dissect.target 3.17.dev27__py3-none-any.whl → 3.17.dev29__py3-none-any.whl

dissect/target/loaders/mqtt.py

@@ -65,6 +65,9 @@ class MQTTStream(AlignedStream):
 class MQTTConnection:
     broker = None
     host = None
+    prev = -1
+    factor = 1
+    prefetch_factor_inc = 10
 
     def __init__(self, broker: Broker, host: str):
         self.broker = broker
@@ -95,20 +98,32 @@ class MQTTConnection:
 
     def read(self, disk_id: int, offset: int, length: int, optimization_strategy: int) -> bytes:
         message = None
-        self.broker.seek(self.host, disk_id, offset, length, optimization_strategy)
 
+        message = self.broker.read(self.host, disk_id, offset, length)
+        if message:
+            return message.data
+
+        if self.prev == offset - (length * self.factor):
+            if self.factor < 500:
+                self.factor += self.prefetch_factor_inc
+        else:
+            self.factor = 1
+
+        self.prev = offset
+        flength = length * self.factor
+        self.broker.factor = self.factor
+        self.broker.seek(self.host, disk_id, offset, flength, optimization_strategy)
         attempts = 0
         while True:
-            message = self.broker.read(self.host, disk_id, offset, length)
-            # don't waste time with sleep if we have a response
-            if message:
+            if message := self.broker.read(self.host, disk_id, offset, length):
+                # don't waste time with sleep if we have a response
                 break
 
             attempts += 1
-            time.sleep(0.01)
-            if attempts > 100:
+            time.sleep(0.1)
+            if attempts > 300:
                 # message might have not reached agent, resend...
-                self.broker.seek(self.host, disk_id, offset, length, optimization_strategy)
+                self.broker.seek(self.host, disk_id, offset, flength, optimization_strategy)
                 attempts = 0
 
         return message.data
@@ -127,6 +142,7 @@ class Broker:
     diskinfo = {}
     index = {}
     topo = {}
+    factor = 1
 
     def __init__(self, broker: Broker, port: str, key: str, crt: str, ca: str, case: str, **kwargs):
         self.broker_host = broker
@@ -137,10 +153,13 @@ class Broker:
         self.case = case
         self.command = kwargs.get("command", None)
 
+    def clear_cache(self) -> None:
+        self.index = {}
+
     @suppress
     def read(self, host: str, disk_id: int, seek_address: int, read_length: int) -> SeekMessage:
         key = f"{host}-{disk_id}-{seek_address}-{read_length}"
-        return self.index.pop(key)
+        return self.index.get(key)
 
     @suppress
     def disk(self, host: str) -> DiskMessage:
@@ -165,14 +184,15 @@ class Broker:
         disk_id = tokens[3]
         seek_address = int(tokens[4], 16)
         read_length = int(tokens[5], 16)
-        msg = SeekMessage(data=payload)
 
-        key = f"{hostname}-{disk_id}-{seek_address}-{read_length}"
+        for i in range(self.factor):
+            sublength = int(read_length / self.factor)
+            start = i * sublength
+            key = f"{hostname}-{disk_id}-{seek_address+start}-{sublength}"
+            if key in self.index:
+                continue
 
-        if key in self.index:
-            return
-
-        self.index[key] = msg
+            self.index[key] = SeekMessage(data=payload[start : start + sublength])
 
     def _on_id(self, hostname: str, payload: bytes) -> None:
         key = hostname
@@ -204,9 +224,14 @@ class Broker:
         elif response == "ID":
             self._on_id(hostname, msg.payload)
 
-    def seek(self, host: str, disk_id: int, offset: int, length: int, optimization_strategy: int) -> None:
+    def seek(self, host: str, disk_id: int, offset: int, flength: int, optimization_strategy: int) -> None:
+        length = int(flength / self.factor)
+        key = f"{host}-{disk_id}-{offset}-{length}"
+        if key in self.index:
+            return
+
         self.mqtt_client.publish(
-            f"{self.case}/{host}/SEEK/{disk_id}/{hex(offset)}/{hex(length)}", pack("<I", optimization_strategy)
+            f"{self.case}/{host}/SEEK/{disk_id}/{hex(offset)}/{hex(flength)}", pack("<I", optimization_strategy)
         )
 
     def info(self, host: str) -> None:

dissect/target/plugins/filesystem/ntfs/mft.py

@@ -154,7 +154,7 @@ class MftPlugin(Plugin):
                     try:
                         inuse = bool(record.header.Flags & FILE_RECORD_SEGMENT_IN_USE)
                         owner, _ = get_owner_and_group(record, fs)
-                        resident = None
+                        resident = False
                         size = None
 
                         if not record.is_dir():

dissect/target/tools/query.py

@@ -173,8 +173,7 @@ def main():
         collected_plugins = {}
 
         if targets:
-            for target in targets:
-                plugin_target = Target.open(target)
+            for plugin_target in Target.open_all(targets, args.children):
                 if isinstance(plugin_target._loader, ProxyLoader):
                     parser.error("can't list compatible plugins for remote targets.")
                 funcs, _ = find_plugin_functions(plugin_target, args.list, compatibility=True, show_hidden=True)

{dissect.target-3.17.dev27.dist-info → dissect.target-3.17.dev29.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.17.dev27
+Version: 3.17.dev29
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.17.dev27.dist-info → dissect.target-3.17.dev29.dist-info}/RECORD

@@ -85,7 +85,7 @@ dissect/target/loaders/itunes.py,sha256=69aMTQiiGYpmD_EYSmf9mO1re8C3jAZIEStmwlMx
 dissect/target/loaders/kape.py,sha256=t5TfrGLqPeIpUUpXzIl6aHsqXMEGDqJ5YwDCs07DiBA,1237
 dissect/target/loaders/local.py,sha256=Ul-LCd_fY7SyWOVR6nH-NqbkuNpxoZVmffwrkvQElU8,16453
 dissect/target/loaders/log.py,sha256=cCkDIRS4aPlX3U-n_jUKaI2FPSV3BDpfqKceaU7rBbo,1507
-dissect/target/loaders/mqtt.py,sha256=b0VrQ75_tmc4POkcfnUwKJoj1qmcjm1OKsVBQ9MjgqI,9552
+dissect/target/loaders/mqtt.py,sha256=D8AmdOz2atD92z8bhjVFi3tC1H7pYmP4UrOCtMgfwMY,10396
 dissect/target/loaders/multiraw.py,sha256=4a3ZST0NwjnfPDxHkcEfAcX2ddUlT_C-rcrMHNg1wp4,1046
 dissect/target/loaders/ova.py,sha256=6h4O-7i87J394C6KgLsPkdXRAKNwtPubzLNS3vBGs7U,744
 dissect/target/loaders/ovf.py,sha256=ELMq6J2y6cPKbp7pjWAqMMnFYefWxXNqzIiAQdvGGXQ,1061
@@ -163,7 +163,7 @@ dissect/target/plugins/filesystem/resolver.py,sha256=HfyASUFV4F9uD-yFXilFpPTORAs
 dissect/target/plugins/filesystem/walkfs.py,sha256=e8HEZcV5Wiua26FGWL3xgiQ_PIhcNvGI5KCdsAx2Nmo,2298
 dissect/target/plugins/filesystem/yara.py,sha256=q_pbrQArNaWP4ILRzK7VQhukIw16LhUvntoviHmZ38Q,2241
 dissect/target/plugins/filesystem/ntfs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/filesystem/ntfs/mft.py,sha256=Za-fsTcKlAlhm9ugJlMdwsJVf2Osrh4PrEGSFuv-Eeo,9564
+dissect/target/plugins/filesystem/ntfs/mft.py,sha256=AD3w2FIjDAf8x2KEbBhz2NeOA_lxIAmw353w6J3ObYU,9565
 dissect/target/plugins/filesystem/ntfs/mft_timeline.py,sha256=vvNFAZbr7s3X2OTYf4ES_L6-XsouTXcTymfxnHfZ1Rw,6791
 dissect/target/plugins/filesystem/ntfs/usnjrnl.py,sha256=uiT1ipmcAo__6VIUi8R_vvIu22vdnjMACKwLSAbzYjs,3704
 dissect/target/plugins/filesystem/ntfs/utils.py,sha256=xG7Lgw9NX4tDDrZVRm0vycFVJTOM7j-HrjqzDh0f4uA,3136
@@ -320,7 +320,7 @@ dissect/target/tools/fs.py,sha256=cizCrW8rqdpT1irA8g6mslkaXX7CynWVQ7fvRUrcxNU,37
 dissect/target/tools/info.py,sha256=3smHr8I71yj3kCjsQ5nXkOHI9T_N8UwvkVa1CNOxB-s,5461
 dissect/target/tools/logging.py,sha256=5ZnumtMWLyslxfrUGZ4ntRyf3obOOhmn8SBjKfdLcEg,4174
 dissect/target/tools/mount.py,sha256=L_0tSmiBdW4aSaF0vXjB0bAkTC0kmT2N1hrbW6s5Jow,3254
-dissect/target/tools/query.py,sha256=6zz9SXS6YnHj7eguORS8Je7N4iM0i1PZDIQ-gyJ1nPY,15593
+dissect/target/tools/query.py,sha256=ONHu2FVomLccikb84qBrlhNmEfRoHYFQMcahk_y2c9A,15580
 dissect/target/tools/reg.py,sha256=FDsiBBDxjWVUBTRj8xn82vZe-J_d9piM-TKS3PHZCcM,3193
 dissect/target/tools/shell.py,sha256=4v6Z06YJDjKv6e6SRvWNjQ2n_KHo_CjL4P0w1_gY_ro,44827
 dissect/target/tools/utils.py,sha256=sQizexY3ui5vmWw4KOBLg5ecK3TPFjD-uxDqRn56ZTY,11304
@@ -336,10 +336,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.17.dev27.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.17.dev27.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.17.dev27.dist-info/METADATA,sha256=3-kTMZehcHT31jjm50J9_Msj1Pw6LqWUMsiMaSaLiBY,11300
-dissect.target-3.17.dev27.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-dissect.target-3.17.dev27.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.17.dev27.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.17.dev27.dist-info/RECORD,,
+dissect.target-3.17.dev29.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.17.dev29.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.17.dev29.dist-info/METADATA,sha256=Wi4QRqrkL4L_LUjliqpshIGB5Z1cJMN_l9F1DFHY1Pc,11300
+dissect.target-3.17.dev29.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+dissect.target-3.17.dev29.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.17.dev29.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.17.dev29.dist-info/RECORD,,