dissect.target 3.19.dev37__py3-none-any.whl → 3.19.dev38__py3-none-any.whl

dissect/target/helpers/record.py

@@ -142,3 +142,40 @@ EmptyRecord = RecordDescriptor(
     "empty",
     [],
 )
+
+COMMON_INTERFACE_ELEMENTS = [
+    ("string", "name"),
+    ("string", "type"),
+    ("boolean", "enabled"),
+    ("string", "mac"),
+    ("net.ipaddress[]", "dns"),
+    ("net.ipaddress[]", "ip"),
+    ("net.ipaddress[]", "gateway"),
+    ("string", "source"),
+]
+
+
+UnixInterfaceRecord = TargetRecordDescriptor(
+    "unix/network/interface",
+    COMMON_INTERFACE_ELEMENTS,
+)
+
+WindowsInterfaceRecord = TargetRecordDescriptor(
+    "windows/network/interface",
+    [
+        *COMMON_INTERFACE_ELEMENTS,
+        ("varint", "vlan"),
+        ("string", "metric"),
+        ("datetime", "last_connected"),
+    ],
+)
+
+MacInterfaceRecord = TargetRecordDescriptor(
+    "macos/network/interface",
+    [
+        *COMMON_INTERFACE_ELEMENTS,
+        ("varint", "vlan"),
+        ("string", "proxy"),
+        ("varint", "interface_service_order"),
+    ],
+)

dissect/target/plugins/general/network.py

@@ -0,0 +1,82 @@
+from __future__ import annotations
+
+from typing import Any, Iterator, Union
+
+from flow.record.fieldtypes.net import IPAddress, IPNetwork
+
+from dissect.target.helpers.record import (
+    MacInterfaceRecord,
+    UnixInterfaceRecord,
+    WindowsInterfaceRecord,
+)
+from dissect.target.plugin import Plugin, export, internal
+from dissect.target.target import Target
+
+InterfaceRecord = Union[UnixInterfaceRecord, WindowsInterfaceRecord, MacInterfaceRecord]
+
+
+class NetworkPlugin(Plugin):
+    __namespace__ = "network"
+
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self._interface_list: list[InterfaceRecord] | None = None
+
+    def check_compatible(self) -> None:
+        pass
+
+    def _interfaces(self) -> Iterator[InterfaceRecord]:
+        yield from ()
+
+    def _get_record_type(self, field_name: str) -> Iterator[Any]:
+        for record in self.interfaces():
+            if (output := getattr(record, field_name, None)) is None:
+                continue
+
+            if isinstance(output, list):
+                yield from output
+            else:
+                yield output
+
+    @export(record=InterfaceRecord)
+    def interfaces(self) -> Iterator[InterfaceRecord]:
+        # Only search for the interfaces once
+        if self._interface_list is None:
+            self._interface_list = list(self._interfaces())
+
+        yield from self._interface_list
+
+    @export
+    def ips(self) -> list[IPAddress]:
+        return list(self._get_record_type("ip"))
+
+    @export
+    def gateways(self) -> list[IPAddress]:
+        return list(self._get_record_type("gateway"))
+
+    @export
+    def macs(self) -> list[str]:
+        return list(self._get_record_type("mac"))
+
+    @export
+    def dns(self) -> list[str]:
+        return list(self._get_record_type("dns"))
+
+    @internal
+    def with_ip(self, ip_addr: str) -> Iterator[InterfaceRecord]:
+        for interface in self.interfaces():
+            if ip_addr in interface.ip:
+                yield interface
+
+    @internal
+    def with_mac(self, mac: str) -> Iterator[InterfaceRecord]:
+        for interface in self.interfaces():
+            if interface.mac == mac:
+                yield interface
+
+    @internal
+    def in_cidr(self, cidr: str) -> Iterator[InterfaceRecord]:
+        cidr = IPNetwork(cidr)
+        for interface in self.interfaces():
+            if any(ip_addr in cidr for ip_addr in interface.ip):
+                yield interface

{dissect.target-3.19.dev37.dist-info → dissect.target-3.19.dev38.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.19.dev37
+Version: 3.19.dev38
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.19.dev37.dist-info → dissect.target-3.19.dev38.dist-info}/RECORD

@@ -61,7 +61,7 @@ dissect/target/helpers/mui.py,sha256=i-7XoHbu4WO2fYapK9yGAMW04rFlgRispknc1KQIS5Q
 dissect/target/helpers/network_managers.py,sha256=ByBSe2K3c8hgQC6dokcf-hHdmPcD8PmrOj0xs1C3yhs,25743
 dissect/target/helpers/polypath.py,sha256=h8p7m_OCNiQljGwoZh5Aflr9H2ot6CZr6WKq1OSw58o,2175
 dissect/target/helpers/protobuf.py,sha256=b4DsnqrRLrefcDjx7rQno-_LBcwtJXxuKf5RdOegzfE,1537
-dissect/target/helpers/record.py,sha256=lWl7k2Mp9Axllm0tXzPGJx2zj2zONsyY_p5g424T0Lc,4826
+dissect/target/helpers/record.py,sha256=zwqEnFSgxgX6JdhhF4zycMMZK09crCTWWEFzRxZSuC8,5658
 dissect/target/helpers/record_modifier.py,sha256=3I_rC5jqvl0TsW3V8OQ6Dltz_D8J4PU1uhhzbJGKm9c,3245
 dissect/target/helpers/regutil.py,sha256=kX-sSZbW8Qkg29Dn_9zYbaQrwLumrr4Y8zJ1EhHXIAM,27337
 dissect/target/helpers/shell_folder_ids.py,sha256=Behhb8oh0kMxrEk6YYKYigCDZe8Hw5QS6iK_d2hTs2Y,24978
@@ -180,6 +180,7 @@ dissect/target/plugins/general/config.py,sha256=Mdy9uhWn4OJ96zfXpLgjVifV5SrViqHn
 dissect/target/plugins/general/default.py,sha256=8W_9JV3jKEeETlyTrB25sACoIIFmmO8wlVU5Zoi51W0,1425
 dissect/target/plugins/general/example.py,sha256=6B_YOqajRBLNWBEOfIL_HnLaEANBF8KKoc0mweihiug,6034
 dissect/target/plugins/general/loaders.py,sha256=6iUxhlSAgo7qSE8_XFxgiihK8sdMiP-s4k0W5Iv8m9k,879
+dissect/target/plugins/general/network.py,sha256=Ol4Ls1w78-7zpmVaQQOZG27rvYOhJLFVhomZj5kwibs,2430
 dissect/target/plugins/general/osinfo.py,sha256=RdK5mw3-H9H3sGXz8yP8U_p3wUG1Ww7_HBKZpFdsbTE,1358
 dissect/target/plugins/general/plugins.py,sha256=4URjS6DN1Ey6Cqlbyx6NfFGgQZpWDrqxl8KLcZFODGE,4479
 dissect/target/plugins/general/scrape.py,sha256=Fz7BNXflvuxlnVulyyDhLpyU8D_hJdH6vWVtER9vjTg,6651
@@ -348,10 +349,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.19.dev37.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.19.dev37.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.19.dev37.dist-info/METADATA,sha256=mXarkSk3Roesdmk1FGrFsYXYFROLuwmF6QxdMO3YOVQ,12719
-dissect.target-3.19.dev37.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-dissect.target-3.19.dev37.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
-dissect.target-3.19.dev37.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.19.dev37.dist-info/RECORD,,
+dissect.target-3.19.dev38.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.19.dev38.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.19.dev38.dist-info/METADATA,sha256=moRisLjdf7BN29AYj8cVY3tFh8VxpOVFuU-EfD8f8W0,12719
+dissect.target-3.19.dev38.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+dissect.target-3.19.dev38.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
+dissect.target-3.19.dev38.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.19.dev38.dist-info/RECORD,,