Difference between pages "Blogs" and "Fast Thunder"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
(Example queries)
 
Line 1: Line 1:
[[Computer forensics]] related '''blogs'''.
+
'''Fast Thunder''' (aka Xunlei) is a [[Download manager|download manager]] developed by Thunder Networking Technologies.
  
= English-Language Blogs =
 
  
== Forensic Blogs ==
+
== SuperDownload database ==
 +
The '''SuperDownload database''' can be found at:
  
* [http://www.appleexaminer.com/ The Apple Examiner]
+
On Windows
* [http://computer.forensikblog.de/en/ Andreas Schuster - Computer Forensics Blog]
+
<pre>
* [http://www.niiconsulting.com/checkmate/ Checkmate - e-zine on Digital Forensics and Incident Response]
+
C:\Program Files\Thunder Network\Thunder\data\SdInfoDb.dat
* [http://www.infosecinstitute.com/blog/ethical_hacking_computer_forensics.html Jack Koziol - Ethical Hacking and Computer Forensics]
+
</pre>
* [http://windowsir.blogspot.com/ Windows Incident Response Blog] by [[Harlan Carvey]]
+
* [http://geschonneck.com/ Alexander Geschonneck - Computer Forensics Blog]
+
* [http://forensicblog.org/ Michael Murr - Computer Forensics Blog]
+
* [http://forenshick.blogspot.com/ Jordan Farr - Forensic news, Technology, TV, and more]
+
* [http://unixsadm.blogspot.com/ Criveti Mihai - UNIX, OpenVMS and Windows System Administration, Digital Forensics, High Performance Computing, Clustering and Distributed Systems]
+
* [http://intrusions.blogspot.com/ Various Authors - Intrusions and Malware Analysis]
+
* [http://chicago-ediscovery.com/education/computer-forensics-glossary/ Andrew Hoog - Computer Forensic Glossary Blog, HOWTOs and other resources]
+
* [http://secureartisan.wordpress.com/ Paul Bobby - Digital Forensics with a Focus on EnCase]
+
* [http://www.crimemuseum.org/blog/ National Museum of Crime and Punishment-CSI/Forensics Blog]
+
* [http://forensicsfromthesausagefactory.blogspot.com/ Forensics from the sausage factory]
+
* [http://integriography.wordpress.com Computer Forensics Blog by David Kovar]
+
* [[Jesse Kornblum]] - [http://jessekornblum.livejournal.com/ A Geek Raised by Wolves]
+
* [http://computer-forensics.sans.org/blog SANS Computer Forensics and Incident Response Blog by SANS Institute]
+
* [http://www.digitalforensicsource.com Digital Forensic Source]
+
* [http://dfsforensics.blogspot.com/ Digital Forensics Solutions]
+
* [http://forensicaliente.blogspot.com/ Forensicaliente]
+
* [http://www.ericjhuber.com/ A Fistful of Dongles]
+
* [http://gleeda.blogspot.com/ JL's stuff]
+
* [http://4n6k.blogspot.com/ 4n6k]
+
  
 +
This file uses the [[SQLite database format]].
  
== Related Blogs ==
+
The timestamp:
 +
* SuperDownloadInfo.ContentDownloadTime is stored as BIGINT and contains a POSIX timestamp
 +
* SuperDownloadResource.DownloadTime is stored as BIGINT and contains '''presumably''' a POSIX timestamp
  
* [http://www.c64allstars.de C64Allstars Blog]
+
== Task database ==
* [http://www.emergentchaos.com/ Adam Shostack - Emergent Chaos]
+
The '''Task database''' can be found at:
* [http://jeffjonas.typepad.com/ Jeff Jonas - Inventor of NORA discusses privacy and all things digital]
+
* [http://www.cs.uno.edu/~golden/weblog Digital Forensics, Coffee, Benevolent Hacking] - Written by [[Golden G. Richard III]]
+
  
= Non-English Language =
+
On Windows
 +
<pre>
 +
C:\Program Files\Thunder Network\Thunder\Profiles\TaskDb.dat
 +
</pre>
  
=== Dutch ===
+
The timestamp:
 +
* TaskBase.CreationTime is stored as BIGINT and contains a POSIX timestamp shifted 24-bits to the left, e.g.
 +
<pre>
 +
printf "0x%x\n" 22090158425767936
 +
0x4e7ae1ce000000
  
* [http://stam.blogs.com/8bits/ 8 bits] by Mark Stam ([http://translate.google.com/translate?u=http%3A%2F%2Fstam.blogs.com%2F8bits%2Fforensisch%2Findex.html&langpair=nl%7Cen&hl=en&ie=UTF-8 Google translation])
+
date -d @$(( 22029112998625280 >> 24 ))
 +
Thu Aug 11 06:37:35 CEST 2011
 +
</pre>
  
=== French ===
+
=== Example queries ===
 +
Some example queries:
  
* [http://forensics-dev.blogspot.com Forensics-dev] ([http://translate.google.com/translate?u=http%3A%2F%2Fforensics-dev.blogspot.com%2F&langpair=fr%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
+
To get an overview of the tasks:
 +
<pre>
 +
SELECT datetime((TaskBase.CreationTime >> 24), "unixepoch"), TotalReceiveSize, TotalSendSize, Url, ReferenceUrl, Name, Description, SavePath FROM TaskBase;
 +
</pre>
  
=== German ===
+
== See Also ==
  
* [http://computer.forensikblog.de/ Andreas Schuster - Computer Forensik Blog Gesamtausgabe] ([http://computer.forensikblog.de/en/ English version])
+
* [[SQLite database format]]
* [http://computer-forensik.org Alexander Geschonneck - computer-forensik.org] ([http://translate.google.com/translate?u=http%3A%2F%2Fwww.computer-forensik.org&langpair=de%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
+
* [http://henrikbecker.blogspot.com Henrik Becker - Digitale Beweisführung] ([http://translate.google.com/translate?u=http%3A%2F%2Fhenrikbecker.blogspot.com&langpair=de%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
+
  
=== Spanish ===
+
== External Links ==
 +
* [http://en.wikipedia.org/wiki/Xunlei Wikipedia article on Fast Thunder (Xunlei)]
  
* [http://www.forensic-es.org/blog forensic-es.org] ([http://translate.google.com/translate?u=http%3A%2F%2Fwww.forensic-es.org%2Fblog&langpair=es%7Cen&hl=en&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
+
[[Category:Applications]]
* [http://www.inforenses.com Javier Pages - InForenseS] ([http://translate.google.com/translate?u=http%3A%2F%2Fwww.inforenses.com&langpair=es%7Cen&hl=es&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools Google translation])
+
[[Category:Download Managers]]
* [http://windowstips.wordpress.com El diario de Juanito]
+
* [http://conexioninversa.blogspot.com Conexión inversa]
+
 
+
=== Russian ===
+
 
+
* Group-IB: [http://notheft.ru/blogs/group-ib blog at notheft.ru], [http://www.securitylab.ru/blog/company/group-ib/ blog at securitylab.ru]
+
 
+
== Forensic Fora ==
+
* [forensicfocus.com Forensic Focus]
+

Revision as of 06:50, 21 March 2012

Fast Thunder (aka Xunlei) is a download manager developed by Thunder Networking Technologies.


Contents

SuperDownload database

The SuperDownload database can be found at:

On Windows

C:\Program Files\Thunder Network\Thunder\data\SdInfoDb.dat

This file uses the SQLite database format.

The timestamp:

  • SuperDownloadInfo.ContentDownloadTime is stored as BIGINT and contains a POSIX timestamp
  • SuperDownloadResource.DownloadTime is stored as BIGINT and contains presumably a POSIX timestamp

Task database

The Task database can be found at:

On Windows

C:\Program Files\Thunder Network\Thunder\Profiles\TaskDb.dat

The timestamp:

  • TaskBase.CreationTime is stored as BIGINT and contains a POSIX timestamp shifted 24-bits to the left, e.g.
printf "0x%x\n" 22090158425767936
0x4e7ae1ce000000

date -d @$(( 22029112998625280 >> 24 ))
Thu Aug 11 06:37:35 CEST 2011

Example queries

Some example queries:

To get an overview of the tasks:

SELECT datetime((TaskBase.CreationTime >> 24), "unixepoch"), TotalReceiveSize, TotalSendSize, Url, ReferenceUrl, Name, Description, SavePath FROM TaskBase;

See Also

External Links