dissect.target 3.19.dev37__py3-none-any.whl → 3.19.dev39__py3-none-any.whl

dissect/target/filesystems/zip.py

@@ -4,16 +4,21 @@ import logging
 import stat
 import zipfile
 from datetime import datetime, timezone
-from typing import BinaryIO, Optional
+from typing import BinaryIO, Iterator
 
 from dissect.util.stream import BufferedStream
 
-from dissect.target.exceptions import FileNotFoundError
+from dissect.target.exceptions import (
+    FileNotFoundError,
+    FilesystemError,
+    IsADirectoryError,
+    NotADirectoryError,
+    NotASymlinkError,
+)
 from dissect.target.filesystem import (
     Filesystem,
     FilesystemEntry,
     VirtualDirectory,
-    VirtualFile,
     VirtualFilesystem,
 )
 from dissect.target.helpers import fsutil
@@ -33,7 +38,7 @@ class ZipFilesystem(Filesystem):
     def __init__(
         self,
         fh: BinaryIO,
-        base: Optional[str] = None,
+        base: str | None = None,
         *args,
         **kwargs,
     ):
@@ -52,12 +57,7 @@ class ZipFilesystem(Filesystem):
                 continue
 
             rel_name = fsutil.normpath(mname[len(self.base) :], alt_separator=self.alt_separator)
-
-            # NOTE: Normally we would check here if the member is a symlink or not
-
-            entry_cls = ZipFilesystemDirectoryEntry if member.is_dir() else ZipFilesystemEntry
-            file_entry = entry_cls(self, rel_name, member)
-            self._fs.map_file_entry(rel_name, file_entry)
+            self._fs.map_file_entry(rel_name, ZipFilesystemEntry(self, rel_name, member))
 
     @staticmethod
     def _detect(fh: BinaryIO) -> bool:
@@ -69,60 +69,95 @@ class ZipFilesystem(Filesystem):
         return self._fs.get(path, relentry=relentry)
 
 
-class ZipFilesystemEntry(VirtualFile):
+# Note: We subclass from VirtualDirectory because VirtualFilesystem is currently only compatible with VirtualDirectory
+# Subclass from VirtualDirectory so we get that compatibility for free, and override the rest to do our own thing
+class ZipFilesystemEntry(VirtualDirectory):
+    fs: ZipFilesystem
+    entry: zipfile.ZipInfo
+
+    def __init__(self, fs: ZipFilesystem, path: str, entry: zipfile.ZipInfo):
+        super().__init__(fs, path)
+        self.entry = entry
+
     def open(self) -> BinaryIO:
-        """Returns file handle (file-like object)."""
+        if self.is_dir():
+            raise IsADirectoryError(self.path)
+
+        if self.is_symlink():
+            return self._resolve().open()
+
         try:
             return BufferedStream(self.fs.zip.open(self.entry), size=self.entry.file_size)
         except Exception:
-            raise FileNotFoundError()
+            raise FileNotFoundError(self.path)
 
-    def readlink(self) -> str:
-        """Read the link if this entry is a symlink. Returns a string."""
-        raise NotImplementedError()
+    def iterdir(self) -> Iterator[str]:
+        if not self.is_dir():
+            raise NotADirectoryError(self.path)
 
-    def readlink_ext(self) -> FilesystemEntry:
-        """Read the link if this entry is a symlink. Returns a filesystem entry."""
-        raise NotImplementedError()
+        entry = self._resolve()
+        if isinstance(entry, ZipFilesystemEntry):
+            yield from super(ZipFilesystemEntry, entry).iterdir()
+        else:
+            yield from entry.iterdir()
 
-    def stat(self, follow_symlinks: bool = True) -> fsutil.stat_result:
-        """Return the stat information of this entry."""
-        return self.lstat()
+    def scandir(self) -> Iterator[FilesystemEntry]:
+        if not self.is_dir():
+            raise NotADirectoryError(self.path)
 
-    def lstat(self) -> fsutil.stat_result:
-        """Return the stat information of the given path, without resolving links."""
-        # ['mode', 'addr', 'dev', 'nlink', 'uid', 'gid', 'size', 'atime', 'mtime', 'ctime']
-        return fsutil.stat_result(
-            [
-                stat.S_IFREG | 0o777,
-                self.entry.header_offset,
-                id(self.fs),
-                1,
-                0,
-                0,
-                self.entry.file_size,
-                0,
-                datetime(*self.entry.date_time, tzinfo=timezone.utc).timestamp(),
-                0,
-            ]
-        )
+        entry = self._resolve()
+        if isinstance(entry, ZipFilesystemEntry):
+            yield from super(ZipFilesystemEntry, entry).scandir()
+        else:
+            yield from entry.scandir()
 
+    def is_dir(self, follow_symlinks: bool = True) -> bool:
+        try:
+            entry = self._resolve(follow_symlinks=follow_symlinks)
+        except FilesystemError:
+            return False
 
-class ZipFilesystemDirectoryEntry(VirtualDirectory):
-    def __init__(self, fs: ZipFilesystem, path: str, entry: zipfile.ZipInfo):
-        super().__init__(fs, path)
-        self.entry = entry
+        if isinstance(entry, ZipFilesystemEntry):
+            return entry.entry.is_dir()
+        return isinstance(entry, VirtualDirectory)
+
+    def is_file(self, follow_symlinks: bool = True) -> bool:
+        try:
+            entry = self._resolve(follow_symlinks=follow_symlinks)
+        except FilesystemError:
+            return False
+
+        if isinstance(entry, ZipFilesystemEntry):
+            return not entry.entry.is_dir()
+        return False
+
+    def is_symlink(self) -> bool:
+        return stat.S_ISLNK(self.entry.external_attr >> 16)
+
+    def readlink(self) -> str:
+        if not self.is_symlink():
+            raise NotASymlinkError()
+        return self.fs.zip.open(self.entry).read().decode()
+
+    def readlink_ext(self) -> FilesystemEntry:
+        return FilesystemEntry.readlink_ext(self)
 
     def stat(self, follow_symlinks: bool = True) -> fsutil.stat_result:
-        """Return the stat information of this entry."""
-        return self.lstat()
+        return self._resolve(follow_symlinks=follow_symlinks).lstat()
 
     def lstat(self) -> fsutil.stat_result:
         """Return the stat information of the given path, without resolving links."""
         # ['mode', 'addr', 'dev', 'nlink', 'uid', 'gid', 'size', 'atime', 'mtime', 'ctime']
+        mode = self.entry.external_attr >> 16
+
+        if self.entry.is_dir() and not stat.S_ISDIR(mode):
+            mode = stat.S_IFDIR | mode
+        elif not self.entry.is_dir() and not stat.S_ISREG(mode):
+            mode = stat.S_IFREG | mode
+
         return fsutil.stat_result(
             [
-                stat.S_IFDIR | 0o777,
+                mode,
                 self.entry.header_offset,
                 id(self.fs),
                 1,

dissect/target/helpers/record.py

@@ -142,3 +142,40 @@ EmptyRecord = RecordDescriptor(
     "empty",
     [],
 )
+
+COMMON_INTERFACE_ELEMENTS = [
+    ("string", "name"),
+    ("string", "type"),
+    ("boolean", "enabled"),
+    ("string", "mac"),
+    ("net.ipaddress[]", "dns"),
+    ("net.ipaddress[]", "ip"),
+    ("net.ipaddress[]", "gateway"),
+    ("string", "source"),
+]
+
+
+UnixInterfaceRecord = TargetRecordDescriptor(
+    "unix/network/interface",
+    COMMON_INTERFACE_ELEMENTS,
+)
+
+WindowsInterfaceRecord = TargetRecordDescriptor(
+    "windows/network/interface",
+    [
+        *COMMON_INTERFACE_ELEMENTS,
+        ("varint", "vlan"),
+        ("string", "metric"),
+        ("datetime", "last_connected"),
+    ],
+)
+
+MacInterfaceRecord = TargetRecordDescriptor(
+    "macos/network/interface",
+    [
+        *COMMON_INTERFACE_ELEMENTS,
+        ("varint", "vlan"),
+        ("string", "proxy"),
+        ("varint", "interface_service_order"),
+    ],
+)

dissect/target/plugins/general/network.py

@@ -0,0 +1,82 @@
+from __future__ import annotations
+
+from typing import Any, Iterator, Union
+
+from flow.record.fieldtypes.net import IPAddress, IPNetwork
+
+from dissect.target.helpers.record import (
+    MacInterfaceRecord,
+    UnixInterfaceRecord,
+    WindowsInterfaceRecord,
+)
+from dissect.target.plugin import Plugin, export, internal
+from dissect.target.target import Target
+
+InterfaceRecord = Union[UnixInterfaceRecord, WindowsInterfaceRecord, MacInterfaceRecord]
+
+
+class NetworkPlugin(Plugin):
+    __namespace__ = "network"
+
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self._interface_list: list[InterfaceRecord] | None = None
+
+    def check_compatible(self) -> None:
+        pass
+
+    def _interfaces(self) -> Iterator[InterfaceRecord]:
+        yield from ()
+
+    def _get_record_type(self, field_name: str) -> Iterator[Any]:
+        for record in self.interfaces():
+            if (output := getattr(record, field_name, None)) is None:
+                continue
+
+            if isinstance(output, list):
+                yield from output
+            else:
+                yield output
+
+    @export(record=InterfaceRecord)
+    def interfaces(self) -> Iterator[InterfaceRecord]:
+        # Only search for the interfaces once
+        if self._interface_list is None:
+            self._interface_list = list(self._interfaces())
+
+        yield from self._interface_list
+
+    @export
+    def ips(self) -> list[IPAddress]:
+        return list(self._get_record_type("ip"))
+
+    @export
+    def gateways(self) -> list[IPAddress]:
+        return list(self._get_record_type("gateway"))
+
+    @export
+    def macs(self) -> list[str]:
+        return list(self._get_record_type("mac"))
+
+    @export
+    def dns(self) -> list[str]:
+        return list(self._get_record_type("dns"))
+
+    @internal
+    def with_ip(self, ip_addr: str) -> Iterator[InterfaceRecord]:
+        for interface in self.interfaces():
+            if ip_addr in interface.ip:
+                yield interface
+
+    @internal
+    def with_mac(self, mac: str) -> Iterator[InterfaceRecord]:
+        for interface in self.interfaces():
+            if interface.mac == mac:
+                yield interface
+
+    @internal
+    def in_cidr(self, cidr: str) -> Iterator[InterfaceRecord]:
+        cidr = IPNetwork(cidr)
+        for interface in self.interfaces():
+            if any(ip_addr in cidr for ip_addr in interface.ip):
+                yield interface

{dissect.target-3.19.dev37.dist-info → dissect.target-3.19.dev39.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.19.dev37
+Version: 3.19.dev39
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.19.dev37.dist-info → dissect.target-3.19.dev39.dist-info}/RECORD

@@ -42,7 +42,7 @@ dissect/target/filesystems/tar.py,sha256=kQNhcEDPX005svse039OeR2AGSDigGuGz2AKoVr
 dissect/target/filesystems/vmfs.py,sha256=sRtYBUAKTKcHrjCXqpFJ8GIVU-ERjqxhB2zXBndtcXU,4955
 dissect/target/filesystems/vmtar.py,sha256=LlKWkTIuLemQmG9yGqL7980uC_AOL77_GWhbJc_grSk,804
 dissect/target/filesystems/xfs.py,sha256=kIyFGKYlyFYC7H3jaEv-lNKtBW4ZkD92H0WpfGcr1ww,4498
-dissect/target/filesystems/zip.py,sha256=WT1bQhzX_1MXXVZTKrJniae4xqRqMZ8FsfbvhgGQRTQ,4462
+dissect/target/filesystems/zip.py,sha256=BeNj23DOYfWuTm5V1V419ViJiMfBrO1VA5gP6rljwXs,5467
 dissect/target/helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/helpers/cache.py,sha256=TXlJBdFRz6V9zKs903am4Yawr0maYw5kZY0RqklDQJM,8568
 dissect/target/helpers/config.py,sha256=RMHnIuKJHINHiLrvKN3EyA0jFA1o6-pbeaycG8Pgrp8,2596
@@ -61,7 +61,7 @@ dissect/target/helpers/mui.py,sha256=i-7XoHbu4WO2fYapK9yGAMW04rFlgRispknc1KQIS5Q
 dissect/target/helpers/network_managers.py,sha256=ByBSe2K3c8hgQC6dokcf-hHdmPcD8PmrOj0xs1C3yhs,25743
 dissect/target/helpers/polypath.py,sha256=h8p7m_OCNiQljGwoZh5Aflr9H2ot6CZr6WKq1OSw58o,2175
 dissect/target/helpers/protobuf.py,sha256=b4DsnqrRLrefcDjx7rQno-_LBcwtJXxuKf5RdOegzfE,1537
-dissect/target/helpers/record.py,sha256=lWl7k2Mp9Axllm0tXzPGJx2zj2zONsyY_p5g424T0Lc,4826
+dissect/target/helpers/record.py,sha256=zwqEnFSgxgX6JdhhF4zycMMZK09crCTWWEFzRxZSuC8,5658
 dissect/target/helpers/record_modifier.py,sha256=3I_rC5jqvl0TsW3V8OQ6Dltz_D8J4PU1uhhzbJGKm9c,3245
 dissect/target/helpers/regutil.py,sha256=kX-sSZbW8Qkg29Dn_9zYbaQrwLumrr4Y8zJ1EhHXIAM,27337
 dissect/target/helpers/shell_folder_ids.py,sha256=Behhb8oh0kMxrEk6YYKYigCDZe8Hw5QS6iK_d2hTs2Y,24978
@@ -180,6 +180,7 @@ dissect/target/plugins/general/config.py,sha256=Mdy9uhWn4OJ96zfXpLgjVifV5SrViqHn
 dissect/target/plugins/general/default.py,sha256=8W_9JV3jKEeETlyTrB25sACoIIFmmO8wlVU5Zoi51W0,1425
 dissect/target/plugins/general/example.py,sha256=6B_YOqajRBLNWBEOfIL_HnLaEANBF8KKoc0mweihiug,6034
 dissect/target/plugins/general/loaders.py,sha256=6iUxhlSAgo7qSE8_XFxgiihK8sdMiP-s4k0W5Iv8m9k,879
+dissect/target/plugins/general/network.py,sha256=Ol4Ls1w78-7zpmVaQQOZG27rvYOhJLFVhomZj5kwibs,2430
 dissect/target/plugins/general/osinfo.py,sha256=RdK5mw3-H9H3sGXz8yP8U_p3wUG1Ww7_HBKZpFdsbTE,1358
 dissect/target/plugins/general/plugins.py,sha256=4URjS6DN1Ey6Cqlbyx6NfFGgQZpWDrqxl8KLcZFODGE,4479
 dissect/target/plugins/general/scrape.py,sha256=Fz7BNXflvuxlnVulyyDhLpyU8D_hJdH6vWVtER9vjTg,6651
@@ -348,10 +349,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.19.dev37.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.19.dev37.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.19.dev37.dist-info/METADATA,sha256=mXarkSk3Roesdmk1FGrFsYXYFROLuwmF6QxdMO3YOVQ,12719
-dissect.target-3.19.dev37.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
-dissect.target-3.19.dev37.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
-dissect.target-3.19.dev37.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.19.dev37.dist-info/RECORD,,
+dissect.target-3.19.dev39.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.19.dev39.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.19.dev39.dist-info/METADATA,sha256=c6QzWVFBBowHJF8fihCzibN_ELCTHhj59sC_YGZIqhY,12719
+dissect.target-3.19.dev39.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
+dissect.target-3.19.dev39.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
+dissect.target-3.19.dev39.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.19.dev39.dist-info/RECORD,,