jipegit / osxauditor Goto Github PK
View Code? Open in Web Editor NEWOS X Auditor is a free Mac OS X computer forensics tool
License: Other
osxauditor's People
Contributors
Stargazers
Watchers
Forkers
samplenull tania188 mattsolomon 6fj7 queer1 weixu8 saulshanabrook mariusv vicgc ktneely juju4 tourountzis mrdfx loftierthoughts superpetboy gwerz pinperepette reluctantusr danetheory liufeigit wanghaiquan rainsome-org1 majl pandazheng aficionado ttruga ny2014 lazycrazyowl shayanb jpn592 eiriklv corbett3000 kevinmcalear martindale xeoron sethkontny qz267 sooshie calsaviour mamoo crystal520 chagge lucabongiorni pascougnou esaul bshort peixian danielshir ring0sec karlpilkington wcmc-its frankswu jjsanbra saferthanhouses ifireall dot-sean lenciel kykim ifghou hubert3 redorion bigsnarfdude rajaramang jbarcia tengfei1010 zavierxu c-rack aatifs josete04 claudioherrera-4th madconnon eunicep tdr130 thomassthelly cnbird1999 rtrocki bossadvisors macapplist sh4d0ws4int osalexis zigitax ryanlfoster peter158 toddhdow-xx cyblitz isamehahmed sdelavega jfnixon bsmartt13 turtlepa xsailor511 odin1314 unixboy caidongyun palaniyappanbala techraf godaccess smoriarty21 jfergie03 noscripterosxauditor's Issues
Crashes when /Users/user/Library/Safari/Databases is non existant
[INFO] user's Safari databases
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1663, in Main
ParseBrowsers()
File "osxauditor.py", line 808, in ParseBrowsers
ParseSafari()
File "osxauditor.py", line 745, in ParseSafari
ParseSafariProfile(User, UserSafariProfilePath)
File "osxauditor.py", line 723, in ParseSafariProfile
for Db in os.listdir(os.path.join(Path, "Databases")):
OSError: [Errno 2] No such file or directory: '/Users/user/Library/Safari/Databases'
Crash no output report log.html generated
Ran with
sudo python osxauditor.py -a -m -l localhashes.db -H log.html
runs for a while but does produce report. log.html. log is empty. Here is the crash
[INFO] Error with /Users/macadmin/Library/Application Support/Google/Chrome/Default/Web Data: ("Could not decode to UTF-8 column 'value' with text '^\xb4|\xc6W\x81\xc42UW\xe5\xc2\x9e\xfbj\xdd\xff\xfcE\x9f\xd3\xf2q\x10\xf2\x90\xa1DT\x9b\x94\xe0'",)
[INFO] macadmin's Chrome databases
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1663, in Main
ParseBrowsers()
File "osxauditor.py", line 810, in ParseBrowsers
ParseChrome()
File "osxauditor.py", line 801, in ParseChrome
ParseChromeProfile(User, UsersChromePath)
File "osxauditor.py", line 773, in ParseChromeProfile
for Db in os.listdir(os.path.join(Path, "databases")):
OSError: [Errno 2] No such file or directory: '/Users/macadmin/Library/Application Support/Google/Chrome/Default/databases'
then it exits
NameError: global name 'DbPath' is not defined
Running as root:
osxauditor.py -H report.html -qsbk
[...]
/Users/xxx/Library/Safari/Databases/https_xxxxxx_0
Traceback (most recent call last):
File "osxauditor.py", line 598, in
Main()
File "osxauditor.py", line 572, in Main
ParseBrowsers()
File "osxauditor.py", line 462, in ParseBrowsers
ParseSafari()
File "osxauditor.py", line 452, in ParseSafari
ParseSafariProfile(User, os.path.join(ROOT_PATH + "Users/" + User + "/Library/Safari"))
File "osxauditor.py", line 441, in ParseSafariProfile
DumpSQLiteDb(os.path.join(Path + "/Databases/" + Db))
File "osxauditor.py", line 340, in DumpSQLiteDb
PrintAndLog(DbPath + "not found\n", "WARNING")
NameError: global name 'DbPath' is not defined
bug
[INFO] /Users/xxxx/Library/Preferences/com.apple.loginitems.plist
App Tamer.apSSDApplications/App Tamer.app/
Traceback (most recent call last):
File "osxauditor.py", line 1697, in
Main()
File "osxauditor.py", line 1652, in Main
ParseStartup()
File "osxauditor.py", line 531, in ParseStartup
PrintAndLog(CustomListItem['Name'].decode('utf-8') + u' - ' + binascii.hexlify(CustomListItem['Alias']).decode('hex').decode('utf-8', 'ignore'), 'INFO')
File "osxauditor.py", line 227, in PrintAndLog
print(u'[INFO] ' + LogStr)
UnicodeEncodeError: 'ascii' codec can't encode character u'\u04b3' in position 41: ordinal not in range(128)
Traceback (most recent call last):
File "osxauditor.py", line 1700, in
Main()
File "osxauditor.py", line 1664, in Main
ParseDownloads()
File "osxauditor.py", line 562, in ParseDownloads
HashDir(User + u''s downloads', DlUserPath)
File "osxauditor.py", line 548, in HashDir
PrintAndLog(Md5 +' '+ FilePath.decode('utf-8') + u' - ' + time.ctime(os.path.getmtime(FilePath)) + u' - ' + time.ctime(os.path.getctime(FilePath)) + u'\n', 'INFO')
File "osxauditor.py", line 227, in PrintAndLog
print(u'[INFO] ' + LogStr)
UnicodeEncodeError: 'ascii' codec can't encode character u'\u0327' in position 83: ordinal not in range(128)
argument of type 'bool' is not iterable
[INFO] Users' LoginItems
[INFO] lx0741 LoginItems
[INFO] /Users/lx0741/Library/Preferences/com.apple.loginitems.plist
[INFO] Cannot parse /Users/lx0741/Library/Preferences/com.apple.loginitems.plist (Binary or JSON plist may FAIL)
Traceback (most recent call last):
File "osxauditor.py", line 1702, in
Main()
File "osxauditor.py", line 1651, in Main
ParseStartup()
File "osxauditor.py", line 550, in ParseStartup
if "SessionItems" in LoginItemsPlist:
TypeError: argument of type 'bool' is not iterable
IndexError: list index out of range for SystemVersionPlist array
I'm having this error
PrimaVita:OSXAuditor-master asb$ sudo python osxauditor.py
DEBUG: Mac OS X Obj-C Foundation successfully imported
[INFO] Header
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1635, in Main
AuditedSystemVersion = GetAuditedSystemVersion()
File "osxauditor.py", line 1228, in GetAuditedSystemVersion
"PatchVersion": int(SystemVersionPlist["ProductVersion"].split('.')[2])
IndexError: list index out of range
PrimaVita:OSXAuditor-master asb$ sudo /usr/bin/python osxcollector.py
/usr/bin/python: can't open file 'osxcollector.py': [Errno 2] No such file or directory
KeyError
I know this is not in development anymore, but I came across this:
root@data-recovery:~/osx/OSXAuditor-master# sudo python osxauditor.py --path=/root/osx/OSXAuditor-master/ -A
DEBUG: Cannot import Mac OS X Obj-C Foundation. Installing PyObjC on OS X is highly recommended
[INFO] Header
[INFO] Cannot open /System/Library/CoreServices/SystemVersion.plist
[INFO] Cannot determine the system version
[INFO] Report generated by OS X Auditor v0.4.4 on 06/12/20 14:45:54 EEST running as 0/0
[INFO] Audited system path: /root/osx/OSXAuditor-master/
[INFO] Version of the audited system: Unknown system version
[INFO] Current timezone of the audited system: etc/localtime
[INFO] Airport preferences
[INFO] /root/osx/OSXAuditor-master/Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist
76
Traceback (most recent call last):
File "osxauditor.py", line 1697, in <module>
Main()
File "osxauditor.py", line 1670, in Main
ParseAirportPrefs()
File "osxauditor.py", line 954, in ParseAirportPrefs
if KnownNetworks[KnownNetwork]['LastConnected']:
KeyError: 'LastConnected'
root@data-recovery:~/osx/OSXAuditor-master# sudo python osxauditor.py --path=/root/osx/OSXAuditor-master/ -A > audit.txt
Traceback (most recent call last):
File "osxauditor.py", line 1697, in <module>
Main()
File "osxauditor.py", line 1670, in Main
ParseAirportPrefs()
File "osxauditor.py", line 954, in ParseAirportPrefs
if KnownNetworks[KnownNetwork]['LastConnected']:
KeyError: 'LastConnected'
I'm running the script against a folder with SystemConfiguration plists and I'm using Ubuntu 16.04 headless.
KeyError: LastConnected
sudo python osxauditor.py -a > audit.txt
Traceback (most recent call last):
File "osxauditor.py", line 1684, in <module>
Main()
File "osxauditor.py", line 1657, in Main
ParseAirportPrefs()
File "osxauditor.py", line 946, in ParseAirportPrefs
PrintAndLog(u'SSID: ' + KnownNetworks[KnownNetwork]['SSIDString'].decode('utf-8') + u' - SSID: ' + str(KnownNetworks[KnownNetwork]['SSID']) + u' - Last connected: ' + str(KnownNetworks[KnownNetwork]['LastConnected']) + u' - Security type: ' + KnownNetworks[KnownNetwork]['SecurityType'] + u' - Geolocation: ' + Geolocation, 'INFO')
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 162, in __getitem__objectForKey_
return container_unwrap(res, KeyError, key)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 659, in container_unwrap
raise exc_type(*exc_args)
KeyError: 'LastConnected'
No such file or directory
Array index beyond bounds on Safari LastSession
Fails on LastSession.plist. Recently updated to Safari 7.1 and Maverick 10.9.5.
Here's full stack of the error and file contents:
[INFO] /Users/[username]/Library/Safari/LastSession.plist
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1663, in Main
ParseBrowsers()
File "osxauditor.py", line 808, in ParseBrowsers
ParseSafari()
File "osxauditor.py", line 745, in ParseSafari
ParseSafariProfile(User, UserSafariProfilePath)
File "osxauditor.py", line 717, in ParseSafariProfile
LastSession = LastSessionPlist["SessionWindows"][0]["TabStates"][0]
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 451, in __getitem__objectAtIndex_
return container_unwrap(self.objectAtIndex_(idx), RuntimeError)
IndexError: NSRangeException - -[__NSCFArray objectAtIndex:]: index (0) beyond bounds (0)
OSXAuditor โค cat /Users/[username]/Library/Safari/LastSession.plist git:master
+/0%
TypeError: cannot concatenate 'str' and 'OC_PythonLong' objects
[INFO] Email accounts Traceback (most recent call last): File "osxauditor.py", line 1705, in <module> Main() File "osxauditor.py", line 1675, in Main ParseUsersAccounts() File "osxauditor.py", line 1188, in ParseUsersAccounts ParseMailAppAccount(MailAccountPlistPath) File "osxauditor.py", line 1009, in ParseMailAppAccount if "PortNumber" in MailAccount: MAccountPref += "(" + MailAccount["PortNumber"] + ") - " TypeError: cannot concatenate 'str' and 'OC_PythonLong' objects
Dang. This program has been running for 2 hours, then I get this error. :/
I've had three errors so far trying to run this script -- it seems that some try-except blocks would be a great way to make this code more robust to errors like this...
needs unit tests
How are you going to prevent breaking pull requests?
Relative symlinks can go into an infinite loop
OSXAuditor will get stuck in a loop if there are relative symlinks that can cause a loop:
[INFO] /Applications/Papers2.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/papers_migration2095.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport/papers_migration2094.app/Contents/SharedSupport/papers_migration2094.app/Contents/SharedSupport/papers_migration2095.app/Contents/SharedSupport/papers_migration2095.app/Contents/SharedSupport/papers_migration2095.app/Contents/SharedSupport/papers_migration2094.app
lrwxr-xr-x 1 jeff admin 22 Dec 20 2013 /Applications/Papers2.app/Contents/SharedSupport/Citations.app/Contents/SharedSupport -> ../../../SharedSupport
Traceback when checking Safari's LastSession
[INFO] sam's Safari LastSession
[INFO] /Users/sam/Library/Safari/LastSession.plist
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1663, in Main
ParseBrowsers()
File "osxauditor.py", line 808, in ParseBrowsers
ParseSafari()
File "osxauditor.py", line 745, in ParseSafari
ParseSafariProfile(User, UserSafariProfilePath)
File "osxauditor.py", line 717, in ParseSafariProfile
LastSession = LastSessionPlist["SessionWindows"][0]["TabStates"][0]
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 451, in __getitem__objectAtIndex_
return container_unwrap(self.objectAtIndex_(idx), RuntimeError)
IndexError: NSRangeException - -[__NSCFArray objectAtIndex:]: index (0) beyond bounds (0)
Python Version:
2.7.5 (default, Mar 9 2014, 22:15:05)
[GCC 4.2.1 Compatible Apple LLVM 5.0 (clang-500.0.68)]
I'm running on a Mac with Mountain Lion 10.9.4. Any ideas?
Disclosure of script in blog (Brazilian Portuguese)
First of all, congratulations to the script and to spread it in the community. It's fantastic!
I created a post, in Portuguese from Brazil, in my blog about your script (OSXAuditor). My intention is to spread knowledge and present to the Brazilian public its excellent tool. If at any time you can reference my post, I will be very happy!
When you have news on new tools and scripts, let me know!
Best regards,
UnicodeDecodeError
An interesting error.
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1657, in Main
ParseQuarantines()
File "osxauditor.py", line 440, in ParseQuarantines
JointLSQuarantineEvent += u";" + unicode(Q)
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd8 in position 48: ordinal not in range(128)
NSRangeException index 0 beyond bounds for SessionWindow
When running OSXAuditor on a system in which a user does not have any saved Session data from Safari, an error is generated. The error is:
IndexError: NSRangeException - -[__NSCFArray objectAtIndex:]: index (0) beyond bounds (0)
The contents of the LastSession.plist are:
{
SessionVersion = "1.0";
SessionWindows = (
);
}
From what I can gather, this section (line 713) is not validating there are objects within the SessionWindows key of the plist.
if "SessionWindows" in LastSessionPlist:
LastSession = LastSessionPlist["SessionWindows"][0]["TabStates"][0]
PrintAndLog(LastSession["TabURL"].decode("utf-8") + u" - " + binascii.hexlify(LastSession["SessionState"]).decode("hex").decode("utf-8", "ignore"), "INFO")
Once I open some tabs in Safari and quit, the LastSession.plist file contains data in the SessionWindows key, and the osxauditor.py script runs without issue.
Unable to parse "com.apple.loginitems.plist"
When I run with:
sudo python osxauditor.py -a -m -l localhashes.db -H log.html
I get the following error:
[INFO] Users' LoginItems
[INFO] sligodave's LoginItems
[INFO] /Users/sligodave/Library/Preferences/com.apple.loginitems.plist
[INFO] Cannot parse /Users/sligodave/Library/Preferences/com.apple.loginitems.plist (Binary or JSON plist may FAIL)
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1651, in Main
ParseStartup()
File "osxauditor.py", line 550, in ParseStartup
if "SessionItems" in LoginItemsPlist:
TypeError: argument of type 'bool' is not iterable
Also, the log.html is empty, so I'm afraid I can't help with anything from that.
python: can't open file 'osxcollector.py': [Errno 2] No such file or directory
I'm getting errors: python: can't open file 'osxcollector.py': [Errno 2] No such file or directory
Traceback when checking SMTP email's port
DEBUG: Mac OS X Obj-C Foundation successfully imported
[INFO] Report generated by OS X Auditor v0.4.4 on ...
[INFO] Audited system path: /
[INFO] Version of the audited system: Mac OS X 10.8.5 build 12F2560
.
.
.
[INFO] SMTP accounts
Traceback (most recent call last):
File "osxauditor.py", line 1693, in <module>
Main()
File "osxauditor.py", line 1669, in Main
ParseUsersAccounts()
File "osxauditor.py", line 1166, in ParseUsersAccounts
ParseMailAppAccount(MailAccountPlistPath)
File "osxauditor.py", line 1005, in ParseMailAppAccount
if 'PortNumber' in DeliveryAccount: DAccountPref += '(' + str(MailAccount['PortNumber']) + ') - '
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 168, in __getitem__objectForKey_
return container_unwrap(res, KeyError, key)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 634, in container_unwrap
raise exc_type(*exc_args)
KeyError: 'PortNumber'
remove auditor
How does one remove auditor?
package it properly.
Needs a setup.py to be pip installable.
Multitude of "Command Not Found" errors
When running ./osxauditor.py, either as standard user or sudo, I get the following "command not found" errors. Obviously, it thinks those variables are instead commands.
$ ./osxauditor.py -h
./osxauditor.py: line 10: description: command not found
./osxauditor.py: line 11: author: command not found
./osxauditor.py: line 12: version: command not found
./osxauditor.py: line 14: ROOT_PATH: command not found
usage: hostname [-fs] [name-of-host]
./osxauditor.py: line 17: HASHES: command not found
./osxauditor.py: line 18: LOCAL_HASHES_DB: command not found
./osxauditor.py: line 20: HTML_LOG_FILE: command not found
./osxauditor.py: line 21: HTML_LOG_CONTENT: command not found
./osxauditor.py: line 22: HTML_LOG_MENU: command not found
./osxauditor.py: line 24: HTML_EVENTS_TL: command not found
./osxauditor.py: line 25: HTML_EVENTS_LANES: command not found
./osxauditor.py: line 26: HTML_EVENTS_ITEMS: command not found
./osxauditor.py: line 28: FOUNDATION_IS_IMPORTED: command not found
./osxauditor.py: line 29: BIPLIST_IS_IMPORTED: command not found
./osxauditor.py: line 30: PLISTLIB_IS_IMPORTED: command not found
./osxauditor.py: line 32: SYSLOG_SERVER: command not found
./osxauditor.py: line 33: SYSLOG_PORT: command not found
./osxauditor.py: line 35: MRH_HOST: command not found
./osxauditor.py: line 36: MRH_PORT: command not found
./osxauditor.py: line 38: GEOLOCATE_WIFI_AP: command not found
./osxauditor.py: line 39: GEOMENA_API_HOST: command not found
./osxauditor.py: line 41: VT_HOST: command not found
./osxauditor.py: line 43: ADMINS: command not found
./osxauditor.py: line 45: OSX_VERSION: command not found
./osxauditor.py: line 47: import: command not found
./osxauditor.py: line 48: syntax error near unexpected token sys' ./osxauditor.py: line 48:reload(sys)'
I'm running Python 2.7.10 and just installed pyobjc via "pip install pyobjc" (required a "pip install pyobjc-core --upgrade" in order to work).
Geolocation API Dead
So I can't pull up the website for http://geomena.org/ap/. I think it might need to be removed or replaced.
osxcollector
I'm curious if this project has any overlap with osxcollector. It would be pretty awesome if this project could run all of those tests as well ๐
UnicodeDecode Error on OSX 10.9.4 with python 2.7.5
I ran the osxauditor and got following error:
Traceback (most recent call last):
File "osxauditor.py", line 1702, in
Main()
File "osxauditor.py", line 1657, in Main
ParseQuarantines()
File "osxauditor.py", line 440, in ParseQuarantines
JointLSQuarantineEvent += u";" + unicode(Q)
UnicodeDecodeError: 'ascii' codec can't decode byte 0x9c in position 4: ordinal not in range(128)
I am also trying to figure out and fix it, but thought to log it so that you are aware of this.
UnicodeDecodeError
$ sudo python osxauditor.py -a -m -u -v -H log.html
DEBUG: Mac OS X Obj-C Foundation successfully imported
[INFO] Header
[INFO] Report generated by OS X Auditor v0.4.1 on 03/26/14 02:08:05 EDT running as 0/0
[INFO] Audited system path: /
[INFO] Version of the audited system: Mac OS X 10.9.2 build 13C64
[INFO] Current timezone of the audited system: America/New_York
...
[INFO] BAFEC7D3-F95B-4FA4-B52D-63DD8DDD19C7;414876165.0;com.google.Chrome.canary;Google Chrome Canary.app;https://clients2.googleusercontent.com/crx/blobs/QgAAAC6zw0qH2DJtnXe8Z7rUJP1LCBcQFXnsDBWtzc8TuHoP32t_g71nlolfDcqxMxX0MG6V426YJ_zSC0_gWDncJjfbtx0DIkVTho71ZSHVSqLsAMZSmuXi6_hEG2gwCDom6hkadLlag_KGbg/extension_37.crx;None;None;0;None;https://chrome.google.com/webstore/detail/pushbullet/chlffgpmiacpedhhbkiomidkjlcfhogd;None
[INFO] 478DBA8B-3223-4F43-875C-5FC5E67F7F37;414877643.0;com.google.Chrome.canary;Google Chrome Canary.app;https://mail-attachment.googleusercontent.com/attachment/b/476/u/0/?ui=2&ik=0e093b1064&view=att&th=14452100c25371f7&attid=0.1&disp=safe&zw&saduie=AG9B_P9aJIRk40xr9SD--gUNRcEm&sadet=1393184862873&sads=bdQ2PR7myal1bIzvrgaE6M02wiU;None;None;0;None;https://mail.google.com/mail/b/476/u/0/;None
Traceback (most recent call last):
File "osxauditor.py", line 1666, in <module>
Main()
File "osxauditor.py", line 1621, in Main
ParseQuarantines()
File "osxauditor.py", line 437, in ParseQuarantines
JointLSQuarantineEvent += u";" + unicode(Q)
UnicodeDecodeError: 'ascii' codec can't decode byte 0xb8 in position 4: ordinal not in range(128)KeyError: 'CachedScanRecord'
...
[INFO] /Users/saul/Library/Application Support/Google/Chrome/Default/Local Storage/https_www.netflix.com_0.localstorage
[INFO] Table ItemTable
[INFO] (u'SID', <read-write buffer ptr 0x10783eed0, size 92 at 0x10783ee90>)
[INFO] Airport preferences
[INFO] /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist
Traceback (most recent call last):
File "osxauditor.py", line 1667, in <module>
Main()
File "osxauditor.py", line 1634, in Main
ParseAirportPrefs()
File "osxauditor.py", line 954, in ParseAirportPrefs
PrintAndLog(u"SSID: " + RememberedNetwork["SSIDString"].decode("utf-8") + u" - BSSID: " + RememberedNetwork["CachedScanRecord"]["BSSID"] + u" - RSSI: " + str(RememberedNetwork["CachedScanRecord"]["RSSI"]) + u" - Last connected: " + str(RememberedNetwork["LastConnected"]) + u" - Security type: " + RememberedNetwork["SecurityType"] + u" - Geolocation: " + Geolocation, "INFO")
File "/usr/local/Cellar/python/2.7.6/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/PyObjC/objc/_convenience.py", line 162, in __getitem__objectForKey_
return container_unwrap(res, KeyError, key)
File "/usr/local/Cellar/python/2.7.6/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/PyObjC/objc/_convenience.py", line 659, in container_unwrap
raise exc_type(*exc_args)
KeyError: 'CachedScanRecord'
AggregateLogs combines file path incorrectly
Receive the error when running with -z ../TEMP:
[INFO] Log files aggregation
[INFO] All log files are aggregated in ../TEMP/OSXAuditor_report_/HOSTNAME/_/20140916-160436/.zip
[INFO] Log files aggregation FAILED (2, 'No such file or directory')
Each argument in the function is joined with the system path delimiter (/ in OSX's case) in this call:
ZipLogsFilePath = os.path.join(ZipLogsFile, "OSXAuditor_report_", HOSTNAME, "_", time.strftime("%Y%m%d-%H%M%S", time.gmtime()), ".zip")
Change the commas to + like this:
ZipLogsFilePath = os.path.join(ZipLogsFile, "OSXAuditor_report_" + HOSTNAME + "_" + time.strftime("%Y%m%d-%H%M%S", time.gmtime()) + ".zip")
PortNumber errors
When I ran sudo python osxauditor.py -qsidAUe -l localhashes.db -H log.html, I got
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1672, in Main
ParseUsersAccounts()
File "osxauditor.py", line 1185, in ParseUsersAccounts
ParseMailAppAccount(MailAccountPlistPath)
File "osxauditor.py", line 1006, in ParseMailAppAccount
if "PortNumber" in MailAccount: MAccountPref += "(" + MailAccount["PortNumber"] + ") - "
TypeError: cannot concatenate 'str' and 'OC_PythonLong' objects
After I fixed the above error, I got this:
Traceback (most recent call last):
File "osxauditor.py", line 1702, in <module>
Main()
File "osxauditor.py", line 1672, in Main
ParseUsersAccounts()
File "osxauditor.py", line 1185, in ParseUsersAccounts
ParseMailAppAccount(MailAccountPlistPath)
File "osxauditor.py", line 1027, in ParseMailAppAccount
if "PortNumber" in DeliveryAccount: DAccountPref += "(" + MailAccount["PortNumber"] + ") - "
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 188, in __getitem__objectForKey_
return container_unwrap(res, KeyError, key)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/PyObjC/objc/_convenience.py", line 654, in container_unwrap
raise exc_type(*exc_args)
KeyError: 'PortNumber'
the contributing guidelines dictate non-pythonic standards
The guide says to use 2 spaces for indentation. This is pretty atypical in open-source Python projects. Consider making it 4?
Spelling error
https://github.com/jipegit/OSXAuditor/blob/master/CONTRIBUTING.md
In the Philosophy section bullet point list, last item:
All the hases go into the global hash db.
I think "hases" should be "hashes"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.