Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing the "locate at" field in the html report #442

Merged
merged 1 commit into from
Dec 13, 2023
Merged

Fixing the "locate at" field in the html report #442

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 18 additions & 11 deletions scripts/artifacts/fitbit.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
"name": "Fitbit",
"description": "Parses Fitbit activities",
"author": "@AlexisBrignoni",
"version": "0.0.3",
"version": "0.0.4",
"date": "2021-04-23",
"requirements": "none",
"category": "Fitbit",
"notes": "Updated 2023-10-17 by @KevinPagano3, combining all parsers into one",
"notes": "Updated 2023-12-12 by @segumarc, wrong file_found was wrote in the 'located at' field in the html report",
"paths": ('*/com.fitbit.FitbitMobile/databases/activity_db*','*/com.fitbit.FitbitMobile/databases/device_database*','*/com.fitbit.FitbitMobile/databases/exercise_db*','*/com.fitbit.FitbitMobile/databases/heart_rate_db*','*/com.fitbit.FitbitMobile/databases/sleep*','*/com.fitbit.FitbitMobile/databases/social_db*','*/com.fitbit.FitbitMobile/databases/mobile_track_db*'),
"function": "get_fitbit"
}
Expand Down Expand Up @@ -37,6 +37,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
file_found = str(file_found)

if file_found.endswith('activity_db'):
file_found_activity = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand Down Expand Up @@ -82,6 +83,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
db.close()

if file_found.endswith('device_database'):
file_found_device = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand All @@ -103,6 +105,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
db.close()

if file_found.endswith('exercise_db'):
file_found_exercise = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand Down Expand Up @@ -145,6 +148,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
db.close()

if file_found.endswith('heart_rate_db'):
file_found_heart = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand All @@ -163,6 +167,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
db.close()

if file_found.endswith('sleep'):
file_found_sleep = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand Down Expand Up @@ -208,6 +213,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
db.close()

if file_found.endswith('social_db'):
file_found_social = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand Down Expand Up @@ -259,6 +265,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
db.close()

if file_found.endswith('mobile_track_db'):
file_found_mobile = file_found
db = open_sqlite_db_readonly(file_found)
cursor = db.cursor()
cursor.execute('''
Expand Down Expand Up @@ -289,7 +296,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.start_artifact_report(report_folder, 'Fitbit Activity')
report.add_script()
data_headers = ('Timestamp','Time Created','Name','Log Type','Active Duration','SPEED','Pace','Elevation Gain','Avg Heart Rate','Distance','Distance Unit','Duration', 'Duration in Minutes','Steps','Details Type','Calories','Manual Calories Populated','Source Name','Source Type','Has GPS','Swim Lengths','Pool Length','Pool Length Unit','Very Active Minutes','Moderately Active Minutes','Fat Burn Heart Rate Zone','Cardio Heart Rate Zone','Peak Heart Rate Zone','Source')
report.write_artifact_data_table(data_headers, data_list_activity, file_found)
report.write_artifact_data_table(data_headers, data_list_activity, file_found_activity)
report.end_artifact_report()

tsvname = f'Fitbit Activity'
Expand All @@ -306,7 +313,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Last Synced Timestamp','Device Name','Bluetooth MAC Address','Battery Percentage','Device Type','Source')

report.write_artifact_data_table(data_headers, data_list_devices, file_found)
report.write_artifact_data_table(data_headers, data_list_devices, file_found_device)
report.end_artifact_report()

tsvname = f'Fitbit Device Info'
Expand All @@ -323,7 +330,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Timestamp','Label','Latitude','Longitude','Accuracy','Altitude','Speed','Pace','Session_ID','Source')

report.write_artifact_data_table(data_headers, data_list_exercises, file_found)
report.write_artifact_data_table(data_headers, data_list_exercises, file_found_exercise)
report.end_artifact_report()

tsvname = f'Fitbit Exercise'
Expand All @@ -340,7 +347,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Timestamp','Avg. Heart Rate','Resting Heart Rate','Source')

report.write_artifact_data_table(data_headers, data_list_heart, file_found)
report.write_artifact_data_table(data_headers, data_list_heart, file_found_heart)
report.end_artifact_report()

tsvname = f'Fitbit Heart Rate Summary'
Expand All @@ -357,7 +364,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Timestamp','Seconds','Level','Log ID','Source')

report.write_artifact_data_table(data_headers, data_list_sleep_detail, file_found)
report.write_artifact_data_table(data_headers, data_list_sleep_detail, file_found_sleep)
report.end_artifact_report()

tsvname = f'Fitbit Sleep Detail'
Expand All @@ -374,7 +381,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Timestamp','Start Time','Sync Status','Duration in Milliseconds','Duration in Minutes', 'Minutes After Wakeup', 'Minutes Asleep', 'Minutes Awake', 'Minutes to Fall Asleep', 'Log ID', 'Source')

report.write_artifact_data_table(data_headers, data_list_sleep_summary, file_found)
report.write_artifact_data_table(data_headers, data_list_sleep_summary, file_found_sleep)
report.end_artifact_report()

tsvname = f'Fitbit Sleep Summary'
Expand All @@ -388,7 +395,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Owning UserID','Encoded ID','Display Name','Avatar URL','Friend','Child','Source')

report.write_artifact_data_table(data_headers, data_list_friends, file_found)
report.write_artifact_data_table(data_headers, data_list_friends, file_found_social)
report.end_artifact_report()

tsvname = f'Fitbit Friends'
Expand All @@ -403,7 +410,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Last Updated','Display Name','Full Name','About Me','Avatar URL', 'Cover Photo URL', 'City', 'State', 'Country', 'Joined Date','Date of Birth','Height','Weight','Gender','Coach','Source')

report.write_artifact_data_table(data_headers, data_list_user, file_found)
report.write_artifact_data_table(data_headers, data_list_user, file_found_social)
report.end_artifact_report()

tsvname = f'Fitbit User Profile'
Expand All @@ -421,7 +428,7 @@ def get_fitbit(files_found, report_folder, seeker, wrap_text, time_offset):
report.add_script()
data_headers = ('Timestamp','Steps Count','Mets Count','Time Created','Time Updated')

report.write_artifact_data_table(data_headers, data_list_steps, file_found)
report.write_artifact_data_table(data_headers, data_list_steps, file_found_mobile)
report.end_artifact_report()

tsvname = f'Fitbit Steps'
Expand Down
12 changes: 7 additions & 5 deletions scripts/artifacts/googleMapsGmm.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@
"name": "Google Maps GMM",
"description": "Parse Google Maps GMM db files",
"author": "@AlexisBrignoni",
"version": "0.0.2",
"version": "0.0.3",
"date": "2022-12-30",
"requirements": "none",
"category": "GEO Location",
"notes": "Updated 2023-12-05 by @segumarc, added support for Label Places from GMM_MyPlaces.db and restructuring the existing gmm_storage",
"notes": "Updated 2023-12-12 by @segumarc, wrong file_found was wrote in the 'located at' field in the html report",
"paths": ('*/com.google.android.apps.maps/databases/gmm_myplaces.db','*/com.google.android.apps.maps/databases/gmm_storage.db'),
"function": "get_googleMapsGmm"
}
Expand All @@ -30,6 +30,7 @@ def get_googleMapsGmm(files_found, report_folder, seeker, wrap_text, time_offset
file_found = str(file_found)
if file_found.endswith('gmm_storage.db'):
db = open_sqlite_db_readonly(file_found)
file_found_storage = file_found
cursor = db.cursor()
cursor.execute('''
select
Expand Down Expand Up @@ -82,6 +83,7 @@ def get_googleMapsGmm(files_found, report_folder, seeker, wrap_text, time_offset

if file_found.endswith('gmm_myplaces.db'):
db = open_sqlite_db_readonly(file_found)
file_found_myplaces = file_found
cursor = db.cursor()
cursor.execute('''
select
Expand All @@ -93,8 +95,8 @@ def get_googleMapsGmm(files_found, report_folder, seeker, wrap_text, time_offset
timestamp
from sync_item
''')
#datetime(timestamp/1000,'unixepoch')
all_rows = cursor.fetchall()

for row in all_rows:
id = row[0]
keystring = row[1]
Expand Down Expand Up @@ -126,7 +128,7 @@ def get_googleMapsGmm(files_found, report_folder, seeker, wrap_text, time_offset
report.start_artifact_report(report_folder, 'Google Search History Maps')
report.add_script()
data_headers = ('Directions', 'Latitude', 'Longitude', 'To Latitude', 'To Longitude', 'Row ID', 'Type')
report.write_artifact_data_table(data_headers, data_list_storage, file_found, html_escape=False)
report.write_artifact_data_table(data_headers, data_list_storage, file_found_storage, html_escape=False)
report.end_artifact_report()

tsvname = f'Google Search History Maps'
Expand All @@ -139,7 +141,7 @@ def get_googleMapsGmm(files_found, report_folder, seeker, wrap_text, time_offset
report.start_artifact_report(report_folder, 'Google Maps Label Places')
report.add_script()
data_headers = ('Timestamp','Label', 'Latitude', 'Longitude', 'Address', 'URL')
report.write_artifact_data_table(data_headers, data_list_myplaces, file_found, html_escape=False)
report.write_artifact_data_table(data_headers, data_list_myplaces, file_found_myplaces, html_escape=False)
report.end_artifact_report()

tsvname = f'Google Maps Label Places'
Expand Down