Investigating .lnk ...
 
Notifications
Clear all

Investigating .lnk files using Python

7 Posts
4 Users
0 Likes
936 Views
(@lewis_walker)
Posts: 3
New Member
Topic starter
 

Hello Forensic Focus,

I hope this is okay to post here and I was hoping for a bit of support in evaluating/reviewing my project for University. The project is to write a python script and get it to return the target of a .lnk file in an live environment (triage), i have added a few extra things to it including a menu to navigate the script.

I believe it can be improved in areas, but i'm running close to my deadline and would like some feedback from people in the field of forensics, when the project is handed in, i will likely upload the script to an open source website like GitHub.

In order for the script to run i have included the python program as it is modified from installing win32client. To open the script, I have found the way it works best on other computers is to open via 'open with' and navigate to the folder that holds the python from the extracted zip file and go into the folder python37-32 and select python.exe to run the script.

The project is at most 150mb.

EDIT Removed Link.

 
Posted : 19/03/2019 3:07 pm
pbobby
(@pbobby)
Posts: 239
Estimable Member
 

You aware of how suspicious your post sounds?

 
Posted : 20/03/2019 2:52 pm
(@lewis_walker)
Posts: 3
New Member
Topic starter
 

I am aware, i couldn't think of another way to phrase or post. Anyway the link to docs isn't working at the moment as i removed as i had made changes to the code anyway.

Just for the sake of mentioning it, if anyone want to review it, leave a reply and i will post a new link, otherwise i wont.

 
Posted : 20/03/2019 2:57 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Not particularly my specific field of interest, and I want in no way to appear somehow unfriendly, I am not ) , but I would be curious to see a DIR listing of the project.

How can you possibly have made something that is 150 MB in size?

A complete Python install should be something like 20-30 MB at the most.
A Python script is usually measured in KB's.
What makes the rest?

jaclaz

 
Posted : 20/03/2019 6:03 pm
(@lewis_walker)
Posts: 3
New Member
Topic starter
 

To be honest i don't know much about python myself.

So the script is 6.70KB or 8.00KB on disk.

What i had upload before it was compressed was 114MB on disk. This included python and the additional libraries needed for the script to run without errors.

The point of the script was to be portable to be used on computers that had nothing to do with python before hand or did have python installed on them. The script is to be on a USB Storage device and plugged into a computer and ran on and from the USB, there i would need to python application to be with it.

 
Posted : 20/03/2019 6:18 pm
nightworker
(@nightworker)
Posts: 134
Estimable Member
 

buy axıom dont waste time and dont discover america again

 
Posted : 21/03/2019 1:21 pm
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

buy axıom dont waste time and dont discover america again

You should check the context before providing those suggestions.

I am pretty sure that you cannot hand a commercial software to your University professor saying "Here is the Python script you told me to write" 😯 .

AFAICU a large part of the main activities of a UNI professor is to ask his/her students to re-discover (independently) america. let's say, as T.S. Eliot did, that
“The journey, Not the destination matters…”

@Lewis_Walker
I understand, but still I cannot imagine that more than 100-120 MB of libraries are actually needed.
Mind you, it is perfectly possible that they are needed, and I understand how it doesn't make on today's hardware any (or almost any) difference, but it sounds still "excessive".

jaclaz

 
Posted : 21/03/2019 3:21 pm
Share: