dissect.target 3.17.dev3__py3-none-any.whl → 3.17.dev5__py3-none-any.whl

dissect/target/loader.py

@@ -176,6 +176,7 @@ def open(item: Union[str, Path], *args, **kwargs) -> Loader:
 
 register("local", "LocalLoader")
 register("remote", "RemoteLoader")
+register("mqtt", "MQTTLoader")
 register("targetd", "TargetdLoader")
 register("asdf", "AsdfLoader")
 register("tar", "TarLoader")

dissect/target/loaders/mqtt.py

@@ -0,0 +1,295 @@
+from __future__ import annotations
+
+import logging
+import ssl
+import time
+import urllib
+from dataclasses import dataclass
+from functools import lru_cache
+from io import BytesIO
+from pathlib import Path
+from struct import pack, unpack_from
+from typing import Any, Callable, Optional, Union
+
+import paho.mqtt.client as mqtt
+from dissect.util.stream import AlignedStream
+
+from dissect.target.containers.raw import RawContainer
+from dissect.target.exceptions import LoaderError
+from dissect.target.filesystem import VirtualFilesystem
+from dissect.target.loader import Loader
+from dissect.target.plugin import arg
+from dissect.target.target import Target
+
+log = logging.getLogger(__name__)
+
+DISK_INDEX_OFFSET = 9
+
+
+def suppress(func: Callable) -> Callable:
+    def suppressed(*args, **kwargs):
+        try:
+            return func(*args, **kwargs)
+        except Exception:
+            return
+
+    return suppressed
+
+
+@dataclass
+class InfoMessage:
+    disks: list[DiskMessage]
+
+
+@dataclass
+class DiskMessage:
+    index: int = 0
+    sector_size: int = 0
+    total_size: int = 0
+
+
+@dataclass
+class SeekMessage:
+    data: bytes = b""
+
+
+class MQTTStream(AlignedStream):
+    def __init__(self, stream: MQTTConnection, disk_id: int, size: Optional[int] = None):
+        self.stream = stream
+        self.disk_id = disk_id
+        super().__init__(size)
+
+    def _read(self, offset: int, length: int, optimization_strategy: int = 0) -> bytes:
+        data = self.stream.read(self.disk_id, offset, length, optimization_strategy)
+        return data
+
+
+class MQTTConnection:
+    broker = None
+    host = None
+
+    def __init__(self, broker: Broker, host: str):
+        self.broker = broker
+        self.host = str(host)
+        self.info = lru_cache(128)(self.info)
+        self.read = lru_cache(128)(self.read)
+
+    def topo(self, peers: int):
+        self.broker.topology(self.host)
+
+        while len(self.broker.peers(self.host)) < peers:
+            self.broker.topology(self.host)
+            time.sleep(1)
+        return self.broker.peers(self.host)
+
+    def info(self) -> list[MQTTStream]:
+        disks = []
+        self.broker.info(self.host)
+
+        message = None
+        while message is None:
+            message = self.broker.disk(self.host)
+
+        for idx, disk in enumerate(message.disks):
+            disks.append(MQTTStream(self, idx, disk.total_size))
+
+        return disks
+
+    def read(self, disk_id: int, offset: int, length: int, optimization_strategy: int) -> bytes:
+        message = None
+        self.broker.seek(self.host, disk_id, offset, length, optimization_strategy)
+
+        attempts = 0
+        while True:
+            message = self.broker.read(self.host, disk_id, offset, length)
+            # don't waste time with sleep if we have a response
+            if message:
+                break
+
+            attempts += 1
+            time.sleep(0.01)
+            if attempts > 100:
+                # message might have not reached agent, resend...
+                self.broker.seek(self.host, disk_id, offset, length, optimization_strategy)
+                attempts = 0
+
+        return message.data
+
+
+class Broker:
+    broker_host = None
+    broker_port = None
+    private_key_file = None
+    certificate_file = None
+    cacert_file = None
+    mqtt_client = None
+    connected = False
+    case = None
+
+    diskinfo = {}
+    index = {}
+    topo = {}
+
+    def __init__(self, broker: Broker, port: str, key: str, crt: str, ca: str, case: str, **kwargs):
+        self.broker_host = broker
+        self.broker_port = int(port)
+        self.private_key_file = key
+        self.certificate_file = crt
+        self.cacert_file = ca
+        self.case = case
+
+    @suppress
+    def read(self, host: str, disk_id: int, seek_address: int, read_length: int) -> SeekMessage:
+        key = f"{host}-{disk_id}-{seek_address}-{read_length}"
+        return self.index.pop(key)
+
+    @suppress
+    def disk(self, host: str) -> DiskMessage:
+        return self.diskinfo[host]
+
+    def peers(self, host: str) -> int:
+        return self.topo[host]
+
+    def _on_disk(self, hostname: str, payload: bytes) -> None:
+        (num_of_disks,) = unpack_from("<B", payload, offset=0)
+        disks = []
+        for disk_index in range(num_of_disks):
+            (
+                sector_size,
+                total_size,
+            ) = unpack_from("<IQ", payload, offset=1 + (disk_index * DISK_INDEX_OFFSET))
+            disks.append(DiskMessage(index=disk_index, sector_size=sector_size, total_size=total_size))
+
+        self.diskinfo[hostname] = InfoMessage(disks=disks)
+
+    def _on_read(self, hostname: str, tokens: list[str], payload: bytes) -> None:
+        disk_id = tokens[3]
+        seek_address = int(tokens[4], 16)
+        read_length = int(tokens[5], 16)
+        msg = SeekMessage(data=payload)
+
+        key = f"{hostname}-{disk_id}-{seek_address}-{read_length}"
+
+        if key in self.index:
+            return
+
+        self.index[key] = msg
+
+    def _on_id(self, hostname: str, payload: bytes) -> None:
+        key = hostname
+        host = payload.decode("utf-8")
+        if host not in self.topo[key]:
+            self.topo[key].append(payload.decode("utf-8"))
+            self.mqtt_client.subscribe(f"{self.case}/{host}/DISKS")
+            self.mqtt_client.subscribe(f"{self.case}/{host}/READ/#")
+            time.sleep(1)
+
+    def _on_log(self, client: mqtt.Client, userdata: Any, log_level: int, message: str) -> None:
+        log.debug(message)
+
+    def _on_connect(self, client: mqtt.Client, userdata: Any, flags: dict, rc: int) -> None:
+        self.connected = True
+
+    def _on_message(self, client: mqtt.Client, userdata: Any, msg: mqtt.client.MQTTMessage) -> None:
+        tokens = msg.topic.split("/")
+        casename, hostname, response, *_ = tokens
+        if casename != self.case:
+            return
+
+        if response == "DISKS":
+            self._on_disk(hostname, msg.payload)
+        elif response == "READ":
+            self._on_read(hostname, tokens, msg.payload)
+        elif response == "ID":
+            self._on_id(hostname, msg.payload)
+
+    def seek(self, host: str, disk_id: int, offset: int, length: int, optimization_strategy: int) -> None:
+        self.mqtt_client.publish(
+            f"{self.case}/{host}/SEEK/{disk_id}/{hex(offset)}/{hex(length)}", pack("<I", optimization_strategy)
+        )
+
+    def info(self, host: str) -> None:
+        self.mqtt_client.publish(f"{self.case}/{host}/INFO")
+
+    def topology(self, host: str) -> None:
+        self.topo[host] = []
+        self.mqtt_client.subscribe(f"{self.case}/{host}/ID")
+        time.sleep(1)  # need some time to avoid race condition, i.e. MQTT might react too fast
+        self.mqtt_client.publish(f"{self.case}/{host}/TOPO")
+
+    def connect(self) -> None:
+        self.mqtt_client = mqtt.Client(
+            client_id="", clean_session=True, userdata=None, protocol=mqtt.MQTTv311, transport="tcp"
+        )
+        self.mqtt_client.tls_set(
+            ca_certs=self.cacert_file,
+            certfile=self.certificate_file,
+            keyfile=self.private_key_file,
+            cert_reqs=ssl.CERT_REQUIRED,
+            tls_version=ssl.PROTOCOL_TLS,
+            ciphers=None,
+        )
+        self.mqtt_client.tls_insecure_set(True)  # merely having the correct cert is ok
+        self.mqtt_client.on_connect = self._on_connect
+        self.mqtt_client.on_message = self._on_message
+        if log.getEffectiveLevel() == logging.DEBUG:
+            self.mqtt_client.on_log = self._on_log
+        self.mqtt_client.connect(self.broker_host, port=self.broker_port, keepalive=60)
+        self.mqtt_client.loop_start()
+
+
+@arg("--mqtt-peers", type=int, dest="peers", help="minimum number of peers to await for first alias")
+@arg("--mqtt-case", dest="case", help="case name (broker will determine if you are allowed to access this data)")
+@arg("--mqtt-port", type=int, dest="port", help="broker connection port")
+@arg("--mqtt-broker", dest="broker", help="broker ip-address")
+@arg("--mqtt-key", dest="key", help="private key file")
+@arg("--mqtt-crt", dest="crt", help="client certificate file")
+@arg("--mqtt-ca", dest="ca", help="certificate authority file")
+class MQTTLoader(Loader):
+    """Load remote targets through a broker."""
+
+    PATH = "/remote/data/hosts.txt"
+    FOLDER = "/remote/hosts"
+
+    connection = None
+    broker = None
+    peers = []
+
+    def __init__(self, path: Union[Path, str], **kwargs):
+        super().__init__(path)
+        cls = MQTTLoader
+
+        if str(path).startswith("/remote/hosts/host"):
+            self.path = path.read_text()  # update path to reflect the resolved host
+
+        num_peers = 1
+        if cls.broker is None:
+            if (uri := kwargs.get("parsed_path")) is None:
+                raise LoaderError("No URI connection details has been passed.")
+            options = dict(urllib.parse.parse_qsl(uri.query, keep_blank_values=True))
+            cls.broker = Broker(**options)
+            cls.broker.connect()
+            num_peers = int(options.get("peers", 1))
+
+        self.broker = cls.broker
+        self.connection = MQTTConnection(self.broker, self.path)
+        self.peers = self.connection.topo(num_peers)
+
+    def map(self, target: Target) -> None:
+        if len(self.peers) == 1 and self.peers[0] == str(self.path):
+            target.path = Path(str(self.path))
+            for disk in self.connection.info():
+                target.disks.add(RawContainer(disk))
+        else:
+            target.mqtt = True
+            vfs = VirtualFilesystem()
+            vfs.map_file_fh(self.PATH, BytesIO("\n".join(self.peers).encode("utf-8")))
+            for index, peer in enumerate(self.peers):
+                vfs.map_file_fh(f"{self.FOLDER}/host{index}-{peer}", BytesIO(peer.encode("utf-8")))
+
+            target.fs.mount("/data", vfs)
+            target.filesystems.add(vfs)
+
+    @staticmethod
+    def detect(path: Path) -> bool:
+        return str(path).startswith("/remote/hosts/host")

dissect/target/plugins/apps/vpn/openvpn.py

@@ -1,12 +1,15 @@
+from __future__ import annotations
+
+import io
 import itertools
-import re
-from os.path import basename
-from typing import Iterator, Union
+from itertools import product
+from typing import Iterable, Iterator, Optional, Union
 
-from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.exceptions import ConfigurationParsingError, UnsupportedPluginError
 from dissect.target.helpers import fsutil
+from dissect.target.helpers.configutil import Default, ListUnwrapper, _update_dictionary
 from dissect.target.helpers.record import TargetRecordDescriptor
-from dissect.target.plugin import OperatingSystem, Plugin, export
+from dissect.target.plugin import OperatingSystem, Plugin, arg, export
 
 COMMON_ELEMENTS = [
     ("string", "name"),  # basename of .conf file
@@ -15,6 +18,7 @@ COMMON_ELEMENTS = [
     ("string", "ca"),
     ("string", "cert"),
     ("string", "key"),
+    ("boolean", "redacted_key"),
     ("string", "tls_auth"),
     ("string", "status"),
     ("string", "log"),
@@ -46,7 +50,60 @@ OpenVPNClient = TargetRecordDescriptor(
 )
 
 
-CONFIG_COMMENT_SPLIT_REGEX = re.compile("(#|;)")
+class OpenVPNParser(Default):
+    def __init__(self, *args, **kwargs):
+        boolean_fields = OpenVPNServer.getfields("boolean") + OpenVPNClient.getfields("boolean")
+        self.boolean_field_names = set(field.name.replace("_", "-") for field in boolean_fields)
+
+        super().__init__(*args, separator=(r"\s",), collapse=["key", "ca", "cert"], **kwargs)
+
+    def parse_file(self, fh: io.TextIOBase) -> None:
+        root = {}
+        iterator = self.line_reader(fh)
+        for line in iterator:
+            if line.startswith("<"):
+                key = line.strip().strip("<>")
+                value = self._read_blob(iterator)
+                _update_dictionary(root, key, value)
+                continue
+
+            self._parse_line(root, line)
+
+        self.parsed_data = ListUnwrapper.unwrap(root)
+
+    def _read_blob(self, lines: Iterable[str]) -> str | list[dict]:
+        """Read the whole section between <data></data> sections"""
+        output = ""
+        with io.StringIO() as buffer:
+            for line in lines:
+                if "</" in line:
+                    break
+
+                buffer.write(line)
+            output = buffer.getvalue()
+
+        # Check for connection profile blocks
+        if not output.startswith("-----"):
+            profile_dict = dict()
+            for line in output.splitlines():
+                self._parse_line(profile_dict, line)
+
+            # We put it as a list as _update_dictionary appends data in a list.
+            output = [profile_dict]
+
+        return output
+
+    def _parse_line(self, root: dict, line: str) -> None:
+        key, *value = self.SEPARATOR.split(line, 1)
+        # Unquote data
+        value = value[0].strip() if value else ""
+
+        value = value.strip("'\"")
+
+        if key in self.boolean_field_names:
+            value = True
+
+        _update_dictionary(root, key, value)
 
 
 class OpenVPNPlugin(Plugin):
@@ -61,133 +118,98 @@ class OpenVPNPlugin(Plugin):
     config_globs = [
         # This catches openvpn@, openvpn-client@, and openvpn-server@ systemd configurations
         # Linux
-        "/etc/openvpn/*.conf",
-        "/etc/openvpn/server/*.conf",
-        "/etc/openvpn/client/*.conf",
+        "/etc/openvpn/",
         # Windows
-        "sysvol/Program Files/OpenVPN/config/*.conf",
+        "sysvol/Program Files/OpenVPN/config/",
     ]
 
     user_config_paths = {
-        OperatingSystem.WINDOWS.value: ["OpenVPN/config/*.conf"],
-        OperatingSystem.OSX.value: ["Library/Application Support/OpenVPN Connect/profiles/*.conf"],
+        OperatingSystem.WINDOWS.value: ["OpenVPN/config/"],
+        OperatingSystem.OSX.value: ["Library/Application Support/OpenVPN Connect/profiles/"],
     }
 
     def __init__(self, target) -> None:
         super().__init__(target)
         self.configs: list[fsutil.TargetPath] = []
-        for path in self.config_globs:
-            self.configs.extend(self.target.fs.path().glob(path.lstrip("/")))
+        for base, glob in product(self.config_globs, ["*.conf", "*.ovpn"]):
+            self.configs.extend(self.target.fs.path(base).rglob(glob))
 
         user_paths = self.user_config_paths.get(target.os, [])
-        for path, user_details in itertools.product(user_paths, self.target.user_details.all_with_home()):
-            self.configs.extend(user_details.home_path.glob(path))
+        for path, glob, user_details in itertools.product(
+            user_paths, ["*.conf", "*.ovpn"], self.target.user_details.all_with_home()
+        ):
+            self.configs.extend(user_details.home_path.joinpath(path).rglob(glob))
 
     def check_compatible(self) -> None:
         if not self.configs:
             raise UnsupportedPluginError("No OpenVPN configuration files found")
 
+    def _load_config(self, parser: OpenVPNParser, config_path: fsutil.TargetPath) -> Optional[dict]:
+        with config_path.open("rt") as file:
+            try:
+                parser.parse_file(file)
+            except ConfigurationParsingError as e:
+                # Couldn't parse file, continue
+                self.target.log.info("An issue occurred during parsing of %s, continuing", config_path)
+                self.target.log.debug("", exc_info=e)
+                return None
+
+        return parser.parsed_data
+
     @export(record=[OpenVPNServer, OpenVPNClient])
-    def config(self) -> Iterator[Union[OpenVPNServer, OpenVPNClient]]:
+    @arg("--export-key", action="store_true")
+    def config(self, export_key: bool = False) -> Iterator[Union[OpenVPNServer, OpenVPNClient]]:
         """Parses config files from openvpn interfaces."""
+        # We define the parser here so we can reuse it
+        parser = OpenVPNParser()
 
         for config_path in self.configs:
-            config = _parse_config(config_path.read_text())
-
-            name = basename(config_path).replace(".conf", "")
-            proto = config.get("proto", "udp")  # Default is UDP
-            dev = config.get("dev")
-            ca = _unquote(config.get("ca"))
-            cert = _unquote(config.get("cert"))
-            key = _unquote(config.get("key"))
+            config = self._load_config(parser, config_path)
+
+            common_elements = {
+                "name": config_path.stem,
+                "proto": config.get("proto", "udp"),  # Default is UDP
+                "dev": config.get("dev"),
+                "ca": config.get("ca"),
+                "cert": config.get("cert"),
+                "key": config.get("key"),
+                "status": config.get("status"),
+                "log": config.get("log"),
+                "source": config_path,
+                "_target": self.target,
+            }
+
+            if not export_key and "PRIVATE KEY" in common_elements.get("key"):
+                common_elements.update({"key": None})
+                common_elements.update({"redacted_key": True})
+
             tls_auth = config.get("tls-auth", "")
             # The format of tls-auth is 'tls-auth ta.key <NUM>'.
             # NUM is either 0 or 1 depending on whether the configuration
             # is for the client or server, and that does not interest us
             # This gets rid of the number at the end, while still supporting spaces
-            tls_auth = _unquote(" ".join(tls_auth.split(" ")[:-1]))
-            status = config.get("status")
-            log = config.get("log")
+            tls_auth = " ".join(tls_auth.split(" ")[:-1]).strip("'\"")
+
+            common_elements.update({"tls_auth": tls_auth})
 
             if "client" in config:
                 remote = config.get("remote", [])
-                # In cases when there is only a single remote,
-                # we want to return it as its own list
-                if isinstance(remote, str):
-                    remote = [remote]
 
                 yield OpenVPNClient(
-                    name=name,
-                    proto=proto,
-                    dev=dev,
-                    ca=ca,
-                    cert=cert,
-                    key=key,
-                    tls_auth=tls_auth,
-                    status=status,
-                    log=log,
+                    **common_elements,
                     remote=remote,
-                    source=config_path,
-                    _target=self.target,
                 )
             else:
-                pushed_options = config.get("push", [])
-                # In cases when there is only a single push,
-                # we want to return it as its own list
-                if isinstance(pushed_options, str):
-                    pushed_options = [pushed_options]
-                pushed_options = [_unquote(opt) for opt in pushed_options]
                 # Defaults here are taken from `man (8) openvpn`
                 yield OpenVPNServer(
-                    name=name,
-                    proto=proto,
-                    dev=dev,
-                    ca=ca,
-                    cert=cert,
-                    key=key,
-                    tls_auth=tls_auth,
-                    status=status,
-                    log=log,
+                    **common_elements,
                     local=config.get("local", "0.0.0.0"),
                     port=int(config.get("port", "1194")),
-                    dh=_unquote(config.get("dh")),
+                    dh=config.get("dh"),
                     topology=config.get("topology"),
                     server=config.get("server"),
                     ifconfig_pool_persist=config.get("ifconfig-pool-persist"),
-                    pushed_options=pushed_options,
+                    pushed_options=config.get("push", []),
                     client_to_client=config.get("client-to-client", False),
                     duplicate_cn=config.get("duplicate-cn", False),
-                    source=config_path,
-                    _target=self.target,
                 )
-
-
-def _parse_config(content: str) -> dict[str, Union[str, list[str]]]:
-    """Parses Openvpn config  files"""
-    lines = content.splitlines()
-    res = {}
-    boolean_fields = OpenVPNServer.getfields("boolean") + OpenVPNClient.getfields("boolean")
-    boolean_field_names = set(field.name for field in boolean_fields)
-
-    for line in lines:
-        # As per man (8) openvpn, lines starting with ; or # are comments
-        if line and not line.startswith((";", "#")):
-            key, *value = line.split(" ", 1)
-            value = value[0] if value else ""
-            # This removes all text after the first comment
-            value = CONFIG_COMMENT_SPLIT_REGEX.split(value, 1)[0].strip()
-
-            if key in boolean_field_names and value == "":
-                value = True
-
-            if old_value := res.get(key):
-                if not isinstance(old_value, list):
-                    old_value = [old_value]
-                res[key] = old_value + [value]
-            else:
-                res[key] = value
-    return res
-
-
-def _unquote(content: str) -> str:
-    return content.strip("\"'")

dissect/target/plugins/child/mqtt.py

@@ -0,0 +1,35 @@
+from __future__ import annotations
+
+from typing import TYPE_CHECKING, Iterator
+
+from flow.record.fieldtypes import posix_path
+
+from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.helpers.record import ChildTargetRecord
+from dissect.target.plugin import ChildTargetPlugin
+
+if TYPE_CHECKING:
+    from dissect.target.target import Target
+
+
+class MQTT(ChildTargetPlugin):
+    """Child target plugin that yields from remote broker."""
+
+    __type__ = "mqtt"
+
+    PATH = "/remote/data/hosts.txt"
+    FOLDER = "/remote/hosts"
+
+    def __init__(self, target: Target):
+        super().__init__(target)
+
+    def check_compatible(self) -> None:
+        if not self.target.mqtt or not self.target.fs.path(self.PATH).exists():
+            raise UnsupportedPluginError("No remote children.txt file found.")
+
+    def list_children(self) -> Iterator[ChildTargetRecord]:
+        hosts = self.target.fs.path(self.PATH).read_text(encoding="utf-8").split("\n")
+        for index, host in enumerate(hosts):
+            yield ChildTargetRecord(
+                type=self.__type__, path=posix_path(f"{self.FOLDER}/host{index}-{host}"), _target=self.target
+            )

dissect/target/tools/shell.py

@@ -37,6 +37,7 @@ from dissect.target.plugin import arg
 from dissect.target.target import Target
 from dissect.target.tools.info import print_target_info
 from dissect.target.tools.utils import (
+    args_to_uri,
     catch_sigpipe,
     configure_generic_arguments,
     generate_argparse_for_bound_method,
@@ -1223,10 +1224,17 @@ def main() -> None:
     parser.add_argument("targets", metavar="TARGETS", nargs="*", help="targets to load")
     parser.add_argument("-p", "--python", action="store_true", help="(I)Python shell")
     parser.add_argument("-r", "--registry", action="store_true", help="registry shell")
+    parser.add_argument(
+        "-L",
+        "--loader",
+        action="store",
+        default=None,
+        help="select a specific loader (i.e. vmx, raw)",
+    )
 
     configure_generic_arguments(parser)
-    args = parser.parse_args()
-
+    args, rest = parser.parse_known_args()
+    args.targets = args_to_uri(args.targets, args.loader, rest) if args.loader else args.targets
     process_generic_arguments(args)
 
     # For the shell tool we want -q to log slightly more then just CRITICAL

{dissect.target-3.17.dev3.dist-info → dissect.target-3.17.dev5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.17.dev3
+Version: 3.17.dev5
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3
@@ -58,6 +58,9 @@ Requires-Dist: fusepy ; extra == 'full'
 Requires-Dist: pycryptodome ; extra == 'full'
 Requires-Dist: pyyaml ; extra == 'full'
 Requires-Dist: zstandard ; extra == 'full'
+Provides-Extra: mqtt
+Requires-Dist: dissect.target[full] ; extra == 'mqtt'
+Requires-Dist: paho-mqtt ==1.6.1 ; extra == 'mqtt'
 Provides-Extra: smb
 Requires-Dist: dissect.target[full] ; extra == 'smb'
 Requires-Dist: impacket ==0.10.0 ; extra == 'smb'

{dissect.target-3.17.dev3.dist-info → dissect.target-3.17.dev5.dist-info}/RECORD

@@ -2,7 +2,7 @@ dissect/target/__init__.py,sha256=Oc7ounTgq2hE4nR6YcNabetc7SQA40ldSa35VEdZcQU,63
 dissect/target/container.py,sha256=9ixufT1_0WhraqttBWwQjG80caToJqvCX8VjFk8d5F0,9307
 dissect/target/exceptions.py,sha256=VVW_Rq_vQinapz-2mbJ3UkxBEZpb2pE_7JlhMukdtrY,2877
 dissect/target/filesystem.py,sha256=VD1BA6hLqH_FPWFZ-wliEuCxnFrUK61S9VbGK7CtA5w,55597
-dissect/target/loader.py,sha256=0-LcZNi7S0qsXR7XGtrzxpuCh9BsLcqNR1T15O7SnBM,7257
+dissect/target/loader.py,sha256=HVNHcNhLixbxHl8glbEEC4njkp85hzj0Qdn4of1EnDY,7288
 dissect/target/plugin.py,sha256=HAN8maaDt-Rlqt8Rr1IW7gXQpzNQZjCVz-i4aSPphSw,48677
 dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
 dissect/target/target.py,sha256=xNJdecZSt2oHcZwf775kOSTFRA-c_hKoScXaDuK-8FI,32155
@@ -84,6 +84,7 @@ dissect/target/loaders/itunes.py,sha256=69aMTQiiGYpmD_EYSmf9mO1re8C3jAZIEStmwlMx
 dissect/target/loaders/kape.py,sha256=t5TfrGLqPeIpUUpXzIl6aHsqXMEGDqJ5YwDCs07DiBA,1237
 dissect/target/loaders/local.py,sha256=Ul-LCd_fY7SyWOVR6nH-NqbkuNpxoZVmffwrkvQElU8,16453
 dissect/target/loaders/log.py,sha256=cCkDIRS4aPlX3U-n_jUKaI2FPSV3BDpfqKceaU7rBbo,1507
+dissect/target/loaders/mqtt.py,sha256=yyjiRkVipMcUkUZijk-1mSJAwaWliryhE2CF1FoTwB8,9948
 dissect/target/loaders/multiraw.py,sha256=4a3ZST0NwjnfPDxHkcEfAcX2ddUlT_C-rcrMHNg1wp4,1046
 dissect/target/loaders/ova.py,sha256=6h4O-7i87J394C6KgLsPkdXRAKNwtPubzLNS3vBGs7U,744
 dissect/target/loaders/ovf.py,sha256=ELMq6J2y6cPKbp7pjWAqMMnFYefWxXNqzIiAQdvGGXQ,1061
@@ -136,7 +137,7 @@ dissect/target/plugins/apps/ssh/opensshd.py,sha256=DaXKdgGF3GYHHA4buEvphcm6FF4C8
 dissect/target/plugins/apps/ssh/putty.py,sha256=N8ssjutUVN50JNA5fEIVISbP5sJ7bGTFidRbX3uNG5Y,9404
 dissect/target/plugins/apps/ssh/ssh.py,sha256=uCaoWlT2bgKLUHA1aL6XymJDWJ8JmLsN8PB1C66eidY,1409
 dissect/target/plugins/apps/vpn/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/apps/vpn/openvpn.py,sha256=NZeFSFgGAifevGIQBusdbBRFOPxu0584Th8rKE-XSus,6875
+dissect/target/plugins/apps/vpn/openvpn.py,sha256=d-DGINTIHP_bvv3T09ZwbezHXGctvCyAhJ482m2_-a0,7654
 dissect/target/plugins/apps/vpn/wireguard.py,sha256=SoAMED_bwWJQ3nci5qEY-qV4wJKSSDZQ8K7DoJRYq0k,6521
 dissect/target/plugins/apps/webhosting/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/webhosting/cpanel.py,sha256=OeFQnu9GmpffIlFyK-AR2Qf8tjyMhazWEAUyccDU5y0,2979
@@ -150,6 +151,7 @@ dissect/target/plugins/apps/webserver/webserver.py,sha256=a7a2lLrhsa9c1AXnwiLP-t
 dissect/target/plugins/child/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/child/esxi.py,sha256=GfgQzxntcHcyxAE2QjMJ-TrFhklweSXLbYh0uuv-klg,693
 dissect/target/plugins/child/hyperv.py,sha256=R2qVeu4p_9V53jO-65znN0LwX9v3FVA-9jbbtOQcEz8,2236
+dissect/target/plugins/child/mqtt.py,sha256=9tMxJ4GA4OUEtfDQmKd-gK1U7HTyJTPQ7_iYA9vMvSc,1176
 dissect/target/plugins/child/virtuozzo.py,sha256=Mx4ZxEl21g7IYkzraw4FBZup5EfrkFDv4WuTE3hxguw,1206
 dissect/target/plugins/child/vmware_workstation.py,sha256=8wkA_tSufvBUyp4XQHzRzFETf5ROlyyO_MVS3TExyfw,1570
 dissect/target/plugins/child/wsl.py,sha256=IssQgYET1T-XR5ZX2lGlNFJ_u_3QECpMF_7kXu09HTE,2469
@@ -320,7 +322,7 @@ dissect/target/tools/logging.py,sha256=5ZnumtMWLyslxfrUGZ4ntRyf3obOOhmn8SBjKfdLc
 dissect/target/tools/mount.py,sha256=L_0tSmiBdW4aSaF0vXjB0bAkTC0kmT2N1hrbW6s5Jow,3254
 dissect/target/tools/query.py,sha256=1LbvUKSmXOCMb4xqP3t86JkOgFzKlc7mLCqcczfLht8,16018
 dissect/target/tools/reg.py,sha256=FDsiBBDxjWVUBTRj8xn82vZe-J_d9piM-TKS3PHZCcM,3193
-dissect/target/tools/shell.py,sha256=EBRNKiIV3ljaXKAXraA6DmrIw8Cy5h9irAuwlblP3zo,43251
+dissect/target/tools/shell.py,sha256=6GF-mr4EpzX34G9sqTNKcccFJXhNTlrUqriRYIW7P7o,43544
 dissect/target/tools/utils.py,sha256=bhVZ3-8YynpHkBl4m1T4IpSpCArAXnEjjYwAFGW5JPg,10595
 dissect/target/tools/dump/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/tools/dump/run.py,sha256=yHn9xl_VjasgiuLpjtZdnLW32QCbkwHfnnTPY6Ck_aw,9689
@@ -334,10 +336,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.17.dev3.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.17.dev3.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.17.dev3.dist-info/METADATA,sha256=tT1AlpqvMn7l4mtqaIyghmF6WcYv_dEllU2imku16RI,11099
-dissect.target-3.17.dev3.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-dissect.target-3.17.dev3.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.17.dev3.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.17.dev3.dist-info/RECORD,,
+dissect.target-3.17.dev5.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.17.dev5.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.17.dev5.dist-info/METADATA,sha256=qGpE_5-EiSeQqcnEOWCm0ftgBhIpfe6yMQPtXmQ1i_0,11225
+dissect.target-3.17.dev5.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+dissect.target-3.17.dev5.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.17.dev5.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.17.dev5.dist-info/RECORD,,

{dissect.target-3.17.dev3.dist-info → dissect.target-3.17.dev5.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: bdist_wheel (0.42.0)
+Generator: bdist_wheel (0.43.0)
 Root-Is-Purelib: true
 Tag: py3-none-any