dissect.target 3.18.dev14__py3-none-any.whl → 3.18.dev16__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. dissect/target/plugins/os/windows/_os.py +11 -3
  2. dissect/target/plugins/os/windows/regf/shellbags.py +8 -5
  3. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/METADATA +1 -1
  4. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/RECORD +9 -9
  5. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/COPYRIGHT +0 -0
  6. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/LICENSE +0 -0
  7. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/WHEEL +0 -0
  8. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/entry_points.txt +0 -0
  9. {dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/top_level.txt +0 -0
dissect/target/plugins/os/windows/_os.py CHANGED
@@ -247,13 +247,21 @@ class WindowsPlugin(OSPlugin):
247
247
  if any(map(lambda value: value is not None, version_parts.values())):
248
248
  version = []
249
249
 
250
+ nt_version = _part_str(version_parts, "CurrentVersion")
251
+ build_version = _part_str(version_parts, "CurrentBuildNumber")
250
252
  prodcut_name = _part_str(version_parts, "ProductName")
251
- version.append(prodcut_name)
252
253
 
253
- nt_version = _part_str(version_parts, "CurrentVersion")
254
+ # CurrentBuildNumber >= 22000 on NT 10.0 indicates Windows 11.
255
+ # https://learn.microsoft.com/en-us/windows/release-health/windows11-release-information
256
+ try:
257
+ if nt_version == "10.0" and int(build_version) >= 22_000:
258
+ prodcut_name = prodcut_name.replace("Windows 10", "Windows 11")
259
+ except ValueError:
260
+ pass
261
+
262
+ version.append(prodcut_name)
254
263
  version.append(f"(NT {nt_version})")
255
264
 
256
- build_version = _part_str(version_parts, "CurrentBuildNumber")
257
265
  ubr = version_parts["UBR"]
258
266
  if ubr:
259
267
  build_version = f"{build_version}.{ubr}"
dissect/target/plugins/os/windows/regf/shellbags.py CHANGED
@@ -907,17 +907,20 @@ class EXTENSION_BLOCK_BEEF0004(EXTENSION_BLOCK): # noqa
907
907
  self.file_reference = c_bag.uint64(fh)
908
908
  c_bag.uint64(fh)
909
909
  if version >= 3:
910
- long_len = c_bag.uint16(fh)
910
+ # Start of strings
911
+ localized_name_offset = c_bag.uint16(fh)
911
912
  if version >= 9:
912
913
  c_bag.uint32(fh)
913
914
  if version >= 8:
914
915
  c_bag.uint32(fh)
915
916
  if version >= 3:
916
917
  self.long_name = c_bag.wchar[None](fh)
917
- if 3 <= version < 7 and long_len > 0:
918
- self.localized_name = c_bag.char[long_len](fh)
919
- if version >= 7 and long_len > 0:
920
- self.localized_name = c_bag.wchar[long_len](fh)
918
+
919
+ if 3 <= version < 7 and localized_name_offset > 0:
920
+ self.localized_name = c_bag.char[None](fh)
921
+
922
+ if version >= 7 and localized_name_offset > 0:
923
+ self.localized_name = c_bag.wchar[None](fh)
921
924
 
922
925
 
923
926
  class EXTENSION_BLOCK_BEEF0005(EXTENSION_BLOCK): # noqa
{dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: dissect.target
3
- Version: 3.18.dev14
3
+ Version: 3.18.dev16
4
4
  Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
5
5
  Author-email: Dissect Team <dissect@fox-it.com>
6
6
  License: Affero General Public License v3
{dissect.target-3.18.dev14.dist-info → dissect.target-3.18.dev16.dist-info}/RECORD RENAMED
@@ -255,7 +255,7 @@ dissect/target/plugins/os/unix/log/lastlog.py,sha256=Wq89wRSFZSBsoKVCxjDofnC4yw9
255
255
  dissect/target/plugins/os/unix/log/messages.py,sha256=CXA-SkMPLaCgnTQg9nzII-7tO8Il_ENQmuYvDxo33rI,4698
256
256
  dissect/target/plugins/os/unix/log/utmp.py,sha256=1nPHIaBUHt_9z6PDrvyqg4huKLihUaWLrMmgMsbaeIo,7755
257
257
  dissect/target/plugins/os/windows/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
258
- dissect/target/plugins/os/windows/_os.py,sha256=i9RPs99YD3KvZpAHAIuaQeGDy0nt5DIvfMbreqO_JIY,12723
258
+ dissect/target/plugins/os/windows/_os.py,sha256=Iu-xgEqtkycx1yDx4b_GL29pSz1Lew7lUYCByBOmTOE,13127
259
259
  dissect/target/plugins/os/windows/activitiescache.py,sha256=Q2aILnhJ2rp2AwEbWwyBuSLjMbGqaYJTsavSbfkcFKE,6741
260
260
  dissect/target/plugins/os/windows/adpolicy.py,sha256=fULRFO_I_QxAn6G9SCwlLL-TLVliS13JEGnGotf7lSA,6983
261
261
  dissect/target/plugins/os/windows/amcache.py,sha256=ZZNOs3bILTf0AGkDkhoatndl0j39DXkstN7oOyxJECU,27188
@@ -313,7 +313,7 @@ dissect/target/plugins/os/windows/regf/nethist.py,sha256=QHbG9fmZNmjSVhrgqMvMo12
313
313
  dissect/target/plugins/os/windows/regf/recentfilecache.py,sha256=goS6ajLIh6ZU-Gq4tupoxBoQCfMDp2qJgg-Nn5qFIsY,1850
314
314
  dissect/target/plugins/os/windows/regf/regf.py,sha256=D1GrljF-sV8cWIjWJ3zH7k52i1OWD8poEC_PIeZMEis,3419
315
315
  dissect/target/plugins/os/windows/regf/runkeys.py,sha256=-2HcdnVytzCt1xwgAI8rHDnwk8kwLPWURumvhrGnIHU,4278
316
- dissect/target/plugins/os/windows/regf/shellbags.py,sha256=t6874fvnZoQ05H0-G95-a8RpmCWjz0dli6hHGu5jBEQ,25615
316
+ dissect/target/plugins/os/windows/regf/shellbags.py,sha256=hXAqThFkHmGPmhNRSXwMNzw25kAyIC6OOZivgpPEwTQ,25679
317
317
  dissect/target/plugins/os/windows/regf/shimcache.py,sha256=no78i0nxbnfgDJ5TpDZNAJggCigD_zLrXNYss7gdg2Q,9994
318
318
  dissect/target/plugins/os/windows/regf/trusteddocs.py,sha256=3yvpBDM-Asg0rvGN2TwALGRm9DYogG6TxRau9D6FBbw,3700
319
319
  dissect/target/plugins/os/windows/regf/usb.py,sha256=hR5fnqy_sint1YyWgm1-AMhGQ4MxJOH_Wz0vbYzr9p4,7213
@@ -345,10 +345,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
345
345
  dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
346
346
  dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
347
347
  dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
348
- dissect.target-3.18.dev14.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
349
- dissect.target-3.18.dev14.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
350
- dissect.target-3.18.dev14.dist-info/METADATA,sha256=qUyrrV-NwypUe75u2Y_nLkQFzCP-PXioFx_nBSPszJc,12719
351
- dissect.target-3.18.dev14.dist-info/WHEEL,sha256=mguMlWGMX-VHnMpKOjjQidIo1ssRlCFu4a4mBpz1s2M,91
352
- dissect.target-3.18.dev14.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
353
- dissect.target-3.18.dev14.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
354
- dissect.target-3.18.dev14.dist-info/RECORD,,
348
+ dissect.target-3.18.dev16.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
349
+ dissect.target-3.18.dev16.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
350
+ dissect.target-3.18.dev16.dist-info/METADATA,sha256=HFgrM2p1NkkrKOfp2q-w2d1ZBjaV1g9jKJhmQ5A_8nw,12719
351
+ dissect.target-3.18.dev16.dist-info/WHEEL,sha256=mguMlWGMX-VHnMpKOjjQidIo1ssRlCFu4a4mBpz1s2M,91
352
+ dissect.target-3.18.dev16.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
353
+ dissect.target-3.18.dev16.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
354
+ dissect.target-3.18.dev16.dist-info/RECORD,,