acquire 3.20.dev8__tar.gz → 3.20.dev9__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {acquire-3.20.dev8 → acquire-3.20.dev9}/PKG-INFO +1 -1
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/acquire.py +15 -13
- acquire-3.20.dev9/acquire/version.py +34 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire.egg-info/PKG-INFO +1 -1
- acquire-3.20.dev8/acquire/version.py +0 -21
- {acquire-3.20.dev8 → acquire-3.20.dev9}/.git-blame-ignore-revs +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/.gitattributes +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/COPYRIGHT +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/LICENSE +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/MANIFEST.in +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/README.md +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/collector.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/crypt.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/collect.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/exceptions.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/handles.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/named_objects.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/ntdll.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/dynamic/windows/types.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/esxi.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/gui/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/gui/base.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/gui/win32.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/hashes.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/log.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/outputs/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/outputs/base.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/outputs/dir.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/outputs/tar.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/outputs/zip.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/tools/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/tools/decrypter.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/uploaders/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/uploaders/minio.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/uploaders/plugin.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/uploaders/plugin_registry.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/utils.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire/volatilestream.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire.egg-info/SOURCES.txt +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire.egg-info/dependency_links.txt +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire.egg-info/entry_points.txt +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire.egg-info/requires.txt +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/acquire.egg-info/top_level.txt +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/pyproject.toml +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/setup.cfg +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/__init__.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/_data/private_key.pem +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/_data/public_key.pem +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/_docs/Makefile +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/_docs/conf.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/_docs/index.rst +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/conftest.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_acquire_command.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_acquire_modules.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_acquire_profiles.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_collector.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_decryptor_funcs.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_esxi_memory.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_file_sorting.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_gui.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_minio_uploader.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_misc_users.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_outputs_dir.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_outputs_tar.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_outputs_zip.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_plugin.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_utils.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tests/test_volatile.py +0 -0
- {acquire-3.20.dev8 → acquire-3.20.dev9}/tox.ini +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: acquire
|
|
3
|
-
Version: 3.20.
|
|
3
|
+
Version: 3.20.dev9
|
|
4
4
|
Summary: A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -1639,24 +1639,26 @@ class Bootbanks(Module):
|
|
|
1639
1639
|
"bootbank": "BOOTBANK1",
|
|
1640
1640
|
"altbootbank": "BOOTBANK2",
|
|
1641
1641
|
}
|
|
1642
|
-
boot_fs =
|
|
1642
|
+
boot_fs = [] # List of tuples of bootbank paths and volume names
|
|
1643
1643
|
|
|
1644
1644
|
for boot_dir, boot_vol in boot_dirs.items():
|
|
1645
1645
|
dir_path = target.fs.path(boot_dir)
|
|
1646
1646
|
if dir_path.is_symlink() and dir_path.exists():
|
|
1647
1647
|
dst = dir_path.readlink()
|
|
1648
|
-
|
|
1649
|
-
|
|
1650
|
-
|
|
1651
|
-
|
|
1652
|
-
|
|
1653
|
-
|
|
1654
|
-
|
|
1655
|
-
|
|
1656
|
-
|
|
1657
|
-
|
|
1658
|
-
|
|
1659
|
-
|
|
1648
|
+
boot_fs.append((dst, boot_vol))
|
|
1649
|
+
|
|
1650
|
+
for _, mountpoint, uuid, _ in iter_esxi_filesystems(target):
|
|
1651
|
+
for bootbank_path, boot_vol in boot_fs:
|
|
1652
|
+
# samefile fails on python 3.9 (https://github.com/fox-it/dissect.target/issues/1289)
|
|
1653
|
+
# but support for 3.9 gets dropped soon
|
|
1654
|
+
if bootbank_path.samefile(target.fs.path(mountpoint)):
|
|
1655
|
+
log.info("Acquiring %s (%s)", mountpoint, boot_vol)
|
|
1656
|
+
mountpoint_len = len(mountpoint)
|
|
1657
|
+
base = f"fs/{uuid}:{boot_vol}"
|
|
1658
|
+
for path in target.fs.path(mountpoint).rglob("*"):
|
|
1659
|
+
outpath = path.as_posix()[mountpoint_len:]
|
|
1660
|
+
collector.collect_path(path, outpath=outpath, base=base)
|
|
1661
|
+
break
|
|
1660
1662
|
|
|
1661
1663
|
|
|
1662
1664
|
@register_module("--esxi")
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
# file generated by setuptools-scm
|
|
2
|
+
# don't change, don't track in version control
|
|
3
|
+
|
|
4
|
+
__all__ = [
|
|
5
|
+
"__version__",
|
|
6
|
+
"__version_tuple__",
|
|
7
|
+
"version",
|
|
8
|
+
"version_tuple",
|
|
9
|
+
"__commit_id__",
|
|
10
|
+
"commit_id",
|
|
11
|
+
]
|
|
12
|
+
|
|
13
|
+
TYPE_CHECKING = False
|
|
14
|
+
if TYPE_CHECKING:
|
|
15
|
+
from typing import Tuple
|
|
16
|
+
from typing import Union
|
|
17
|
+
|
|
18
|
+
VERSION_TUPLE = Tuple[Union[int, str], ...]
|
|
19
|
+
COMMIT_ID = Union[str, None]
|
|
20
|
+
else:
|
|
21
|
+
VERSION_TUPLE = object
|
|
22
|
+
COMMIT_ID = object
|
|
23
|
+
|
|
24
|
+
version: str
|
|
25
|
+
__version__: str
|
|
26
|
+
__version_tuple__: VERSION_TUPLE
|
|
27
|
+
version_tuple: VERSION_TUPLE
|
|
28
|
+
commit_id: COMMIT_ID
|
|
29
|
+
__commit_id__: COMMIT_ID
|
|
30
|
+
|
|
31
|
+
__version__ = version = '3.20.dev9'
|
|
32
|
+
__version_tuple__ = version_tuple = (3, 20, 'dev9')
|
|
33
|
+
|
|
34
|
+
__commit_id__ = commit_id = 'gfa63abb68'
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: acquire
|
|
3
|
-
Version: 3.20.
|
|
3
|
+
Version: 3.20.dev9
|
|
4
4
|
Summary: A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
# file generated by setuptools-scm
|
|
2
|
-
# don't change, don't track in version control
|
|
3
|
-
|
|
4
|
-
__all__ = ["__version__", "__version_tuple__", "version", "version_tuple"]
|
|
5
|
-
|
|
6
|
-
TYPE_CHECKING = False
|
|
7
|
-
if TYPE_CHECKING:
|
|
8
|
-
from typing import Tuple
|
|
9
|
-
from typing import Union
|
|
10
|
-
|
|
11
|
-
VERSION_TUPLE = Tuple[Union[int, str], ...]
|
|
12
|
-
else:
|
|
13
|
-
VERSION_TUPLE = object
|
|
14
|
-
|
|
15
|
-
version: str
|
|
16
|
-
__version__: str
|
|
17
|
-
__version_tuple__: VERSION_TUPLE
|
|
18
|
-
version_tuple: VERSION_TUPLE
|
|
19
|
-
|
|
20
|
-
__version__ = version = '3.20.dev8'
|
|
21
|
-
__version_tuple__ = version_tuple = (3, 20, 'dev8')
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|