Skip to content

Commit

Permalink
Merge pull request #1026 from Johann-PLW/main
Browse files Browse the repository at this point in the history 
Update appleMapsGroup.py for lava output
  • Loading branch information
@Johann-PLW
Johann-PLW authored Jan 21, 2025
2 parents ff9154f + 4d7f27b commit 8aac451
Showing 1 changed file with 30 additions and 39 deletions.
69 changes: 30 additions & 39 deletions scripts/artifacts/appleMapsGroup.py
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,30 @@
import plistlib
import blackboxprotobuf
import scripts.artifacts.artGlobals

from scripts.artifact_report import ArtifactHtmlReport
from scripts.ilapfuncs import logfunc, logdevinfo, tsv, is_platform_windows
__artifacts_v2__ = {
"appleMapsGroup": {
"name": "Apple Maps Group",
"description": "",
"author": "@AlexisBrignoni",
"creation_date": "2020-08-03",
"last_update_date": "2025-01-21",
"requirements": "none",
"category": "Locations",
"notes": "",
"paths": ('*/Shared/AppGroup/*/Library/Preferences/group.com.apple.Maps.plist',),
"output_types": ["html", "tsv", "lava"],
"artifact_icon": "map-pin"
}
}

import blackboxprotobuf
from scripts.ilapfuncs import artifact_processor, get_file_path, get_plist_file_content

def get_appleMapsGroup(files_found, report_folder, seeker, wrap_text, timezone_offset):
versionnum = 0
file_found = str(files_found[0])
@artifact_processor
def appleMapsGroup(files_found, report_folder, seeker, wrap_text, timezone_offset):
source_path = get_file_path(files_found, "group.com.apple.Maps.plist")
data_list = []

with open(file_found, 'rb') as f:
deserialized_plist = plistlib.load(f)
pl = get_plist_file_content(source_path)
maps_activity = pl.get('MapsActivity', None)
if maps_activity:
types = {'1': {'type': 'message', 'message_typedef':
{'1': {'type': 'int', 'name': ''},
'2': {'type': 'int', 'name': ''},
Expand All @@ -25,32 +38,10 @@ def get_appleMapsGroup(files_found, report_folder, seeker, wrap_text, timezone_o
'7': {'type': 'int', 'name': ''}},
'name': ''}
}
try:
internal_deserialized_plist, di = blackboxprotobuf.decode_message((deserialized_plist['MapsActivity']),types)

latitude =(internal_deserialized_plist['1']['5']['Latitude'])
longitude =(internal_deserialized_plist['1']['5']['Longitude'])

data_list = []
data_list.append((latitude, longitude))
report = ArtifactHtmlReport('Apple Maps Group')
report.start_artifact_report(report_folder, 'Apple Maps Group')
report.add_script()
data_headers = ('Latitude','Longitude' )
report.write_artifact_data_table(data_headers, data_list, file_found)
report.end_artifact_report()

tsvname = 'Apple Maps Group'
tsv(report_folder, data_headers, data_list, tsvname)
except:
logfunc('No data in Apple Maps Group')

__artifacts__ = {
"applemapsgroup": (
"Locations",
('**/Shared/AppGroup/*/Library/Preferences/group.com.apple.Maps.plist'),
get_appleMapsGroup)
}

internal_deserialized_plist, di = blackboxprotobuf.decode_message(maps_activity, types)
latitude = (internal_deserialized_plist['1']['5']['Latitude'])
longitude = (internal_deserialized_plist['1']['5']['Longitude'])
data_list.append((latitude, longitude))


data_headers = ('Latitude', 'Longitude')
return data_headers, data_list, source_path

0 comments on commit 8aac451

Please sign in to comment.