-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathadam_and_eve.py
136 lines (125 loc) · 4.42 KB
/
adam_and_eve.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
from __future__ import print_function
import argparse
from datetime import datetime as dt
import os
import sys
import hashlib #Hash lib
import logging
from collections import Counter
import shutil
import chain_of_custody
import getpass
from datetime import datetime
print("""
__ ___ __ _ __ _ ___ ____ _ ____
/ /\ | | \ / /\ | |\/| / /\ | |\ | | | \ | |_ \ \ / | |_
/_/--\ |_|_/ /_/--\ |_| | /_/--\ |_| \| |_|_/ |_|__ \_\/ |_|__
""")
__authors__ = ["Adam Doukani"]
__date__ = "1st July, 2020"
__description__ = "Digital Forensics Tool"
parser = argparse.ArgumentParser(
description=__description__,
epilog="Developed by {} on {}".format(__authors__, __date__)
)
def __hashing__():
available_algorithms = {
"md5": hashlib.md5,
"sha1": hashlib.sha1,
"sha256": hashlib.sha256,
"sha512": hashlib.sha512
}
args = parser.parse_args()
input_file = str(input("Specify file directory: "))
hash_alg = input("Specify hashing algorithm <md5 | sha1 | sha256 | sha521> : ")
file_name = available_algorithms[hash_alg]()
abs_path = os.path.abspath(input_file)
file_name.update(abs_path.encode())
print("The {} of the filename is: {}".format(
hash_alg, file_name.hexdigest()))
file_content = available_algorithms[hash_alg]()
with open(input_file, 'rb') as open_file:
buff_size = 1024
buff = open_file.read(buff_size)
while buff:
file_content.update(buff)
buff = open_file.read(buff_size)
print("The {} of the content is: {}".format(
hash_alg, file_content.hexdigest()))
my_hash = file_content.hexdigest()
save_hash = str(input("Do you want to save the hash value? < y - n >"))
if save_hash == "y":
now = datetime.now()
x = getpass.getuser()
dt_string = now.strftime("%d/%m/%Y %H:%M:%S")
f = open("hash.txt", "a+")
f.write("Created By {} On {} {} hash is: {} for {}\n".format(x, dt_string, hash_alg , my_hash, input_file))
print("Hash saved successfully, please check hash.txt file")
def __help__():
print("""
Still in progress ...
""")
def check_location():
file_path = str(input("Specify file directory: "))
stat_info = os.stat(file_path)
print("Path: ", os.path.abspath(file_path))
def __sysinfo__():
file_path = str(input("Specify file directory: "))
stat_info = os.stat(file_path)
if "linux" in sys.platform or "darwin" in sys.platform:
print("Change time: ", dt.fromtimestamp(stat_info.st_ctime))
elif "win" in sys.platform:
print("Creation time: ", dt.fromtimestamp(stat_info.st_ctime))
else:
print("[-] Unsupported platform {} detected. Cannot interpret "
"creation/change timestamp.".format(sys.platform)
)
print("Modification time: ", dt.fromtimestamp(stat_info.st_mtime))
print("Access time: ", dt.fromtimestamp(stat_info.st_atime))
print("File mode: ", stat_info.st_mode)
print("File inode: ", stat_info.st_ino)
major = os.major(stat_info.st_dev)
minor = os.minor(stat_info.st_dev)
print("Device ID: ", stat_info.st_dev)
print("\tMajor: ", major)
print("\tMinor: ", minor)
print("Number of hard links: ", stat_info.st_nlink)
print("Owner User ID: ", stat_info.st_uid)
print("Group ID: ", stat_info.st_gid)
print("File Size: ", stat_info.st_size)
# Gather other properties
print("Is a symlink: ", os.path.islink(file_path))
print("File exists: ", os.path.exists(file_path))
print("Parent directory: ", os.path.dirname(file_path))
print("Parent directory: {} | File name: {}".format(
*os.path.split(file_path)))
print("Choose an option: ")
print("\n0- Exit")
print("1- TimeStamp")
print("2- File Hash")
print("3- Check File Path")
print("4- Chain of Custody Report")
print("5- Logging Event")
print("99- Help\n")
args = parser.parse_args()
mode_on = True
while mode_on:
choice = int(input("Choose: "))
if choice == 1:
__sysinfo__()
elif choice == 2:
__hashing__()
elif choice == 4:
chain_of_custody._csv_1()
elif choice == 0:
print("Adam and Eve send their regards!")
break
elif choice == 5:
import main_chain_of_custody
main_chain_of_custody.Database()
elif choice == 99:
__help__()
elif choice == 3:
check_location()
else:
print("Humm that wasn't listed")