dissect.target 3.11.dev36__py3-none-any.whl → 3.12.dev2__py3-none-any.whl

dissect/target/plugin.py

@@ -63,6 +63,7 @@ class OperatingSystem(enum.Enum):
     VYOS = "vyos"
     IOS = "ios"
     FORTIGATE = "fortigate"
+    CITRIX = "citrix-netscaler"
 
 
 def export(*args, **kwargs) -> Callable:

dissect/target/plugins/os/unix/bsd/citrix/_os.py

@@ -0,0 +1,119 @@
+from __future__ import annotations
+
+import re
+from typing import Iterator, Optional
+
+from dissect.target.filesystem import Filesystem, VirtualFilesystem
+from dissect.target.helpers.record import UnixUserRecord
+from dissect.target.plugin import OperatingSystem, export
+from dissect.target.plugins.os.unix.bsd._os import BsdPlugin
+from dissect.target.target import Target
+
+RE_CONFIG_IP = re.compile(r"-IPAddress (?P<ip>[^ ]+) ")
+RE_CONFIG_HOSTNAME = re.compile(r"set ns hostName (?P<hostname>[^\n]+)\n")
+RE_CONFIG_TIMEZONE = re.compile(
+    r'set ns param -timezone "GMT\+(?P<hours>[0-9]+):(?P<minutes>[0-9]+)-.*-(?P<zone_name>.+)"'
+)
+RE_CONFIG_USER = re.compile(r"bind system user (?P<user>[^ ]+) ")
+RE_LOADER_CONFIG_KERNEL_VERSION = re.compile(r'kernel="/(?P<version>.*)"')
+
+
+class CitrixBsdPlugin(BsdPlugin):
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self._ips = []
+        self._hostname = None
+        self.config_usernames = []
+        self._parse_netscaler_configs()
+
+    def _parse_netscaler_configs(self) -> None:
+        ips = set()
+        usernames = set()
+        for config_path in self.target.fs.path("/flash/nsconfig/").glob("ns.conf*"):
+            with config_path.open("rt") as config_file:
+                config = config_file.read()
+                for match in RE_CONFIG_IP.finditer(config):
+                    ips.add(match.groupdict()["ip"])
+                for match in RE_CONFIG_USER.finditer(config):
+                    usernames.add(match.groupdict()["user"])
+                if config_path.name == "ns.conf":
+                    # Current configuration of the netscaler
+                    if hostname_match := RE_CONFIG_HOSTNAME.search(config):
+                        self._hostname = hostname_match.groupdict()["hostname"]
+                    if timezone_match := RE_CONFIG_TIMEZONE.search(config):
+                        tzinfo = timezone_match.groupdict()
+                        self.target.timezone = tzinfo["zone_name"]
+
+        self._config_usernames = list(usernames)
+        self._ips = list(ips)
+
+    @classmethod
+    def detect(cls, target: Target) -> Optional[Filesystem]:
+        newfilesystem = VirtualFilesystem()
+        is_citrix = False
+        for fs in target.filesystems:
+            if fs.exists("/bin/freebsd-version"):
+                newfilesystem.map_fs("/", fs)
+                break
+        for fs in target.filesystems:
+            if fs.exists("/nsconfig") and fs.exists("/boot"):
+                newfilesystem.map_fs("/flash", fs)
+                is_citrix = True
+            elif fs.exists("/netscaler"):
+                newfilesystem.map_fs("/var", fs)
+                is_citrix = True
+        if is_citrix:
+            return newfilesystem
+        return None
+
+    @export(property=True)
+    def hostname(self) -> Optional[str]:
+        return self._hostname
+
+    @export(property=True)
+    def version(self) -> Optional[str]:
+        version_path = self.target.fs.path("/flash/.version")
+        version = version_path.read_text().strip()
+        loader_conf = self.target.fs.path("/flash/boot/loader.conf").read_text()
+        if match := RE_LOADER_CONFIG_KERNEL_VERSION.search(loader_conf):
+            kernel_version = match.groupdict()["version"]
+            return f"{version} ({kernel_version})"
+        self.target.log.warn("Could not determine kernel version")
+        return version
+
+    @export(property=True)
+    def ips(self) -> list[str]:
+        return self._ips
+
+    @export(record=UnixUserRecord)
+    def users(self) -> Iterator[UnixUserRecord]:
+        nstmp_users = set()
+        nstmp_path = "/var/nstmp/"
+
+        nstmp_user_path = nstmp_path + "{username}"
+
+        for entry in self.target.fs.scandir(nstmp_path):
+            if entry.is_dir() and entry.name != "#nsinternal#":
+                nstmp_users.add(entry.name)
+        for username in self._config_usernames:
+            nstmp_home = nstmp_user_path.format(username=username)
+            user_home = nstmp_home if self.target.fs.exists(nstmp_home) else None
+
+            if user_home:
+                # After this loop we will yield all users who are not in the config, but are listed in /var/nstmp/
+                # To prevent double records, we remove entries from the set that we are already yielding here.
+                nstmp_users.remove(username)
+
+            if username == "root" and self.target.fs.exists("/root"):
+                # If we got here, 'root' is present both in /var/nstmp and in /root. In such cases, we yield
+                # the 'root' user as having '/root' as a home, not in /var/nstmp.
+                user_home = "/root"
+
+            yield UnixUserRecord(name=username, home=user_home)
+
+        for username in nstmp_users:
+            yield UnixUserRecord(name=username, home=nstmp_user_path.format(username=username))
+
+    @export(property=True)
+    def os(self) -> str:
+        return OperatingSystem.CITRIX.value

dissect/target/plugins/os/windows/registry.py

@@ -210,7 +210,7 @@ class RegistryPlugin(Plugin):
         Returns a KeyCollection which contains all keys that match
         the query.
         """
-        key = key.strip("\\")
+        key = (key or "").strip("\\")
 
         if not key:
             return KeyCollection([self._root.root()])

{dissect.target-3.11.dev36.dist-info → dissect.target-3.12.dev2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.11.dev36
+Version: 3.12.dev2
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.11.dev36.dist-info → dissect.target-3.12.dev2.dist-info}/RECORD

@@ -3,7 +3,7 @@ dissect/target/container.py,sha256=R8M9EE7DqKq8DeMuekcpR1nxtZ827zuqmTmO4s7PYkg,7
 dissect/target/exceptions.py,sha256=DQVgo6puVBRPBiappL9GU5EA94lrcr3eVta0m56a-ng,2777
 dissect/target/filesystem.py,sha256=Kn9RJtdYUWRXh4hxGnHpN_ttwcslZpwzVtUvX_W7qIQ,49335
 dissect/target/loader.py,sha256=oTpNhmb2abgWuPUqdewLjZz2zcbSYQP5kzZ5yYu7XXg,7100
-dissect/target/plugin.py,sha256=qHFKipJP8sBQbn1HOSJna25Fspt7PZ-i5RoVsdY1cGM,32565
+dissect/target/plugin.py,sha256=fkM_Qn5M0R8DQ7JMeVTHH8h1JbHQ2HDFHjqdUKXHFRc,32597
 dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
 dissect/target/target.py,sha256=TgDY-yAsReOQOG-Phz_m1vdNucdbk9fUI_RMZpMeYG8,28334
 dissect/target/volume.py,sha256=vHBXdDttpiu-Q_oWycNM7fdJ5N8Ob7-i_UBJK9DEs24,15027
@@ -157,6 +157,8 @@ dissect/target/plugins/os/unix/packagemanager.py,sha256=-mxNhDjvj497-wBvu3z22316
 dissect/target/plugins/os/unix/services.py,sha256=OEnaenGORK9K3_HfF8Ii5Pp0RsVYBJObEELY-gsnumE,5293
 dissect/target/plugins/os/unix/shadow.py,sha256=7ztW_fYLihxNjS2opFToF-xKZngYDGcTEbZKnodRkc8,3409
 dissect/target/plugins/os/unix/bsd/_os.py,sha256=e5rttTOFOmd7e2HqP9ZZFMEiPLBr-8rfH0XH1IIeroQ,1372
+dissect/target/plugins/os/unix/bsd/citrix/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+dissect/target/plugins/os/unix/bsd/citrix/_os.py,sha256=BsmrDOu_izsapi-iGUlxQmcJsiBhN9zUcU3np-PrdZc,4939
 dissect/target/plugins/os/unix/bsd/freebsd/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/bsd/freebsd/_os.py,sha256=Vqiyn08kv1IioNUwpgtBJ9SToCFhLCsJdpVhl5E7COM,789
 dissect/target/plugins/os/unix/bsd/ios/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -214,7 +216,7 @@ dissect/target/plugins/os/windows/locale.py,sha256=YlRqFteHGSE-A21flbCKP1jXUTgyX
 dissect/target/plugins/os/windows/notifications.py,sha256=tBgZKnDCXWFtz7chHIo5cKQf2swcTTB3MMcecfTZ-4w,4773
 dissect/target/plugins/os/windows/prefetch.py,sha256=favUyI5Pywi8Ho8fUye3gnXcM9BqEIMhFcSa1idQQBg,10304
 dissect/target/plugins/os/windows/recyclebin.py,sha256=aqp1kc8A6k5UTt6ebycuejPd0QJwNIX1xIu21M0CUGU,4926
-dissect/target/plugins/os/windows/registry.py,sha256=aRIAq7pXtPpdGBxU_WOpOkceu1GE9N51ssriuuW9wfs,12227
+dissect/target/plugins/os/windows/registry.py,sha256=cLv5T5eomc8APn6eXKIx26Ea3Y4i3eledDFGI0Q-q_U,12235
 dissect/target/plugins/os/windows/sam.py,sha256=jFl22o5WhjgdD2fWaebhfnLrx1g_T1BYXodVGSIQzRk,15789
 dissect/target/plugins/os/windows/services.py,sha256=p2v4z4YM-K3G2cnWIHVyPgsJgfrlDpvXz7gUvltIUD4,6059
 dissect/target/plugins/os/windows/sru.py,sha256=4Vybz3_RJYNbLZXKYGOouUKZNWyOUSgSTf4JAGN2O7w,16808
@@ -275,10 +277,10 @@ dissect/target/volumes/bde.py,sha256=gYGg5yF9MNARwNzEkrEfZmKkxyZW4rhLkpdnPJCbhGk
 dissect/target/volumes/disk.py,sha256=95grSsPt1BLVpKwTclwQYzPFGKTkFFqapIk0RoGWf38,968
 dissect/target/volumes/lvm.py,sha256=_kIB1mdRs1OFhRgoT4VEP5Fv8imQnI7oQ_ie4x710tQ,1814
 dissect/target/volumes/vmfs.py,sha256=mlAJ8278tYaoRjk1u6tFFlCaDQUrVu5ZZE4ikiFvxi8,1707
-dissect.target-3.11.dev36.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.11.dev36.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.11.dev36.dist-info/METADATA,sha256=1tL7rKZLxN4x6D0dr57ST9VZ8NiF2Yuoel5b_tTiyDg,10711
-dissect.target-3.11.dev36.dist-info/WHEEL,sha256=5sUXSg9e4bi7lTLOHcm6QEYwO5TIF1TNbTSVFVjcJcc,92
-dissect.target-3.11.dev36.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.11.dev36.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.11.dev36.dist-info/RECORD,,
+dissect.target-3.12.dev2.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.12.dev2.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.12.dev2.dist-info/METADATA,sha256=5HQe4s3KJp_l-FodL-lsOo5JM_doKQl8eVTJ-_x00CI,10710
+dissect.target-3.12.dev2.dist-info/WHEEL,sha256=5sUXSg9e4bi7lTLOHcm6QEYwO5TIF1TNbTSVFVjcJcc,92
+dissect.target-3.12.dev2.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.12.dev2.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.12.dev2.dist-info/RECORD,,