mirror of
https://github.com/mvt-project/mvt.git
synced 2024-06-27 14:48:56 +00:00
Getting rid of dict()
This commit is contained in:
parent
5e6e4fa8d0
commit
9582778adf
|
@ -52,14 +52,14 @@ class ChromeHistory(AndroidExtraction):
|
|||
""")
|
||||
|
||||
for item in cur:
|
||||
self.results.append(dict(
|
||||
id=item[0],
|
||||
url=item[1],
|
||||
visit_id=item[2],
|
||||
timestamp=item[3],
|
||||
isodate=convert_timestamp_to_iso(convert_chrometime_to_unix(item[3])),
|
||||
redirect_source=item[4],
|
||||
))
|
||||
self.results.append({
|
||||
"id": item[0],
|
||||
"url": item[1],
|
||||
"visit_id": item[2],
|
||||
"timestamp": item[3],
|
||||
"isodate": convert_timestamp_to_iso(convert_chrometime_to_unix[item[3]]),
|
||||
"redirect_source": item[4],
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -76,18 +76,18 @@ class Packages(AndroidExtraction):
|
|||
first_install = dumpsys[1].split("=")[1].strip()
|
||||
last_update = dumpsys[2].split("=")[1].strip()
|
||||
|
||||
self.results.append(dict(
|
||||
package_name=package_name,
|
||||
file_name=file_name,
|
||||
installer=installer,
|
||||
timestamp=timestamp,
|
||||
first_install_time=first_install,
|
||||
last_update_time=last_update,
|
||||
uid=uid,
|
||||
disabled=False,
|
||||
system=False,
|
||||
third_party=False,
|
||||
))
|
||||
self.results.append({
|
||||
"package_name": package_name,
|
||||
"file_name": file_name,
|
||||
"installer": installer,
|
||||
"timestamp": timestamp,
|
||||
"first_install_time": first_install,
|
||||
"last_update_time": last_update,
|
||||
"uid": uid,
|
||||
"disabled": False,
|
||||
"system": False,
|
||||
"third_party": False,
|
||||
})
|
||||
|
||||
cmds = [
|
||||
{"field": "disabled", "arg": "-d"},
|
||||
|
|
|
@ -29,13 +29,13 @@ class Processes(AndroidExtraction):
|
|||
continue
|
||||
|
||||
fields = line.split()
|
||||
proc = dict(
|
||||
user=fields[0],
|
||||
pid=fields[1],
|
||||
parent_pid=fields[2],
|
||||
vsize=fields[3],
|
||||
rss=fields[4],
|
||||
)
|
||||
proc = {
|
||||
"user": fields[0],
|
||||
"pid": fields[1],
|
||||
"parent_pid": fields[2],
|
||||
"vsize": fields[3],
|
||||
"rss": fields[4],
|
||||
}
|
||||
|
||||
# Sometimes WCHAN is empty, so we need to re-align output fields.
|
||||
if len(fields) == 8:
|
||||
|
|
|
@ -84,7 +84,7 @@ class SMS(AndroidExtraction):
|
|||
names = [description[0] for description in cur.description]
|
||||
|
||||
for item in cur:
|
||||
message = dict()
|
||||
message = {}
|
||||
for index, value in enumerate(item):
|
||||
message[names[index]] = value
|
||||
|
||||
|
|
|
@ -59,7 +59,7 @@ class Whatsapp(AndroidExtraction):
|
|||
|
||||
messages = []
|
||||
for item in cur:
|
||||
message = dict()
|
||||
message = {}
|
||||
for index, value in enumerate(item):
|
||||
message[names[index]] = value
|
||||
|
||||
|
|
|
@ -33,11 +33,11 @@ class ConfigurationProfiles(IOSExtraction):
|
|||
if "SignerCerts" in conf_plist:
|
||||
conf_plist["SignerCerts"] = [b64encode(x) for x in conf_plist["SignerCerts"]]
|
||||
|
||||
self.results.append(dict(
|
||||
file_id=conf_file["file_id"],
|
||||
relative_path=conf_file["relative_path"],
|
||||
domain=conf_file["domain"],
|
||||
plist=conf_plist,
|
||||
))
|
||||
self.results.append({
|
||||
"file_id": conf_file["file_id"],
|
||||
"relative_path": conf_file["relative_path"],
|
||||
"domain": conf_file["domain"],
|
||||
"plist": conf_plist,
|
||||
})
|
||||
|
||||
self.log.info("Extracted details about %d configuration profiles", len(self.results))
|
||||
|
|
|
@ -102,7 +102,7 @@ class Manifest(IOSExtraction):
|
|||
names = [description[0] for description in cur.description]
|
||||
|
||||
for file_entry in cur:
|
||||
file_data = dict()
|
||||
file_data = {}
|
||||
for index, value in enumerate(file_entry):
|
||||
file_data[names[index]] = value
|
||||
|
||||
|
|
|
@ -58,14 +58,14 @@ class CacheFiles(IOSExtraction):
|
|||
self.results[key_name] = []
|
||||
|
||||
for row in cur:
|
||||
self.results[key_name].append(dict(
|
||||
entry_id=row[0],
|
||||
version=row[1],
|
||||
hash_value=row[2],
|
||||
storage_policy=row[3],
|
||||
url=row[4],
|
||||
isodate=row[5],
|
||||
))
|
||||
self.results[key_name].append({
|
||||
"entry_id": row[0],
|
||||
"version": row[1],
|
||||
"hash_value": row[2],
|
||||
"storage_policy": row[3],
|
||||
"url": row[4],
|
||||
"isodate": row[5],
|
||||
})
|
||||
|
||||
def run(self):
|
||||
self.results = {}
|
||||
|
|
|
@ -57,13 +57,13 @@ class SafariFavicon(IOSExtraction):
|
|||
|
||||
items = []
|
||||
for item in cur:
|
||||
items.append(dict(
|
||||
url=item[0],
|
||||
icon_url=item[1],
|
||||
timestamp=item[2],
|
||||
isodate=convert_timestamp_to_iso(convert_mactime_to_unix(item[2])),
|
||||
type="valid",
|
||||
))
|
||||
items.append({
|
||||
"url": item[0],
|
||||
"icon_url": item[1],
|
||||
"timestamp": item[2],
|
||||
"isodate": convert_timestamp_to_iso(convert_mactime_to_unix(item[2])),
|
||||
"type": "valid",
|
||||
})
|
||||
|
||||
# Fetch icons from the rejected icons table.
|
||||
cur.execute("""SELECT
|
||||
|
@ -73,13 +73,13 @@ class SafariFavicon(IOSExtraction):
|
|||
FROM rejected_resources ORDER BY timestamp;""")
|
||||
|
||||
for item in cur:
|
||||
items.append(dict(
|
||||
url=item[0],
|
||||
icon_url=item[1],
|
||||
timestamp=item[2],
|
||||
isodate=convert_timestamp_to_iso(convert_mactime_to_unix(item[2])),
|
||||
type="rejected",
|
||||
))
|
||||
items.append({
|
||||
"url": item[0],
|
||||
"icon_url": item[1],
|
||||
"timestamp": item[2],
|
||||
"isodate": convert_timestamp_to_iso(convert_mactime_to_unix(item[2])),
|
||||
"type": "rejected",
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -34,8 +34,8 @@ class WebkitBase(IOSExtraction):
|
|||
name = name.replace("https_", "https://")
|
||||
url = name.split("_")[0]
|
||||
|
||||
self.results.append(dict(
|
||||
folder=key,
|
||||
url=url,
|
||||
isodate=convert_timestamp_to_iso(datetime.datetime.utcfromtimestamp(os.stat(found_path).st_mtime)),
|
||||
))
|
||||
self.results.append({
|
||||
"folder": key,
|
||||
"url": url,
|
||||
"isodate": convert_timestamp_to_iso(datetime.datetime.utcfromtimestamp(os.stat(found_path).st_mtime)),
|
||||
})
|
||||
|
|
|
@ -65,12 +65,12 @@ class ChromeFavicon(IOSExtraction):
|
|||
items = []
|
||||
for item in cur:
|
||||
last_timestamp = int(item[2]) or int(item[3])
|
||||
items.append(dict(
|
||||
url=item[0],
|
||||
icon_url=item[1],
|
||||
timestamp=last_timestamp,
|
||||
isodate=convert_timestamp_to_iso(convert_chrometime_to_unix(last_timestamp)),
|
||||
))
|
||||
items.append({
|
||||
"url": item[0],
|
||||
"icon_url": item[1],
|
||||
"timestamp": last_timestamp,
|
||||
"isodate": convert_timestamp_to_iso(convert_chrometime_to_unix(last_timestamp)),
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -63,14 +63,14 @@ class ChromeHistory(IOSExtraction):
|
|||
""")
|
||||
|
||||
for item in cur:
|
||||
self.results.append(dict(
|
||||
id=item[0],
|
||||
url=item[1],
|
||||
visit_id=item[2],
|
||||
timestamp=item[3],
|
||||
isodate=convert_timestamp_to_iso(convert_chrometime_to_unix(item[3])),
|
||||
redirect_source=item[4],
|
||||
))
|
||||
self.results.append({
|
||||
"id": item[0],
|
||||
"url": item[1],
|
||||
"visit_id": item[2],
|
||||
"timestamp": item[3],
|
||||
"isodate": convert_timestamp_to_iso(convert_chrometime_to_unix(item[3])),
|
||||
"redirect_source": item[4],
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -40,7 +40,7 @@ class Contacts(IOSExtraction):
|
|||
names = [description[0] for description in cur.description]
|
||||
|
||||
for entry in cur:
|
||||
new_contact = dict()
|
||||
new_contact = {}
|
||||
for index, value in enumerate(entry):
|
||||
new_contact[names[index]] = value
|
||||
|
||||
|
|
|
@ -64,16 +64,16 @@ class FirefoxFavicon(IOSExtraction):
|
|||
""")
|
||||
|
||||
for item in cur:
|
||||
self.results.append(dict(
|
||||
id=item[0],
|
||||
url=item[1],
|
||||
width=item[2],
|
||||
height=item[3],
|
||||
type=item[4],
|
||||
isodate=convert_timestamp_to_iso(datetime.utcfromtimestamp(item[5])),
|
||||
history_id=item[6],
|
||||
history_url=item[7]
|
||||
))
|
||||
self.results.append({
|
||||
"id": item[0],
|
||||
"url": item[1],
|
||||
"width": item[2],
|
||||
"height": item[3],
|
||||
"type": item[4],
|
||||
"isodate": convert_timestamp_to_iso(datetime.utcfromtimestamp(item[5])),
|
||||
"history_id": item[6],
|
||||
"history_url": item[7]
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -62,14 +62,14 @@ class FirefoxHistory(IOSExtraction):
|
|||
""")
|
||||
|
||||
for item in cur:
|
||||
self.results.append(dict(
|
||||
id=item[0],
|
||||
isodate=convert_timestamp_to_iso(datetime.utcfromtimestamp(item[1])),
|
||||
url=item[2],
|
||||
title=item[3],
|
||||
i1000000s_local=item[4],
|
||||
type=item[5]
|
||||
))
|
||||
self.results.append({
|
||||
"id": item[0],
|
||||
"isodate": convert_timestamp_to_iso(datetime.utcfromtimestamp(item[1])),
|
||||
"url": item[2],
|
||||
"title": item[3],
|
||||
"i1000000s_local": item[4],
|
||||
"type": item[5]
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -85,19 +85,19 @@ class SafariBrowserState(IOSExtraction):
|
|||
if "SessionHistoryEntries" in session_data["SessionHistory"]:
|
||||
for session_entry in session_data["SessionHistory"]["SessionHistoryEntries"]:
|
||||
session_history_count += 1
|
||||
session_entries.append(dict(
|
||||
entry_title=session_entry["SessionHistoryEntryOriginalURL"],
|
||||
entry_url=session_entry["SessionHistoryEntryURL"],
|
||||
data_length=len(session_entry["SessionHistoryEntryData"]) if "SessionHistoryEntryData" in session_entry else 0,
|
||||
))
|
||||
session_entries.append({
|
||||
"entry_title": session_entry["SessionHistoryEntryOriginalURL"],
|
||||
"entry_url": session_entry["SessionHistoryEntryURL"],
|
||||
"data_length": len(session_entry["SessionHistoryEntryData"]) if "SessionHistoryEntryData" in session_entry else 0,
|
||||
})
|
||||
|
||||
self.results.append(dict(
|
||||
tab_title=item[0],
|
||||
tab_url=item[1],
|
||||
tab_visible_url=item[2],
|
||||
last_viewed_timestamp=convert_timestamp_to_iso(convert_mactime_to_unix(item[3])),
|
||||
session_data=session_entries,
|
||||
))
|
||||
self.results.append({
|
||||
"tab_title": item[0],
|
||||
"tab_url": item[1],
|
||||
"tab_visible_url": item[2],
|
||||
"last_viewed_timestamp": convert_timestamp_to_iso(convert_mactime_to_unix(item[3])),
|
||||
"session_data": session_entries,
|
||||
})
|
||||
|
||||
self.log.info("Extracted a total of %d tab records and %d session history entries",
|
||||
len(self.results), session_history_count)
|
||||
|
|
|
@ -102,15 +102,15 @@ class SafariHistory(IOSExtraction):
|
|||
|
||||
items = []
|
||||
for item in cur:
|
||||
items.append(dict(
|
||||
id=item[0],
|
||||
url=item[1],
|
||||
visit_id=item[2],
|
||||
timestamp=item[3],
|
||||
isodate=convert_timestamp_to_iso(convert_mactime_to_unix(item[3])),
|
||||
redirect_source=item[4],
|
||||
redirect_destination=item[5]
|
||||
))
|
||||
items.append({
|
||||
"id": item[0],
|
||||
"url": item[1],
|
||||
"visit_id": item[2],
|
||||
"timestamp": item[3],
|
||||
"isodate": convert_timestamp_to_iso(convert_mactime_to_unix(item[3])),
|
||||
"redirect_source": item[4],
|
||||
"redirect_destination": item[5]
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
|
|
@ -64,7 +64,7 @@ class SMS(IOSExtraction):
|
|||
names = [description[0] for description in cur.description]
|
||||
|
||||
for item in cur:
|
||||
message = dict()
|
||||
message = {}
|
||||
for index, value in enumerate(item):
|
||||
# We base64 escape some of the attributes that could contain
|
||||
# binary data.
|
||||
|
|
|
@ -44,16 +44,16 @@ class WebkitSessionResourceLog(IOSExtraction):
|
|||
browsing_stats = file_plist["browsingStatistics"]
|
||||
|
||||
for item in browsing_stats:
|
||||
items.append(dict(
|
||||
origin=item.get("PrevalentResourceOrigin", ""),
|
||||
redirect_source=item.get("topFrameUniqueRedirectsFrom", ""),
|
||||
redirect_destination=item.get("topFrameUniqueRedirectsTo", ""),
|
||||
subframe_under_origin=item.get("subframeUnderTopFrameOrigins", ""),
|
||||
subresource_under_origin=item.get("subresourceUnderTopFrameOrigins", ""),
|
||||
user_interaction=item.get("hadUserInteraction"),
|
||||
most_recent_interaction=convert_timestamp_to_iso(item["mostRecentUserInteraction"]),
|
||||
last_seen=convert_timestamp_to_iso(item["lastSeen"]),
|
||||
))
|
||||
items.append({
|
||||
"origin": item.get("PrevalentResourceOrigin", ""),
|
||||
"redirect_source": item.get("topFrameUniqueRedirectsFrom", ""),
|
||||
"redirect_destination": item.get("topFrameUniqueRedirectsTo", ""),
|
||||
"subframe_under_origin": item.get("subframeUnderTopFrameOrigins", ""),
|
||||
"subresource_under_origin": item.get("subresourceUnderTopFrameOrigins", ""),
|
||||
"user_interaction": item.get("hadUserInteraction"),
|
||||
"most_recent_interaction": convert_timestamp_to_iso(item["mostRecentUserInteraction"]),
|
||||
"last_seen": convert_timestamp_to_iso(item["lastSeen"]),
|
||||
})
|
||||
|
||||
return items
|
||||
|
||||
|
|
|
@ -61,7 +61,7 @@ class Whatsapp(IOSExtraction):
|
|||
names = [description[0] for description in cur.description]
|
||||
|
||||
for message in cur:
|
||||
new_message = dict()
|
||||
new_message = {}
|
||||
for index, value in enumerate(message):
|
||||
new_message[names[index]] = value
|
||||
|
||||
|
|
|
@ -55,20 +55,20 @@ class NetBase(IOSExtraction):
|
|||
else:
|
||||
live_timestamp = ""
|
||||
|
||||
items.append(dict(
|
||||
first_isodate=first_isodate,
|
||||
isodate=isodate,
|
||||
proc_name=item[2],
|
||||
bundle_id=item[3],
|
||||
proc_id=item[4],
|
||||
wifi_in=item[5],
|
||||
wifi_out=item[6],
|
||||
wwan_in=item[7],
|
||||
wwan_out=item[8],
|
||||
live_id=item[9],
|
||||
live_proc_id=item[10],
|
||||
live_isodate=live_timestamp,
|
||||
))
|
||||
items.append({
|
||||
"first_isodate": first_isodate,
|
||||
"isodate": isodate,
|
||||
"proc_name": item[2],
|
||||
"bundle_id": item[3],
|
||||
"proc_id": item[4],
|
||||
"wifi_in": item[5],
|
||||
"wifi_out": item[6],
|
||||
"wwan_in": item[7],
|
||||
"wwan_out": item[8],
|
||||
"live_id": item[9],
|
||||
"live_proc_id": item[10],
|
||||
"live_isodate": live_timestamp,
|
||||
})
|
||||
|
||||
cur.close()
|
||||
conn.close()
|
||||
|
@ -104,6 +104,7 @@ class NetBase(IOSExtraction):
|
|||
"data": record_data,
|
||||
}
|
||||
])
|
||||
|
||||
return records
|
||||
|
||||
def _find_suspicious_processes(self):
|
||||
|
|
Loading…
Reference in New Issue
Block a user