?? ewfacquire.c
字號(hào):
{ fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } libewf_common_free( case_number ); if( description == NULL ) { string_length = 0; } else { string_length = libewf_string_length( description ); } if( libewf_set_header_value_description( handle, description, string_length ) != 1 ) { fprintf( stderr, "Unable to set header value description in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } libewf_common_free( description ); if( examiner_name == NULL ) { string_length = 0; } else { string_length = libewf_string_length( examiner_name ); } if( libewf_set_header_value_examiner_name( handle, examiner_name, string_length ) != 1 ) { fprintf( stderr, "Unable to set header value examiner name in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } libewf_common_free( examiner_name ); if( evidence_number == NULL ) { string_length = 0; } else { string_length = libewf_string_length( evidence_number ); } if( libewf_set_header_value_evidence_number( handle, evidence_number, string_length ) != 1 ) { fprintf( stderr, "Unable to set header value evidence number in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } libewf_common_free( evidence_number ); if( notes == NULL ) { string_length = 0; } else { string_length = libewf_string_length( notes ); } if( libewf_set_header_value_notes( handle, notes, string_length ) != 1 ) { fprintf( stderr, "Unable to set header value notes in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } libewf_common_free( notes ); /* Password is not used within libewf */ /* Acquiry date, system date and compression type will be generated automatically when set to NULL */ if( acquiry_operating_system != NULL ) { if( libewf_set_header_value_acquiry_operating_system( handle, acquiry_operating_system, libewf_string_length( acquiry_operating_system ) ) != 1 ) { fprintf( stderr, "Unable to set header value acquiry operating system in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } libewf_common_free( acquiry_operating_system ); } if( libewf_set_header_value( handle, _S_LIBEWF_CHAR( "acquiry_software" ), _S_LIBEWF_CHAR( "ewfacquire" ), 10 ) != 1 ) { fprintf( stderr, "Unable to set header value acquiry software in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } if( libewf_set_header_value_acquiry_software_version( handle, acquiry_software_version, libewf_string_length( acquiry_software_version ) ) != 1 ) { fprintf( stderr, "Unable to set header value acquiry software version number in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); }#if defined(HAVE_UUID_UUID_H) && defined(HAVE_LIBUUID) /* Add a system GUID if necessary */ if( ewfcommon_determine_guid( guid, libewf_format ) != 1 ) { fprintf( stderr, "Unable to create GUID.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } if( libewf_set_guid( handle, guid, 16 ) != 1 ) { fprintf( stderr, "Unable to set GUID in handle.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); }#endif /* Start acquiring data */ timestamp_start = time( NULL ); time_string = libewf_common_ctime( ×tamp_start ); if( time_string != NULL ) { fprintf( stderr, "Acquiry started at: %" PRIs "\n", time_string ); libewf_common_free( time_string ); } else { fprintf( stderr, "Acquiry started.\n" ); } if( callback != NULL ) { ewfcommon_process_status_initialize( stderr, _S_LIBEWF_CHAR( "acquired" ), timestamp_start ); } fprintf( stderr, "This could take a while.\n\n" ); count = ewfcommon_write_from_file_descriptor( handle, file_descriptor, acquiry_size, acquiry_offset, read_error_retry, sector_error_granularity, wipe_block_on_read_error, seek_on_error, calculate_sha1, callback ); /* Done acquiring data */ if( count > -1 ) { calculated_md5_hash_string = (LIBEWF_CHAR *) libewf_common_alloc( LIBEWF_CHAR_SIZE * LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ); if( calculated_md5_hash_string == NULL ) { fprintf( stderr, "Unable to create calculated MD5 hash string.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } result_md5_hash = libewf_get_calculated_md5_hash( handle, calculated_md5_hash_string, LIBEWF_STRING_DIGEST_HASH_LENGTH_MD5 ); if( calculate_sha1 == 1 ) { calculated_sha1_hash_string = (LIBEWF_CHAR *) libewf_common_alloc( LIBEWF_CHAR_SIZE * LIBEWF_STRING_DIGEST_HASH_LENGTH_SHA1 ); if( calculated_sha1_hash_string == NULL ) { fprintf( stderr, "Unable to create calculated SHA1 hash string.\n" ); libewf_common_free( calculated_md5_hash_string ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); } libewf_common_free( filename ); return( EXIT_FAILURE ); } result_sha1_hash = libewf_get_hash_value( handle, _S_LIBEWF_CHAR( "SHA1" ), calculated_sha1_hash_string, LIBEWF_STRING_DIGEST_HASH_LENGTH_SHA1 ); } } if( libewf_common_close( file_descriptor ) != 0 ) { fprintf( stderr, "Unable to close input.\n" ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } libewf_common_free( filename ); libewf_common_free( calculated_md5_hash_string ); if( calculate_sha1 == 1 ) { libewf_common_free( calculated_sha1_hash_string ); } return( EXIT_FAILURE ); } libewf_common_free( filename ); timestamp_end = time( NULL ); time_string = libewf_common_ctime( ×tamp_end ); if( count <= -1 ) { if( time_string != NULL ) { fprintf( stderr, "Acquiry failed at: %" PRIs "\n", time_string ); libewf_common_free( time_string ); } else { fprintf( stderr, "Acquiry failed.\n" ); } if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); } libewf_common_free( calculated_md5_hash_string ); if( calculate_sha1 == 1 ) { libewf_common_free( calculated_sha1_hash_string ); } return( EXIT_FAILURE ); } if( time_string != NULL ) { fprintf( stderr, "Acquiry completed at: %" PRIs "\n", time_string ); libewf_common_free( time_string ); } else { fprintf( stderr, "Acquiry completed.\n" ); } ewfcommon_process_summary_fprint( stderr, _S_LIBEWF_CHAR( "Written" ), count, timestamp_start, timestamp_end ); fprintf( stderr, "\n" ); ewfcommon_acquiry_errors_fprint( stderr, handle ); if( libewf_close( handle ) != 0 ) { fprintf( stderr, "Unable to close EWF file handle.\n" ); libewf_common_free( calculated_md5_hash_string ); if( calculate_sha1 == 1 ) { libewf_common_free( calculated_sha1_hash_string ); } return( EXIT_FAILURE ); } if( result_md5_hash == -1 ) { fprintf( stderr, "Unable to get calculated MD5 hash.\n" ); libewf_common_free( calculated_md5_hash_string ); if( calculate_sha1 == 1 ) { libewf_common_free( calculated_sha1_hash_string ); } return( EXIT_FAILURE ); } else if( result_md5_hash == 0 ) { fprintf( stderr, "MD5 hash calculated over data:\tN/A\n" ); } else { fprintf( stderr, "MD5 hash calculated over data:\t%" PRIs_EWF "\n", calculated_md5_hash_string ); } libewf_common_free( calculated_md5_hash_string ); if( calculate_sha1 == 1 ) { if( result_sha1_hash == -1 ) { fprintf( stderr, "Unable to get calculated SHA1 hash.\n" ); libewf_common_free( calculated_sha1_hash_string ); return( EXIT_FAILURE ); } else if( result_sha1_hash == 0 ) { fprintf( stderr, "SHA1 hash calculated over data:\tN/A\n" ); } else { fprintf( stderr, "SHA1 hash calculated over data:\t%" PRIs_EWF "\n", calculated_sha1_hash_string ); } libewf_common_free( calculated_sha1_hash_string ); } return( EXIT_SUCCESS );}?? 快捷鍵說(shuō)明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號(hào)
Ctrl + =
減小字號(hào)
Ctrl + -