dissect.target 3.16.dev12__py3-none-any.whl → 3.16.dev13__py3-none-any.whl

dissect/target/plugins/apps/browser/browser.py

@@ -43,6 +43,7 @@ GENERIC_COOKIE_FIELDS = [
     ("boolean", "is_secure"),
     ("boolean", "is_http_only"),
     ("boolean", "same_site"),
+    ("path", "source"),
 ]
 
 GENERIC_HISTORY_RECORD_FIELDS = [

dissect/target/plugins/apps/browser/chrome.py

@@ -38,8 +38,7 @@ class ChromePlugin(ChromiumMixin, BrowserPlugin):
     )
 
     BrowserCookieRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
-        "browser/chrome/cookie",
-        GENERIC_COOKIE_FIELDS,
+        "browser/chrome/cookie", GENERIC_COOKIE_FIELDS
     )
 
     BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(

dissect/target/plugins/apps/browser/chromium.py

@@ -117,59 +117,60 @@ class ChromiumMixin:
         if not len(self._build_userdirs(self.DIRS)):
             raise UnsupportedPluginError("No Chromium-based browser directories found")
 
-    def downloads(self, browser_name: Optional[str] = None) -> Iterator[BrowserDownloadRecord]:
-        """Return browser download records from supported Chromium-based browsers.
+    def history(self, browser_name: Optional[str] = None) -> Iterator[BrowserHistoryRecord]:
+        """Return browser history records from supported Chromium-based browsers.
 
         Args:
             browser_name: The name of the browser as a string.
 
         Yields:
             Records with the following fields:
-                ts_start (datetime): Download start timestamp.
-                ts_end (datetime): Download end timestamp.
+                ts (datetime): Visit timestamp.
                 browser (string): The browser from which the records are generated from.
                 id (string): Record ID.
-                path (string): Download path.
-                url (uri): Download URL.
-                tab_url (string): Tab URL.
-                tab_referrer_url (string): Referrer URL.
-                size (varint): Download file size.
-                mime_type (string): MIME type.
-                state (varint): Download state number.
-                source: (path): The source file of the download record.
+                url (uri): History URL.
+                title (string): Page title.
+                description (string): Page description.
+                rev_host (string): Reverse hostname.
+                visit_type (varint): Visit type.
+                visit_count (varint): Amount of visits.
+                hidden (string): Hidden value.
+                typed (string): Typed value.
+                session (varint): Session value.
+                from_visit (varint): Record ID of the "from" visit.
+                from_url (uri): URL of the "from" visit.
+                source: (path): The source file of the history record.
         """
         for user, db_file, db in self._iter_db("History"):
             try:
-                download_chains = defaultdict(list)
-                for row in db.table("downloads_url_chains"):
-                    download_chains[row.id].append(row)
-
-                for chain in download_chains.values():
-                    chain.sort(key=lambda row: row.chain_index)
-
-                for row in db.table("downloads").rows():
-                    if download_path := row.target_path:
-                        download_path = self.target.fs.path(download_path)
+                urls = {row.id: row for row in db.table("urls").rows()}
+                visits = {}
 
-                    url = None
-                    download_chain = download_chains.get(row.id)
+                for row in db.table("visits").rows():
+                    visits[row.id] = row
+                    url = urls[row.url]
 
-                    if download_chain:
-                        url = download_chain[-1].url
-                        url = try_idna(url)
+                    if row.from_visit and row.from_visit in visits:
+                        from_visit = visits[row.from_visit]
+                        from_url = urls[from_visit.url]
+                    else:
+                        from_visit, from_url = None, None
 
-                    yield self.BrowserDownloadRecord(
-                        ts_start=webkittimestamp(row.start_time),
-                        ts_end=webkittimestamp(row.end_time) if row.end_time else None,
+                    yield self.BrowserHistoryRecord(
+                        ts=webkittimestamp(row.visit_time),
                         browser=browser_name,
-                        id=row.get("id"),
-                        tab_url=try_idna(row.get("tab_url")),
-                        tab_referrer_url=try_idna(row.get("tab_referrer_url")),
-                        path=download_path,
-                        url=url,
-                        size=row.get("total_bytes"),
-                        mime_type=row.get("mime_type"),
-                        state=row.get("state"),
+                        id=row.id,
+                        url=try_idna(url.url),
+                        title=url.title,
+                        description=None,
+                        rev_host=None,
+                        visit_type=None,
+                        visit_count=url.visit_count,
+                        hidden=url.hidden,
+                        typed=None,
+                        session=None,
+                        from_visit=row.from_visit or None,
+                        from_url=try_idna(from_url.url) if from_url else None,
                         source=db_file,
                         _target=self.target,
                         _user=user,
@@ -212,11 +213,72 @@ class ChromiumMixin:
                         is_secure=bool(cookie.is_secure),
                         is_http_only=bool(cookie.is_httponly),
                         same_site=bool(cookie.samesite),
+                        source=db_file,
                         _user=user,
                     )
             except SQLError as e:
                 self.target.log.warning("Error processing cookie file: %s", db_file, exc_info=e)
 
+    def downloads(self, browser_name: Optional[str] = None) -> Iterator[BrowserDownloadRecord]:
+        """Return browser download records from supported Chromium-based browsers.
+
+        Args:
+            browser_name: The name of the browser as a string.
+
+        Yields:
+            Records with the following fields:
+                ts_start (datetime): Download start timestamp.
+                ts_end (datetime): Download end timestamp.
+                browser (string): The browser from which the records are generated from.
+                id (string): Record ID.
+                path (string): Download path.
+                url (uri): Download URL.
+                tab_url (string): Tab URL.
+                tab_referrer_url (string): Referrer URL.
+                size (varint): Download file size.
+                mime_type (string): MIME type.
+                state (varint): Download state number.
+                source: (path): The source file of the download record.
+        """
+        for user, db_file, db in self._iter_db("History"):
+            try:
+                download_chains = defaultdict(list)
+                for row in db.table("downloads_url_chains"):
+                    download_chains[row.id].append(row)
+
+                for chain in download_chains.values():
+                    chain.sort(key=lambda row: row.chain_index)
+
+                for row in db.table("downloads").rows():
+                    if download_path := row.target_path:
+                        download_path = self.target.fs.path(download_path)
+
+                    url = None
+                    download_chain = download_chains.get(row.id)
+
+                    if download_chain:
+                        url = download_chain[-1].url
+                        url = try_idna(url)
+
+                    yield self.BrowserDownloadRecord(
+                        ts_start=webkittimestamp(row.start_time),
+                        ts_end=webkittimestamp(row.end_time) if row.end_time else None,
+                        browser=browser_name,
+                        id=row.get("id"),
+                        tab_url=try_idna(row.get("tab_url")),
+                        tab_referrer_url=try_idna(row.get("tab_referrer_url")),
+                        path=download_path,
+                        url=url,
+                        size=row.get("total_bytes"),
+                        mime_type=row.get("mime_type"),
+                        state=row.get("state"),
+                        source=db_file,
+                        _target=self.target,
+                        _user=user,
+                    )
+            except SQLError as e:
+                self.target.log.warning("Error processing history file: %s", db_file, exc_info=e)
+
     def extensions(self, browser_name: Optional[str] = None) -> Iterator[BrowserExtensionRecord]:
         """Iterates over all installed extensions for a given browser.
 
@@ -303,67 +365,6 @@ class ChromiumMixin:
                 except (AttributeError, KeyError) as e:
                     self.target.log.info("No browser extensions found in: %s", json_file, exc_info=e)
 
-    def history(self, browser_name: Optional[str] = None) -> Iterator[BrowserHistoryRecord]:
-        """Return browser history records from supported Chromium-based browsers.
-
-        Args:
-            browser_name: The name of the browser as a string.
-
-        Yields:
-            Records with the following fields:
-                ts (datetime): Visit timestamp.
-                browser (string): The browser from which the records are generated from.
-                id (string): Record ID.
-                url (uri): History URL.
-                title (string): Page title.
-                description (string): Page description.
-                rev_host (string): Reverse hostname.
-                visit_type (varint): Visit type.
-                visit_count (varint): Amount of visits.
-                hidden (string): Hidden value.
-                typed (string): Typed value.
-                session (varint): Session value.
-                from_visit (varint): Record ID of the "from" visit.
-                from_url (uri): URL of the "from" visit.
-                source: (path): The source file of the history record.
-        """
-        for user, db_file, db in self._iter_db("History"):
-            try:
-                urls = {row.id: row for row in db.table("urls").rows()}
-                visits = {}
-
-                for row in db.table("visits").rows():
-                    visits[row.id] = row
-                    url = urls[row.url]
-
-                    if row.from_visit and row.from_visit in visits:
-                        from_visit = visits[row.from_visit]
-                        from_url = urls[from_visit.url]
-                    else:
-                        from_visit, from_url = None, None
-
-                    yield self.BrowserHistoryRecord(
-                        ts=webkittimestamp(row.visit_time),
-                        browser=browser_name,
-                        id=row.id,
-                        url=try_idna(url.url),
-                        title=url.title,
-                        description=None,
-                        rev_host=None,
-                        visit_type=None,
-                        visit_count=url.visit_count,
-                        hidden=url.hidden,
-                        typed=None,
-                        session=None,
-                        from_visit=row.from_visit or None,
-                        from_url=try_idna(from_url.url) if from_url else None,
-                        source=db_file,
-                        _target=self.target,
-                        _user=user,
-                    )
-            except SQLError as e:
-                self.target.log.warning("Error processing history file: %s", db_file, exc_info=e)
-
 
 class ChromiumPlugin(ChromiumMixin, BrowserPlugin):
     """Chromium browser plugin."""

dissect/target/plugins/apps/browser/edge.py

@@ -36,8 +36,7 @@ class EdgePlugin(ChromiumMixin, BrowserPlugin):
     )
 
     BrowserCookieRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
-        "browser/edge/cookie",
-        GENERIC_COOKIE_FIELDS,
+        "browser/edge/cookie", GENERIC_COOKIE_FIELDS
     )
 
     BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(

dissect/target/plugins/apps/browser/firefox.py

@@ -176,6 +176,7 @@ class FirefoxPlugin(BrowserPlugin):
                         is_secure=bool(cookie.isSecure),
                         is_http_only=bool(cookie.isHttpOnly),
                         same_site=bool(cookie.sameSite),
+                        source=db_file,
                         _user=user,
                     )
             except SQLError as e:

{dissect.target-3.16.dev12.dist-info → dissect.target-3.16.dev13.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.16.dev12
+Version: 3.16.dev13
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.16.dev12.dist-info → dissect.target-3.16.dev13.dist-info}/RECORD

@@ -112,11 +112,11 @@ dissect/target/plugins/apps/av/sophos.py,sha256=gSfTvjBZMuT0hsL-p4oYxuYmakbqApoO
 dissect/target/plugins/apps/av/symantec.py,sha256=RFLyNW6FyuoGcirJ4xHbQM8oGjua9W4zXmC7YDF-H20,14109
 dissect/target/plugins/apps/av/trendmicro.py,sha256=jloy_N4hHAqF1sVIEeD5Q7LRYal3_os14Umk-hGaAR4,4613
 dissect/target/plugins/apps/browser/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/apps/browser/browser.py,sha256=h32A0gyV2ehcWcozQJC8yXQ4L94FKjh1Rb31ZnUcX0Y,2658
-dissect/target/plugins/apps/browser/chrome.py,sha256=0DzhvUUA6xKZ9iTrCQmgAWWAsA8czMfIeXAT1fuZ1dE,2644
-dissect/target/plugins/apps/browser/chromium.py,sha256=yhgHdAifVUs20uqYEDAnn1nLJfV1p62cyXq2Ilum7zU,17734
-dissect/target/plugins/apps/browser/edge.py,sha256=QuJpPcdU5RGWzeweJjJJZyJgmPVaYBCsjhLt-xYKsX0,2482
-dissect/target/plugins/apps/browser/firefox.py,sha256=G42FU1KqqnFpAERcB_WU8QT6AcaXiimLhNgFII9gFEM,11333
+dissect/target/plugins/apps/browser/browser.py,sha256=_QP1u57-wOSiLvpTUotWDpqBdRn-WEWpBDzCMqZTYO0,2682
+dissect/target/plugins/apps/browser/chrome.py,sha256=XMDq3v-fA0W16gm5jXryP73PEtF7bRw5Pfqy5JQd-U8,2635
+dissect/target/plugins/apps/browser/chromium.py,sha256=Y1sS0EqF5F5abpLXNog2HwI5QV5d3qnBvZMnE0MPdyU,17774
+dissect/target/plugins/apps/browser/edge.py,sha256=cjMbAGtlTVyJLuha3D0uNbai0mJnkXmp6d0gBfceWB4,2473
+dissect/target/plugins/apps/browser/firefox.py,sha256=6dUTNfclNTsqB_GA-4q38tyHPuiw8lgNEmmtfIWbMUY,11373
 dissect/target/plugins/apps/browser/iexplore.py,sha256=LUXXCjMBBFcFN2ceBpks8qM1PyOvrBPn1guA4WM4oSU,8706
 dissect/target/plugins/apps/container/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/container/docker.py,sha256=guFPqRLbeP4p8R6lDIZVKWnva5_S7rQUVKG21QDz-B4,6416
@@ -323,10 +323,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.16.dev12.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.16.dev12.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.16.dev12.dist-info/METADATA,sha256=2f1MjScJ_LT0j-Kji3WLYlt_olRxKtE3s7y1T-eUGhw,11113
-dissect.target-3.16.dev12.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-dissect.target-3.16.dev12.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.16.dev12.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.16.dev12.dist-info/RECORD,,
+dissect.target-3.16.dev13.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.16.dev13.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.16.dev13.dist-info/METADATA,sha256=3C3Z4nrLFNTsMdbf_ij7Tjztn8Yra3gKF232itkAgmM,11113
+dissect.target-3.16.dev13.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
+dissect.target-3.16.dev13.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.16.dev13.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.16.dev13.dist-info/RECORD,,