本文整理汇总了Python中pyflag.pyflagsh.shell_execv函数的典型用法代码示例。如果您正苦于以下问题:Python shell_execv函数的具体用法?Python shell_execv怎么用?Python shell_execv使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了shell_execv函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test01ls
def test01ls(self):
""" Test the ls command """
self.env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=self.env, command="load",
argv=[self.test_case,])
## Check we can list default directory
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=[])]
self.assertEqual(len(lines),18)
## Check we can list directories
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=["docs"])]
self.assert_(len(lines)>=3)
## Check that we can glob files:
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=["*.jpg"])]
self.assertEqual(len(lines),5)
## Check that we can glob directories:
lines = [ l for l in pyflagsh.shell_execv_iter(env=self.env, command="ls",
argv=["do*"])]
self.assert_(len(lines)>3)示例2: test02catTests
def test02catTests(self):
""" Test the cat command """
self.env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=self.env, command="load",
argv=[self.test_case,])
self.fsfd = FileSystem.DBFS(self.test_case)
fd = self.fsfd.open("/dscf1080.jpg")
data1=fd.read()
fd = self.fsfd.open("/dscf1081.jpg")
data2=fd.read()
fd = self.fsfd.open("/dscf1082.jpg")
data3=fd.read()
result = ''
for l in pyflagsh.shell_execv_iter(env=self.env, command="cat",
argv=["/dscf1081.jpg"]):
result+=l
self.assertEqual(result,data2)
result = ''
for l in pyflagsh.shell_execv_iter(env=self.env, command="cat",
argv=["/dscf108*"]):
result+=l
self.assertEqual(len(result),len(data1)+len(data2)+len(data3))
self.assert_(result==data1+data2+data3)示例3: test01RunScanners
def test01RunScanners(self):
""" Running Logical Index Scanner """
## Make sure the word secret is in there.
pdbh = DB.DBO()
pdbh.execute("select * from dictionary where word='secret' limit 1")
row = pdbh.fetch()
if not row:
pdbh.insert('dictionary', **{'word':'secret', 'class':'English', 'type':'word'})
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'IndexScan'])
dbh = DB.DBO(self.test_case)
dbh2 = DB.DBO(self.test_case)
fsfd = DBFS(self.test_case)
dbh.execute("select inode_id, word,offset,length from LogicalIndexOffsets join %s.dictionary on LogicalIndexOffsets.word_id=%s.dictionary.id where word='secret'", (config.FLAGDB,config.FLAGDB))
count = 0
for row in dbh:
count += 1
path, inode, inode_id = fsfd.lookup(inode_id = row['inode_id'])
fd = fsfd.open(inode=inode)
fd.overread = True
fd.slack = True
fd.seek(row['offset'])
data = fd.read(row['length'])
print "Looking for %s: Found in %s at offset %s length %s %r" % (
row['word'], inode, row['offset'], row['length'],data)
self.assertEqual(data.lower(), row['word'].lower())
## Did we find all the secrets?
self.assertEqual(count,2)示例4: test02LoadFilesystem
def test02LoadFilesystem(self):
""" Test that basic filesystems load """
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load IO Data Source",
"case=%s" % self.test_case,
"iosource=first_image",
"subsys=Standard",
"filename=pyflag_stdimage_0.4.dd",
"offset=16128s",
],
)
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load Filesystem image",
"case=%s" % self.test_case,
"iosource=first_image",
"fstype=Sleuthkit",
"mount_point=/stdimage/",
],
)
dbh = DB.DBO(self.test_case)
dbh.execute("select count(*) as count from inode")
self.assertEqual(dbh.fetch()["count"], 90)示例5: test01LoadRaid
def test01LoadRaid(self):
""" Test the RAID IO Source loader """
## This image was made by the linux raid5 implementation.
## Just to make things a bit more complicated, each image of
## each individual disk was acquired using ewfacquire into an
## EWF file. We use the io://EWF/filename=/raid/linux/d1.E01
## URL notation as the image filename in order to use the EWF
## IO Source driver to read the file.
pyflagsh.shell_execv(command="execute",
argv=["Load Data.Load IO Data Source",'case=%s' % self.test_case,
"iosource=test",
"subsys=RAID5 (1 Parity)",
"filename=io://EWF/filename=/raid/linux/d1.E01",
"filename=io://EWF/filename=/raid/linux/d2.E01",
"filename=io://EWF/filename=/raid/linux/d3.E01",
"offset=0",
"map=1.0.P.P.3.2.4.P.5",
"period=3",
"blocksize=64k",
"TZ=%s" % self.TZ
])
pyflagsh.shell_execv(command="execute",
argv=["Load Data.Load Filesystem image",'case=%s' % self.test_case,
"iosource=test",
"fstype=Sleuthkit",
"mount_point=/"])示例6: test01RunScanner
def test01RunScanner(self):
""" Test cache scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'ZipScan'])
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'MozCacheScan','GoogleImageScanner'])示例7: test03cpTests
def test03cpTests(self):
""" Test the cp (copy) command """
self.env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=self.env, command="load",
argv=[self.test_case,])
## Make a directory for the files:
tmpname = os.tmpnam()
os.mkdir(tmpname)
pyflagsh.shell_execv(env=self.env, command="cp",
argv=["/dscf108*", tmpname])
## Now verify the copy worked:
fd = open(tmpname+"/dscf1080.jpg",'r')
data = fd.read()
md5sum = md5.new()
md5sum.update(data)
self.assertEqual(md5sum.hexdigest(),'9e03e022404a945575b813ffb56fd841')
## Clean up:
for file in os.listdir(tmpname):
os.unlink(tmpname+'/'+file)
os.rmdir(tmpname)示例8: test03MultipleSources
def test03MultipleSources(self):
""" Test that multiple images can be loaded on the same VFS """
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load IO Data Source",
"case=%s" % self.test_case,
"iosource=second_image",
"subsys=EWF",
"filename=ntfs_image.e01",
],
)
pyflagsh.shell_execv(
command="execute",
argv=[
"Load Data.Load Filesystem image",
"case=%s" % self.test_case,
"iosource=second_image",
"fstype=Sleuthkit",
"mount_point=/ntfsimage/",
],
)
## Try to read a file from the first source:
fsfd = DBFS(self.test_case)
fd = fsfd.open("/stdimage/dscf1081.jpg")
m = hashlib.md5()
m.update(fd.read())
self.assertEqual(m.hexdigest(), "11bec410aebe0c22c14f3eaaae306f46")
## Try to read a file from the second source:
fd = fsfd.open("/ntfsimage/Books/80day11.txt")
m = hashlib.md5()
m.update(fd.read())
self.assertEqual(m.hexdigest(), "f5b394b5d0ca8c9ce206353e71d1d1f2")示例9: test01SMTPScanner
def test01SMTPScanner(self):
""" Test SMTP Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"SMTPScanner", "RFC2822", "TypeScan"
]) ## List of Scanners示例10: test01GmailScanner
def test01GmailScanner(self):
""" Test Google Image Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"GoogleImageScanner",
]) ## List of Scanners示例11: test01
def test01(self):
""" Test Reassebler """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"NetworkScanners",
]) ## List of Scanners示例12: test01RunScanner
def test01RunScanner(self):
""" Running scanners """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'ZipScan', 'TarScan', 'GZScan'])
pyflagsh.shell_execv(env=env, command="scan",
argv=["*",'JPEGCarver', 'ZipScan', 'TarScan', 'GZScan', 'TypeScan', 'IndexScan'])示例13: test01YahooMailScanner
def test01YahooMailScanner(self):
""" Test Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"YahooMail20Scan",
]) ## List of Scanners示例14: test01GmailScanner
def test01GmailScanner(self):
""" Test Gmail Scanner """
env = pyflagsh.environment(case=self.test_case)
pyflagsh.shell_execv(env=env,
command="scan",
argv=["*", ## Inodes (All)
"GmailScanner", "YahooMailScan",
"SquirrelMailScan", "HotmailScanner"
]) ## List of Scanners示例15: test00preLoadCase
def test00preLoadCase(self):
""" Reset case """
import pyflag.pyflagsh as pyflagsh
pyflagsh.shell_execv(command = "execute",
argv=["Case Management.Remove case",'remove_case=%s' % self.test_case])
pyflagsh.shell_execv(command="execute",
argv=["Case Management.Create new case",'create_case=%s' % self.test_case])