PyPI - dissect.target - Versions diffs - 3.13.dev26__py3-none-any.whl → 3.14__py3-none-any.whl - Mend

dissect.target 3.13.dev26py3-none-any.whl → 3.14py3-none-any.whl

Files changed (138) hide show

dissect/target/container.py +9 -1
dissect/target/containers/asdf.py +2 -0
dissect/target/containers/ewf.py +2 -0
dissect/target/containers/hdd.py +2 -0
dissect/target/containers/hds.py +2 -0
dissect/target/containers/qcow2.py +2 -0
dissect/target/containers/raw.py +2 -0
dissect/target/containers/split.py +2 -0
dissect/target/containers/vdi.py +2 -0
dissect/target/containers/vhd.py +2 -0
dissect/target/containers/vhdx.py +2 -0
dissect/target/containers/vmdk.py +2 -0
dissect/target/filesystem.py +108 -15
dissect/target/filesystems/ad1.py +1 -1
dissect/target/filesystems/btrfs.py +180 -0
dissect/target/filesystems/cb.py +4 -4
dissect/target/filesystems/config.py +161 -31
dissect/target/filesystems/dir.py +1 -1
dissect/target/filesystems/exfat.py +1 -1
dissect/target/filesystems/extfs.py +5 -1
dissect/target/filesystems/fat.py +1 -1
dissect/target/filesystems/ffs.py +1 -1
dissect/target/filesystems/itunes.py +1 -1
dissect/target/filesystems/ntfs.py +1 -1
dissect/target/filesystems/smb.py +1 -1
dissect/target/filesystems/squashfs.py +1 -1
dissect/target/filesystems/tar.py +1 -1
dissect/target/filesystems/vmfs.py +1 -1
dissect/target/filesystems/xfs.py +1 -1
dissect/target/filesystems/zip.py +1 -1
dissect/target/helpers/cache.py +2 -2
dissect/target/helpers/configutil.py +283 -83
dissect/target/helpers/fsutil.py +9 -6
dissect/target/helpers/hashutil.py +20 -19
dissect/target/helpers/utils.py +14 -3
dissect/target/loaders/ad1.py +1 -1
dissect/target/loaders/asdf.py +1 -1
dissect/target/loaders/log.py +2 -2
dissect/target/loaders/smb.py +23 -13
dissect/target/loaders/targetd.py +12 -2
dissect/target/loaders/vma.py +1 -1
dissect/target/loaders/xva.py +1 -1
dissect/target/plugin.py +14 -2
dissect/target/plugins/apps/av/sophos.py +1 -2
dissect/target/plugins/apps/av/symantec.py +3 -4
dissect/target/plugins/apps/av/trendmicro.py +2 -3
dissect/target/plugins/{browsers → apps/browser}/chrome.py +6 -3
dissect/target/plugins/{browsers → apps/browser}/chromium.py +18 -13
dissect/target/plugins/{browsers → apps/browser}/edge.py +6 -3
dissect/target/plugins/{browsers → apps/browser}/firefox.py +3 -7
dissect/target/plugins/{browsers → apps/browser}/iexplore.py +14 -4
dissect/target/plugins/apps/remoteaccess/teamviewer.py +55 -27
dissect/target/plugins/apps/ssh/opensshd.py +31 -30
dissect/target/plugins/apps/{webservers → webserver}/apache.py +1 -1
dissect/target/plugins/apps/{webservers → webserver}/caddy.py +1 -1
dissect/target/plugins/apps/{webservers → webserver}/iis.py +1 -1
dissect/target/plugins/apps/{webservers → webserver}/nginx.py +1 -1
dissect/target/plugins/child/hyperv.py +1 -2
dissect/target/plugins/child/vmware_workstation.py +1 -3
dissect/target/plugins/filesystem/acquire_handles.py +2 -0
dissect/target/plugins/filesystem/acquire_hash.py +1 -7
dissect/target/plugins/filesystem/icat.py +5 -5
dissect/target/plugins/filesystem/ntfs/mft.py +2 -2
dissect/target/plugins/filesystem/ntfs/mft_timeline.py +2 -2
dissect/target/plugins/filesystem/ntfs/usnjrnl.py +2 -3
dissect/target/plugins/filesystem/resolver.py +1 -1
dissect/target/plugins/filesystem/unix/capability.py +77 -66
dissect/target/plugins/filesystem/walkfs.py +25 -19
dissect/target/plugins/filesystem/yara.py +20 -19
dissect/target/plugins/general/config.py +28 -11
dissect/target/plugins/os/unix/_os.py +28 -21
dissect/target/plugins/os/unix/bsd/osx/user.py +1 -3
dissect/target/plugins/os/unix/cronjobs.py +4 -16
dissect/target/plugins/os/unix/{linux/esxi → esxi}/_os.py +5 -6
dissect/target/plugins/os/unix/generic.py +5 -1
dissect/target/plugins/os/unix/history.py +2 -1
dissect/target/plugins/os/unix/linux/_os.py +12 -5
dissect/target/plugins/os/unix/linux/services.py +112 -0
dissect/target/plugins/os/unix/linux/suse/zypper.py +4 -4
dissect/target/plugins/os/unix/locale.py +3 -1
dissect/target/plugins/os/unix/log/journal.py +7 -6
dissect/target/plugins/os/unix/packagemanager.py +3 -3
dissect/target/plugins/os/unix/shadow.py +1 -1
dissect/target/plugins/os/windows/_os.py +2 -1
dissect/target/plugins/os/windows/amcache.py +9 -10
dissect/target/plugins/os/windows/catroot.py +2 -2
dissect/target/plugins/os/windows/cim.py +5 -4
dissect/target/plugins/os/windows/datetime.py +4 -1
dissect/target/plugins/os/windows/defender.py +3 -3
dissect/target/plugins/os/windows/generic.py +10 -11
dissect/target/plugins/os/windows/lnk.py +6 -6
dissect/target/plugins/os/windows/log/amcache.py +3 -5
dissect/target/plugins/os/windows/log/pfro.py +1 -3
dissect/target/plugins/os/windows/prefetch.py +5 -6
dissect/target/plugins/os/windows/recyclebin.py +3 -4
dissect/target/plugins/os/windows/regf/7zip.py +2 -4
dissect/target/plugins/os/windows/regf/bam.py +1 -2
dissect/target/plugins/os/windows/regf/cit.py +4 -5
dissect/target/plugins/os/windows/regf/mru.py +6 -2
dissect/target/plugins/os/windows/regf/muicache.py +1 -3
dissect/target/plugins/os/windows/regf/recentfilecache.py +1 -2
dissect/target/plugins/os/windows/regf/shimcache.py +1 -2
dissect/target/plugins/os/windows/regf/trusteddocs.py +1 -1
dissect/target/plugins/os/windows/regf/userassist.py +1 -2
dissect/target/plugins/os/windows/services.py +2 -4
dissect/target/plugins/os/windows/sru.py +4 -4
dissect/target/plugins/os/windows/startupinfo.py +5 -6
dissect/target/plugins/os/windows/syscache.py +2 -3
dissect/target/target.py +65 -32
dissect/target/tools/info.py +2 -1
dissect/target/tools/mount.py +2 -12
dissect/target/tools/shell.py +3 -2
dissect/target/volume.py +10 -9
dissect/target/volumes/bde.py +1 -1
dissect/target/volumes/ddf.py +2 -0
dissect/target/volumes/disk.py +2 -0
dissect/target/volumes/luks.py +1 -1
dissect/target/volumes/lvm.py +2 -0
dissect/target/volumes/md.py +2 -0
dissect/target/volumes/vmfs.py +2 -0
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/METADATA +2 -1
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/RECORD +137 -136
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/WHEEL +1 -1
dissect/target/plugins/os/unix/services.py +0 -151
/dissect/target/plugins/apps/{containers → browser}/__init__.py +0 -0
/dissect/target/plugins/{browsers → apps/browser}/browser.py +0 -0
/dissect/target/plugins/apps/{vpns → container}/__init__.py +0 -0
/dissect/target/plugins/apps/{containers → container}/docker.py +0 -0
/dissect/target/plugins/apps/{webservers → vpn}/__init__.py +0 -0
/dissect/target/plugins/apps/{vpns → vpn}/openvpn.py +0 -0
/dissect/target/plugins/apps/{vpns → vpn}/wireguard.py +0 -0
/dissect/target/plugins/{browsers → apps/webserver}/__init__.py +0 -0
/dissect/target/plugins/apps/{webservers/webservers.py → webserver/webserver.py} +0 -0
/dissect/target/plugins/os/unix/{linux/esxi → esxi}/__init__.py +0 -0
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/COPYRIGHT +0 -0
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/LICENSE +0 -0
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/entry_points.txt +0 -0
{dissect.target-3.13.dev26.dist-info → dissect.target-3.14.dist-info}/top_level.txt +0 -0

dissect/target/plugins/os/unix/services.py DELETED Viewed

@@ -1,151 +0,0 @@
-import io
-import re
-from configparser import ConfigParser
-from itertools import chain
-from typing import Iterator, TextIO
-from dissect.target.exceptions import FileNotFoundError, UnsupportedPluginError
-from dissect.target.helpers.record import TargetRecordDescriptor
-from dissect.target.plugin import Plugin, export, internal
-LinuxServiceRecord = TargetRecordDescriptor(
-    "linux/service",
-    [
-        ("datetime", "ts"),
-        ("string", "name"),
-        ("string", "config"),
-        ("path", "source"),
-    ],
-)
-class ServicesPlugin(Plugin):
-    SYSTEMD_PATHS = [
-        "/etc/systemd/system",
-        "/lib/systemd/system",
-        "/usr/lib/systemd/system",
-    ]
-    INITD_PATHS = ["/etc/rc.d/init.d", "/etc/init.d"]
-    def check_compatible(self) -> None:
-        if not any([self.target.fs.path(p).exists() for p in self.SYSTEMD_PATHS + self.INITD_PATHS]):
-            raise UnsupportedPluginError("No supported service directories found")
-    @export(record=LinuxServiceRecord)
-    def services(self) -> Iterator[LinuxServiceRecord]:
-        """Return information about all installed systemd and init.d services.
-        References:
-        - https://geeksforgeeks.org/what-is-init-d-in-linux-service-management
-        - http://0pointer.de/blog/projects/systemd-for-admins-3.html
-        - https://www.freedesktop.org/software/systemd/man/systemd.syntax.html
-        """
-        return chain(self.systemd(), self.initd())
-    @internal
-    def systemd(self) -> Iterator[LinuxServiceRecord]:
-        ignored_suffixes = [".wants", ".requires", ".d"]
-        for systemd_path in self.SYSTEMD_PATHS:
-            path = self.target.fs.path(systemd_path)
-            if not path.exists() or not path.is_dir():
-                continue
-            for service_file in path.iterdir():
-                if should_ignore_file(service_file.name, ignored_suffixes):
-                    continue
-                try:
-                    with service_file.open("rt") as fh:
-                        config = parse_systemd_config(fh)
-                except FileNotFoundError:
-                    # The service is registered but the symlink is broken.
-                    yield LinuxServiceRecord(
-                        ts=service_file.stat(follow_symlinks=False).st_mtime,
-                        name=service_file.name,
-                        config=None,
-                        source=service_file,
-                        _target=self.target,
-                    )
-                    continue
-                yield LinuxServiceRecord(
-                    ts=service_file.stat().st_mtime,
-                    name=service_file.name,
-                    config=config,
-                    source=service_file,
-                    _target=self.target,
-                )
-    @internal
-    def initd(self) -> Iterator[LinuxServiceRecord]:
-        ignored_suffixes = ["README"]
-        for initd_path in self.INITD_PATHS:
-            path = self.target.fs.path(initd_path)
-            if path.exists():
-                for file_ in path.iterdir():
-                    if should_ignore_file(file_.name, ignored_suffixes):
-                        continue
-                    yield LinuxServiceRecord(
-                        ts=file_.stat().st_mtime,
-                        name=file_.name,
-                        config=None,
-                        source=file_,
-                        _target=self.target,
-                    )
-def should_ignore_file(needle: str, haystack: list) -> bool:
-    for stray in haystack:
-        if needle.endswith(stray):
-            return True
-    return False
-def parse_systemd_config(fh: TextIO) -> str:
-    """Returns a string of key/value pairs from a toml/ini-like string.
-    This should probably be rewritten to return a proper dict as in
-    its current form this is only useful when used in Splunk.
-    """
-    parser = ConfigParser(strict=False, delimiters=("=",), allow_no_value=True, interpolation=None)
-    # to preserve casing from configuration.
-    parser.optionxform = str
-    parser.read_file(fh)
-    output = io.StringIO()
-    try:
-        for segment, configuration in parser.items():
-            original_key = ""
-            previous_value = ""
-            concat_value = False
-            for key, value in configuration.items():
-                original_key = original_key or key
-                if concat_value:
-                    # A backslash was found at the end of the previous line
-                    # If value is None, it might not contain a backslash
-                    # So we turn it into an empty string.
-                    value = f"{previous_value} {key} {value or ''}".strip()
-                concat_value = str(value).endswith("\\")
-                if concat_value:
-                    # Remove any dangling empty space or backslashes
-                    previous_value = value.rstrip("\\ ")
-                else:
-                    output.write(f'{segment}_{original_key or key}="{value}" ')
-                    original_key = ""
-                    previous_value = ""
-    except UnicodeDecodeError:
-        pass
-    output_data = output.getvalue()
-    # Remove any back slashes or new line characters.
-    output_data = re.sub(r"(\\|\n)", "", output_data)
-    return output_data.strip()