dissect.target 3.19.dev26__py3-none-any.whl → 3.19.dev28__py3-none-any.whl

Sign up to get free protection for your applications and to get access to all the features.
@@ -76,17 +76,15 @@ class YaraPlugin(Plugin):
76
76
  if hasattr(compiled_rules, "warnings") and (num_warns := len(compiled_rules.warnings)) > 0:
77
77
  self.target.log.warning("YARA generated %s warnings while compiling rules", num_warns)
78
78
  for warning in compiled_rules.warnings:
79
- self.target.log.debug(warning)
79
+ self.target.log.info(warning)
80
80
 
81
81
  self.target.log.warning("Will not scan files larger than %s MB", max_size // 1024 // 1024)
82
82
 
83
83
  for _, _, files in self.target.fs.walk_ext(path):
84
84
  for file in files:
85
85
  try:
86
- if file_size := file.stat().st_size > max_size:
87
- self.target.log.debug(
88
- "Skipping file '%s' as it is larger than %s bytes (size is %s)", file, file_size, max_size
89
- )
86
+ if (file_size := file.stat().st_size) > max_size:
87
+ self.target.log.info("Not scanning file of %s MB: '%s'", (file_size // 1024 // 1024), file)
90
88
  continue
91
89
 
92
90
  buf = file.open().read()
dissect/target/target.py CHANGED
@@ -344,7 +344,7 @@ class Target:
344
344
  child_plugin.check_compatible()
345
345
  self._child_plugins[child_plugin.__type__] = child_plugin
346
346
  except PluginError as e:
347
- self.log.info("Child plugin reported itself as incompatible: %s (%s)", plugin_desc["class"], e)
347
+ self.log.debug("Child plugin reported itself as incompatible: %s (%s)", plugin_desc["class"], e)
348
348
  except Exception:
349
349
  self.log.exception(
350
350
  "An exception occurred while checking for child plugin compatibility: %s", plugin_desc["class"]
@@ -27,6 +27,7 @@ def main():
27
27
 
28
28
  parser.add_argument("targets", metavar="TARGETS", nargs="*", help="Targets to load")
29
29
  parser.add_argument("-s", "--strings", default=False, action="store_true", help="print output as string")
30
+ parser.add_argument("--children", action="store_true", help="include children")
30
31
 
31
32
  for args, kwargs in getattr(YaraPlugin.yara, "__args__", []):
32
33
  parser.add_argument(*args, **kwargs)
@@ -45,8 +46,7 @@ def main():
45
46
  parser.exit(1)
46
47
 
47
48
  try:
48
- for target in Target.open_all(args.targets):
49
- target.log.info("Scanning target")
49
+ for target in Target.open_all(args.targets, args.children):
50
50
  rs = record_output(args.strings, False)
51
51
  for record in target.yara(args.rules, args.path, args.max_size, args.check):
52
52
  rs.write(record)
@@ -1,7 +1,7 @@
1
1
  from collections import defaultdict
2
2
  from typing import BinaryIO, Iterator, Union
3
3
 
4
- from dissect.volume.md.md import MD, Device, find_super_block
4
+ from dissect.volume.md.md import MD, MDPhysicalDisk, find_super_block
5
5
 
6
6
  from dissect.target.volume import LogicalVolumeSystem, Volume
7
7
 
@@ -21,7 +21,7 @@ class MdVolumeSystem(LogicalVolumeSystem):
21
21
  if not cls.detect_volume(vol):
22
22
  continue
23
23
 
24
- device = Device(vol)
24
+ device = MDPhysicalDisk(vol)
25
25
  devices[device.set_uuid].append(device)
26
26
 
27
27
  for devs in devices.values():
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: dissect.target
3
- Version: 3.19.dev26
3
+ Version: 3.19.dev28
4
4
  Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
5
5
  Author-email: Dissect Team <dissect@fox-it.com>
6
6
  License: Affero General Public License v3
@@ -5,7 +5,7 @@ dissect/target/filesystem.py,sha256=G1gbOUpnQZyovubYGEUKgaDV0eHH5vE83-0gTc5PZAM,
5
5
  dissect/target/loader.py,sha256=I8WNzDA0SMy42F7zfyBcSKj_VKNv64213WUvtGZ77qE,7374
6
6
  dissect/target/plugin.py,sha256=HAN8maaDt-Rlqt8Rr1IW7gXQpzNQZjCVz-i4aSPphSw,48677
7
7
  dissect/target/report.py,sha256=06uiP4MbNI8cWMVrC1SasNS-Yg6ptjVjckwj8Yhe0Js,7958
8
- dissect/target/target.py,sha256=8vg0VdEQuy5Ih5ewlm0b64o3HcJq_Nley4Ygyp2fLI4,32362
8
+ dissect/target/target.py,sha256=KZ3vDsMjrXxEP6sQE1kOlxMNjqFFsxnivYhoX26GBEY,32363
9
9
  dissect/target/volume.py,sha256=aQZAJiny8jjwkc9UtwIRwy7nINXjCxwpO-_UDfh6-BA,15801
10
10
  dissect/target/containers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
11
11
  dissect/target/containers/asdf.py,sha256=DJp0QEFwUjy2MFwKYcYqIR_BS1fQT1Yi9Kcmqt0aChM,1366
@@ -164,7 +164,7 @@ dissect/target/plugins/filesystem/acquire_hash.py,sha256=OVxI19-Bl1tdqCiFMscFMLm
164
164
  dissect/target/plugins/filesystem/icat.py,sha256=bOMi04IlljnKwxTWTZJKtK7RxKnabFu3WcXyUwzkE-4,4090
165
165
  dissect/target/plugins/filesystem/resolver.py,sha256=HfyASUFV4F9uD-yFXilFpPTORAsRDvdmTvuYHgOaOWg,4776
166
166
  dissect/target/plugins/filesystem/walkfs.py,sha256=e8HEZcV5Wiua26FGWL3xgiQ_PIhcNvGI5KCdsAx2Nmo,2298
167
- dissect/target/plugins/filesystem/yara.py,sha256=JdWqbqDBhKrht3fTroqX7NpBU9khEQUWyMcDgLv2l2g,6686
167
+ dissect/target/plugins/filesystem/yara.py,sha256=w9kJ8trua0rhcpaN18erc0vGIFsJJeqaV6y5lMRl8JQ,6611
168
168
  dissect/target/plugins/filesystem/ntfs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
169
169
  dissect/target/plugins/filesystem/ntfs/mft.py,sha256=2ibCLJA7yUrZshFSPKdjoNt3TpfwTtk-DaErghe91CM,11445
170
170
  dissect/target/plugins/filesystem/ntfs/mft_timeline.py,sha256=vvNFAZbr7s3X2OTYf4ES_L6-XsouTXcTymfxnHfZ1Rw,6791
@@ -333,7 +333,7 @@ dissect/target/tools/query.py,sha256=ONHu2FVomLccikb84qBrlhNmEfRoHYFQMcahk_y2c9A
333
333
  dissect/target/tools/reg.py,sha256=FDsiBBDxjWVUBTRj8xn82vZe-J_d9piM-TKS3PHZCcM,3193
334
334
  dissect/target/tools/shell.py,sha256=_widEuIRqZhYzcFR52NYI8O2aPFm6tG5Uiv-AIrC32U,45155
335
335
  dissect/target/tools/utils.py,sha256=sQizexY3ui5vmWw4KOBLg5ecK3TPFjD-uxDqRn56ZTY,11304
336
- dissect/target/tools/yara.py,sha256=xIom_n78oBiDg6VEBMVk8qmvhYMOPzY5yv9Vl1rDbB4,1754
336
+ dissect/target/tools/yara.py,sha256=SZ0lKshWJ0TFTDUYONVKF04TgwmtDAttUPws9j9YSvk,1806
337
337
  dissect/target/tools/dump/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
338
338
  dissect/target/tools/dump/run.py,sha256=aD84peRS4zHqC78fH7Vd4ni3m1ZmVP70LyMwBRvoDGY,9463
339
339
  dissect/target/tools/dump/state.py,sha256=YYgCff0kZZ-tx27lJlc9LQ7AfoGnLK5Gyi796OnktA8,9205
@@ -344,12 +344,12 @@ dissect/target/volumes/ddf.py,sha256=X0yBIFbG7Z_CJDVqxEBLDynM_NoSwIWEKVsQFOS-Tn4
344
344
  dissect/target/volumes/disk.py,sha256=6KN6FtW7TQ1yN1wSmGqbLQFjBP-aqld-lY3oSvkibz4,991
345
345
  dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1zA,4414
346
346
  dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
347
- dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
347
+ dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
348
348
  dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
349
- dissect.target-3.19.dev26.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
350
- dissect.target-3.19.dev26.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
351
- dissect.target-3.19.dev26.dist-info/METADATA,sha256=JqWUrdsr0XSeyFrdAPCqZYCIrmYfCWdPRFP13XZ4v1o,12719
352
- dissect.target-3.19.dev26.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
353
- dissect.target-3.19.dev26.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
354
- dissect.target-3.19.dev26.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
355
- dissect.target-3.19.dev26.dist-info/RECORD,,
349
+ dissect.target-3.19.dev28.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
350
+ dissect.target-3.19.dev28.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
351
+ dissect.target-3.19.dev28.dist-info/METADATA,sha256=s0RI4tiEkq-koJ8Y_fUAJU1dmMcu1X73uF8fwSN_F7o,12719
352
+ dissect.target-3.19.dev28.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
353
+ dissect.target-3.19.dev28.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
354
+ dissect.target-3.19.dev28.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
355
+ dissect.target-3.19.dev28.dist-info/RECORD,,