diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | python-xleapp.spec | 571 | ||||
| -rw-r--r-- | sources | 1 |
3 files changed, 573 insertions, 0 deletions
@@ -0,0 +1 @@ +/xleapp-0.2.1.tar.gz diff --git a/python-xleapp.spec b/python-xleapp.spec new file mode 100644 index 0000000..917babb --- /dev/null +++ b/python-xleapp.spec @@ -0,0 +1,571 @@ +%global _empty_manifest_terminate_build 0 +Name: python-xleapp +Version: 0.2.1 +Release: 1 +Summary: Multiplaform Logs, Events, And Plists Parser +License: MIT +URL: https://github.com/flamusdiu/xleapp +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/ff/46/de4bd91e877c654c293db1a0a28defcdd316ebedac4c467b6f916978f5a3/xleapp-0.2.1.tar.gz +BuildArch: noarch + +Requires: python3-Jinja2 +Requires: python3-PySimpleGUI +Requires: python3-PyYAML +Requires: python3-prettytable +Requires: python3-magic-bin +Requires: python3-simplekml +Requires: python3-wrapt + +%description +# xLEAPP + +[](https://github.com/psf/black) + +**Development build. Please be cauious using on real cases.** + +Framework for Logs, Events, And Plists Parser (LEAPP) + +This framework is a complete rewrite of the excellent tool iLEAPP.Details of iLEAPP can be found in this [blog post](https://abrignoni.blogspot.com/2019/12/xleapp-ios-logs-events-and-properties.html) + +xLEAPP is the framework created to merge several tools together. More information about the rewrite is given in by talk ([YouTube](https://www.youtube.com/watch?v=seTpCmSF0Gc)) at Black Hills Info Security's Wild West Hackin' Fest (WWHF): Deadwood in 2021. + +<img src="https://user-images.githubusercontent.com/1879197/139466769-3155b3d9-75c6-4ef0-bbb0-73b77fdc349f.gif" width=700> + +## Features + +* Provides a centralized and modular framework +* Provides a simplified way to write plugins (artifacts) for each different supported platform. +* Parses iOS, macOS, Android, Chromebook, warranty returns, and Windows artifacts depending on the plugins installed. + +## Other Documentation + +* [Artifact Creation](docs/current/artifact-creation.md) + +## Pre-requisites + +This project requires you to have Python >= 3.9 + +## Plugins + +Here is a list of plugins that need to be completed. Plugin package suffixed with "non-free" use licenses that may not conform with MIT licenses and are seperated out. + +- [X] xleapp-ios [[Github](https://github.com/flamusdiu/xleapp-ios)] [[PyPI](https://pypi.org/project/xleapp-ios/)] +- [ ] xleapp-ios-non-free [[Github](https://github.com/flamusdiu/xleapp-ios)] +- [ ] xleapp-android +- [ ] xleapp-android-non-free +- [ ] xleapp-chrome +- [ ] xleapp-chrome-non-free +- [ ] xleapp-returns +- [ ] xleapp-returns-non-free +- [ ] xleapp-vehicles +- [ ] xleapp-vehicles-non-free +- [ ] xleapp-windows +- [ ] xleapp-windows-non-free + +## Installation + +### Windows + +* Python + + ```powershell + PS> py -3 -m pip install xleapp + PS> py -3 -m pip install xleapp-<plugin> + ``` + +* PIPX + + ```powershell + PS> py -3 -m pip install pipx + PS> pipx install xleapp + PS> pipx inject xleapp xleapp-<plugin> + ``` + +### Linux + +* Python + + ```bash + $ python3 -m pip install xleapp + $ python3 -m pip install xleapp-<plugin> + ``` + +* PIPX + + ```bash + $ python3 -m pip install pipx + $ pipx install xleapp + $ pipx inject xleapp xleapp-<plugin> + ``` + +## Installation from Github and Development Information + +* [Windows](docs/current/windows.md) +* [Linux](docs/current/linux.md) + +## VS Code configuration files + +There are several [configuration files](https://github.com/flamusdiu/xleapp-project) that I have been using for VS Code. + +## Compile to executable + +**NOTE:** This may not work at this time with this alpha version. + +To compile to an executable so you can run this on a system without python installed. + +To create xleapp.exe, run: + +```bash +pyinstaller --onefile xleapp.spec +``` + +To create xleappGUI.exe, run: + +```bash +pyinstaller --onefile --noconsole xleappGUI.spec +``` + +## Usage + +### CLI + +```bash +$ xleapp -h +usage: xleapp [-h] [-I] [-R] [-A] [-C] [-V] [-o OUTPUT_FOLDER] [-i INPUT_PATH] + [--artifacts [ARTIFACTS ...]] [-p] [-l] [--gui] [--version] + +xLEAPP: Logs, Events, and Plists Parser. + +optional arguments: + -h, --help show this help message and exit + -I parse ios artifacts + -R parse Warrant Returns / User Generated Archives artifacts + -A parse android artifacts + -C parse Chromebook artifacts + -V parse vehicle artifacts + -o OUTPUT_FOLDER, --output_folder OUTPUT_FOLDER + Output folder path + -i INPUT_PATH, --input_path INPUT_PATH + Path to input file/folder + --artifact [ARTIFACT ...] + Filtered list of artifacts to run. Allowed: core, <check artifact list in + documentation> + -p, --artifact_paths Text file list of artifact paths + -l, --artifact_table Text file with table of artifacts + --gui Runs xLEAPP into graphical mode + --version show program's version number and exit + +``` + +### GUI + +This needs work and may not work properly! + +```bash +$ xleapp --gui + +``` + +### Help + +```bash +$ xleapp.py --help + +``` + +The GUI will open in another window. + +## Acknowledgements + +This tool is the result of a collaborative effort of many people in the DFIR community. + +This product includes software developed by Sarah Edwards (Station X Labs, LLC, @iamevltwin, mac4n6.com) and other contributors as part of APOLLO (Apple Pattern of Life Lazy Output'er). + + + +%package -n python3-xleapp +Summary: Multiplaform Logs, Events, And Plists Parser +Provides: python-xleapp +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-xleapp +# xLEAPP + +[](https://github.com/psf/black) + +**Development build. Please be cauious using on real cases.** + +Framework for Logs, Events, And Plists Parser (LEAPP) + +This framework is a complete rewrite of the excellent tool iLEAPP.Details of iLEAPP can be found in this [blog post](https://abrignoni.blogspot.com/2019/12/xleapp-ios-logs-events-and-properties.html) + +xLEAPP is the framework created to merge several tools together. More information about the rewrite is given in by talk ([YouTube](https://www.youtube.com/watch?v=seTpCmSF0Gc)) at Black Hills Info Security's Wild West Hackin' Fest (WWHF): Deadwood in 2021. + +<img src="https://user-images.githubusercontent.com/1879197/139466769-3155b3d9-75c6-4ef0-bbb0-73b77fdc349f.gif" width=700> + +## Features + +* Provides a centralized and modular framework +* Provides a simplified way to write plugins (artifacts) for each different supported platform. +* Parses iOS, macOS, Android, Chromebook, warranty returns, and Windows artifacts depending on the plugins installed. + +## Other Documentation + +* [Artifact Creation](docs/current/artifact-creation.md) + +## Pre-requisites + +This project requires you to have Python >= 3.9 + +## Plugins + +Here is a list of plugins that need to be completed. Plugin package suffixed with "non-free" use licenses that may not conform with MIT licenses and are seperated out. + +- [X] xleapp-ios [[Github](https://github.com/flamusdiu/xleapp-ios)] [[PyPI](https://pypi.org/project/xleapp-ios/)] +- [ ] xleapp-ios-non-free [[Github](https://github.com/flamusdiu/xleapp-ios)] +- [ ] xleapp-android +- [ ] xleapp-android-non-free +- [ ] xleapp-chrome +- [ ] xleapp-chrome-non-free +- [ ] xleapp-returns +- [ ] xleapp-returns-non-free +- [ ] xleapp-vehicles +- [ ] xleapp-vehicles-non-free +- [ ] xleapp-windows +- [ ] xleapp-windows-non-free + +## Installation + +### Windows + +* Python + + ```powershell + PS> py -3 -m pip install xleapp + PS> py -3 -m pip install xleapp-<plugin> + ``` + +* PIPX + + ```powershell + PS> py -3 -m pip install pipx + PS> pipx install xleapp + PS> pipx inject xleapp xleapp-<plugin> + ``` + +### Linux + +* Python + + ```bash + $ python3 -m pip install xleapp + $ python3 -m pip install xleapp-<plugin> + ``` + +* PIPX + + ```bash + $ python3 -m pip install pipx + $ pipx install xleapp + $ pipx inject xleapp xleapp-<plugin> + ``` + +## Installation from Github and Development Information + +* [Windows](docs/current/windows.md) +* [Linux](docs/current/linux.md) + +## VS Code configuration files + +There are several [configuration files](https://github.com/flamusdiu/xleapp-project) that I have been using for VS Code. + +## Compile to executable + +**NOTE:** This may not work at this time with this alpha version. + +To compile to an executable so you can run this on a system without python installed. + +To create xleapp.exe, run: + +```bash +pyinstaller --onefile xleapp.spec +``` + +To create xleappGUI.exe, run: + +```bash +pyinstaller --onefile --noconsole xleappGUI.spec +``` + +## Usage + +### CLI + +```bash +$ xleapp -h +usage: xleapp [-h] [-I] [-R] [-A] [-C] [-V] [-o OUTPUT_FOLDER] [-i INPUT_PATH] + [--artifacts [ARTIFACTS ...]] [-p] [-l] [--gui] [--version] + +xLEAPP: Logs, Events, and Plists Parser. + +optional arguments: + -h, --help show this help message and exit + -I parse ios artifacts + -R parse Warrant Returns / User Generated Archives artifacts + -A parse android artifacts + -C parse Chromebook artifacts + -V parse vehicle artifacts + -o OUTPUT_FOLDER, --output_folder OUTPUT_FOLDER + Output folder path + -i INPUT_PATH, --input_path INPUT_PATH + Path to input file/folder + --artifact [ARTIFACT ...] + Filtered list of artifacts to run. Allowed: core, <check artifact list in + documentation> + -p, --artifact_paths Text file list of artifact paths + -l, --artifact_table Text file with table of artifacts + --gui Runs xLEAPP into graphical mode + --version show program's version number and exit + +``` + +### GUI + +This needs work and may not work properly! + +```bash +$ xleapp --gui + +``` + +### Help + +```bash +$ xleapp.py --help + +``` + +The GUI will open in another window. + +## Acknowledgements + +This tool is the result of a collaborative effort of many people in the DFIR community. + +This product includes software developed by Sarah Edwards (Station X Labs, LLC, @iamevltwin, mac4n6.com) and other contributors as part of APOLLO (Apple Pattern of Life Lazy Output'er). + + + +%package help +Summary: Development documents and examples for xleapp +Provides: python3-xleapp-doc +%description help +# xLEAPP + +[](https://github.com/psf/black) + +**Development build. Please be cauious using on real cases.** + +Framework for Logs, Events, And Plists Parser (LEAPP) + +This framework is a complete rewrite of the excellent tool iLEAPP.Details of iLEAPP can be found in this [blog post](https://abrignoni.blogspot.com/2019/12/xleapp-ios-logs-events-and-properties.html) + +xLEAPP is the framework created to merge several tools together. More information about the rewrite is given in by talk ([YouTube](https://www.youtube.com/watch?v=seTpCmSF0Gc)) at Black Hills Info Security's Wild West Hackin' Fest (WWHF): Deadwood in 2021. + +<img src="https://user-images.githubusercontent.com/1879197/139466769-3155b3d9-75c6-4ef0-bbb0-73b77fdc349f.gif" width=700> + +## Features + +* Provides a centralized and modular framework +* Provides a simplified way to write plugins (artifacts) for each different supported platform. +* Parses iOS, macOS, Android, Chromebook, warranty returns, and Windows artifacts depending on the plugins installed. + +## Other Documentation + +* [Artifact Creation](docs/current/artifact-creation.md) + +## Pre-requisites + +This project requires you to have Python >= 3.9 + +## Plugins + +Here is a list of plugins that need to be completed. Plugin package suffixed with "non-free" use licenses that may not conform with MIT licenses and are seperated out. + +- [X] xleapp-ios [[Github](https://github.com/flamusdiu/xleapp-ios)] [[PyPI](https://pypi.org/project/xleapp-ios/)] +- [ ] xleapp-ios-non-free [[Github](https://github.com/flamusdiu/xleapp-ios)] +- [ ] xleapp-android +- [ ] xleapp-android-non-free +- [ ] xleapp-chrome +- [ ] xleapp-chrome-non-free +- [ ] xleapp-returns +- [ ] xleapp-returns-non-free +- [ ] xleapp-vehicles +- [ ] xleapp-vehicles-non-free +- [ ] xleapp-windows +- [ ] xleapp-windows-non-free + +## Installation + +### Windows + +* Python + + ```powershell + PS> py -3 -m pip install xleapp + PS> py -3 -m pip install xleapp-<plugin> + ``` + +* PIPX + + ```powershell + PS> py -3 -m pip install pipx + PS> pipx install xleapp + PS> pipx inject xleapp xleapp-<plugin> + ``` + +### Linux + +* Python + + ```bash + $ python3 -m pip install xleapp + $ python3 -m pip install xleapp-<plugin> + ``` + +* PIPX + + ```bash + $ python3 -m pip install pipx + $ pipx install xleapp + $ pipx inject xleapp xleapp-<plugin> + ``` + +## Installation from Github and Development Information + +* [Windows](docs/current/windows.md) +* [Linux](docs/current/linux.md) + +## VS Code configuration files + +There are several [configuration files](https://github.com/flamusdiu/xleapp-project) that I have been using for VS Code. + +## Compile to executable + +**NOTE:** This may not work at this time with this alpha version. + +To compile to an executable so you can run this on a system without python installed. + +To create xleapp.exe, run: + +```bash +pyinstaller --onefile xleapp.spec +``` + +To create xleappGUI.exe, run: + +```bash +pyinstaller --onefile --noconsole xleappGUI.spec +``` + +## Usage + +### CLI + +```bash +$ xleapp -h +usage: xleapp [-h] [-I] [-R] [-A] [-C] [-V] [-o OUTPUT_FOLDER] [-i INPUT_PATH] + [--artifacts [ARTIFACTS ...]] [-p] [-l] [--gui] [--version] + +xLEAPP: Logs, Events, and Plists Parser. + +optional arguments: + -h, --help show this help message and exit + -I parse ios artifacts + -R parse Warrant Returns / User Generated Archives artifacts + -A parse android artifacts + -C parse Chromebook artifacts + -V parse vehicle artifacts + -o OUTPUT_FOLDER, --output_folder OUTPUT_FOLDER + Output folder path + -i INPUT_PATH, --input_path INPUT_PATH + Path to input file/folder + --artifact [ARTIFACT ...] + Filtered list of artifacts to run. Allowed: core, <check artifact list in + documentation> + -p, --artifact_paths Text file list of artifact paths + -l, --artifact_table Text file with table of artifacts + --gui Runs xLEAPP into graphical mode + --version show program's version number and exit + +``` + +### GUI + +This needs work and may not work properly! + +```bash +$ xleapp --gui + +``` + +### Help + +```bash +$ xleapp.py --help + +``` + +The GUI will open in another window. + +## Acknowledgements + +This tool is the result of a collaborative effort of many people in the DFIR community. + +This product includes software developed by Sarah Edwards (Station X Labs, LLC, @iamevltwin, mac4n6.com) and other contributors as part of APOLLO (Apple Pattern of Life Lazy Output'er). + + + +%prep +%autosetup -n xleapp-0.2.1 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-xleapp -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Mon May 29 2023 Python_Bot <Python_Bot@openeuler.org> - 0.2.1-1 +- Package Spec generated @@ -0,0 +1 @@ +ac8fca380df201f3acb6cfbdab9bba26 xleapp-0.2.1.tar.gz |