Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F4324598
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Size
33 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/trunk/dlgreportviewer.cpp b/trunk/dlgreportviewer.cpp
index 6c47c63..9eaf6f4 100644
--- a/trunk/dlgreportviewer.cpp
+++ b/trunk/dlgreportviewer.cpp
@@ -1,57 +1,88 @@
/*******************************************************************************
* fred Copyright (c) 2011 by Gillen Daniel <gillen.dan@pinguin.lu> *
* *
* Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor *
* with special feautures useful during forensic analysis. *
* *
* This program is free software: you can redistribute it and/or modify it *
* under the terms of the GNU General Public License as published by the Free *
* Software Foundation, either version 3 of the License, or (at your option) *
* any later version. *
* *
* This program is distributed in the hope that it will be useful, but WITHOUT *
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or *
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for *
* more details. *
* *
* You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
*******************************************************************************/
#include "dlgreportviewer.h"
#include "ui_dlgreportviewer.h"
-#include <QUrl>
+#include <QPrinter>
+#include <QPrintDialog>
DlgReportViewer::DlgReportViewer(QString &report_data, QWidget *p_parent)
- : QDialog(p_parent), ui(new Ui::DlgReportViewer)
+ : QMainWindow(p_parent,Qt::Dialog), ui(new Ui::DlgReportViewer)
{
+ // Init local vars
ui->setupUi(this);
+ this->p_local_event_loop=NULL;
// Set report content
this->ui->WebView->setHtml(report_data);
// Set dialog title based on report content title
QString report_title=this->ui->WebView->title();
if(report_title.isEmpty()) this->setWindowTitle("Report Viewer");
else this->setWindowTitle(report_title.prepend("Report Viewer : "));
}
DlgReportViewer::~DlgReportViewer() {
delete ui;
+ if(this->p_local_event_loop!=NULL) this->p_local_event_loop->exit();
}
void DlgReportViewer::changeEvent(QEvent *e) {
- QDialog::changeEvent(e);
+ QMainWindow::changeEvent(e);
switch(e->type()) {
case QEvent::LanguageChange:
ui->retranslateUi(this);
break;
default:
break;
}
}
-void DlgReportViewer::on_BtnClose_clicked() {
- this->accept();
+void DlgReportViewer::closeEvent(QCloseEvent *event) {
+ // Make sure we exit the local event loop on exit
+ if(this->p_local_event_loop!=NULL) {
+ this->p_local_event_loop->exit();
+ this->p_local_event_loop=NULL;
+ }
+ event->accept();
+}
+
+void DlgReportViewer::exec() {
+ // Create local event loop
+ this->p_local_event_loop=new QEventLoop(this);
+ // Show window and enter loop
+ this->show();
+ this->p_local_event_loop->exec();
+}
+
+void DlgReportViewer::on_action_Print_triggered() {
+ // Print report
+ QPrinter printer;
+ QPrintDialog *p_dlg_print=new QPrintDialog(&printer);
+ if(p_dlg_print->exec()==QDialog::Accepted) {
+ this->ui->WebView->print(&printer);
+ }
+ delete p_dlg_print;
+}
+
+void DlgReportViewer::on_action_Close_triggered() {
+ this->close();
}
diff --git a/trunk/dlgreportviewer.h b/trunk/dlgreportviewer.h
index 4a8c7e9..bb295f1 100644
--- a/trunk/dlgreportviewer.h
+++ b/trunk/dlgreportviewer.h
@@ -1,48 +1,56 @@
/*******************************************************************************
* fred Copyright (c) 2011 by Gillen Daniel <gillen.dan@pinguin.lu> *
* *
* Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor *
* with special feautures useful during forensic analysis. *
* *
* This program is free software: you can redistribute it and/or modify it *
* under the terms of the GNU General Public License as published by the Free *
* Software Foundation, either version 3 of the License, or (at your option) *
* any later version. *
* *
* This program is distributed in the hope that it will be useful, but WITHOUT *
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or *
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for *
* more details. *
* *
* You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
*******************************************************************************/
#ifndef DLGREPORTVIEWER_H
#define DLGREPORTVIEWER_H
-#include <QDialog>
+#include <QMainWindow>
+#include <QEventLoop>
+#include <QCloseEvent>
namespace Ui {
class DlgReportViewer;
}
-class DlgReportViewer : public QDialog {
+class DlgReportViewer : public QMainWindow {
Q_OBJECT
public:
explicit DlgReportViewer(QString &report_data,
QWidget *p_parent=0);
~DlgReportViewer();
+ void exec();
+
protected:
void changeEvent(QEvent *e);
+ void closeEvent(QCloseEvent *event);
private slots:
- void on_BtnClose_clicked();
+ void on_action_Print_triggered();
+ void on_action_Close_triggered();
private:
Ui::DlgReportViewer *ui;
+ QEventLoop *p_local_event_loop;
+
};
#endif // DLGREPORTVIEWER_H
diff --git a/trunk/dlgreportviewer.ui b/trunk/dlgreportviewer.ui
index 344233e..831704e 100644
--- a/trunk/dlgreportviewer.ui
+++ b/trunk/dlgreportviewer.ui
@@ -1,44 +1,82 @@
<?xml version="1.0" encoding="UTF-8"?>
<ui version="4.0">
<class>DlgReportViewer</class>
- <widget class="QDialog" name="DlgReportViewer">
+ <widget class="QMainWindow" name="DlgReportViewer">
+ <property name="windowModality">
+ <enum>Qt::WindowModal</enum>
+ </property>
<property name="geometry">
<rect>
<x>0</x>
<y>0</y>
- <width>627</width>
- <height>466</height>
+ <width>605</width>
+ <height>497</height>
</rect>
</property>
<property name="windowTitle">
- <string>Dialog</string>
+ <string/>
+ </property>
+ <property name="windowIcon">
+ <iconset resource="fred.qrc">
+ <normaloff>:/icons/resources/fred.png</normaloff>:/icons/resources/fred.png</iconset>
</property>
- <layout class="QVBoxLayout" name="verticalLayout">
- <item>
- <widget class="QWebView" name="WebView">
- <property name="url">
- <url>
- <string>about:blank</string>
- </url>
- </property>
- </widget>
- </item>
- <item>
- <widget class="QPushButton" name="BtnClose">
- <property name="text">
- <string>&Close</string>
- </property>
- </widget>
- </item>
- </layout>
+ <widget class="QWidget" name="centralwidget">
+ <layout class="QVBoxLayout" name="verticalLayout">
+ <item>
+ <widget class="QWebView" name="WebView">
+ <property name="url">
+ <url>
+ <string>about:blank</string>
+ </url>
+ </property>
+ </widget>
+ </item>
+ </layout>
+ </widget>
+ <widget class="QMenuBar" name="menubar">
+ <property name="geometry">
+ <rect>
+ <x>0</x>
+ <y>0</y>
+ <width>605</width>
+ <height>25</height>
+ </rect>
+ </property>
+ <widget class="QMenu" name="menu_File">
+ <property name="title">
+ <string>&File</string>
+ </property>
+ <addaction name="action_Print"/>
+ <addaction name="separator"/>
+ <addaction name="action_Close"/>
+ </widget>
+ <addaction name="menu_File"/>
+ </widget>
+ <action name="action_Save">
+ <property name="text">
+ <string>&Save</string>
+ </property>
+ </action>
+ <action name="action_Print">
+ <property name="text">
+ <string>&Print</string>
+ </property>
+ </action>
+ <action name="action_Close">
+ <property name="text">
+ <string>&Close</string>
+ </property>
+ </action>
</widget>
<customwidgets>
<customwidget>
<class>QWebView</class>
<extends>QWidget</extends>
<header>QtWebKit/QWebView</header>
</customwidget>
</customwidgets>
- <resources/>
+ <resources>
+ <include location="fred.qrc"/>
+ </resources>
<connections/>
</ui>
diff --git a/trunk/mainwindow.cpp b/trunk/mainwindow.cpp
index 9a276d9..c8dfd21 100644
--- a/trunk/mainwindow.cpp
+++ b/trunk/mainwindow.cpp
@@ -1,494 +1,522 @@
/*******************************************************************************
* fred Copyright (c) 2011 by Gillen Daniel <gillen.dan@pinguin.lu> *
* *
* Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor *
* with special feautures useful during forensic analysis. *
* *
* This program is free software: you can redistribute it and/or modify it *
* under the terms of the GNU General Public License as published by the Free *
* Software Foundation, either version 3 of the License, or (at your option) *
* any later version. *
* *
* This program is distributed in the hope that it will be useful, but WITHOUT *
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or *
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for *
* more details. *
* *
* You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
*******************************************************************************/
#ifndef FRED_REPORT_TEMPLATE_DIR
#define FRED_REPORT_TEMPLATE_DIR "/usr/share/fred/report_templates/"
#endif
#include <QFileDialog>
#include <QMessageBox>
#include <QStringList>
#include <QDesktopWidget>
#include <QDir>
#include <QSplitter>
#include "mainwindow.h"
#include "ui_mainwindow.h"
#include "dlgabout.h"
#include "dlgkeydetails.h"
#include "dlgreportviewer.h"
#include "compileinfo.h"
MainWindow::MainWindow(QWidget *parent) :
QMainWindow(parent), ui(new Ui::MainWindow)
{
ui->setupUi(this);
// Initialize private vars
this->p_hive=new RegistryHive(this);
this->is_hive_open=false;
this->p_reg_node_tree_model=NULL;
this->p_reg_key_table_model=NULL;
// Check for ~/.fred config dir
this->CheckUserConfigDir();
// Set main window size
int cur_screen=QApplication::desktop()->screenNumber(this);
int window_width=
QApplication::desktop()->availableGeometry(cur_screen).width()*0.5;
int window_height=
QApplication::desktop()->availableGeometry(cur_screen).height()*0.5;
int window_x=
(QApplication::desktop()->availableGeometry(cur_screen).width()/2)-
(window_width/2);
int window_y=
(QApplication::desktop()->availableGeometry(cur_screen).height()/2)-
(window_height/2);
this->setGeometry(window_x,
window_y,
window_width,
window_height);
// Create widgets
this->p_horizontal_splitter=new QSplitter();
this->p_horizontal_splitter->setOrientation(Qt::Horizontal);
this->p_node_tree=new QTreeView(this->p_horizontal_splitter);
this->p_node_tree->setHeaderHidden(true);
this->p_vertical_splitter=new QSplitter(this->p_horizontal_splitter);
this->p_vertical_splitter->setOrientation(Qt::Vertical);
this->p_key_table=new QTableView(this->p_vertical_splitter);
this->p_key_table->setSelectionBehavior(QAbstractItemView::SelectRows);
this->p_horizontal_splitter2=new QSplitter(this->p_vertical_splitter);
this->p_horizontal_splitter2->setOrientation(Qt::Horizontal);
this->p_hex_edit_widget=new QWidget(this->p_horizontal_splitter2);
this->p_hex_edit_layout=new QVBoxLayout(this->p_hex_edit_widget);
this->p_hex_edit_layout->setContentsMargins(0,0,0,0);
this->p_hex_edit=new QHexEdit();
this->p_hex_edit->setReadOnly(true);
this->p_hex_edit_status_bar=new QLabel();
this->p_data_interpreter=new DataInterpreter(this->p_horizontal_splitter2);
// Make sure hex viewer font is monospaced.
QFont mono_font("Monospace");
mono_font.setStyleHint(QFont::TypeWriter);
this->p_hex_edit->setFont(mono_font);
// Lay out widgets
this->p_hex_edit_layout->addWidget(this->p_hex_edit);
this->p_hex_edit_layout->addWidget(this->p_hex_edit_status_bar);
this->p_horizontal_splitter2->addWidget(this->p_hex_edit_widget);
this->p_horizontal_splitter2->addWidget(this->p_data_interpreter);
this->p_vertical_splitter->addWidget(this->p_key_table);
this->p_vertical_splitter->addWidget(this->p_horizontal_splitter2);
this->p_horizontal_splitter->addWidget(this->p_node_tree);
this->p_horizontal_splitter->addWidget(this->p_vertical_splitter);
// Set stretch factors
QSizePolicy node_tree_policy=this->p_node_tree->sizePolicy();
node_tree_policy.setHorizontalStretch(1);
node_tree_policy.setVerticalStretch(100);
this->p_node_tree->setSizePolicy(node_tree_policy);
QSizePolicy vertical_splitter_policy=this->p_vertical_splitter->sizePolicy();
vertical_splitter_policy.setHorizontalStretch(4);
vertical_splitter_policy.setVerticalStretch(100);
this->p_vertical_splitter->setSizePolicy(vertical_splitter_policy);
QSizePolicy key_table_policy=this->p_key_table->sizePolicy();
key_table_policy.setVerticalStretch(5);
key_table_policy.setHorizontalStretch(100);
this->p_key_table->setSizePolicy(key_table_policy);
QSizePolicy hex_edit_widget_policy=this->p_hex_edit_widget->sizePolicy();
hex_edit_widget_policy.setVerticalStretch(2);
hex_edit_widget_policy.setHorizontalStretch(200);
this->p_hex_edit_widget->setSizePolicy(hex_edit_widget_policy);
QSizePolicy data_interpreter_policy=this->p_data_interpreter->sizePolicy();
data_interpreter_policy.setVerticalStretch(2);
data_interpreter_policy.setHorizontalStretch(0);
this->p_data_interpreter->setSizePolicy(data_interpreter_policy);
// Connect signals
this->connect(this->p_node_tree,
SIGNAL(clicked(QModelIndex)),
this,
SLOT(SlotNodeTreeClicked(QModelIndex)));
this->connect(this->p_node_tree,
SIGNAL(activated(QModelIndex)),
this,
SLOT(SlotNodeTreeClicked(QModelIndex)));
- this->connect(this->p_key_table /*->selectionModel()*/,
- /* SIGNAL(selectionChanged(QItemSelection,QItemSelection)) */
+ this->connect(this->p_key_table,
SIGNAL(clicked(QModelIndex)),
this,
SLOT(SlotKeyTableClicked(QModelIndex)));
this->connect(this->p_key_table,
SIGNAL(doubleClicked(QModelIndex)),
this,
SLOT(SlotKeyTableDoubleClicked(QModelIndex)));
this->connect(this->p_hex_edit,
SIGNAL(currentAddressChanged(int)),
this,
SLOT(SlotHexEditAddressChanged(int)));
// Add central widget
this->setContentsMargins(4,4,4,0);
this->setCentralWidget(this->p_horizontal_splitter);
// Set window title
this->UpdateWindowTitle();
// Set last open location to home dir
this->last_open_location=QDir::homePath();
// Load report templates and update menu
this->p_data_reporter=new DataReporter();
// Load reports from system wide include dir
this->p_data_reporter->LoadReportTemplates(FRED_REPORT_TEMPLATE_DIR);
// Load user's report templates
this->p_data_reporter->LoadReportTemplates(QDir::homePath()
.append(QDir::separator())
.append(".fred")
.append(QDir::separator())
.append("report_templates"));
this->UpdateDataReporterMenu();
+
+ // Finally, parse command line arguments
+ this->ParseCommandLineArgs();
}
MainWindow::~MainWindow() {
if(this->is_hive_open) {
this->p_hive->Close();
}
delete ui;
}
void MainWindow::on_action_Quit_triggered() {
qApp->exit();
}
void MainWindow::on_action_Open_hive_triggered() {
QString hive_file="";
hive_file=QFileDialog::getOpenFileName(this,
tr("Open registry hive"),
this->last_open_location,
tr("All files (*)"));
if(hive_file=="") return;
- // Update last open location
- this->last_open_location=hive_file.left(hive_file.
- lastIndexOf(QDir::separator()));
-
- // If another hive is currently open, close it
- if(this->is_hive_open) this->on_action_Close_hive_triggered();
-
- // Try to open hive
- if(!this->p_hive->Open(hive_file)) {
- QMessageBox::critical(this,
- tr("Error opening hive file"),
- tr("Unable to open file '%1'").arg(hive_file));
- return;
- }
-
- // Create tree model
- this->p_reg_node_tree_model=
- new RegistryNodeTreeModel(this->p_hive);
- this->p_node_tree->setModel(this->p_reg_node_tree_model);
-
- this->is_hive_open=true;
- this->ui->action_Close_hive->setEnabled(true);
- this->ui->MenuReports->setEnabled(true);
- this->UpdateWindowTitle(hive_file);
+ this->OpenHive(hive_file);
}
void MainWindow::on_action_Close_hive_triggered() {
if(this->is_hive_open) {
// Delete models
if(this->p_reg_node_tree_model!=NULL) {
delete this->p_reg_node_tree_model;
this->p_reg_node_tree_model=NULL;
}
if(this->p_reg_key_table_model!=NULL) {
delete this->p_reg_key_table_model;
this->p_reg_key_table_model=NULL;
}
// Remove any data from hex edit and data interpreter
this->p_hex_edit->setData(QByteArray());
this->p_hex_edit_status_bar->setText("");
this->p_data_interpreter->ClearValues();
// Close hive
this->p_hive->Close();
this->is_hive_open=false;
this->ui->action_Close_hive->setEnabled(false);
this->ui->MenuReports->setEnabled(false);
this->UpdateWindowTitle();
}
}
void MainWindow::on_actionAbout_Qt_triggered() {
QMessageBox::aboutQt(this,tr("About Qt"));
}
void MainWindow::on_actionAbout_fred_triggered() {
DlgAbout dlg_about(this);
dlg_about.exec();
}
void MainWindow::SlotNodeTreeClicked(QModelIndex index) {
QString node_path;
+ if(!index.isValid()) return;
+
//Built node path
node_path.clear();
node_path=this->p_reg_node_tree_model->data(index,Qt::DisplayRole)
.toString().prepend("\\");
while(this->p_reg_node_tree_model->parent(index)!=QModelIndex()) {
// Prepend all parent nodes
index=this->p_reg_node_tree_model->parent(index);
node_path.prepend(this->p_reg_node_tree_model->data(index,Qt::DisplayRole)
.toString().prepend("\\"));
}
// Create table model and attach it to the table view
- if(this->p_reg_key_table_model!=NULL) delete this->p_reg_key_table_model;
+ if(this->p_reg_key_table_model!=NULL) {
+ delete this->p_reg_key_table_model;
+ this->p_hex_edit->setData(QByteArray());
+ this->p_hex_edit_status_bar->setText("");
+ this->p_data_interpreter->ClearValues();
+ }
this->p_reg_key_table_model=new RegistryKeyTableModel(this->p_hive,node_path);
this->p_key_table->setModel(this->p_reg_key_table_model);
// Resize table rows / columns to fit data
this->p_key_table->resizeColumnsToContents();
this->p_key_table->horizontalHeader()->stretchLastSection();
}
void MainWindow::SlotKeyTableDoubleClicked(QModelIndex index) {
/*
QModelIndex key_index;
QModelIndex node_index;
QStringList nodes;
QString key_name;
QString key_type;
QByteArray key_value;
if(!index.isValid()) return;
// Get key name, type and value
key_index=this->p_reg_key_table_model->index(index.row(),0);
key_name=this->p_reg_key_table_model->data(key_index,Qt::DisplayRole)
.toString();
key_index=this->p_reg_key_table_model->index(index.row(),1);
key_type=this->p_reg_key_table_model->data(key_index,Qt::DisplayRole)
.toString();
key_index=this->p_reg_key_table_model->index(index.row(),2);
key_value=this->p_reg_key_table_model->data(key_index,
RegistryKeyTableModel::
AdditionalRoles_GetRawData)
.toByteArray();
// Get current node
node_index=this->p_node_tree->currentIndex();
//Built node path
nodes.clear();
nodes.append(this->p_reg_node_tree_model->
data(node_index,Qt::DisplayRole).toString());
while(this->p_reg_node_tree_model->parent(node_index)!=QModelIndex()) {
// Prepend all parent nodes
node_index=this->p_reg_node_tree_model->parent(node_index);
nodes.prepend(this->p_reg_node_tree_model->
data(node_index,Qt::DisplayRole).toString());
}
DlgKeyDetails dlg_key_details(this);
dlg_key_details.SetValues(nodes,key_name,key_type,key_value);
dlg_key_details.exec();
*/
}
void MainWindow::SlotKeyTableClicked(QModelIndex index) {
if(!index.isValid()) return;
this->selected_key_value=
this->p_reg_key_table_model->data(this->p_reg_key_table_model->
index(index.row(),2),
RegistryKeyTableModel::
AdditionalRoles_GetRawData)
.toByteArray();
this->p_hex_edit->setData(this->selected_key_value);
}
void MainWindow::SlotHexEditAddressChanged(int hex_offset) {
// Update hex edit status bar
this->p_hex_edit_status_bar->
setText(QString().sprintf("Byte offset: 0x%04X (%u)",hex_offset,hex_offset));
// Update data interpreter
this->UpdateDataInterpreter(hex_offset);
}
void MainWindow::SlotReportClicked() {
// Get report category and name from sender and it's parent
QString category=((QMenu*)((QAction*)QObject::sender())->parent())->title();
QString report=((QAction*)QObject::sender())->text();
+ // Generate report
QString report_content=this->p_data_reporter->GenerateReport(this->p_hive,
category,
report);
+ // Show result in report viewer
if(report_content!=QString()) {
- DlgReportViewer dlg_report_view(report_content,this);
- dlg_report_view.exec();
+ DlgReportViewer *p_dlg_report_view=new DlgReportViewer(report_content,this);
+ p_dlg_report_view->exec();
+ delete p_dlg_report_view;
} else {
// TODO: Something went wrong!
}
}
void MainWindow::CheckUserConfigDir() {
QString user_config_dir=QDir::homePath()
.append(QDir::separator())
.append(".fred");
if(!QDir(user_config_dir).exists()) {
// User config dir does not exists, try to create it
if(!QDir().mkpath(user_config_dir)) {
// TODO: Maybe warn user
return;
}
user_config_dir.append(QDir::separator()).append("report_templates");
if(!QDir().mkpath(user_config_dir)) {
// TODO: Maybe warn user
return;
}
}
}
void MainWindow::UpdateWindowTitle(QString filename) {
if(filename=="") {
this->setWindowTitle(QString().sprintf("%s v%s",APP_TITLE,APP_VERSION));
} else {
this->setWindowTitle(QString().sprintf("%s v%s - %s",
APP_TITLE,
APP_VERSION,
filename.toLocal8Bit().constData()));
}
}
void MainWindow::UpdateDataInterpreter(int hex_offset) {
QDateTime date_time;
const char *p_data;
int remaining_data_len;
// Remove all old values from data interpreter
this->p_data_interpreter->ClearValues();
// Calculate how many bytes are remainig after current offset
remaining_data_len=this->selected_key_value.size()-hex_offset;
if(!remaining_data_len>0) {
// Nothing to show
return;
}
// Get pointer to data at current offset
p_data=this->selected_key_value.constData();
p_data+=hex_offset;
- #define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
+ //#define rotl32(x,n) (((x) << n) | ((x) >> (32 - n)))
//#define rotr32(x,n) (((x) >> n) | ((x) << (32 - n)))
- #define rotl64(x,n) (((x) << n) | ((x) >> (64 - n)))
+ //#define rotl64(x,n) (((x) << n) | ((x) >> (64 - n)))
//#define rotr64(x,n) (((x) >> n) | ((x) << (64 - n)))
if(remaining_data_len>=1) {
this->p_data_interpreter->AddValue("int8:",
QString().sprintf("%d",
*(int8_t*)p_data));
this->p_data_interpreter->AddValue("uint8:",
QString().sprintf("%u",
*(uint8_t*)p_data));
}
if(remaining_data_len>=2) {
this->p_data_interpreter->AddValue("int16:",
QString().sprintf("%d",
*(int16_t*)p_data));
this->p_data_interpreter->AddValue("uint16:",
QString().sprintf("%u",
*(uint16_t*)p_data));
}
if(remaining_data_len>=4) {
this->p_data_interpreter->AddValue("int32:",
QString().sprintf("%d",
*(int32_t*)p_data));
this->p_data_interpreter->AddValue("uint32:",
QString().sprintf("%d",
*(uint32_t*)p_data));
date_time.setTime_t(*(uint32_t*)p_data);
this->p_data_interpreter->AddValue("Unixtime:",
date_time.
toString("yyyy/MM/dd hh:mm:ss"));
}
if(remaining_data_len>=8) {
this->p_data_interpreter->AddValue("int64:",
QString().sprintf("%d",
*(int64_t*)p_data));
this->p_data_interpreter->AddValue("uint64:",
QString().sprintf("%d",
*(uint64_t*)p_data));
date_time.setTime_t((*(uint64_t*)p_data-116444736000000000)/10000000);
this->p_data_interpreter->AddValue("Win64time:",
date_time.
toString("yyyy/MM/dd hh:mm:ss"));
}
- #undef rotl32
- #undef rotl64
+ //#undef rotl32
+ //#undef rotl64
}
void MainWindow::UpdateDataReporterMenu() {
int i=0,ii=0;
QMenu *p_category_entry;
QAction *p_report_entry;
QStringList categories=this->p_data_reporter->GetAvailableReportCategories();
QStringList reports;
for(i=0;i<categories.count();i++) {
// First create category submenu
p_category_entry=this->ui->MenuReports->addMenu(categories.value(i));
// Now add category reports
reports=this->p_data_reporter->GetAvailableReports(categories.value(i));
for(ii=0;ii<reports.count();ii++) {
p_report_entry=new QAction(reports.value(ii),p_category_entry);
p_category_entry->addAction(p_report_entry);
this->connect(p_report_entry,
SIGNAL(triggered()),
this,
SLOT(SlotReportClicked()));
}
}
}
+
+void MainWindow::OpenHive(QString hive_file) {
+ // Update last open location
+ this->last_open_location=hive_file.left(hive_file.
+ lastIndexOf(QDir::separator()));
+
+ // If another hive is currently open, close it
+ if(this->is_hive_open) this->on_action_Close_hive_triggered();
+
+ // Try to open hive
+ if(!this->p_hive->Open(hive_file)) {
+ QMessageBox::critical(this,
+ tr("Error opening hive file"),
+ tr("Unable to open file '%1'").arg(hive_file));
+ return;
+ }
+
+ // Create tree model
+ this->p_reg_node_tree_model=
+ new RegistryNodeTreeModel(this->p_hive);
+ this->p_node_tree->setModel(this->p_reg_node_tree_model);
+
+ this->is_hive_open=true;
+ this->ui->action_Close_hive->setEnabled(true);
+ this->ui->MenuReports->setEnabled(true);
+ this->UpdateWindowTitle(hive_file);
+}
+
+void MainWindow::ParseCommandLineArgs() {
+ QStringList args=qApp->arguments();
+
+ // Return if no args were specified
+ if(args.count()==1) return;
+
+ if(args.count()==2) {
+ // Try to open specified hive file
+ this->OpenHive(args.at(1));
+ }
+}
diff --git a/trunk/mainwindow.h b/trunk/mainwindow.h
index a42c911..68d4b6e 100644
--- a/trunk/mainwindow.h
+++ b/trunk/mainwindow.h
@@ -1,107 +1,119 @@
/*******************************************************************************
* fred Copyright (c) 2011 by Gillen Daniel <gillen.dan@pinguin.lu> *
* *
* Forensic Registry EDitor (fred) is a cross-platform M$ registry hive editor *
* with special feautures useful during forensic analysis. *
* *
* This program is free software: you can redistribute it and/or modify it *
* under the terms of the GNU General Public License as published by the Free *
* Software Foundation, either version 3 of the License, or (at your option) *
* any later version. *
* *
* This program is distributed in the hope that it will be useful, but WITHOUT *
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or *
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for *
* more details. *
* *
* You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
*******************************************************************************/
#ifndef MAINWINDOW_H
#define MAINWINDOW_H
#include <QMainWindow>
#include <hivex.h>
#include "registryhive.h"
#include "registrynodetreemodel.h"
#include "registrykeytablemodel.h"
#include "qhexedit/qhexedit.h"
#include "datainterpreter.h"
#include "datareporter.h"
namespace Ui {
class MainWindow;
}
class MainWindow : public QMainWindow {
Q_OBJECT
public:
explicit MainWindow(QWidget *parent = 0);
~MainWindow();
private slots:
void on_action_Quit_triggered();
void on_action_Open_hive_triggered();
void on_action_Close_hive_triggered();
void on_actionAbout_Qt_triggered();
void on_actionAbout_fred_triggered();
void SlotNodeTreeClicked(QModelIndex index);
void SlotKeyTableClicked(QModelIndex index);
void SlotKeyTableDoubleClicked(QModelIndex index);
void SlotHexEditAddressChanged(int hex_offset);
void SlotReportClicked();
private:
Ui::MainWindow *ui;
QString last_open_location;
RegistryHive *p_hive;
bool is_hive_open;
RegistryNodeTreeModel *p_reg_node_tree_model;
RegistryKeyTableModel *p_reg_key_table_model;
QByteArray selected_key_value;
// Widgets etc...
QTreeView *p_node_tree;
QTableView *p_key_table;
QWidget *p_hex_edit_widget;
QHexEdit *p_hex_edit;
QLabel *p_hex_edit_status_bar;
DataInterpreter *p_data_interpreter;
QVBoxLayout *p_hex_edit_layout;
QSplitter *p_horizontal_splitter;
QSplitter *p_horizontal_splitter2;
QSplitter *p_vertical_splitter;
DataReporter *p_data_reporter;
/*
* CheckUserConfigDir
*
* Checks for and possibly creates the ~/.fred directory
*/
void CheckUserConfigDir();
/*
* UpdateWindowTitle
*
* Updates the window title
*/
void UpdateWindowTitle(QString filename="");
/*
* UpdateDataInterpreter
*
* Update data interpreter
*/
void UpdateDataInterpreter(int hex_offset);
/*
* UpdateDataReporterMenu
*
*/
void UpdateDataReporterMenu();
+ /*
+ * OpenHive
+ *
+ * Open a registry hive
+ */
+ void OpenHive(QString hive_file);
+ /*
+ * ParseCommandLineArgs
+ *
+ * Parse command line arguments
+ */
+ void ParseCommandLineArgs();
};
#endif // MAINWINDOW_H
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Tue, Dec 24, 3:10 AM (1 d, 8 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1176988
Default Alt Text
(33 KB)
Attached To
Mode
rFRED fred
Attached
Detach File
Event Timeline
Log In to Comment