dissect.target 3.17.dev36__py3-none-any.whl → 3.18.dev1__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- dissect/target/exceptions.py +4 -0
- dissect/target/helpers/record_modifier.py +4 -1
- dissect/target/loaders/raw.py +7 -0
- dissect/target/plugins/os/windows/regf/runkeys.py +6 -4
- dissect/target/target.py +6 -1
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/METADATA +2 -2
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/RECORD +12 -12
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/LICENSE +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/WHEEL +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/top_level.txt +0 -0
dissect/target/exceptions.py
CHANGED
|
@@ -62,13 +62,16 @@ MODIFIER_MAPPING = {
|
|
|
62
62
|
|
|
63
63
|
def _resolve_path_types(target: Target, record: Record) -> Iterator[tuple[str, TargetPath]]:
|
|
64
64
|
for field_name, field_type in record._field_types.items():
|
|
65
|
-
if not issubclass(field_type, fieldtypes.path):
|
|
65
|
+
if not issubclass(field_type, (fieldtypes.path, fieldtypes.command)):
|
|
66
66
|
continue
|
|
67
67
|
|
|
68
68
|
path = getattr(record, field_name, None)
|
|
69
69
|
if path is None:
|
|
70
70
|
continue
|
|
71
71
|
|
|
72
|
+
if isinstance(path, fieldtypes.command):
|
|
73
|
+
path = path.executable
|
|
74
|
+
|
|
72
75
|
yield field_name, target.resolve(str(path))
|
|
73
76
|
|
|
74
77
|
|
dissect/target/loaders/raw.py
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
from pathlib import Path
|
|
2
2
|
|
|
3
3
|
from dissect.target import container
|
|
4
|
+
from dissect.target.exceptions import TargetPathNotFoundError
|
|
4
5
|
from dissect.target.loader import Loader
|
|
5
6
|
from dissect.target.target import Target
|
|
6
7
|
|
|
@@ -8,6 +9,12 @@ from dissect.target.target import Target
|
|
|
8
9
|
class RawLoader(Loader):
|
|
9
10
|
"""Load raw container files such as disk images."""
|
|
10
11
|
|
|
12
|
+
def __init__(self, path: Path, **kwargs):
|
|
13
|
+
if not path.exists():
|
|
14
|
+
raise TargetPathNotFoundError("Provided target path does not exist")
|
|
15
|
+
|
|
16
|
+
super().__init__(path, **kwargs)
|
|
17
|
+
|
|
11
18
|
@staticmethod
|
|
12
19
|
def detect(path: Path) -> bool:
|
|
13
20
|
return not path.is_dir()
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
from typing import Iterator
|
|
2
|
+
|
|
1
3
|
from dissect.target.exceptions import UnsupportedPluginError
|
|
2
4
|
from dissect.target.helpers.descriptor_extensions import (
|
|
3
5
|
RegistryRecordDescriptorExtension,
|
|
@@ -11,7 +13,7 @@ RunKeyRecord = create_extended_descriptor([RegistryRecordDescriptorExtension, Us
|
|
|
11
13
|
[
|
|
12
14
|
("datetime", "ts"),
|
|
13
15
|
("wstring", "name"),
|
|
14
|
-
("
|
|
16
|
+
("command", "command"),
|
|
15
17
|
("string", "key"),
|
|
16
18
|
],
|
|
17
19
|
)
|
|
@@ -48,7 +50,7 @@ class RunKeysPlugin(Plugin):
|
|
|
48
50
|
raise UnsupportedPluginError("No registry run key found")
|
|
49
51
|
|
|
50
52
|
@export(record=RunKeyRecord)
|
|
51
|
-
def runkeys(self):
|
|
53
|
+
def runkeys(self) -> Iterator[RunKeyRecord]:
|
|
52
54
|
"""Iterate various run key locations. See source for all locations.
|
|
53
55
|
|
|
54
56
|
Run keys (Run and RunOnce) are registry keys that make a program run when a user logs on. a Run key runs every
|
|
@@ -63,7 +65,7 @@ class RunKeysPlugin(Plugin):
|
|
|
63
65
|
domain (string): The target domain.
|
|
64
66
|
ts (datetime): The registry key last modified timestamp.
|
|
65
67
|
name (string): The run key name.
|
|
66
|
-
|
|
68
|
+
command (command): The run key command.
|
|
67
69
|
key (string): The source key for this run key.
|
|
68
70
|
"""
|
|
69
71
|
for key in self.KEYS:
|
|
@@ -73,7 +75,7 @@ class RunKeysPlugin(Plugin):
|
|
|
73
75
|
yield RunKeyRecord(
|
|
74
76
|
ts=r.ts,
|
|
75
77
|
name=entry.name,
|
|
76
|
-
|
|
78
|
+
command=entry.value,
|
|
77
79
|
key=key,
|
|
78
80
|
_target=self.target,
|
|
79
81
|
_key=r,
|
dissect/target/target.py
CHANGED
|
@@ -14,6 +14,7 @@ from dissect.target.exceptions import (
|
|
|
14
14
|
PluginError,
|
|
15
15
|
PluginNotFoundError,
|
|
16
16
|
TargetError,
|
|
17
|
+
TargetPathNotFoundError,
|
|
17
18
|
UnsupportedPluginError,
|
|
18
19
|
VolumeSystemError,
|
|
19
20
|
)
|
|
@@ -284,7 +285,11 @@ class Target:
|
|
|
284
285
|
try:
|
|
285
286
|
ldr = loader_cls(sub_entry, parsed_path=parsed_path)
|
|
286
287
|
except Exception as e:
|
|
287
|
-
|
|
288
|
+
message = "Failed to initiate loader: %s"
|
|
289
|
+
if isinstance(e, TargetPathNotFoundError):
|
|
290
|
+
message = "%s"
|
|
291
|
+
|
|
292
|
+
getlogger(sub_entry).error(message, e)
|
|
288
293
|
getlogger(sub_entry).debug("", exc_info=e)
|
|
289
294
|
continue
|
|
290
295
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.
|
|
3
|
+
Version: 3.18.dev1
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -31,7 +31,7 @@ Requires-Dist: dissect.ntfs <4.0.dev,>=3.4.dev
|
|
|
31
31
|
Requires-Dist: dissect.regf <4.0.dev,>=3.3.dev
|
|
32
32
|
Requires-Dist: dissect.util <4.0.dev,>=3.0.dev
|
|
33
33
|
Requires-Dist: dissect.volume <4.0.dev,>=3.0.dev
|
|
34
|
-
Requires-Dist: flow.record ~=3.
|
|
34
|
+
Requires-Dist: flow.record ~=3.15.0
|
|
35
35
|
Requires-Dist: structlog
|
|
36
36
|
Provides-Extra: cb
|
|
37
37
|
Requires-Dist: dissect.target[full] ; extra == 'cb'
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
dissect/target/__init__.py,sha256=Oc7ounTgq2hE4nR6YcNabetc7SQA40ldSa35VEdZcQU,63
|
|
2
2
|
dissect/target/container.py,sha256=0YcwcGmfJjhPXUB6DEcjWEoSuAtTDxMDpoTviMrLsxM,9353
|
|
3
|
-
dissect/target/exceptions.py,sha256=
|
|
3
|
+
dissect/target/exceptions.py,sha256=ULi7NXlqju_d8KENEL3aimmfKTFfbNssfeWhAnOB654,2972
|
|
4
4
|
dissect/target/filesystem.py,sha256=1i-lToeTX-HgQXQOYxPXH-90M_eq43W4FFzNDRdpgpk,60094
|
|
5
5
|
dissect/target/loader.py,sha256=hjKInZAEcv43RiqxZJ0yBI4Y2YZ2-nrsKWu_BKrgba4,7336
|
|
6
6
|
dissect/target/plugin.py,sha256=HAN8maaDt-Rlqt8Rr1IW7gXQpzNQZjCVz-i4aSPphSw,48677
|
|
7
7
|
dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
|
|
8
|
-
dissect/target/target.py,sha256=
|
|
8
|
+
dissect/target/target.py,sha256=8vg0VdEQuy5Ih5ewlm0b64o3HcJq_Nley4Ygyp2fLI4,32362
|
|
9
9
|
dissect/target/volume.py,sha256=aQZAJiny8jjwkc9UtwIRwy7nINXjCxwpO-_UDfh6-BA,15801
|
|
10
10
|
dissect/target/containers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
11
11
|
dissect/target/containers/asdf.py,sha256=DJp0QEFwUjy2MFwKYcYqIR_BS1fQT1Yi9Kcmqt0aChM,1366
|
|
@@ -62,7 +62,7 @@ dissect/target/helpers/network_managers.py,sha256=uRh_P8ICbKke2N7eFJ6AS2-I5DmIRi
|
|
|
62
62
|
dissect/target/helpers/polypath.py,sha256=h8p7m_OCNiQljGwoZh5Aflr9H2ot6CZr6WKq1OSw58o,2175
|
|
63
63
|
dissect/target/helpers/protobuf.py,sha256=NwKrZD4q9v7J8GnZX9gbzMUMV5pR78eAV17jgWOz_EY,1730
|
|
64
64
|
dissect/target/helpers/record.py,sha256=lWl7k2Mp9Axllm0tXzPGJx2zj2zONsyY_p5g424T0Lc,4826
|
|
65
|
-
dissect/target/helpers/record_modifier.py,sha256=
|
|
65
|
+
dissect/target/helpers/record_modifier.py,sha256=3I_rC5jqvl0TsW3V8OQ6Dltz_D8J4PU1uhhzbJGKm9c,3245
|
|
66
66
|
dissect/target/helpers/regutil.py,sha256=kX-sSZbW8Qkg29Dn_9zYbaQrwLumrr4Y8zJ1EhHXIAM,27337
|
|
67
67
|
dissect/target/helpers/shell_folder_ids.py,sha256=Behhb8oh0kMxrEk6YYKYigCDZe8Hw5QS6iK_d2hTs2Y,24978
|
|
68
68
|
dissect/target/helpers/ssh.py,sha256=LPssHXyfL8QYmLi2vpa3wElsGboLG_A1Y8kvOehpUr4,6338
|
|
@@ -95,7 +95,7 @@ dissect/target/loaders/phobos.py,sha256=XtxF7FZXfZrXJruFUZUQzxlREyfc86dTxph7BNoN
|
|
|
95
95
|
dissect/target/loaders/profile.py,sha256=5ylgmzEEGyBFW3izvb-BZ7dGByXN9OFyRnnggR98P9w,1667
|
|
96
96
|
dissect/target/loaders/pvm.py,sha256=b-PvHNTbRVdOnf7-OR5dbikbDTCFlW85b-9Z8PEL2Cs,406
|
|
97
97
|
dissect/target/loaders/pvs.py,sha256=dMqdYSBQtH9QLM3tdu0mokLBcn73edg_HUtYtqrdi6E,955
|
|
98
|
-
dissect/target/loaders/raw.py,sha256=
|
|
98
|
+
dissect/target/loaders/raw.py,sha256=tleNWoO0BkC32ExBIPVOpzrQHXXHChZXoZr02oYuC8A,674
|
|
99
99
|
dissect/target/loaders/remote.py,sha256=4cGCQfBwuhh5vo0zgVCK8V3I0w9SSWX3AjbW9eebPRg,9512
|
|
100
100
|
dissect/target/loaders/res.py,sha256=8b178x05t9K31wOeP8yGD1IdR3RpiMGz7wcvtHmmHjk,8819
|
|
101
101
|
dissect/target/loaders/smb.py,sha256=qP8m4Jq7hvAvUCF9jB4yr2Zut7p_R02_vxziNN3R1to,13070
|
|
@@ -307,7 +307,7 @@ dissect/target/plugins/os/windows/regf/muicache.py,sha256=qoA7S8SiZakIreQqxc_QH1
|
|
|
307
307
|
dissect/target/plugins/os/windows/regf/nethist.py,sha256=QHbG9fmZNmjSVhrgqMvMo12YBaQedzeToS7ZD9eIJ28,3111
|
|
308
308
|
dissect/target/plugins/os/windows/regf/recentfilecache.py,sha256=Wr6u7SajA9BtUiypztak9ASJZuimOtWfQUAlfvskjMg,1838
|
|
309
309
|
dissect/target/plugins/os/windows/regf/regf.py,sha256=IbLnOurtlprXAo12iYRdw6fv5J45SuMAqt-mXVYaZi4,3357
|
|
310
|
-
dissect/target/plugins/os/windows/regf/runkeys.py,sha256=
|
|
310
|
+
dissect/target/plugins/os/windows/regf/runkeys.py,sha256=f10jOPTJlUVDEhSiH9JSltKQ-V7zfa8iPX0nKl1gBXo,4247
|
|
311
311
|
dissect/target/plugins/os/windows/regf/shellbags.py,sha256=EKBWBjxvSfxc7WFKmICZs8QUJnjhsCKesjl_NHEnSUo,25621
|
|
312
312
|
dissect/target/plugins/os/windows/regf/shimcache.py,sha256=4SHtwh-ajhgcyR2-vsBbjnsyBtEVPwlgk5j8e1TQkWM,9972
|
|
313
313
|
dissect/target/plugins/os/windows/regf/trusteddocs.py,sha256=4g4m1FYljOpYqGG-7NGyj738Tfnz0uEaN2is2YzkMgg,3669
|
|
@@ -340,10 +340,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
340
340
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
341
341
|
dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
|
|
342
342
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
343
|
-
dissect.target-3.
|
|
344
|
-
dissect.target-3.
|
|
345
|
-
dissect.target-3.
|
|
346
|
-
dissect.target-3.
|
|
347
|
-
dissect.target-3.
|
|
348
|
-
dissect.target-3.
|
|
349
|
-
dissect.target-3.
|
|
343
|
+
dissect.target-3.18.dev1.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
344
|
+
dissect.target-3.18.dev1.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
345
|
+
dissect.target-3.18.dev1.dist-info/METADATA,sha256=tJDE-kFB1FiUX5R-PfAhVrhV6HLoQ5v12zzo9n3jumk,11299
|
|
346
|
+
dissect.target-3.18.dev1.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
|
347
|
+
dissect.target-3.18.dev1.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
|
|
348
|
+
dissect.target-3.18.dev1.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
349
|
+
dissect.target-3.18.dev1.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|