/
mare
82 lines (69 loc) · 2.99 KB
/
mare
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/usr/bin/env bash
##MAlware Analysis Forensic Tools App from CSI Linux by CSI Linux v2022.8.30.1
##tools@csilinux.com - Jeremy Martin
red=`tput setaf 1`
reset=`tput sgr0`
printf "Welcome to the Computer Forensics App\n"
timestamp=$(date +%Y-%m-%d:%H:%M)
closecase=$(date +%Y%m%d%H%M)
source /opt/csitools/sharedfunctions
Menu() {
yad --borders=10 --window-icon="/opt/csitools/Images/CSI-Menu.png" --title="Malware Analysis / Reverse Engineering" \
--form --center \
--image /opt/csitools/Images/Icons/Tex_skill_79.PNG --width=300 \
--field="Android (APK) Tool":fbtn "bash -c /opt/csitools/helper/apktoolrun" \
--field="Binwalk":fbtn "bash -c /opt/csitools/helper/binwalkrun" \
--field="wxHexEditor":fbtn "bash -c /opt/csitools/helper/wxHexEditorrun" \
--field="UPX - Ultimate Packer for eXecutables":fbtn "bash -c /opt/csitools/helper/upxrun" \
--field="IDA Free 7.7":fbtn "bash -c /opt/idafree/ida64" \
--field="Ghidra":fbtn "bash -c /opt/csitools/helper/ghidrarun" \
--field="Viper Framework":fbtn "bash -c /opt/csitools/helper/viperrun" \
--field="MISP":fbtn "bash -c /opt/csitools/helper/misprun" \
--field="Report Template":fbtn "bash -c _report" \
--button="Exit:1"
}
_report() {
#Run Tool
source /opt/csitools/startcsiconfig
source ~/Cases/$cases/caseinfo.txt
rm -rf ~/Cases/$cases/Report/*
mkdir ~/Cases/$cases/Report
cd ~/Cases/$cases/Report
template="/home/csi/Documents/Templates/Forensic-investigation-report-template.odt"
unzip $template
sed -i "s/<Case Type>/$casetype/g" meta.xml
sed -i "s/<Case>/$cases/g" meta.xml
sed -i "s/<Client>/$client/g" meta.xml
sed -i "s/<Client Address>/$clientaddy/g" meta.xml
sed -i "s/<Client City>/$clientcity/g" meta.xml
sed -i "s/<Client State>/$clientstate/g" meta.xml
sed -i "s/<Client Zip>/$clientzip/g" meta.xml
sed -i "s/<Client Phone>/$clientphone/g" meta.xml
sed -i "s/<Suspect>/$suspect/g" meta.xml
sed -i "s/<Investigator>/$investigator/g" meta.xml
sed -i "s/<Agency Name>/$AgencyName/g" meta.xml
sed -i "s/<Agency Address>/$AgencyAddress1/g" meta.xml
sed -i "s/<Agency City>/$AgencyCity/g" meta.xml
sed -i "s/<Agency State>/$AgencyState/g" meta.xml
sed -i "s/<Agency Country>/$AgencyCountry/g" meta.xml
sed -i "s/<Agency Zip>/$AgencyZip/g" meta.xml
sed -i "s/<Agency Phone>/$AgencyPhone/g" meta.xml
sed -i "s/<Agency Email>/$AgencyEmail/g" meta.xml
sed -i "s/<Agency Website>/$AgencyWebsite/g" meta.xml
sed -i "s/<Agency Tagline>/$AgencyTagline/g" meta.xml
sed -i "s/<Agency Classification>/$AgencyClassification/g" meta.xml
cp $AgencyLogo Pictures/1000020100000173000001A8327B8009BAB2AE4D.png
zip -r "Report for $cases.odt" *
libreoffice "Report for $cases.odt" &
}
if [ -z "$1" ]
then
echo "Fresh Run"
trap finish EXIT
else
echo "$1 passed"
fi
export -f _stopwatch StartCase _directip StartCase _CoC _consenttosearch _fimage _aut _report _voko _vid2image _2john
StartCase "$1"
echo "Case=$cases"
Menu "$1"