PyPI - dissect.target - Versions diffs - 3.14.dev22__py3-none-any.whl → 3.14.dev24__py3-none-any.whl - Mend

dissect.target 3.14.dev22py3-none-any.whl → 3.14.dev24py3-none-any.whl

Files changed (10) hide show

dissect/target/loaders/smb.py CHANGED Viewed

@@ -11,6 +11,7 @@ from urllib.parse import ParseResult, parse_qsl
 from dissect.regf import regf
 from dissect.util import ts
 from impacket.dcerpc.v5 import rpcrt, rrp, scmr, transport
+from impacket.dcerpc.v5.rpcrt import DCERPCException
 from impacket.smbconnection import SessionError, SMBConnection
 from dissect.target import Target
@@ -189,18 +190,24 @@ class SmbRegistry(RegistryPlugin):
         return False
     def _init_registry(self) -> None:
-        self._svcctl = _connect_rpc(self.conn, "ncacn_np:445[\\pipe\\svcctl]", scmr.MSRPC_UUID_SCMR)
-        self._check_service_status()
+        try:
+            self._svcctl = _connect_rpc(self.conn, "ncacn_np:445[\\pipe\\svcctl]", scmr.MSRPC_UUID_SCMR)
+            self._check_service_status()
-        self._winreg = _connect_rpc(self.conn, "ncacn_np:445[\\pipe\\winreg]", rrp.MSRPC_UUID_RRP)
+            self._winreg = _connect_rpc(self.conn, "ncacn_np:445[\\pipe\\winreg]", rrp.MSRPC_UUID_RRP)
-        hklm_hive = SmbRegistryHive(self._winreg, "HKEY_LOCAL_MACHINE", rrp.hOpenLocalMachine(self._winreg)["phKey"])
-        hku_hive = SmbRegistryHive(self._winreg, "HKEY_USERS", rrp.hOpenUsers(self._winreg)["phKey"])
+            hklm_hive = SmbRegistryHive(
+                self._winreg, "HKEY_LOCAL_MACHINE", rrp.hOpenLocalMachine(self._winreg)["phKey"]
+            )
+            hku_hive = SmbRegistryHive(self._winreg, "HKEY_USERS", rrp.hOpenUsers(self._winreg)["phKey"])
-        self._add_hive("HKLM", hklm_hive, TargetPath(self.target.fs, "HKLM"))
-        self._add_hive("HKU", hku_hive, TargetPath(self.target.fs, "HKU"))
-        self._map_hive("HKEY_LOCAL_MACHINE", hklm_hive)
-        self._map_hive("HKEY_USERS", hku_hive)
+            self._add_hive("HKLM", hklm_hive, TargetPath(self.target.fs, "HKLM"))
+            self._add_hive("HKU", hku_hive, TargetPath(self.target.fs, "HKU"))
+            self._map_hive("HKEY_LOCAL_MACHINE", hklm_hive)
+            self._map_hive("HKEY_USERS", hku_hive)
+        except SessionError:
+            self.target.log.info("Failed to open remote registry, registry will not be available")
+            return  # no registry access, probably no access rights
     def _init_users(self) -> None:
         pass
@@ -212,15 +219,18 @@ class SmbRegistry(RegistryPlugin):
         if hasattr(self, "_was_disabled") and self._was_disabled:
             scmr.hRChangeServiceConfigW(self._svcctl, self._svc_handle, dwStartType=0x4)
-        if hasattr(self, "_svcctl"):
+        if getattr(self, "_svcctl", None):
             self._svcctl.disconnect()
-        if hasattr(self, "_winreg"):
+        if getattr(self, "_winreg", None):
             self._winreg.disconnect()
     def _check_service_status(self) -> None:
-        manager_handle = scmr.hROpenSCManagerW(self._svcctl)["lpScHandle"]
-        self._svc_handle = scmr.hROpenServiceW(self._svcctl, manager_handle, "RemoteRegistry")["lpServiceHandle"]
+        try:
+            manager_handle = scmr.hROpenSCManagerW(self._svcctl)["lpScHandle"]
+            self._svc_handle = scmr.hROpenServiceW(self._svcctl, manager_handle, "RemoteRegistry")["lpServiceHandle"]
+        except DCERPCException:
+            return
         current_state = scmr.hRQueryServiceStatus(self._svcctl, self._svc_handle)["lpServiceStatus"]["dwCurrentState"]
         if current_state == scmr.SERVICE_STOPPED:

dissect/target/plugins/os/windows/_os.py CHANGED Viewed

@@ -77,7 +77,8 @@ class WindowsPlugin(OSPlugin):
                                             self.target.fs.mount(drive, volume.fs)
                                             break
         except Exception as e:
-            self.target.log.warning("Failed to map drive letters", exc_info=e)
+            self.target.log.warning("Failed to map drive letters")
+            self.target.log.debug("", exc_info=e)
     @export(property=True)
     def hostname(self) -> Optional[str]:

dissect/target/target.py CHANGED Viewed

@@ -426,7 +426,8 @@ class Target:
             if isinstance(os_plugin, plugin.OSPlugin):
                 self._os_plugin = os_plugin.__class__
             elif issubclass(os_plugin, plugin.OSPlugin):
-                os_plugin = os_plugin.create(self, os_plugin.detect(self))
+                if fs := os_plugin.detect(self):
+                    os_plugin = os_plugin.create(self, fs)
             self._os = self.add_plugin(os_plugin)
             return
@@ -757,22 +758,22 @@ class VolumeCollection(Collection[volume.Volume]):
                     # If we opened an empty volume system, it might also be the case that a filesystem actually
                     # "starts" at offset 0
+                    # Regardless of what happens, we want to try to open it as a filesystem later on
+                    fs_volumes.append(vol)
                     if vol.offset == 0 and vol.vs and vol.vs.__type__ == "disk":
                         # We are going to re-open a volume system on itself, bail out
                         self.target.log.info("Found volume with offset 0, opening as raw volume instead")
-                        fs_volumes.append(vol)
                         continue
                     try:
                         vs = volume.open(vol)
                     except Exception:
                         # If opening a volume system fails, there's likely none, so open as a filesystem instead
-                        fs_volumes.append(vol)
                         continue
                     if not len(vs.volumes):
                         # We opened an empty volume system, discard
-                        fs_volumes.append(vol)
                         continue
                     self.entries.extend(vs.volumes)

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.14.dev22
+Version: 3.14.dev24
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/RECORD RENAMED Viewed

@@ -5,7 +5,7 @@ dissect/target/filesystem.py,sha256=8qbXNbhnE9Y1cz-5OH-67Z5eDJMXKQwy7dNYTw1ST5o,
 dissect/target/loader.py,sha256=4ZdX-QJY83NPswTyNG31LUwYXdV1tuByrR2vKKg7d5k,7214
 dissect/target/plugin.py,sha256=5EtUEU8feYSak7NRWocByPFWKsU0yeUJio6L72Ekw5c,40914
 dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
-dissect/target/target.py,sha256=C-IGftviTWRoLIEQjX9IM124ZHCDLKb8DH0LVYdNFb4,31871
+dissect/target/target.py,sha256=CuqLTD3fwr4HIxtDgN_fwJ3UHSqe5PhNJlLTVGsluB8,31908
 dissect/target/volume.py,sha256=aQZAJiny8jjwkc9UtwIRwy7nINXjCxwpO-_UDfh6-BA,15801
 dissect/target/containers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/containers/asdf.py,sha256=DJp0QEFwUjy2MFwKYcYqIR_BS1fQT1Yi9Kcmqt0aChM,1366
@@ -79,7 +79,7 @@ dissect/target/loaders/pvs.py,sha256=dMqdYSBQtH9QLM3tdu0mokLBcn73edg_HUtYtqrdi6E
 dissect/target/loaders/raw.py,sha256=03OXVlvkqwR29XYu7WPg3pmGtYd_4QJEGnkAuvIrdPs,355
 dissect/target/loaders/remote.py,sha256=AoI7-RxH2UMjNWnuHbNaieZycApTY3YZmk4wkQAwFt0,8820
 dissect/target/loaders/res.py,sha256=8b178x05t9K31wOeP8yGD1IdR3RpiMGz7wcvtHmmHjk,8819
-dissect/target/loaders/smb.py,sha256=OWptpqy1CIQNkauKVcQxcDyyksR8paglNfxgilra-Es,12658
+dissect/target/loaders/smb.py,sha256=qP8m4Jq7hvAvUCF9jB4yr2Zut7p_R02_vxziNN3R1to,13070
 dissect/target/loaders/tanium.py,sha256=P9euiQzvVaQQtMQlEmNe0V25w1BkQFRZBuS-0-ksHpY,1585
 dissect/target/loaders/tar.py,sha256=4-ouVKnNCmW1o3I0OhF4DUyjvpZ7qLIon848gmRWR1M,3103
 dissect/target/loaders/target.py,sha256=Bp3kcfW-ntkgDZ9IpYPMoR-4FDBPqcLD_W88Z9IU--o,692
@@ -219,7 +219,7 @@ dissect/target/plugins/os/unix/log/lastlog.py,sha256=eL_dbB1sPoy0tyavIjT457ZLVfX
 dissect/target/plugins/os/unix/log/messages.py,sha256=W3CeI0tchdRql9SKLFDxk9AKwUvqIrnpCujcERvDt90,2846
 dissect/target/plugins/os/unix/log/utmp.py,sha256=21tvzG977LqzRShV6uAoU-83WDcLUrI_Tv__2ZVi9rw,7756
 dissect/target/plugins/os/windows/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/os/windows/_os.py,sha256=-a1fdUU0Kl4k2spTskJ3LOJP7MadB-8nkBw6edxbUDc,12106
+dissect/target/plugins/os/windows/_os.py,sha256=agGbApfaSrU2klBYJH_ncOOpBWm0a2dxb8r7b1R4d1w,12144
 dissect/target/plugins/os/windows/activitiescache.py,sha256=yY41YdCZk9e97Q8_rjZHknMUeOVDxgBG9VtXQHANUsQ,6710
 dissect/target/plugins/os/windows/adpolicy.py,sha256=rvsvywChfms7d2kMwXRVHZaf8zJ46WmMwYplGAYEax8,6984
 dissect/target/plugins/os/windows/amcache.py,sha256=ZZNOs3bILTf0AGkDkhoatndl0j39DXkstN7oOyxJECU,27188
@@ -304,10 +304,10 @@ dissect/target/volumes/luks.py,sha256=v_mHW05KM5iG8JDe47i2V4Q9O0r4rnAMA9m_qc9cYw
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.14.dev22.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.14.dev22.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.14.dev22.dist-info/METADATA,sha256=RSUU0aCyK41-gKDtNF8DBtiF_h6YOhNlCn0XjWaGkcw,11042
-dissect.target-3.14.dev22.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-dissect.target-3.14.dev22.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.14.dev22.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.14.dev22.dist-info/RECORD,,
+dissect.target-3.14.dev24.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.14.dev24.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.14.dev24.dist-info/METADATA,sha256=IoeJMsu7Fw2GBiPaPrlIU7ctHA0R2ja2jtckDBBZ1y0,11042
+dissect.target-3.14.dev24.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
+dissect.target-3.14.dev24.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.14.dev24.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.14.dev24.dist-info/RECORD,,

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/COPYRIGHT RENAMED Viewed

File without changes

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/LICENSE RENAMED Viewed

File without changes

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/WHEEL RENAMED Viewed

File without changes

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{dissect.target-3.14.dev22.dist-info → dissect.target-3.14.dev24.dist-info}/top_level.txt RENAMED Viewed

File without changes

dissect.target 3.14.dev22__py3-none-any.whl → 3.14.dev24__py3-none-any.whl

dissect.target 3.14.dev22py3-none-any.whl → 3.14.dev24py3-none-any.whl