Modules updates and minor fixes

ileappGUI.py

@@ -541,4 +541,14 @@ def load_case():
 ### Progress bar
 progress_bar = ttk.Progressbar(main_window, orient='horizontal')
 
+### Push main window on top
+def OnFocusIn(event):
+    if type(event.widget).__name__ == 'Tk':
+        event.widget.attributes('-topmost', False)
+
+main_window.attributes('-topmost', True)
+main_window.focus_force()
+main_window.bind('<FocusIn>', OnFocusIn)
+
+
 main_window.mainloop()

requirements.txt

@@ -1,21 +1,28 @@
-astc_decomp_faster
-bencoding
-biplist
-blackboxprotobuf
-bs4
-mmh3
-mdplistlib
-nska-deserialize>=1.3.1
-nska_deserialize
-numpy
-packaging==24.1
-pandas
-pathlib2==2.3.5
-PGPy
-pillow
-pillow_heif
-pycryptodome
-pyinstaller
-pyliblzfse
-pytz
-simplekml
+astc_decomp_faster
+bencoding
+biplist
+blackboxprotobuf
+bs4
+mmh3
+mdplistlib
+nska-deserialize>=1.3.1
+nska_deserialize
+numpy
+packaging==24.1
+pandas
+pathlib2==2.3.5
+PGPy
+pillow
+pillow_heif
+pycryptodome
+pyinstaller
+
+# pyliblzfse for Windows
+whl_files/pyliblzfse-0.4.1-cp310-cp310-win_amd64.whl; python_version == "3.10" and platform_system == "Windows"
+whl_files/pyliblzfse-0.4.1-cp311-cp311-win_amd64.whl; python_version == "3.11" and platform_system == "Windows"
+whl_files/pyliblzfse-0.4.1-cp312-cp312-win_amd64.whl; python_version == "3.12" and platform_system == "Windows"
+
+pyliblzfse
+
+pytz
+simplekml

scripts/artifacts/appleLocationd.py

@@ -1,5 +1,5 @@
 __artifacts_v2__ = {
-    "applelocationd": {
+    "appleLocationd": {
         "name": "Location Services",
         "description": "Extracts location services settings",
         "author": "@AlexisBrignoni",
@@ -8,36 +8,36 @@
         "requirements": "none",
         "category": "Identifiers",
         "notes": "",
-        "paths": ('*/mobile/Library/Preferences/com.apple.locationd.plist'),
-        "output_types": ["html", "tsv", "lava"]
+        "paths": ('*/mobile/Library/Preferences/com.apple.locationd.plist', ),
+        "output_types": ["html", "tsv", "lava"],
+        "artifact_icon": "navigation"
     }
 }
 
 import plistlib
-from scripts.ilapfuncs import artifact_processor, device_info, webkit_timestampsconv
+from scripts.ilapfuncs import artifact_processor, get_file_path, get_plist_file_content, device_info, webkit_timestampsconv
 
 @artifact_processor
-def applelocationd(files_found, report_folder, seeker, wrap_text, timezone_offset):
+def appleLocationd(files_found, report_folder, seeker, wrap_text, timezone_offset):
+    source_path = get_file_path(files_found, "com.apple.locationd.plist")
     data_list = []
-    source_path = str(files_found[0])
 
-    with open(source_path, "rb") as fp:
-        pl = plistlib.load(fp)
-        for key, val in pl.items():
-            if key == 'LocationServicesEnabledIn8.0':
-                data_list.append(('Location Services Enabled', val))
-                device_info("Settings", "Location Services Enabled", val, source_path)
+    pl = get_plist_file_content(source_path)
+    for key, val in pl.items():
+        if key == 'LocationServicesEnabledIn8.0':
+            data_list.append(('Location Services Enabled', val))
+            device_info("Settings", "Location Services Enabled", val, source_path)
+
+        elif key == 'LastSystemVersion':
+            data_list.append(('Last System Version', val))
+            device_info("Settings", "Last System Version", val, source_path)
 
-            elif key == 'LastSystemVersion':
-                data_list.append(('Last System Version', val))
-                device_info("Settings", "Last System Version", val, source_path)
-
-            elif key == 'steadinessClassificationNextClassificationTime' or key == 'VO2MaxCloudKitLastForcedFetch' \
-                or key == 'kP6MWDNextEstimateTime' or key == 'VO2MaxCloudKitManagerNextActivityTime':
-                val = webkit_timestampsconv(val)
-                data_list.append((key, val))
-            else:
-                data_list.append((key, val))
+        elif key == 'steadinessClassificationNextClassificationTime' or key == 'VO2MaxCloudKitLastForcedFetch' \
+            or key == 'kP6MWDNextEstimateTime' or key == 'VO2MaxCloudKitManagerNextActivityTime':
+            val = webkit_timestampsconv(val)
+            data_list.append((key, val))
+        else:
+            data_list.append((key, val))
 
     data_headers = ('Property', 'Property Value')     
     return data_headers, data_list, source_path

scripts/artifacts/lastBuild.py

@@ -8,37 +8,35 @@
         "requirements": "none",
         "category": "IOS Build",
         "notes": "",
-        "paths": ('*LastBuildInfo.plist',),
+        "paths": ('*/installd/Library/MobileInstallation/LastBuildInfo.plist',),
         "output_types": ["html", "tsv", "lava"],
         "artifact_icon": "git-commit"
     }
 }
 
-import plistlib
 import scripts.artifacts.artGlobals 
 
-from scripts.ilapfuncs import artifact_processor, logfunc, device_info
+from scripts.ilapfuncs import artifact_processor, get_file_path, get_plist_file_content, logfunc, device_info
 
 @artifact_processor
 def lastBuild(files_found, report_folder, seeker, wrap_text, time_offset):
+    source_path = get_file_path(files_found, "LastBuildInfo.plist")
     data_list = []
-    source_path = str(files_found[0])
 
-    with open(source_path, "rb") as fp:
-        pl = plistlib.load(fp)
-        for key, val in pl.items():
-            data_list.append((key, val))
-            if key == ("ProductVersion"):
-                scripts.artifacts.artGlobals.versionf = val
-                logfunc(f"iOS version: {val}")
-                device_info("Device Information", "iOS version", val, source_path)
-
-            if key == "ProductBuildVersion":
-                device_info("Device Information", "ProductBuildVersion", val, source_path)
-
-            if key == ("ProductName"):
-                logfunc(f"Product: {val}")
-                device_info("Device Information", "Product Name", val, source_path)
+    pl = get_plist_file_content(source_path)
+    for key, val in pl.items():
+        data_list.append((key, val))
+        if key == ("ProductVersion"):
+            scripts.artifacts.artGlobals.versionf = val
+            logfunc(f"iOS version: {val}")
+            device_info("Device Information", "iOS version", val, source_path)
+
+        if key == "ProductBuildVersion":
+            device_info("Device Information", "ProductBuildVersion", val, source_path)
+
+        if key == ("ProductName"):
+            logfunc(f"Product: {val}")
+            device_info("Device Information", "Product Name", val, source_path)
 
     data_headers = ('Property','Property Value' )     
     return data_headers, data_list, source_path

scripts/builds_ids.py

@@ -795,6 +795,8 @@
     "21G101": "iOS 17.6.1 Update",
     "21H16": "iOS 17.7",
     "21H216": "iOS 17.7.1",
+    "21H221": "iOS 17.7.2",
+    "21H312": "iOS 17.7.3 RC",
     "22A5282m": "iOS 18.0 beta 1",
     "22A5297f": "iOS 18.0 beta 2",
     "22A5307f": "iOS 18.0 beta 3",
@@ -826,6 +828,8 @@
     "22C5125e": "iOS 18.2 beta 2",
     "22C5131e": "iOS 18.2 beta 3",
     "22C5142a": "iOS 18.2 beta 4",
+    "22C150": "iOS 18.2 RC 2",
+    "22C151": "iOS 18.2 RC 2",
     "4K78": "Mac OS X 10.0",
     "4L8": "Mac OS X 10.0.1",
     "4L13": "Mac OS X 10.0.1",
@@ -2032,6 +2036,7 @@
     "22H306": "macOS 13.7.2 RC",
     "22H308": "macOS 13.7.2 RC 2",
     "22H312": "macOS 13.7.2 RC 3",
+    "22H313": "macOS 13.7.2 RC 4",
     "23A5257q": "macOS 14.0 beta 1",
     "23A5276g": "macOS 14.0 beta 2",
     "23A5286g": "macOS 14.0 beta 3",
@@ -2094,6 +2099,7 @@
     "23H301": "macOS 14.7.2 RC",
     "23H304": "macOS 14.7.2 RC 2",
     "23H309": "macOS 14.7.2 RC 3",
+    "23H311": "macOS 14.7.2 RC 4",
     "24A5264n": "macOS 15.0 beta 1",
     "24A5279h": "macOS 15.0 beta 2",
     "24A5289g": "macOS 15.0 beta 3",
@@ -2121,6 +2127,8 @@
     "24C5073e": "macOS 15.2 beta 2",
     "24C5079e": "macOS 15.2 beta 3",
     "24C5089c": "macOS 15.2 beta 4",
+    "24C98": "macOS 15.2 RC",
+    "24C100": "macOS 15.2 RC 2",
     "21N5165g": "visionOS 1.0 beta 1",
     "21N5207f": "visionOS 1.0 beta 2",
     "21N5207g": "visionOS 1.0 beta 2",
@@ -2177,6 +2185,8 @@
     "22N5778f": "visionOS 2.2 beta 1",
     "22N5784e": "visionOS 2.2 beta 2",
     "22N5794a": "visionOS 2.2 beta 3",
+    "22N840": "visionOS 2.2 RC",
+    "22N841": "visionOS 2.2 RC 2",
     "12S507": "watchOS 1.0",
     "12S632": "watchOS 1.0.1",
     "13S5254w": "watchOS 2.0 beta 1",
@@ -2589,6 +2599,7 @@
     "22S5077d": "watchOS 11.2 beta 1",
     "22S5083e": "watchOS 11.2 beta 2",
     "22S5094a": "watchOS 11.2 beta 3",
+    "22S99": "watchOS 11.2 RC",
     "6002": "Windows Vista",
     "7601": "Windows 7",
     "9200": "Windows 8",

scripts/ilapfuncs.py

@@ -86,6 +86,7 @@ def wrapper(files_found, report_folder, seeker, wrap_text, timezone_offset):
 
         elif len(data_list):
             logfunc(f"Found {len(data_list)} records for {artifact_name}")
+            icons.setdefault(category, {artifact_name: icon}).update({artifact_name: icon})
 
             # Strip tuples from headers for HTML, TSV, and timeline
             stripped_headers = strip_tuple_from_headers(data_headers)
@@ -96,7 +97,6 @@ def wrapper(files_found, report_folder, seeker, wrap_text, timezone_offset):
                 report.add_script()
                 report.write_artifact_data_table(stripped_headers, data_list, source_path)
                 report.end_artifact_report()
-                icons[category] = {artifact_name: icon}
 
             if check_output_types('tsv', output_types):
                 tsv(report_folder, stripped_headers, data_list, artifact_name)