); case TSK_WEB_CACHE:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DOMAIN));
case TSK_KEYWORD_HIT: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW)); case TSK_KEYWORD_HIT:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_KEYWORD_PREVIEW));
case TSK_DEVICE_ATTACHED: break;
attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_ID)); case TSK_DEVICE_ATTACHED:
break; attr = getAttribute(new BlackboardAttribute.Type(ATTRIBUTE_TYPE.TSK_DEVICE_ID));
case TSK_CONTACT: //contact, message, and calllog are the same attributes for now break;
case TSK_MESSAGE: case TSK_CONTACT: //contact, message, and calllog are the same attributes for now
case TSK_CALLLOG: case TSK_MESSAGE:
case TSK_SPEED_DIAL_ENTRY: case TSK_CALLLOG:
case TSK_WEB_FORM_ADDRESS: case TSK_SPEED_DIAL_ENTRY:
//get the first of these attributes which exists and is non null case TSK_WEB_FORM_ADDRESS:
final ATTRIBUTE_TYPE[] typesThatCanHaveName = {ATTRIBUTE_TYPE.TSK_NAME, //get the first of these attributes which exists and is non null
ATTRIBUTE_TYPE.TSK_PHONE_NUMBER, final ATTRIBUTE_TYPE[] typesThatCanHaveName = {ATTRIBUTE_TYPE.TSK_NAME,
ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER,
ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_FROM,
ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_HOME, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_TO,
ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_MOBILE, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_HOME,
ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_OFFICE, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_MOBILE,
ATTRIBUTE_TYPE.TSK_EMAIL, ATTRIBUTE_TYPE.TSK_PHONE_NUMBER_OFFICE,
ATTRIBUTE_TYPE.TSK_EMAIL_FROM, ATTRIBUTE_TYPE.TSK_EMAIL,
ATTRIBUTE_TYPE.TSK_EMAIL_TO, ATTRIBUTE_TYPE.TSK_EMAIL_FROM,
ATTRIBUTE_TYPE.TSK_EMAIL_HOME, ATTRIBUTE_TYPE.TSK_EMAIL_TO,
ATTRIBUTE_TYPE.TSK_EMAIL_OFFICE, ATTRIBUTE_TYPE.TSK_EMAIL_HOME,
ATTRIBUTE_TYPE.TSK_LOCATION}; //in the order we want to use them ATTRIBUTE_TYPE.TSK_EMAIL_OFFICE,
for (ATTRIBUTE_TYPE t : typesThatCanHaveName) { ATTRIBUTE_TYPE.TSK_LOCATION}; //in the order we want to use them
attr = getAttribute(new BlackboardAttribute.Type(t)); for (ATTRIBUTE_TYPE t : typesThatCanHaveName) {
if (attr != null && !attr.getDisplayString().isEmpty()) { attr = getAttribute(new BlackboardAttribute.Type(t));
break; if (attr != null && !attr.getDisplayString().isEmpty()) {
break;
}
} }
} break;
break; default:
default: break;
break; }
} }
if (attr != null) { if (attr != null) {
shortDescription.append(attr.getAttributeType().getDisplayName()).append(": ").append(attr.getDisplayString()); shortDescription.append(attr.getAttributeType().getDisplayName()).append(": ").append(attr.getDisplayString());
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment