dissect.target 3.19.dev31__py3-none-any.whl → 3.19.dev33__py3-none-any.whl

dissect/target/helpers/loaderutil.py

@@ -5,7 +5,7 @@ import re
 import urllib
 from os import PathLike
 from pathlib import Path
-from typing import TYPE_CHECKING, BinaryIO, Optional, Union
+from typing import TYPE_CHECKING, BinaryIO
 
 from dissect.target.exceptions import FileNotFoundError
 from dissect.target.filesystem import Filesystem
@@ -42,12 +42,31 @@ def add_virtual_ntfs_filesystem(
     fh_sds = _try_open(fs, sds_path)
 
     if any([fh_boot, fh_mft]):
-        ntfs = NtfsFilesystem(boot=fh_boot, mft=fh_mft, usnjrnl=fh_usnjrnl, sds=fh_sds)
-        target.filesystems.add(ntfs)
-        fs.ntfs = ntfs.ntfs
+        ntfs = None
 
-
-def _try_open(fs: Filesystem, path: str) -> BinaryIO:
+        try:
+            ntfs = NtfsFilesystem(boot=fh_boot, mft=fh_mft, usnjrnl=fh_usnjrnl, sds=fh_sds)
+        except Exception as e:
+            if fh_boot:
+                log.warning("Failed to load NTFS filesystem from %s, retrying without $Boot file", fs)
+                log.debug("", exc_info=e)
+
+                try:
+                    # Try once more without the $Boot file
+                    ntfs = NtfsFilesystem(mft=fh_mft, usnjrnl=fh_usnjrnl, sds=fh_sds)
+                except Exception:
+                    log.warning("Failed to load NTFS filesystem from %s without $Boot file, skipping", fs)
+                    return
+
+        # Only add it if we have a valid NTFS with an MFT
+        if ntfs and ntfs.ntfs.mft:
+            target.filesystems.add(ntfs)
+            fs.ntfs = ntfs.ntfs
+        else:
+            log.warning("Opened NTFS filesystem from %s but could not find $MFT, skipping", fs)
+
+
+def _try_open(fs: Filesystem, path: str) -> BinaryIO | None:
     paths = [path] if not isinstance(path, list) else path
 
     for path in paths:
@@ -61,7 +80,7 @@ def _try_open(fs: Filesystem, path: str) -> BinaryIO:
             pass
 
 
-def extract_path_info(path: Union[str, Path]) -> tuple[Path, Optional[urllib.parse.ParseResult]]:
+def extract_path_info(path: str | Path) -> tuple[Path, urllib.parse.ParseResult | None]:
     """
     Extracts a ParseResult from a path if it has
     a scheme and adjusts the path if necessary.

dissect/target/tools/info.py

@@ -12,6 +12,7 @@ from dissect.target.exceptions import TargetError
 from dissect.target.helpers.record import TargetRecordDescriptor
 from dissect.target.tools.query import record_output
 from dissect.target.tools.utils import (
+    args_to_uri,
     catch_sigpipe,
     configure_generic_arguments,
     process_generic_arguments,
@@ -50,14 +51,14 @@ def main():
     )
     parser.add_argument("targets", metavar="TARGETS", nargs="*", help="Targets to display info from")
     parser.add_argument("--from-file", nargs="?", type=Path, help="file containing targets to load")
-    parser.add_argument("-d", "--delimiter", default=" ", action="store", metavar="','")
     parser.add_argument("-s", "--strings", action="store_true", help="print output as string")
     parser.add_argument("-r", "--record", action="store_true", help="print output as record")
     parser.add_argument("-j", "--json", action="store_true", help="output records as pretty json")
     parser.add_argument("-J", "--jsonlines", action="store_true", help="output records as one-line json")
+    parser.add_argument("-L", "--loader", action="store", default=None, help="select a specific loader (i.e. vmx, raw)")
     configure_generic_arguments(parser)
 
-    args = parser.parse_args()
+    args, rest = parser.parse_known_args()
 
     process_generic_arguments(args)
 
@@ -73,8 +74,10 @@ def main():
             targets = targets[:-1]
         args.targets = targets
 
+    targets = args_to_uri(args.targets, args.loader, rest) if args.loader else args.targets
+
     try:
-        for i, target in enumerate(Target.open_all(args.targets)):
+        for i, target in enumerate(Target.open_all(targets)):
             try:
                 if args.jsonlines:
                     print(json.dumps(get_target_info(target), default=str))

dissect/target/tools/yara.py

@@ -8,6 +8,7 @@ from dissect.target.exceptions import TargetError
 from dissect.target.plugins.filesystem.yara import HAS_YARA, YaraPlugin
 from dissect.target.tools.query import record_output
 from dissect.target.tools.utils import (
+    args_to_uri,
     catch_sigpipe,
     configure_generic_arguments,
     process_generic_arguments,
@@ -27,6 +28,7 @@ def main():
 
     parser.add_argument("targets", metavar="TARGETS", nargs="*", help="Targets to load")
     parser.add_argument("-s", "--strings", default=False, action="store_true", help="print output as string")
+    parser.add_argument("-L", "--loader", action="store", default=None, help="select a specific loader (i.e. vmx, raw)")
     parser.add_argument("--children", action="store_true", help="include children")
 
     for args, kwargs in getattr(YaraPlugin.yara, "__args__", []):
@@ -34,7 +36,7 @@ def main():
 
     configure_generic_arguments(parser)
 
-    args = parser.parse_args()
+    args, rest = parser.parse_known_args()
     process_generic_arguments(args)
 
     if not HAS_YARA:
@@ -45,8 +47,10 @@ def main():
         log.error("No targets provided")
         parser.exit(1)
 
+    targets = args_to_uri(args.targets, args.loader, rest) if args.loader else args.targets
+
     try:
-        for target in Target.open_all(args.targets, args.children):
+        for target in Target.open_all(targets, args.children):
             rs = record_output(args.strings, False)
             for record in target.yara(args.rules, args.path, args.max_size, args.check):
                 rs.write(record)

{dissect.target-3.19.dev31.dist-info → dissect.target-3.19.dev33.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.19.dev31
+Version: 3.19.dev33
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.19.dev31.dist-info → dissect.target-3.19.dev33.dist-info}/RECORD

@@ -54,7 +54,7 @@ dissect/target/helpers/fsutil.py,sha256=tPyH4RBDqM9QXjamIQaDRLUy3b4dKmfrT6k3ZP01
 dissect/target/helpers/hashutil.py,sha256=bYAGEjyYyxuCTziO4kCx6srzY1Cm-PXmayRRcxt5ca4,1061
 dissect/target/helpers/keychain.py,sha256=wYH0sf7eaxP0bZTo80RF_BQMWulCWmIQ8Tzt9K5TSNQ,3611
 dissect/target/helpers/lazy.py,sha256=823VtmdWsbJyVZvNWopDhQdqq2i1xtj6b8IKfveboKw,1771
-dissect/target/helpers/loaderutil.py,sha256=kiyMWra_gVxfNSGwLlgxLcuuqAYuCMDc5NiCDprVNnc,2649
+dissect/target/helpers/loaderutil.py,sha256=4cS0RKGgsljQYYc5uGzmnWJ_NXt7QfWJ1jvtEINZmdE,3415
 dissect/target/helpers/localeutil.py,sha256=Y4Fh4jDSGfm5356xSLMriUCN8SZP_FAHg_iodkAxNq4,1504
 dissect/target/helpers/mount.py,sha256=JxhUYyEbDnHfzPpfuWy4nV9OwCJPoDSGdHHNiyvd_l0,3949
 dissect/target/helpers/mui.py,sha256=i-7XoHbu4WO2fYapK9yGAMW04rFlgRispknc1KQIS5Q,22258
@@ -326,14 +326,14 @@ dissect/target/tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hS
 dissect/target/tools/build_pluginlist.py,sha256=5fomcuMwsVzcnYx5Htf5f9lSwsLeUUvomLUXNA4t7m4,849
 dissect/target/tools/dd.py,sha256=rTM-lgXxrYBpVAtJqFqAatDz45bLoD8-mFt_59Q3Lio,1928
 dissect/target/tools/fs.py,sha256=bdFSckOO-dyvvBpxOgPIx_UKGEbWGbOHF7kl6rWyt7U,6654
-dissect/target/tools/info.py,sha256=3smHr8I71yj3kCjsQ5nXkOHI9T_N8UwvkVa1CNOxB-s,5461
+dissect/target/tools/info.py,sha256=SXU8_AXeFhw2XZBVQu3XW-ZDAewLvahI6Ag4TSq2-3A,5610
 dissect/target/tools/logging.py,sha256=5ZnumtMWLyslxfrUGZ4ntRyf3obOOhmn8SBjKfdLcEg,4174
 dissect/target/tools/mount.py,sha256=L_0tSmiBdW4aSaF0vXjB0bAkTC0kmT2N1hrbW6s5Jow,3254
 dissect/target/tools/query.py,sha256=ONHu2FVomLccikb84qBrlhNmEfRoHYFQMcahk_y2c9A,15580
 dissect/target/tools/reg.py,sha256=FDsiBBDxjWVUBTRj8xn82vZe-J_d9piM-TKS3PHZCcM,3193
 dissect/target/tools/shell.py,sha256=_widEuIRqZhYzcFR52NYI8O2aPFm6tG5Uiv-AIrC32U,45155
 dissect/target/tools/utils.py,sha256=sQizexY3ui5vmWw4KOBLg5ecK3TPFjD-uxDqRn56ZTY,11304
-dissect/target/tools/yara.py,sha256=SZ0lKshWJ0TFTDUYONVKF04TgwmtDAttUPws9j9YSvk,1806
+dissect/target/tools/yara.py,sha256=70k-2VMulf1EdkX03nCACzejaOEcsFHOyX-4E40MdQU,2044
 dissect/target/tools/dump/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/tools/dump/run.py,sha256=aD84peRS4zHqC78fH7Vd4ni3m1ZmVP70LyMwBRvoDGY,9463
 dissect/target/tools/dump/state.py,sha256=YYgCff0kZZ-tx27lJlc9LQ7AfoGnLK5Gyi796OnktA8,9205
@@ -346,10 +346,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.19.dev31.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.19.dev31.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.19.dev31.dist-info/METADATA,sha256=GZuNZDNA6Y6mINzf5sqR_gX4uyq0i5TLvFhCse-bxPc,12719
-dissect.target-3.19.dev31.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-dissect.target-3.19.dev31.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
-dissect.target-3.19.dev31.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.19.dev31.dist-info/RECORD,,
+dissect.target-3.19.dev33.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.19.dev33.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.19.dev33.dist-info/METADATA,sha256=qql1vSsBtkxg9RPKiPg49ssQekDjKwQfE3GKlxWsjCk,12719
+dissect.target-3.19.dev33.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+dissect.target-3.19.dev33.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
+dissect.target-3.19.dev33.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.19.dev33.dist-info/RECORD,,