lnk file view

[pjrinaldi]

Implement a pretty print view for lnk files

[pjrinaldi]

working on using liblnk.h to generate this html...

1. test if it will work.
2. implement html output on double click.
3. figure out how to write this for reporting.
4. update wiki and archinstall.sh script to include AUR liblnk-git if it works.

[pjrinaldi]

1. done.
2. done. working on formatting html output and then will work on 3, 4.

[pjrinaldi]

formatting is done. fixed datetime so it works with timezone display...

need to implement 3 and then 4...

[pjrinaldi]

3 is finished, now need to implement 4.

[pjrinaldi]

4. is implemented, will test prior to v0.3 release.

Lnk artfiact analysis/parsing is finished and working.

[pjrinaldi]

lnk file parsing without liblnk is almost working. I can't use liblnk because it requires a file and I parse a lot of artifacts straight out of memory, since most forensic systems have at least 8GB ram, I am using 4GB as the memory limit right now before i then parse the contents from a tmp file just need to finish parsing the remaining values and then generate the output string for plainview

[pjrinaldi]

lnk file parsing is working without liblnk. most is implemented and formatted. I still need to implement the following:

1. shell item list
2. network volume structure
3. remaining/final string
4. extra data blocks

The below is how to convert asciidoc to pdf:

a2x -fpdf -dbook Windows\ Shortcut\ File\ (LNK)\ format.asciidoc

[pjrinaldi]

lnk file is working, will need to test and will open any tickets if I find things missing or incorrect.