sepinf-inc / IPED

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
Other
962 stars 219 forks source link

Add WhatsApp sender/recipient info to chat preview and metadata (for 2 parties chats) #428

Closed mgd1980 closed 3 years ago

mgd1980 commented 3 years ago

In the IPED-Search preview windows, add the user data (ie name and phone number) related to that chat to the chat title. This information is necessary when we have cases with more than one Whatsapp account or iPhone backups.

phoneParsersToUse = internal

leosol commented 3 years ago

Is anybody working on this?

lfcnassif commented 3 years ago

I think not. I would not add this info to chat title (that could be large), but instead change the report html to show sender name and phone for each message, like is done for group chats, and add the parties to ExtraProperties.PARTICIPANTS metadata.

leosol commented 3 years ago

Understood and seems simple this way. I did some coding and attached a picture of the results.

               //ReportGenerator.java (printMessage) (line 280 and below)
                String name = null, number = null;
                if (message.isFromMe()) {
                    out.println("<div class=\"outgoing to\">"); //$NON-NLS-1$
                    if(account!=null) {
                        name = account.getName();
                        number = message.getLocalResource();
                    } else {
                        name = null;
                        number = message.getLocalResource();
                    }
                } else {
                    out.println("<div class=\"incoming from\">"); //$NON-NLS-1$
                    number = message.getRemoteResource();
                    if (number != null) {
                        WAContact contact = contactsDirectory.getContact(number);
                        name = contact == null ? null : contact.getName();
                    }
                }
                if (name == null)
                    name = number;
                else
                    name += " (" + number + ")"; //$NON-NLS-1$ //$NON-NLS-2$
                out.println("<span style=\"font-family: 'Roboto-Medium'; color: #b4c74b;\">" //$NON-NLS-1$
                        + name + "</span><br/>"); //$NON-NLS-1$

                //WhatsAppParser->createReport (line 227)
                if (account != null) {
                    String local = formatContact(account, cache);
                    chatMetadata.add(ExtraProperties.PARTICIPANTS, local);
                }
                if(c.isGroupChat()) {
                    for(WAContact member:c.getGroupmembers()) {
                        chatMetadata.add(ExtraProperties.PARTICIPANTS, formatContact(member, cache));
                    }
                } else {
                    if(c.getRemote()!=null) {
                        chatMetadata.add(ExtraProperties.PARTICIPANTS, formatContact(c.getRemote(), cache));
                    }
                }

ISSUE-428-sender-recipient

lfcnassif commented 3 years ago

Great, thank you! Will take a look possibly on Monday.

lfcnassif commented 3 years ago

Did a quick reading (no testing yet), this should work. A PR or patch would be better to see removed or added lines, thanks.

lfcnassif commented 3 years ago

closed by #495