[Forensic Tool] Dropbox Reader™
Dropbox Reader consists of six Python scripts:
- read_config script outputs the contents of the Dropbox config.db file in human-readable form. This includes the user's registered e-mail address and Dropbox identifier, software version information, and a list of the most-recently-changed files.
- read_filecache_config script outputs configuration information from the Dropbox filecache.db file. This includes information about shared directories that are attached to the user's Dropbox account.
- read_filejournal script outputs information about Dropbox synchronized files stored in the filecache.db file. This includes local and server-side metadata and a list of block hashes for each Dropbox-synchronized file.
- read_sigstore script outputs information from the Dropbox sigstore.db file, which is an additional source of block hashes.
- hash_blocks script produces a block hash list for any file. This block hash list can be compared to the block hashes from read_filejournal or read_sigstore.
- dropbox_contains_file script hashes one or more files (as per hash_blocks) and compares the resulting block hash list to the files listed in filecache.db (as per read_filejournal) and reports whether the files are partially or exactly the same as any Dropbox-synchronized files.
Download: http://download.atc-nycorp.com/utilities/DropboxReader_1.0.zip
Source: http://www.cybermarshal.com/index.php/cyber-marshal-utilities/dropbox-reader
Comments
Post a Comment
Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))