Merge pull request #385 from abrignoni/in_progress

Update parsers
abrignoni · Oct 27, 2022 · 7872507 · 7872507
2 parents 0fb9632 + 6006618
commit 7872507
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 4 deletions.
diff --git a/scripts/artifacts/biomeIntents.py b/scripts/artifacts/biomeIntents.py
@@ -209,11 +209,18 @@ def get_biomeIntents(files_found, report_folder, seeker, wrap_text):
                     #Instagram
                     if typeofintent == 'com.burbn.instagram':
                         datoshtml = deserialized_plist['intent']['backingStore']['bytes'].decode('latin-1')
+                        datos = datoshtml
+
+                    #snapchat
+                    elif typeofintent == 'com.toyopagroup.picaboo':
+                        datoshtml = deserialized_plist['intent']['backingStore']['bytes'].decode('latin-1')
+                        datos = datoshtml
 
                     #notes
                     elif typeofintent == 'com.apple.assistant_service':
                         datoshtml = deserialized_plist['intent']['backingStore']['bytes'].decode('latin-1')
-
+                        datos = datoshtml
+
                     #notes
                     elif typeofintent == 'com.apple.mobilenotes':
                         a = (protostuffinner['1']['16'].decode()) #create
@@ -226,6 +233,7 @@ def get_biomeIntents(files_found, report_folder, seeker, wrap_text):
                     #telegraph
                     elif typeofintent == 'ph.telegra.Telegraph':
                         datoshtml = deserialized_plist['intent']['backingStore']['bytes'].decode('latin-1')
+                        datos = datoshtml
 
                     #calls
                     elif typeofintent == 'com.apple.InCallService':
@@ -241,11 +249,11 @@ def get_biomeIntents(files_found, report_folder, seeker, wrap_text):
                     #whatsapp
                     elif typeofintent == 'net.whatsapp.WhatsApp':
                         datoshtml = str(protostuffinner)
-
+                        datos = datoshtml
 
                     elif typeofintent == 'org.whispersystems.signal':
                         datoshtml = str(protostuffinner)
-
+                        datos = datoshtml
 
                     #sms
                     elif typeofintent == 'com.apple.MobileSMS':

diff --git a/scripts/artifacts/filesAppsm.py b/scripts/artifacts/filesAppsm.py
@@ -34,6 +34,8 @@ def get_filesAppsm(files_found, report_folder, seeker, wrap_text):
             output_file.write(row[1])
             output_file.close()
 
+            creationdate = contentmodificationdate = userinfo = childitemcount = flags = ''
+
             with open(os.path.join(report_folder, row[2]+'.bplist'), "rb") as f:
                 deserialized_plist = nd.deserialize_plist(f)
             for x, y in deserialized_plist.items():

diff --git a/scripts/artifacts/weatherAppLocations.py b/scripts/artifacts/weatherAppLocations.py
@@ -15,7 +15,7 @@ def get_weatherAppLocations(files_found, report_folder, seeker, wrap_text):
             plist_content = plistlib.load(plist_file)
 
 
-            if plist_content['PrefsVersion'] == '2.1':
+            if plist_content.get('PrefsVersion') == '2.1':
               lastupdated = (plist_content['LastUpdated'])
 
               if plist_content.get('Cities', '0') == '0':