本文整理汇总了Python中pyflag.pyflagsh.shell_execv函数的典型用法代码示例。如果您正苦于以下问题:Python shell_execv函数的具体用法?Python shell_execv怎么用?Python shell_execv使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了shell_execv函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: test01ls
def test01ls(self):
""" Test the ls command """
self.env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=self.env, command="load",
argv=[self.test_case,])
## Check we can list default directory
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=[])]
self.assertEqual(len(lines),18)
## Check we can list directories
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=["docs"])]
self.assert_(len(lines)>=3)
## Check that we can glob files:
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=["*.jpg"])]
self.assertEqual(len(lines),5)
## Check that we can glob directories:
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=["do*"])]
self.assert_(len(lines)>3)
开发者ID:anarchivist,项目名称:pyflag,代码行数:25,代码来源:BasicCommands.py
示例2: test02catTests
def test02catTests(self):
""" Test the cat command """
self.env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=self.env, command="load",
argv=[self.test_case,])
self.fsfd = FileSystem.DBFS(self.test_case)
fd = self.fsfd.open("/dscf1080.jpg")
data1=fd.read()
fd = self.fsfd.open("/dscf1081.jpg")
data2=fd.read()
fd = self.fsfd.open("/dscf1082.jpg")
data3=fd.read()
result = ''
for l in pyflagsh.shell_execv_iter(env=self.env, command="cat",
argv=["/dscf1081.jpg"]):
result+=l
self.assertEqual(result,data2)
result = ''
for l in pyflagsh.shell_execv_iter(env=self.env, command="cat",
argv=["/dscf108*"]):
result+=l
self.assertEqual(len(result),len(data1)+len(data2)+len(data3))
self.assert_(result==data1+data2+data3)
开发者ID:anarchivist,项目名称:pyflag,代码行数:27,代码来源:BasicCommands.py
示例3: test01RunScanners
def test01RunScanners(self):
""" Running Logical Index Scanner """
## Make sure the word secret is in there.
pdbh = DB.DBO()
pdbh.execute("select * from dictionary where word='secret' limit 1")
row = pdbh.fetch()
if not row:
pdbh.insert('dictionary', **{'word':'secret', 'class':'English', 'type':'word'})
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'IndexScan'])
dbh = DB.DBO(self.test_case)
dbh2 = DB.DBO(self.test_case)
fsfd = DBFS(self.test_case)
dbh.execute("select inode_id, word,offset,length from LogicalIndexOffsets join %s.dictionary on LogicalIndexOffsets.word_id=%s.dictionary.id where word='secret'", (config.FLAGDB,config.FLAGDB))
count = 0
for row in dbh:
count += 1
path, inode, inode_id = fsfd.lookup(inode_id = row['inode_id'])
fd = fsfd.open(inode=inode)
fd.overread = True
fd.slack = True
fd.seek(row['offset'])
data = fd.read(row['length'])
print "Looking for %s: Found in %s at offset %s length %s %r" % (
row['word'], inode, row['offset'], row['length'],data)
self.assertEqual(data.lower(), row['word'].lower())
## Did we find all the secrets?
self.assertEqual(count,2)
开发者ID:anarchivist,项目名称:pyflag,代码行数:32,代码来源:LogicalIndex.py
示例4: test02LoadFilesystem
def test02LoadFilesystem(self):
""" Test that basic filesystems load """
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load IO Data Source",
"case=%s" % self.test_case,
"iosource=first_image",
"subsys=Standard",
"filename=pyflag_stdimage_0.4.dd",
"offset=16128s",
],
)
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load Filesystem image",
"case=%s" % self.test_case,
"iosource=first_image",
"fstype=Sleuthkit",
"mount_point=/stdimage/",
],
)
dbh = DB.DBO(self.test_case)
dbh.execute("select count(*) as count from inode")
self.assertEqual(dbh.fetch()["count"], 90)
开发者ID:backupManager,项目名称:pyflag,代码行数:26,代码来源:LoadData.py
示例5: test01LoadRaid
def test01LoadRaid(self):
""" Test the RAID IO Source loader """
## This image was made by the linux raid5 implementation.
## Just to make things a bit more complicated, each image of
## each individual disk was acquired using ewfacquire into an
## EWF file. We use the io://EWF/filename=/raid/linux/d1.E01
## URL notation as the image filename in order to use the EWF
## IO Source driver to read the file.
pyflagsh.shell_execv(command="execute",
argv=["Load Data.Load IO Data Source",'case=%s' % self.test_case,
"iosource=test",
"subsys=RAID5 (1 Parity)",
"filename=io://EWF/filename=/raid/linux/d1.E01",
"filename=io://EWF/filename=/raid/linux/d2.E01",
"filename=io://EWF/filename=/raid/linux/d3.E01",
"offset=0",
"map=1.0.P.P.3.2.4.P.5",
"period=3",
"blocksize=64k",
"TZ=%s" % self.TZ
])
pyflagsh.shell_execv(command="execute",
argv=["Load Data.Load Filesystem image",'case=%s' % self.test_case,
"iosource=test",
"fstype=Sleuthkit",
"mount_point=/"])
开发者ID:anarchivist,项目名称:pyflag,代码行数:27,代码来源:Raid.py
示例6: test01RunScanner
def test01RunScanner(self):
""" Test cache scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'ZipScan'])
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'MozCacheScan','GoogleImageScanner'])
开发者ID:anarchivist,项目名称:pyflag,代码行数:7,代码来源:Mozilla.py
示例7: test03cpTests
def test03cpTests(self):
""" Test the cp (copy) command """
self.env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=self.env, command="load",
argv=[self.test_case,])
## Make a directory for the files:
tmpname = os.tmpnam()
os.mkdir(tmpname)
pyflagsh.shell_execv(env=self.env, command="cp",
argv=["/dscf108*", tmpname])
## Now verify the copy worked:
fd = open(tmpname+"/dscf1080.jpg",'r')
data = fd.read()
md5sum = md5.new()
md5sum.update(data)
self.assertEqual(md5sum.hexdigest(),'9e03e022404a945575b813ffb56fd841')
## Clean up:
for file in os.listdir(tmpname):
os.unlink(tmpname+'/'+file)
os.rmdir(tmpname)
开发者ID:anarchivist,项目名称:pyflag,代码行数:25,代码来源:BasicCommands.py
示例8: test03MultipleSources
def test03MultipleSources(self):
""" Test that multiple images can be loaded on the same VFS """
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load IO Data Source",
"case=%s" % self.test_case,
"iosource=second_image",
"subsys=EWF",
"filename=ntfs_image.e01",
],
)
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load Filesystem image",
"case=%s" % self.test_case,
"iosource=second_image",
"fstype=Sleuthkit",
"mount_point=/ntfsimage/",
],
)
## Try to read a file from the first source:
fsfd = DBFS(self.test_case)
fd = fsfd.open("/stdimage/dscf1081.jpg")
m = hashlib.md5()
m.update(fd.read())
self.assertEqual(m.hexdigest(), "11bec410aebe0c22c14f3eaaae306f46")
## Try to read a file from the second source:
fd = fsfd.open("/ntfsimage/Books/80day11.txt")
m = hashlib.md5()
m.update(fd.read())
self.assertEqual(m.hexdigest(), "f5b394b5d0ca8c9ce206353e71d1d1f2")
开发者ID:backupManager,项目名称:pyflag,代码行数:35,代码来源:LoadData.py
示例9: test01SMTPScanner
def test01SMTPScanner(self):
""" Test SMTP Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"SMTPScanner", "RFC2822", "TypeScan"
]) ## List of Scanners
开发者ID:anarchivist,项目名称:pyflag,代码行数:8,代码来源:SMTP.py
示例10: test01GmailScanner
def test01GmailScanner(self):
""" Test Google Image Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"GoogleImageScanner",
]) ## List of Scanners
开发者ID:anarchivist,项目名称:pyflag,代码行数:8,代码来源:Google.py
示例11: test01
def test01(self):
""" Test Reassebler """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"NetworkScanners",
]) ## List of Scanners
开发者ID:anarchivist,项目名称:pyflag,代码行数:8,代码来源:Reassembler.py
示例12: test01RunScanner
def test01RunScanner(self):
""" Running scanners """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'ZipScan', 'TarScan', 'GZScan'])
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'JPEGCarver', 'ZipScan', 'TarScan', 'GZScan', 'TypeScan', 'IndexScan'])
开发者ID:anarchivist,项目名称:pyflag,代码行数:8,代码来源:dftt.py
示例13: test01YahooMailScanner
def test01YahooMailScanner(self):
""" Test Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"YahooMail20Scan",
]) ## List of Scanners
开发者ID:anarchivist,项目名称:pyflag,代码行数:8,代码来源:YahooMail.py
示例14: test01GmailScanner
def test01GmailScanner(self):
""" Test Gmail Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"GmailScanner", "YahooMailScan",
"SquirrelMailScan", "HotmailScanner"
]) ## List of Scanners
开发者ID:anarchivist,项目名称:pyflag,代码行数:9,代码来源:Gmail.py
示例15: test00preLoadCase
def test00preLoadCase(self):
""" Reset case """
import pyflag.pyflagsh as pyflagsh
pyflagsh.shell_execv(command = "execute",
argv=["Case Management.Remove case",'remove_case=%s' % self.test_case])
pyflagsh.shell_execv(command="execute",
argv=["Case Management.Create new case",'create_case=%s' % self.test_case])
开发者ID:arkem,项目名称:pyflag,代码行数:9,代码来源:FileSystem.py
示例16: test00preLoadCase
def test00preLoadCase(self):
""" Load Memory image """
#pyflag.tests.ScannerTest.test00preLoadCase(self)
pyflagsh.shell_execv(command="execute",
argv=["Load Data.Load Filesystem image",'case=%s' % self.test_case,
"iosource=test",
"fstype=Linux Memory",
"profile=2_6_18-8_1_15_el5",
"map=System.map-2.6.18-8.1.15.el5.map",
"mount_point=%s" % self.mount_point])
开发者ID:anarchivist,项目名称:pyflag,代码行数:10,代码来源:VolatilityLinux.py
示例17: test02Hash
def test02Hash(self):
""" Test the hashes of loaded files """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'MD5Scan'])
dbh = DB.DBO(self.test_case)
dbh.execute("select binary_md5 from hash where binary_md5=%b",
"04D68B7C8993A3A485A5780EC1A8D62D".decode("hex"))
self.assert_(dbh.fetch(), "Expected hash not found")
开发者ID:anarchivist,项目名称:pyflag,代码行数:10,代码来源:Raid.py
示例18: test01FTPScanner
def test01FTPScanner(self):
""" Test basic FTP scanning """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"FTPScanner"
]) ## List of Scanners
## What should we have found? FIXME
dbh = DB.DBO(self.test_case)
开发者ID:backupManager,项目名称:pyflag,代码行数:11,代码来源:FTP.py
示例19: test01TypeScan
def test01TypeScan(self):
""" Check the type scanner works """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'TypeScan'])
## Make sure the extra magic is being used properly.
dbh = DB.DBO(self.test_case)
dbh.execute('select count(*) as count from type where type like "%%Outlook%%"')
count = dbh.fetch()['count']
self.failIf(count==0, "Unable to locate an Outlook PST file - maybe we are not using our custom magic file?")
开发者ID:backupManager,项目名称:pyflag,代码行数:11,代码来源:TypeScan.py
示例20: test01CarveImage
def test01CarveImage(self):
""" Carving from Image """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'ScriptCarver'])
dbh = DB.DBO(self.test_case)
dbh.execute("select count(*) as c from type where type like %r", "%script")
row = dbh.fetch()
self.assert_(row != None)
self.assert_(row['c']>=3)
开发者ID:anarchivist,项目名称:pyflag,代码行数:11,代码来源:ScriptCarver.py
注:本文中的pyflag.pyflagsh.shell_execv函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论