forked from DFIR-ORC/dfir-orc.github.io
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfiguring_file_reader.html
100 lines (89 loc) · 5.84 KB
/
configuring_file_reader.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>Configuration file reader — DFIR ORC documentation</title>
<link rel="stylesheet" href="_static/solar.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<link rel="stylesheet" type="text/css" href="_static/css/custom.css" />
<script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<script type="text/javascript" src="_static/language_data.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" /><link href='http://fonts.googleapis.com/css?family=Source+Code+Pro|Open+Sans:300italic,400italic,700italic,400,300,700' rel='stylesheet' type='text/css'>
<link href="_static/solarized-dark.css" rel="stylesheet">
</head><body>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="nav-item nav-item-0"><a href="index.html">DFIR ORC documentation</a> »</li>
</ul>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<p class="logo"><a href="index.html">
<img class="logo" src="_static/logo.jpg" alt="Logo"/>
</a></p>
<h3><a href="index.html">Table of Contents</a></h3>
<ul>
<li class="toctree-l1"><a class="reference internal" href="index.html">Introduction</a></li>
<li class="toctree-l1"><a class="reference internal" href="platforms.html">Requirements & Supported Platforms</a></li>
<li class="toctree-l1"><a class="reference internal" href="intro_to_data_collection.html">DFIR ORC Design and Architecture</a></li>
<li class="toctree-l1"><a class="reference internal" href="configuration.html">DFIR ORC Configuration</a></li>
<li class="toctree-l1"><a class="reference internal" href="tool_list.html">DFIR ORC Embedded Tool Suite</a></li>
<li class="toctree-l1"><a class="reference internal" href="licenses.html">Licenses</a></li>
</ul>
</div>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="configuration-file-reader">
<h1>Configuration file reader<a class="headerlink" href="#configuration-file-reader" title="Permalink to this headline">¶</a></h1>
<p>ORC tools read XML Config files without relying on the host system’s installed XML parsers by using its own internal/static parser.
This XML config file can be passed to the tool using the /config switch:
.. code:: bat</p>
<blockquote>
<div><p>GetThis.exe /config=GetThisConfig.xml</p>
</div></blockquote>
<p>To ease deployment and minimize risk of errors, configuration for tools can also be embedded into the binary ressources.</p>
<p>To embed configuration files into a binary, two methods are available:</p>
<p>In a tool’s resource file (tool.rc), add the line:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="o"><</span><span class="n">TOOLNAME</span><span class="o">></span><span class="n">_CONFIG</span> <span class="n">BINARY</span> <span class="s2">"<ConfigFileName>.xml"</span>
</pre></div>
</div>
<p>Or, a posteriori, you can embed the config file using ToolEmbed:</p>
<div class="highlight-xml notranslate"><div class="highlight"><pre><span></span><span class="nt"><toolembed></span>
<span class="nt"><input></span>Tool.exe<span class="nt"></input></span>
<span class="nt"><output></span>ConfiguredTool.exe<span class="nt"></output></span>
<span class="nt"><pair</span> <span class="na">name=</span><span class="s">"<TOOLNAME>_CONFIG"</span> <span class="na">value=</span><span class="s">"res:#tool_config"</span> <span class="nt">/></span>
<span class="nt"><file</span> <span class="na">name=</span><span class="s">"tool_config"</span> <span class="na">path=</span><span class="s">"ToolConfiguration.xml"</span> <span class="nt">/></span>
<span class="nt"></toolembed></span>
</pre></div>
</div>
<p>Upon startup, tools will locate their associated <TOOLNAME>_CONFIG resource to find their configuration in resource.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>no temporary files are created and configuration xml is read directly from the resource.</p>
</div>
</div>
</div>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related" role="navigation" aria-label="related navigation">
<h3>Navigation</h3>
<ul>
<li class="nav-item nav-item-0"><a href="index.html">DFIR ORC documentation</a> »</li>
</ul>
</div>
<div class="footer">
© Copyright 2019, ANSSI. The contents of this documentation is available under the Open License version 2.0 as published by Etalab (French task force for Open Data). The name DFIR ORC and the associated logo belong to ANSSI, no use is permitted without its express approval. Le contenu de cette documentation est disponible sous license Open License version 2.0 telle que publiée par Etalab (organisation francaise pour Open Data). Le nom DFIR ORC et le logo associé appartiennent à l'ANSSI, tout usage doit être expressément autorisé par l'ANSSI..
Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 2.2.0.Theme is <a href="http://github.com/vimalkvn/solar-theme">Solar</a>
</div>
</body>
</html>