• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

FaceRadar an Ingest Module for Autopsy, which uses the Netbeans Platform

 
Greenhorn
Posts: 21
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
FaceRadar Ingest hangs and doesn't produce output in Autopsy 4.21.0 Java 18.0.1.1

java -version
java version "18.0.1.1" 2022-04-22
Java(TM) SE Runtime Environment (build 18.0.1.1+2-6)
Java HotSpot(TM) 64-Bit Server VM (build 18.0.1.1+2-6, mixed mode, sharing)

Build Log:
ant -f C:\Users\cam30\OneDrive\Documents\NetBeansProjects\FaceRadar-master -Dcontinue.after.failing.tests=true nbm
taskdefs:
common-init:
projectized-common.basic-init:
basic-init:
files-init:
nbm-license-init:
build-init:
Scanning for modules in C:\Program Files\Autopsy-4.21.0\autopsy
Scanning for modules in C:\Program Files\Autopsy-4.21.0\harness
Scanning for modules in C:\Program Files\Autopsy-4.21.0\java
Scanning for modules in C:\Program Files\Autopsy-4.21.0\platform
warning: had to upgrade dependencies for module com.sazquatch.faceradar: added = [module org.openide.util.ui > 9.3] removed = []; details: [#243100: Separate desktop-independent utilities]
init:
up-to-date:
compile:
jar-prep:
jar:
netbeans-extra:
javahelp:
module-auto-deps:
Copying 1 file to C:\Users\cam30\OneDrive\Documents\NetBeansProjects\FaceRadar-master\build\cluster
release:
module-xml-regular:
module-xml-autoload:
module-xml-eager:
chmod-executables:
verify-class-linkage:
0 file(s) have been successfully validated.
netbeans:
Generating Auto Update information for com.sazquatch.faceradar
Building jar: C:\Users\cam30\OneDrive\Documents\NetBeansProjects\FaceRadar-master\build\com-sazquatch-faceradar.nbm
Not signing NBM file C:\Users\cam30\OneDrive\Documents\NetBeansProjects\FaceRadar-master\build\com-sazquatch-faceradar.nbm; no stored-key password provided or keystore (C:\Users\cam30\OneDrive\Documents\NetBeansProjects\FaceRadar-master${keystore}) doesn't exist
nbm:

Autopsy 4.21.0 Log:
2024-02-01 22:41:31.878 org.sleuthkit.autopsy.centralrepository.datamodel.RdbmsCentralRepo upgradeSchema
INFO: Central Repository is up to date
2024-02-01 22:41:46.158 org.sleuthkit.autopsy.keywordsearch.Server isLocalSolrRunning
INFO: Solr server is running
2024-02-01 22:41:46.463 org.sleuthkit.autopsy.keywordsearch.Server startLocalSolr
INFO: New Solr process PID: [16504]
2024-02-01 22:41:46.464 org.sleuthkit.autopsy.keywordsearch.Server startLocalSolr
INFO: Starting local Solr SOLR8 server
2024-02-01 22:41:46.47 org.sleuthkit.autopsy.keywordsearch.Server isLocalSolrRunning
INFO: Solr server is running
2024-02-01 22:41:46.471 org.sleuthkit.autopsy.keywordsearch.Server startLocalSolr
INFO: Local Solr SOLR8 server is already running
2024-02-01 22:41:46.48 org.sleuthkit.autopsy.keywordsearch.Server isLocalSolrRunning
INFO: Solr server is running
2024-02-01 22:41:52.922 org.sleuthkit.autopsy.keywordsearch.Server$Collection
INFO: Using Solr document queue size = 30
2024-02-01 22:41:53.57 org.sleuthkit.autopsy.imagegallery.datamodel.DrawableDB setPragmas
INFO: sqlite-jdbc version 3.42.0.0 loaded in native mode
2024-02-01 22:41:53.672 org.sleuthkit.autopsy.casemodule.Case openAsCurrentCase
INFO: Opened nsfwtest (nsfwtest_20240128_215640) in C:\testcases\nsfwtest as the current case
2024-02-01 22:41:53.672 org.sleuthkit.autopsy.progress.LoggingProgressIndicator progress
INFO: Retrieving images for case: autopsy.db...
2024-02-01 22:41:54.302 org.sleuthkit.autopsy.corecomponents.DataContentViewerHex
INFO: Created HexView instance: org.sleuthkit.autopsy.corecomponents.DataContentViewerHex[,0,0,0x0,invalid,layout=javax.swing.GroupLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=9,maximumSize=,minimumSize=,preferredSize=java.awt.Dimension[width=100,height=58]]
2024-02-01 22:41:54.847 org.sleuthkit.autopsy.contentviewers.MediaFileViewer
INFO: Created MediaView instance: org.sleuthkit.autopsy.contentviewers.MediaFileViewer[,0,0,0x0,invalid,layout=java.awt.CardLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=9,maximumSize=,minimumSize=,preferredSize=]
2024-02-01 22:41:59.062 org.sleuthkit.autopsy.contentviewers.FileViewer
INFO: Created ApplicationContentViewer instance: org.sleuthkit.autopsy.contentviewers.FileViewer[,0,0,0x0,invalid,layout=javax.swing.OverlayLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=9,maximumSize=,minimumSize=,preferredSize=]
2024-02-01 22:41:59.898 org.sleuthkit.autopsy.corecomponents.DataContentTopComponent
INFO: Created DataContentTopComponent instance: org.sleuthkit.autopsy.corecomponents.DataContentTopComponent[Data Content,0,0,0x0,invalid,layout=javax.swing.BoxLayout,alignmentX=0.0,alignmentY=0.0,border=,flags=256,maximumSize=,minimumSize=,preferredSize=]
2024-02-01 22:42:14.281 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Cyber Triage Malware Scanner, version = 1.0.0
2024-02-01 22:42:14.281 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Central Repository, version = 4.21.0
2024-02-01 22:42:14.358 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Data Source Integrity, version = 4.21.0
2024-02-01 22:42:14.432 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = DJI Drone Analyzer, version = 4.21.0
2024-02-01 22:42:14.507 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Embedded File Extractor, version = 4.21.0
2024-02-01 22:42:14.508 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Encryption Detection, version = 4.21.0
2024-02-01 22:42:14.585 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Extension Mismatch Detector, version = 4.21.0
2024-02-01 22:42:14.656 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = File Type Identification, version = 4.21.0
2024-02-01 22:42:14.724 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Hash Lookup, version = 4.21.0
2024-02-01 22:42:14.724 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Interesting Files Identifier, version = 4.21.0
2024-02-01 22:42:14.801 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Android Analyzer (aLEAPP), version = 4.21.0
2024-02-01 22:42:14.801 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = iOS Analyzer (iLEAPP), version = 4.21.0
2024-02-01 22:42:14.876 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = PhotoRec Carver, version = 7.0
2024-02-01 22:42:14.961 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Picture Analyzer, version = 4.21.0
2024-02-01 22:42:15.052 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Plaso, version = 4.21.0
2024-02-01 22:42:15.124 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Virtual Machine Extractor, version = 4.21.0
2024-02-01 22:42:15.2 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = YARA Analyzer, version = 4.21.0
2024-02-01 22:42:15.201 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Keyword Search, version = 4.21.0
2024-02-01 22:42:15.206 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Email Parser, version = 4.21.0
2024-02-01 22:42:15.208 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = Recent Activity, version = 4.21.0
2024-02-01 22:42:15.209 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader addFactory
INFO: Found ingest module factory: name = FaceRadar, version = 4.21.0
2024-02-01 22:42:15.279 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader getIngestModuleFactories
INFO: Found ingest module factory: name = GPX Parser, version = 1.2
2024-02-01 22:42:15.28 org.sleuthkit.autopsy.ingest.IngestModuleFactoryLoader getIngestModuleFactories
INFO: Found ingest module factory: name = Android Analyzer, version = 4.21.0
2024-02-01 22:42:25.295 com.basistech.df.cybertriage.autopsy.ctapi.CTCloudHttpClient createSSLContext
INFO: Creating custom SSL context
2024-02-01 22:42:25.297 com.basistech.df.cybertriage.autopsy.ctapi.CTCloudHttpClient getKeyManagers
INFO: Using default algorithm to create trust store: SunX509
2024-02-01 22:42:25.297 com.basistech.df.cybertriage.autopsy.ctapi.CTCloudHttpClient getTrustManagers
INFO: Using default algorithm to create trust store: PKIX
2024-02-01 22:42:25.746 com.basistech.df.cybertriage.autopsy.incidentoptions.CTSettings getAppDataLocalDirectory
INFO: Application Data Path: C:\Users\cam30\AppData\Local\cybertriage
2024-02-01 22:42:40.704 org.sleuthkit.autopsy.ingest.IngestMonitor$MonitorTimerAction logMonitoredRootDirectory
INFO: Monitoring disk space of C:
2024-02-01 22:42:40.705 org.sleuthkit.autopsy.ingest.IngestManager startIngestJob
INFO: Starting ingest job 0 at 1706827360705
2024-02-01 22:42:40.716 org.sleuthkit.autopsy.ingest.IngestPipelinesConfiguration getInstance
INFO: Creating ingest module loader instance
 
Thomas Clarke
Greenhorn
Posts: 21
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
https://github.com/blaizekellystrothers/FaceRadar
http://sleuthkit.org/
 
Thomas Clarke
Greenhorn
Posts: 21
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I think I've pinned it down to having problems with blackboard artefact myself when developing my own modules based on FaceRadar and SmutDetect.
https://github.com/blaizekellystrothers/FaceRadar

How would I update this? (As used by FaceRadar), as any examples don't work as they use depreciated code for the backboard artefact!

The JNI bindings are here: https://sleuthkit.org/sleuthkit/docs/jni-docs/4.12.1//mod_bbpage.html

I really don't get javadoc

 
Saloon Keeper
Posts: 15731
368
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm sorry, I wish I could help you, but I have no idea what you're working on, what exactly it is you are having problems with, or what the libraries you are using are for.
 
Thomas Clarke
Greenhorn
Posts: 21
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
At the moment I'm just trying to get FaceRadar https://github.com/blaizekellystrothers/FaceRadar Which is a Autopsy Sleuthkit Java Netbeans Platform module to produce output in Autopsy Sleuthkit http://www.sleuthkit.org

I can compile it but it appears to use depreciated code when adding artefacts to the blackboard : https://github.com/blaizekellystrothers/FaceRadar/blob/master/src/com/sazquatch/faceradar/autopsy/FaceRadarFileIngestModule.java line 108-120  which is described here: https://sleuthkit.org/sleuthkit/docs/jni-docs/4.12.1//mod_bbpage.html#jni_bb_artifact2v

It shows as depreciated in Netbeans, compiles with warnings, but doesn't produce the expected output!

I'm hoping that updating this code will enable me to produce the expected output, but I can't be certain.

(I'm asking here, as no one else is getting back to me on the officaial forum, mailing list and contact emails and I used to use this forum at school 20 yrs ago).
 
That's a very big dog. I think I want to go home now and hug this tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic