casualscripter/Masterthesis
1
0
Fork 0
Code Issues 11 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
533cb03e38a4afe222fdaede731cde336c4c813c
Masterthesis/home/lucifer/.local/share/nautilus/scripts/05c-Linux/03-E01-timezone

183 lines
6.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
#===============================================================================
#
# DIRECTORY:
# /home/*/.local/share/nautilus/scripts/05c-Linux/
# OR
# /home/*/.gnome2/nautilus-sctipts/05c-Linux/ (deprecated)
#
# FILE:
# 03-E01-timezone
#
# USAGE:
# Right click on a EWF_E01 image (.E01) and
# choose this nautilus script from the context menu.
#
# OPTIONS:
# none
#
# DESCRIPTION:
# Stored and shows timezone information.
#
# REQUIREMENTS:
# bash, zenity, sleuthkit, awk, sed, openssl and grep
#
# BUGS:
# ---
#
# NOTES:
# Tested on
# - Debian 8+
# - Arch Linux
#
# AUTHOR:
# Patrick Neumann, patrick@neumannsland.de
#
# COMPANY:
# (privately)
#
# VERSION:
# 0.9 (beta)
#
# LINK TO THE MOST CURRENT VERSIONS:
# https://...
#
# CREATED:
# 24.04.2020
#
# COPYRIGHT (C):
# 2015-2020 - Patrick Neumann
#
# LICENSE:
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# WARRANTY:
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# TODO:
# ---
#
# HISTORY:
# 0.9 - Patrick Neumann - Initial (public) release
#
#===============================================================================
#-------------------------------------------------------------------------------
# Additional supported Distribution(s) (add before Library!).
#-------------------------------------------------------------------------------
SUPPORTED_OSR="arch"
#-------------------------------------------------------------------------------
# Check for library (casualscripter_nautilus-scripts_functions.sh).
#-------------------------------------------------------------------------------
readonly LIBRARY="${0%/*/*}/.casualscripter_nautilus-scripts_functions.sh"
if [ ! -f "${LIBRARY}" ] ; then
zenity --error \
--text \
"ERROR: casualscripter_nautilus-scripts_functions.sh MISSING!"
exit 1
fi
source "${LIBRARY}"
#-------------------------------------------------------------------------------
# Checks (see library "casualscripter_nautilus-scripts_functions.sh").
#-------------------------------------------------------------------------------
check_dep "${AWK_BIN}" "awk"
check_dep "${FLS_BIN}" "sleuthkit"
check_dep "${FSSTAT_BIN}" "sleuthkit"
check_dep "${GREP_BIN}" "grep"
check_dep "${ICAT_BIN}" "sleuthkit"
check_dep "${IFIND_BIN}" "sleuthkit"
check_dep "${ISTAT_BIN}" "sleuthkit"
check_dep "${MMLS_BIN}" "sleuthkit"
check_dep "${OPENSSL_BIN}" "openssl"
check_dep "${SED_BIN}" "sed"
check_ext "${SOURCE}" "[eE]01"
check_tmp
#-------------------------------------------------------------------------------
# A little bit of configuration before the magic.
#-------------------------------------------------------------------------------
readonly OFFSET="$( choose_partition "${SOURCE}" | ${AWK_BIN} -F "_" '{ print $3; }' )"
readonly TIMEZONE="${TMP}/${OFFSET}-timezone.txt"
#-------------------------------------------------------------------------------
# A wonder maybe takes "a little bit" longer... :-/
#-------------------------------------------------------------------------------
if ${FSSTAT_BIN} -o "${OFFSET}" "${SOURCE}" > /dev/null 2>&1 ; then
(
echo -e -n "Partition (mmls line):\n " >> "${TIMEZONE}"
${MMLS_BIN} -aM "${SOURCE}" \
| ${AWK_BIN} '$3=='"${OFFSET}"' { print $0; }' \
>> "${TIMEZONE}"
lt_inode="$( ${IFIND_BIN} -o "${OFFSET}" \
-n "/etc/localtime" \
"${SOURCE}" )"
if [ "${lt_inode}" != "File not found" ] ; then
symlink="$( ${ISTAT_BIN} -o "${OFFSET}" "${SOURCE}" "${lt_inode}" \
| ${AWK_BIN} -F ":" '/symbolic link to/ { sub( /.*\/usr\/share\/zoneinfo\//, "", $2 ); print $2 }' )"
echo -e -n " Information from \"/etc/localtime\":\n " >> "${TIMEZONE}"
if [ -n "${symlink}" ] ; then
echo "${symlink}" >> "${TIMEZONE}"
else
lt_md5="$( ${ICAT_BIN} -o "${OFFSET}" \
"${SOURCE}" \
"${lt_inode}" \
| ${OPENSSL_BIN} dgst -md5 \
| ${AWK_BIN} '{ print $NF; }' )"
zi_inode="$( ${IFIND_BIN} -o "${OFFSET}" \
-n "/usr/share/zoneinfo" \
"${SOURCE}" )"
zoneinfo="$( ${FLS_BIN} -o "${OFFSET}" \
-m "/usr/share/zoneinfo" \
-h \
-r \
"${SOURCE}" \
"${zi_inode}" \
| ${GREP_BIN} --invert-match --fixed-strings "deleted" \
| ${AWK_BIN} --field-separator "|" \
'/'"${lt_md5}"'/ { sub( /.*\/usr\/share\/zoneinfo\//, "", $2 ); print $2; }' )"
echo "${zoneinfo}" >> "${TIMEZONE}"
fi
echo >> "${TIMEZONE}"
else
echo -e " \"/etc/localtime\" not found.\n"
fi
timezone="$( ${IFIND_BIN} -o "${OFFSET}" -n "/etc/timezone" "${SOURCE}" )"
if [ "${timezone}" != "File not found" ] ; then
echo -e -n " Information from \"/etc/timezone\":\n " >> "${TIMEZONE}"
${ICAT_BIN} -o "${OFFSET}" "${SOURCE}" "${timezone}" >> "${TIMEZONE}"
else
echo -e " File \"/etc/timezone\" not found.\n"
fi
echo >> "${TIMEZONE}"
) | ${ZENITY_BIN} --progress \
--title="timezone" \
--text="Please wait..." \
--pulsate
else
echo -e " ? (The Sleuth Kit does not support the filesystem!)\n" >> "${TIMEZONE}"
fi
#-------------------------------------------------------------------------------
# Display content of the resultfile "timezone.txt".
#-------------------------------------------------------------------------------
display_resultfile "${TIMEZONE}"
exit 0
Reference in New Issue View Git Blame Copy Permalink