dissect.target 3.17.dev36__py3-none-any.whl → 3.18.dev1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dissect/target/exceptions.py +4 -0
- dissect/target/helpers/record_modifier.py +4 -1
- dissect/target/loaders/raw.py +7 -0
- dissect/target/plugins/os/windows/regf/runkeys.py +6 -4
- dissect/target/target.py +6 -1
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/METADATA +2 -2
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/RECORD +12 -12
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/LICENSE +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/WHEEL +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.17.dev36.dist-info → dissect.target-3.18.dev1.dist-info}/top_level.txt +0 -0
dissect/target/exceptions.py
CHANGED
|
@@ -62,13 +62,16 @@ MODIFIER_MAPPING = {
|
|
|
62
62
|
|
|
63
63
|
def _resolve_path_types(target: Target, record: Record) -> Iterator[tuple[str, TargetPath]]:
|
|
64
64
|
for field_name, field_type in record._field_types.items():
|
|
65
|
-
if not issubclass(field_type, fieldtypes.path):
|
|
65
|
+
if not issubclass(field_type, (fieldtypes.path, fieldtypes.command)):
|
|
66
66
|
continue
|
|
67
67
|
|
|
68
68
|
path = getattr(record, field_name, None)
|
|
69
69
|
if path is None:
|
|
70
70
|
continue
|
|
71
71
|
|
|
72
|
+
if isinstance(path, fieldtypes.command):
|
|
73
|
+
path = path.executable
|
|
74
|
+
|
|
72
75
|
yield field_name, target.resolve(str(path))
|
|
73
76
|
|
|
74
77
|
|
dissect/target/loaders/raw.py
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
from pathlib import Path
|
|
2
2
|
|
|
3
3
|
from dissect.target import container
|
|
4
|
+
from dissect.target.exceptions import TargetPathNotFoundError
|
|
4
5
|
from dissect.target.loader import Loader
|
|
5
6
|
from dissect.target.target import Target
|
|
6
7
|
|
|
@@ -8,6 +9,12 @@ from dissect.target.target import Target
|
|
|
8
9
|
class RawLoader(Loader):
|
|
9
10
|
"""Load raw container files such as disk images."""
|
|
10
11
|
|
|
12
|
+
def __init__(self, path: Path, **kwargs):
|
|
13
|
+
if not path.exists():
|
|
14
|
+
raise TargetPathNotFoundError("Provided target path does not exist")
|
|
15
|
+
|
|
16
|
+
super().__init__(path, **kwargs)
|
|
17
|
+
|
|
11
18
|
@staticmethod
|
|
12
19
|
def detect(path: Path) -> bool:
|
|
13
20
|
return not path.is_dir()
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
from typing import Iterator
|
|
2
|
+
|
|
1
3
|
from dissect.target.exceptions import UnsupportedPluginError
|
|
2
4
|
from dissect.target.helpers.descriptor_extensions import (
|
|
3
5
|
RegistryRecordDescriptorExtension,
|
|
@@ -11,7 +13,7 @@ RunKeyRecord = create_extended_descriptor([RegistryRecordDescriptorExtension, Us
|
|
|
11
13
|
[
|
|
12
14
|
("datetime", "ts"),
|
|
13
15
|
("wstring", "name"),
|
|
14
|
-
("
|
|
16
|
+
("command", "command"),
|
|
15
17
|
("string", "key"),
|
|
16
18
|
],
|
|
17
19
|
)
|
|
@@ -48,7 +50,7 @@ class RunKeysPlugin(Plugin):
|
|
|
48
50
|
raise UnsupportedPluginError("No registry run key found")
|
|
49
51
|
|
|
50
52
|
@export(record=RunKeyRecord)
|
|
51
|
-
def runkeys(self):
|
|
53
|
+
def runkeys(self) -> Iterator[RunKeyRecord]:
|
|
52
54
|
"""Iterate various run key locations. See source for all locations.
|
|
53
55
|
|
|
54
56
|
Run keys (Run and RunOnce) are registry keys that make a program run when a user logs on. a Run key runs every
|
|
@@ -63,7 +65,7 @@ class RunKeysPlugin(Plugin):
|
|
|
63
65
|
domain (string): The target domain.
|
|
64
66
|
ts (datetime): The registry key last modified timestamp.
|
|
65
67
|
name (string): The run key name.
|
|
66
|
-
|
|
68
|
+
command (command): The run key command.
|
|
67
69
|
key (string): The source key for this run key.
|
|
68
70
|
"""
|
|
69
71
|
for key in self.KEYS:
|
|
@@ -73,7 +75,7 @@ class RunKeysPlugin(Plugin):
|
|
|
73
75
|
yield RunKeyRecord(
|
|
74
76
|
ts=r.ts,
|
|
75
77
|
name=entry.name,
|
|
76
|
-
|
|
78
|
+
command=entry.value,
|
|
77
79
|
key=key,
|
|
78
80
|
_target=self.target,
|
|
79
81
|
_key=r,
|
dissect/target/target.py
CHANGED
|
@@ -14,6 +14,7 @@ from dissect.target.exceptions import (
|
|
|
14
14
|
PluginError,
|
|
15
15
|
PluginNotFoundError,
|
|
16
16
|
TargetError,
|
|
17
|
+
TargetPathNotFoundError,
|
|
17
18
|
UnsupportedPluginError,
|
|
18
19
|
VolumeSystemError,
|
|
19
20
|
)
|
|
@@ -284,7 +285,11 @@ class Target:
|
|
|
284
285
|
try:
|
|
285
286
|
ldr = loader_cls(sub_entry, parsed_path=parsed_path)
|
|
286
287
|
except Exception as e:
|
|
287
|
-
|
|
288
|
+
message = "Failed to initiate loader: %s"
|
|
289
|
+
if isinstance(e, TargetPathNotFoundError):
|
|
290
|
+
message = "%s"
|
|
291
|
+
|
|
292
|
+
getlogger(sub_entry).error(message, e)
|
|
288
293
|
getlogger(sub_entry).debug("", exc_info=e)
|
|
289
294
|
continue
|
|
290
295
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.
|
|
3
|
+
Version: 3.18.dev1
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -31,7 +31,7 @@ Requires-Dist: dissect.ntfs <4.0.dev,>=3.4.dev
|
|
|
31
31
|
Requires-Dist: dissect.regf <4.0.dev,>=3.3.dev
|
|
32
32
|
Requires-Dist: dissect.util <4.0.dev,>=3.0.dev
|
|
33
33
|
Requires-Dist: dissect.volume <4.0.dev,>=3.0.dev
|
|
34
|
-
Requires-Dist: flow.record ~=3.
|
|
34
|
+
Requires-Dist: flow.record ~=3.15.0
|
|
35
35
|
Requires-Dist: structlog
|
|
36
36
|
Provides-Extra: cb
|
|
37
37
|
Requires-Dist: dissect.target[full] ; extra == 'cb'
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
dissect/target/__init__.py,sha256=Oc7ounTgq2hE4nR6YcNabetc7SQA40ldSa35VEdZcQU,63
|
|
2
2
|
dissect/target/container.py,sha256=0YcwcGmfJjhPXUB6DEcjWEoSuAtTDxMDpoTviMrLsxM,9353
|
|
3
|
-
dissect/target/exceptions.py,sha256=
|
|
3
|
+
dissect/target/exceptions.py,sha256=ULi7NXlqju_d8KENEL3aimmfKTFfbNssfeWhAnOB654,2972
|
|
4
4
|
dissect/target/filesystem.py,sha256=1i-lToeTX-HgQXQOYxPXH-90M_eq43W4FFzNDRdpgpk,60094
|
|
5
5
|
dissect/target/loader.py,sha256=hjKInZAEcv43RiqxZJ0yBI4Y2YZ2-nrsKWu_BKrgba4,7336
|
|
6
6
|
dissect/target/plugin.py,sha256=HAN8maaDt-Rlqt8Rr1IW7gXQpzNQZjCVz-i4aSPphSw,48677
|
|
7
7
|
dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
|
|
8
|
-
dissect/target/target.py,sha256=
|
|
8
|
+
dissect/target/target.py,sha256=8vg0VdEQuy5Ih5ewlm0b64o3HcJq_Nley4Ygyp2fLI4,32362
|
|
9
9
|
dissect/target/volume.py,sha256=aQZAJiny8jjwkc9UtwIRwy7nINXjCxwpO-_UDfh6-BA,15801
|
|
10
10
|
dissect/target/containers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
11
11
|
dissect/target/containers/asdf.py,sha256=DJp0QEFwUjy2MFwKYcYqIR_BS1fQT1Yi9Kcmqt0aChM,1366
|
|
@@ -62,7 +62,7 @@ dissect/target/helpers/network_managers.py,sha256=uRh_P8ICbKke2N7eFJ6AS2-I5DmIRi
|
|
|
62
62
|
dissect/target/helpers/polypath.py,sha256=h8p7m_OCNiQljGwoZh5Aflr9H2ot6CZr6WKq1OSw58o,2175
|
|
63
63
|
dissect/target/helpers/protobuf.py,sha256=NwKrZD4q9v7J8GnZX9gbzMUMV5pR78eAV17jgWOz_EY,1730
|
|
64
64
|
dissect/target/helpers/record.py,sha256=lWl7k2Mp9Axllm0tXzPGJx2zj2zONsyY_p5g424T0Lc,4826
|
|
65
|
-
dissect/target/helpers/record_modifier.py,sha256=
|
|
65
|
+
dissect/target/helpers/record_modifier.py,sha256=3I_rC5jqvl0TsW3V8OQ6Dltz_D8J4PU1uhhzbJGKm9c,3245
|
|
66
66
|
dissect/target/helpers/regutil.py,sha256=kX-sSZbW8Qkg29Dn_9zYbaQrwLumrr4Y8zJ1EhHXIAM,27337
|
|
67
67
|
dissect/target/helpers/shell_folder_ids.py,sha256=Behhb8oh0kMxrEk6YYKYigCDZe8Hw5QS6iK_d2hTs2Y,24978
|
|
68
68
|
dissect/target/helpers/ssh.py,sha256=LPssHXyfL8QYmLi2vpa3wElsGboLG_A1Y8kvOehpUr4,6338
|
|
@@ -95,7 +95,7 @@ dissect/target/loaders/phobos.py,sha256=XtxF7FZXfZrXJruFUZUQzxlREyfc86dTxph7BNoN
|
|
|
95
95
|
dissect/target/loaders/profile.py,sha256=5ylgmzEEGyBFW3izvb-BZ7dGByXN9OFyRnnggR98P9w,1667
|
|
96
96
|
dissect/target/loaders/pvm.py,sha256=b-PvHNTbRVdOnf7-OR5dbikbDTCFlW85b-9Z8PEL2Cs,406
|
|
97
97
|
dissect/target/loaders/pvs.py,sha256=dMqdYSBQtH9QLM3tdu0mokLBcn73edg_HUtYtqrdi6E,955
|
|
98
|
-
dissect/target/loaders/raw.py,sha256=
|
|
98
|
+
dissect/target/loaders/raw.py,sha256=tleNWoO0BkC32ExBIPVOpzrQHXXHChZXoZr02oYuC8A,674
|
|
99
99
|
dissect/target/loaders/remote.py,sha256=4cGCQfBwuhh5vo0zgVCK8V3I0w9SSWX3AjbW9eebPRg,9512
|
|
100
100
|
dissect/target/loaders/res.py,sha256=8b178x05t9K31wOeP8yGD1IdR3RpiMGz7wcvtHmmHjk,8819
|
|
101
101
|
dissect/target/loaders/smb.py,sha256=qP8m4Jq7hvAvUCF9jB4yr2Zut7p_R02_vxziNN3R1to,13070
|
|
@@ -307,7 +307,7 @@ dissect/target/plugins/os/windows/regf/muicache.py,sha256=qoA7S8SiZakIreQqxc_QH1
|
|
|
307
307
|
dissect/target/plugins/os/windows/regf/nethist.py,sha256=QHbG9fmZNmjSVhrgqMvMo12YBaQedzeToS7ZD9eIJ28,3111
|
|
308
308
|
dissect/target/plugins/os/windows/regf/recentfilecache.py,sha256=Wr6u7SajA9BtUiypztak9ASJZuimOtWfQUAlfvskjMg,1838
|
|
309
309
|
dissect/target/plugins/os/windows/regf/regf.py,sha256=IbLnOurtlprXAo12iYRdw6fv5J45SuMAqt-mXVYaZi4,3357
|
|
310
|
-
dissect/target/plugins/os/windows/regf/runkeys.py,sha256=
|
|
310
|
+
dissect/target/plugins/os/windows/regf/runkeys.py,sha256=f10jOPTJlUVDEhSiH9JSltKQ-V7zfa8iPX0nKl1gBXo,4247
|
|
311
311
|
dissect/target/plugins/os/windows/regf/shellbags.py,sha256=EKBWBjxvSfxc7WFKmICZs8QUJnjhsCKesjl_NHEnSUo,25621
|
|
312
312
|
dissect/target/plugins/os/windows/regf/shimcache.py,sha256=4SHtwh-ajhgcyR2-vsBbjnsyBtEVPwlgk5j8e1TQkWM,9972
|
|
313
313
|
dissect/target/plugins/os/windows/regf/trusteddocs.py,sha256=4g4m1FYljOpYqGG-7NGyj738Tfnz0uEaN2is2YzkMgg,3669
|
|
@@ -340,10 +340,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
340
340
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
341
341
|
dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
|
|
342
342
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
343
|
-
dissect.target-3.
|
|
344
|
-
dissect.target-3.
|
|
345
|
-
dissect.target-3.
|
|
346
|
-
dissect.target-3.
|
|
347
|
-
dissect.target-3.
|
|
348
|
-
dissect.target-3.
|
|
349
|
-
dissect.target-3.
|
|
343
|
+
dissect.target-3.18.dev1.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
344
|
+
dissect.target-3.18.dev1.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
345
|
+
dissect.target-3.18.dev1.dist-info/METADATA,sha256=tJDE-kFB1FiUX5R-PfAhVrhV6HLoQ5v12zzo9n3jumk,11299
|
|
346
|
+
dissect.target-3.18.dev1.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
|
347
|
+
dissect.target-3.18.dev1.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
|
|
348
|
+
dissect.target-3.18.dev1.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
349
|
+
dissect.target-3.18.dev1.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|