mac4n6 / apollo Goto Github PK
View Code? Open in Web Editor NEWApple Pattern of Life Lazy Output'er
License: Other
Apple Pattern of Life Lazy Output'er
License: Other
KnowledgeC.db is inaccessible in MacOS 12 even under root account. Is there any workaround to access it?
For some reason with "aggregate_dictionary_distributed_keys.txt", I had to tab over everything from "select" to the end of the statement. Running windows 10, python 2.7, cmd as admin. It kept crashing on that module (immediately). When I removed that module, it ran no issues. I noticed that the other modules had everything from "select" down tabbed over 1 more spot. I applied that tabbing to "aggregate_dictionary_distributed_keys.txt" and it ran just fine.
We've been running some test with Apollo today and we ran into something that confuses us.
If we look at the extracted data we can see that most timestamps have been corrected for the offset except for these tables (gotten with SELECT DISTINCT activity FROM apollo WHERE output NOT LIKE "%OFFSET%";
):
Especially for Telephony Activity
this is leading to inconsistencies in the data. If we do apply the offset to Telephony Activity
then everything fits in nicely with the rest of the events. However if the offset isn't applied to Telephony Activity
then we're seeing things like outgoing calls started while the screen is off according to the other events.
Example:
The above example was manually parsed and the offset was calculated from correlating events on the phone. The offset was 96 seconds and this matches the offset found in the database.
However if we don't apply the offset to the two yellow lines then this call takes place when the screen is off.
Are we misinterpreting something or is this an error in the module(s)?
I am trying to use APOLLO and I am stuck on one part. I am trying to export my screentime from my iPhone and make it into a CSV file to run it on automl. But I am totally lost on what to put on the data directory.
I am currently on this step on Linux.
apollo.py -o {csv} -p {apple} -v {10.15} -k /Users/heojeong/Downloads/apollo/APOLLO/modules
I connected my iPhone to my mac to check on the directory but I cannot find the directory path....and I am not even sure if that is how I should do!
Can you please help me? thank you so much
The message date in "sms_chat.txt" has a divisor of "1000000000" prior to addition of "978307200". Based upon my analysis of iOS SQLite data, the divisor may be unnecessary and result in an inaccurate date conversion.
E.g. 2000-12-31 19:00:00 versus 2017-07-10 18:24:50 for a DB value of 521418290.
I would suggest updating to use a "CASE" statement, similar to what was done for "DATE DELIVERED" and "DATE READ".
I.e.
SELECT
CASE
WHEN LENGTH(MESSAGE.DATE)=18 THEN DATETIME(MESSAGE.DATE/1000000000+978307200,'UNIXEPOCH','LOCALTIME')
WHEN LENGTH(MESSAGE.DATE)=9 THEN DATETIME(MESSAGE.DATE + 978307200,'UNIXEPOCH','LOCALTIME')
ELSE "N/A"
END "MESSAGE DATE",
https://twitter.com/EdXlg123/status/1102436931877654528?s=0
query_predictions.db
will add if i have a chance to test it out, otherwise leaving here for a future update
Hello,
I'm having some trouble running the recently added screentime modules, as they seem to be have some errors which make the parser fail. This occurs with all of the screentime_* modules. I've included an error for the screentime_timed_items below. This is on a fresh clone of the repo with python3 on OSX.
Thanks for making APOLLO! I've been trying it out to analyze device data and it's generally been working great.
> python apollo.py -o csv -p apple -v 13 modules /private/var/db/CoreDuet/Knowledge/
--------------------------------------------------------------------------------------
APOLLO Version: 05072020
Platform: apple
Version: 13
Data Directory: /private/var/db/CoreDuet/Knowledge/
Modules Directory: modules
--------------------------------------------------------------------------------------
Traceback (most recent call last):
File "apollo.py", line 259, in <module>
parse_module_definition(mod_info)
File "apollo.py", line 56, in parse_module_definition
parser.read(mod_def)
File "/usr/local/anaconda3/lib/python3.7/configparser.py", line 696, in read
self._read(fp, filename)
File "/usr/local/anaconda3/lib/python3.7/configparser.py", line 1110, in _read
raise e
configparser.ParsingError: Source contains parsing errors: 'modules/screentime_timed_items.txt'
[line 64]: '\tSELECT \n'
[line 65]: "\t\tDATETIME(ZUSAGEBLOCK.ZSTARTDATE+978307200,'UNIXEPOCH') AS 'HOUR',\n"
[line 66]: "\t\tZUSAGETIMEDITEM.ZBUNDLEIDENTIFIER AS 'BUNDLE ID',\n"
... [until line 95]
It looks like crap because of commas in output. Looking to change text formats soon. In the mean time use SQL output.
When i try to run the script i get the following message:
File ".\apollo.py", line 34, in
from ConfigParser import RawConfigParser
ImportError: No module named 'ConfigParser'
Should there be a module named ConfigParser in the modules folder?
I am receiving the following errors when trying to run this in Python 2.7, I have navigated to the folder containing the Apollo script and the modules have been placed in a Modules folder and the database files I want to run against are in the DBFiles folder. I'm tearing my hair out trying to figure out what i'm doing wrong!
C:\Users\Technicians\Desktop\PythonProgramming\Test>C:\Python27\python.exe apollo.py -o csv -p ios -v 11 Modules DBFiles
Parsing Modules...
Traceback (most recent call last):
File "apollo.py", line 194, in
parse_module_definition(mod_info)
File "apollo.py", line 45, in parse_module_definition
parser.read(mod_def)
File "C:\Python27\lib\ConfigParser.py", line 305, in read
self._read(fp, filename)
File "C:\Python27\lib\ConfigParser.py", line 512, in _read
raise MissingSectionHeaderError(fpname, lineno, line)
ConfigParser.MissingSectionHeaderError: File contains no section headers.
file: Modules\powerlog_accessory_connection.txt, line: 7
'\n'
The WHERE clause in sms_chat_message_delievered.txt has a typo.
WHERE "DATE DELIEVERED" IS NOT "N/A"
Should be
WHERE "DATE DELIVERED" IS NOT "N/A"
I am receiving the following errors when trying to run this in Python 2.7, I have navigated to the folder containing the Apollo script and the modules have been placed in a Modules folder and the database files I want to run against are in the DBFiles folder
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.