mirror of
https://github.com/mvt-project/mvt.git
synced 2024-06-29 07:39:00 +00:00
Add SMS read time in the MVT logs
This commit is contained in:
parent
e2516f284b
commit
7046ff80d1
|
@ -43,13 +43,21 @@ class SMS(IOSExtraction):
|
||||||
|
|
||||||
def serialize(self, record: dict) -> Union[dict, list]:
|
def serialize(self, record: dict) -> Union[dict, list]:
|
||||||
text = record["text"].replace("\n", "\\n")
|
text = record["text"].replace("\n", "\\n")
|
||||||
return {
|
sms_data = f"{record['service']}: {record['guid']} \"{text}\" from {record['phone_number']} ({record['account']})"
|
||||||
"timestamp": record["isodate"],
|
return [
|
||||||
"module": self.__class__.__name__,
|
{
|
||||||
"event": "sms_received",
|
"timestamp": record["isodate"],
|
||||||
"data": f"{record['service']}: {record['guid']} \"{text}\" "
|
"module": self.__class__.__name__,
|
||||||
f"from {record['phone_number']} ({record['account']})",
|
"event": "sms_received",
|
||||||
}
|
"data": sms_data,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"timestamp": record["isodate_read"],
|
||||||
|
"module": self.__class__.__name__,
|
||||||
|
"event": "sms_read",
|
||||||
|
"data": sms_data,
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
def check_indicators(self) -> None:
|
def check_indicators(self) -> None:
|
||||||
if not self.indicators:
|
if not self.indicators:
|
||||||
|
@ -120,6 +128,7 @@ class SMS(IOSExtraction):
|
||||||
|
|
||||||
# We convert Mac's ridiculous timestamp format.
|
# We convert Mac's ridiculous timestamp format.
|
||||||
message["isodate"] = convert_mactime_to_iso(message["date"])
|
message["isodate"] = convert_mactime_to_iso(message["date"])
|
||||||
|
message["isodate_read"] = convert_mactime_to_iso(message["date_read"])
|
||||||
message["direction"] = (
|
message["direction"] = (
|
||||||
"sent" if message.get("is_from_me", 0) == 1 else "received"
|
"sent" if message.get("is_from_me", 0) == 1 else "received"
|
||||||
)
|
)
|
||||||
|
|
|
@ -17,7 +17,7 @@ class TestSMSModule:
|
||||||
m = SMS(target_path=get_ios_backup_folder())
|
m = SMS(target_path=get_ios_backup_folder())
|
||||||
run_module(m)
|
run_module(m)
|
||||||
assert len(m.results) == 1
|
assert len(m.results) == 1
|
||||||
assert len(m.timeline) == 1
|
assert len(m.timeline) == 2 # SMS received and read events.
|
||||||
assert len(m.detected) == 0
|
assert len(m.detected) == 0
|
||||||
|
|
||||||
def test_detection(self, indicator_file):
|
def test_detection(self, indicator_file):
|
||||||
|
|
Loading…
Reference in New Issue
Block a user