Release 0.5.30 published

Aug 9th, 2017 by Eduardo Aguiar

The new C++ API's module mobius::filesystem detects and retrieves metadata from Ext2/3/4, HFS+ and HFSX, ISO-9660, NTFS and VFAT filesystems. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog file for a complete list of changes. Other changes are:

New extension filesystem-viewer shows all filesystems detected from disks and their metadata
C++ API: new function mobius::filesystem::get_filesystems
C++ API: new function mobius::filesystem::get_filesystem_metadata
Python API: new function mobius.api.get_filesystems
Python API: new generic dataholder class api_dataholder
New tool filesystem_scan implemented

Release 0.5.29 published

Jul 5th, 2017 by Eduardo Aguiar

This release adds support to DOS partitions, GPT partitions and Apple Partition Map partitions. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog file for a complete list of changes. Other changes are:

C++ API: new module mobius::partition
C++ API: added support to DOS partition system
C++ API: added support to GPT partition system
C++ API: added support to APM partition system
python API: new package mobius.api
datasource-physical-device: uses mobius.api.device and get_devices
datasource-physical-device: does not need package python_gudev anymore
tools: new partition_table tool

Release 0.5.28 published

Jun 15th, 2017 by Eduardo Aguiar

This release features many C++ API new implementations: support to both MD5 hash and to Adler-32 CRC has been added, as well as write support to EWF imagefiles. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog file for a complete list of changes. Other changes are:

new extension gtk-report-dialog
datasource-model: does not set empty attributes
new ewf_decoder tool
C++ API: new module mobius::imagefile::ewf
C++ API: new module mobius::codec
C++ API: new hash function mobius::crypt::hash_md5
C++ API: new hash function mobius::crypt::hash_adler32
C++ API: several new functions implemented into datetime module
C++ API: new template class mobius::crypt::hash_functor evaluates hashes in parallel to reading or writing data

Release 0.5.27 published

Jan 31st, 2017 by Eduardo Aguiar

This release features the lshw-agent extension, which reads an output from the command lshw -xml and creates notebooks/computer items and their components, such as network cards, harddisks, graphic cards. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog file for a complete list of changes. Other changes are:

C++ API: new module mobius::core
C++ API: new module mobius::decoder
C++ API: new module mobius::database
C++ API: imagefile_ewf handles 64-bit number of sectors
C++ API: application class compatible with XDG Base Directory Specification
config dir now default to $HOME/.config/mobiusft
Python API: new class mobius.core.application
Extensions use base64.b64decode instead of string.decode
hive: detects NTUSER.DAT on Win10
tools: new tool device_list
tools: new tool disk_list

Release 0.5.26 published

Oct 8th, 2016 by Eduardo Aguiar

This release adds imagefile classes both to the C++ API and to the Python API, supporting raw, split, talon, solo, dossier and ewf files. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog file for a complete list of changes. Other changes are:

C++ API: new string functions
C++ API: zlib_compress and zlib_decompress functions
new extension hive-shareaza-report
new extension hive-gigatribe-report
new hive report: Shareaza General Info
new hive report: Shareaza User Folders
new hive report: Shareaza Protocols
new hive report: Shareaza Search History
attribute-viewer: retrieve item's children on DND
tools: new tool imagefile_info
tools: new tool imagefile_convert

Release 0.5.25 published

Jul 23rd, 2016 by Eduardo Aguiar

This release adds new classes both to the C++ API and to the Python API. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog:

C++ API: charset conversion functions implemented (mobius/charset.h)
C++ API: new class mobius::io::resource
C++ API: new class mobius::io::file
C++ API: new class mobius::io::folder
C++ API: new class mobius::io::reader
C++ API: new class mobius::io::writer
C++ API: new class mobius::system::group
C++ API: new class mobius::system::user
python API: new class mobius.io.file
python API: new class mobius.io.folder
python API: new class mobius.io.reader
python API: new class mobius.io.writer
part-catalogue: show confirmation dialog before inserting new part
imagefile-ewf: handle disk section
imagefile-ewf: handle done section
uri extension eliminated
uri-file extension eliminated
configure.ac: fixed bug when libtsk is not available.

Release 0.5.24 published

Dec 3rd, 2015 by Eduardo Aguiar

This release adds new classes both to the C++ API and to the Python API. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog:

C++ API: new class mobius::io::uri
C++ API: new class mobius::io::reader (abstract class)
C++ API: new class mobius::io::seekable_reader (abstract class)
C++ API: new class mobius::io::file_descriptor_reader
C++ API: new class mobius::io::file_reader
C++ API: new class mobius::io::uri_reader
C++ API: new class mobius::datetime::date
C++ API: new class mobius::datetime::time
C++ API: new class mobius::datetime::datetime
C++ API: new class mobius::datetime::timedelta
C++ API: new functions at mobius::datetime::conv_iso_string.h
C++ API: new functions at mobius::datetime::conv_julian.h
C++ API: new functions at mobius::datetime::conv_nt_timestamp.h
C++ API: new functions at mobius::datetime::conv_unix_timestamp.h
C++ API: mobius::hash_crc32 using precalculated CRC table
C++ API: new class mobius::crypt::cipher_base (abstract class)
C++ API: new class mobius::regex
C++ API: mobius/exception_posix.h for errno based exceptions
python API: new package mobius.io
python API: new class mobius.io.uri_reader
part-model: use sqlite3 database
cellphone-agent: datetime parsing bug fixed
data-sourcerer: check if datasource is available on populate_metadata

Release 0.5.23 published

Oct 6th, 2015 by Eduardo Aguiar

This release adds new classes both to the C++ API and to the Python API. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog:

C++ API: new class mobius::unittest
C++ API: new class mobius::bytearray
C++ API: new class mobius::crypt::hash_base (abstract class)
C++ API: new class mobius::crypt::hash_crc32
C++ API: new class mobius::crypt::hash_zip
C++ API: new class mobius::crypt::cipher_block (abstract class)
C++ API: new class mobius::crypt::cipher_block_mode (abstract class)
C++ API: new class mobius::crypt::cipher_block_mode_ecb
C++ API: new class mobius::crypt::cipher_block_mode_cbc
C++ API: new class mobius::crypt::cipher_des
C++ API: new class mobius::crypt::cipher_stream (abstract class)
C++ API: new class mobius::crypt::cipher_rc4
C++ API: new class mobius::crypt::cipher_zip
C++ API: new class mobius::application
C++ API: code compatible with C++11
python API: new wrapper class mobius.crypt.hash_zip
python API: new wrapper class mobius.crypt.cipher_rc4
python API: new wrapper class mobius.crypt.cipher_zip
python API: new wrapper class mobius.crypt.cipher_des
hive-report: use mobius.crypt.cipher_rc4
hive-report: use mobius.crypt.cipher_des
hive-report: new report "encrypted volumes" lists Folder Locker 6 volumes
hive-pstore: use mobius.crypt.cipher_des
hive-turing: use mobius.crypt.cipher_rc4
hive-turing: use mobius.crypt.cipher_des
turing-model: use mobius.crypt.cipher_des

New tutorial available: Cracking Windows passwords with MobiusFT and JTR

Sep 23rd, 2015 by Eduardo Aguiar

This tutorial was previously available as a section of the Mobius Forensic Toolkit tutorial. Click here to see it.

Release 0.5.22 published

Sep 7th, 2015 by Eduardo Aguiar

This release introduces the Mobius Forensic Toolkit API, an API written in C++ with Python bindings. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog:

C++ API: new mobius::tsk classes to access libtsk

python API: wrapper for mobius::tsk

new installation method using configure, make and make install

mediator.py: moved to mobius package

emule-agent: new report "shared folders"

emule-agent: handle tags 0x34 and 0x35

emule-agent: fix BLOB decoding

emule-agent: specific policies for dreamule and emule config

emule-agent: check if AC_SearchStrings.dat exists before opening

hive-report: catch exceptions at get_computer_name function

hive-report: add Wow6432Node subkeys to the Installed Program report

datasource-physical-device: fix retrieve_metadata for disks that have empty serial numbers

imagefile-ewf: fix amount of bytes read in decode_hash_section

engelbart: class UIManager implemented

Release 0.5.21 published

Oct 7th, 2014 by Eduardo Aguiar

This release introduces the eMule Agent extension, an extension to parse eMule artifacts. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog:

new extension emule-agent

new extension engelbart

hive-report: new report "Ares accounts"

hive-report: new report "last mounted devices"

hive-report: installed program handles UNIX install datetime

hive-report: installed program also retrieves from NTUSER.dat uninstall subkeys. Suggested by Clemente Paixão

gigatribe-agent: datetime decoder fixed

gtk-ui: service ui.start moved to engelbart extension

gtk-ui: service ui.stop moved to engelbart extension

gtk-ui: service ui.flush moved to engelbart extension

gtk-ui: deprecated service ui.render-icon removed

gtk-ui: service ui.new-icon-from-data set deprecated

gtk-ui: service ui.new-icon-from-file set deprecated

skype-agent: REPORT_ICON_DATA replaced by report.run icon

emule-agent: REPORT_ICON_DATA replaced by report.run icon

ice: REPORT_ICON_DATA replaced by report.run icon

report-wizard: TRASH_BIN_ICON replaced by dnd.delete icon

ice: use image_buffer instead of ui.render-icon

category-manager: use image_buffer instead of ui.render-icon

engelbart: new service ui.new-factory

extension-manager: use image_buffer instead of ui.new-icon-from-data

date-code: copyright (c) 2014

New Homepage

Jul 26th, 2014 by Eduardo Aguiar

Due to the shutdown of freecode.com, I had to hastily make this homepage. For now on, every announcement about the project will be posted here. It is a work in progress, and suggestions are welcome.

Release 0.5.20 published

Jul 23, 2014 by Eduardo Aguiar

This release introduces the CellPhone Agent extension, an extension to browse Cellebrite's report.xml files. Minor improvements have been made and a few bugs have been fixed. See the ChangeLog:

new extension cellphone-agent

report-model: new service report.run-dialog

report-model: verbatim generates '%' instead of '%%'

report-model: do not generate duplicated methods in .py

gtk-ui: forbid treeitem DND onto itself

gtk-ui: case treeview icon cache implemented

gtk-ui: do not expand selected item when item.children is modified

skype-agent: "generate report" option

skype-agent: account view disables DND when not selected

skype-agent: account tile image repositioned

ice: use service report.run-dialog

sdi-window-manager: call to on_widget_started eliminated

partition-viewer: scan only partition-system components

partition-agent: update item.children only if it detects partitions

partition-agent-dos: keep item.children when building components

turing: test dictionary option fixed

Search

Try It!

mobiusft-0.5.30.tar.xz

mobiusft-0.5.30.tar.bz2

mobiusft-0.5.30.zip

Contact us!

Mailing List

Tech Support

Bug Tracker