±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 3 Overall: 36209
New Yesterday: 7 Visitors: 167

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Investigating .lnk files using Python

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

Lewis_Walker
Newbie
 

Investigating .lnk files using Python

Post Posted: Mar 19, 19 15:07

Hello Forensic Focus,

I hope this is okay to post here and I was hoping for a bit of support in evaluating/reviewing my project for University. The project is to write a python script and get it to return the target of a .lnk file in an live environment (triage), i have added a few extra things to it including a menu to navigate the script.

I believe it can be improved in areas, but i'm running close to my deadline and would like some feedback from people in the field of forensics, when the project is handed in, i will likely upload the script to an open source website like GitHub.

In order for the script to run i have included the python program as it is modified from installing win32client. To open the script, I have found the way it works best on other computers is to open via 'open with' and navigate to the folder that holds the python from the extracted zip file and go into the folder python37-32 and select python.exe to run the script.

The project is at most 150mb.

EDIT: Removed Link.  

Last edited by Lewis_Walker on Mar 20, 19 14:58; edited 1 time in total
 
  

pbobby
Senior Member
 

Re: Investigating .lnk files using Python

Post Posted: Mar 20, 19 14:52

You aware of how suspicious your post sounds?
_________________
Don't get baited. 
 
  

Lewis_Walker
Newbie
 

Re: Investigating .lnk files using Python

Post Posted: Mar 20, 19 14:57

I am aware, i couldn't think of another way to phrase or post. Anyway the link to docs isn't working at the moment as i removed as i had made changes to the code anyway.

Just for the sake of mentioning it, if anyone want to review it, leave a reply and i will post a new link, otherwise i wont.  
 
  

jaclaz
Senior Member
 

Re: Investigating .lnk files using Python

Post Posted: Mar 20, 19 18:03

Not particularly my specific field of interest, and I want in no way to appear somehow unfriendly, I am not Smile , but I would be curious to see a DIR listing of the project.

How can you possibly have made something that is 150 MB in size?

A complete Python install should be something like 20-30 MB at the most.
A Python script is usually measured in KB's.
What makes the rest?

jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

Lewis_Walker
Newbie
 

Re: Investigating .lnk files using Python

Post Posted: Mar 20, 19 18:18

To be honest i don't know much about python myself.

So the script is 6.70KB or 8.00KB on disk.

What i had upload before it was compressed was 114MB on disk. This included python and the additional libraries needed for the script to run without errors.

The point of the script was to be portable to be used on computers that had nothing to do with python before hand or did have python installed on them. The script is to be on a USB Storage device and plugged into a computer and ran on and from the USB, there i would need to python application to be with it.  
 
  

nightworker
Senior Member
 

Re: Investigating .lnk files using Python

Post Posted: Mar 21, 19 13:21

buy axıom dont waste time and dont discover america again  
 
  

jaclaz
Senior Member
 

Re: Investigating .lnk files using Python

Post Posted: Mar 21, 19 15:21

- nightworker
buy axıom dont waste time and dont discover america again

You should check the context before providing those suggestions.

I am pretty sure that you cannot hand a commercial software to your University professor saying "Here is the Python script you told me to write" Shocked .

AFAICU a large part of the main activities of a UNI professor is to ask his/her students to re-discover (independently) america. let's say, as T.S. Eliot did, that:
“The journey, Not the destination matters...”

@Lewis_Walker
I understand, but still I cannot imagine that more than 100-120 MB of libraries are actually needed.
Mind you, it is perfectly possible that they are needed, and I understand how it doesn't make on today's hardware any (or almost any) difference, but it sounds still "excessive".


jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 

Page 1 of 1