dissect.target 3.19.dev3__py3-none-any.whl → 3.19.dev5__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- dissect/target/plugins/os/windows/defender.py +6 -3
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/METADATA +1 -1
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/RECORD +8 -8
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/LICENSE +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/WHEEL +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/top_level.txt +0 -0
|
@@ -7,7 +7,7 @@ from pathlib import Path
|
|
|
7
7
|
from typing import Any, BinaryIO, Generator, Iterable, Iterator, TextIO, Union
|
|
8
8
|
|
|
9
9
|
import dissect.util.ts as ts
|
|
10
|
-
from dissect.cstruct import
|
|
10
|
+
from dissect.cstruct import cstruct
|
|
11
11
|
from flow.record import Record
|
|
12
12
|
|
|
13
13
|
from dissect.target import plugin
|
|
@@ -357,7 +357,7 @@ class QuarantineEntry:
|
|
|
357
357
|
resource_info = c_defender.QuarantineEntrySection2(resource_buf)
|
|
358
358
|
|
|
359
359
|
# List holding all quarantine entry resources that belong to this quarantine entry.
|
|
360
|
-
self.resources = []
|
|
360
|
+
self.resources: list[QuarantineEntryResource] = []
|
|
361
361
|
|
|
362
362
|
for offset in resource_info.EntryOffsets:
|
|
363
363
|
resource_buf.seek(offset)
|
|
@@ -393,7 +393,7 @@ class QuarantineEntryResource:
|
|
|
393
393
|
# Move pointer
|
|
394
394
|
offset += 4 + field.Size
|
|
395
395
|
|
|
396
|
-
def _add_field(self, field:
|
|
396
|
+
def _add_field(self, field: c_defender.QuarantineEntryResourceField) -> None:
|
|
397
397
|
if field.Identifier == FIELD_IDENTIFIER.CQuaResDataID_File:
|
|
398
398
|
self.resource_id = field.Data.hex().upper()
|
|
399
399
|
elif field.Identifier == FIELD_IDENTIFIER.PhysicalPath:
|
|
@@ -627,6 +627,9 @@ class MicrosoftDefenderPlugin(plugin.Plugin):
|
|
|
627
627
|
if suffix.search(mplog_line):
|
|
628
628
|
break
|
|
629
629
|
match = pattern.match(block)
|
|
630
|
+
if not match:
|
|
631
|
+
return
|
|
632
|
+
|
|
630
633
|
data = match.groupdict()
|
|
631
634
|
data["_target"] = self.target
|
|
632
635
|
data["source_log"] = source
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.19.
|
|
3
|
+
Version: 3.19.dev5
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -264,7 +264,7 @@ dissect/target/plugins/os/windows/cim.py,sha256=jsrpu6TZpBUh7VWI9AV2Ib5bebTwsvqO
|
|
|
264
264
|
dissect/target/plugins/os/windows/clfs.py,sha256=begVsZ-CY97Ksh6S1g03LjyBgu8ERY2hfNDWYPj0GXI,4872
|
|
265
265
|
dissect/target/plugins/os/windows/credhist.py,sha256=YSjuyd53Augdy_lKKzZHtx5Ozt0HzF6LDYIOb-8P1Pw,7058
|
|
266
266
|
dissect/target/plugins/os/windows/datetime.py,sha256=YKHUZU6lkKJocq15y0yCwvIIOb1Ej-kfvEBmHbrdIGw,9467
|
|
267
|
-
dissect/target/plugins/os/windows/defender.py,sha256=
|
|
267
|
+
dissect/target/plugins/os/windows/defender.py,sha256=zh3brEvJmknD5ef0PGuLZ1G95Fgdh-dlgi-ZEbADKXo,32716
|
|
268
268
|
dissect/target/plugins/os/windows/env.py,sha256=-u9F9xWy6PUbQmu5Tv_MDoVmy6YB-7CbHokIK_T3S44,13891
|
|
269
269
|
dissect/target/plugins/os/windows/generic.py,sha256=BSvDPfB9faU0uquMj0guw5tnR_97Nn0XAEE4k05BFSQ,22273
|
|
270
270
|
dissect/target/plugins/os/windows/lnk.py,sha256=On1k0PODYggQM1j514qFepBACCV2Z2u61Q4Ba6e3Y2c,8179
|
|
@@ -345,10 +345,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
345
345
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
346
346
|
dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
|
|
347
347
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
348
|
-
dissect.target-3.19.
|
|
349
|
-
dissect.target-3.19.
|
|
350
|
-
dissect.target-3.19.
|
|
351
|
-
dissect.target-3.19.
|
|
352
|
-
dissect.target-3.19.
|
|
353
|
-
dissect.target-3.19.
|
|
354
|
-
dissect.target-3.19.
|
|
348
|
+
dissect.target-3.19.dev5.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
349
|
+
dissect.target-3.19.dev5.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
350
|
+
dissect.target-3.19.dev5.dist-info/METADATA,sha256=TKB8Wx1Fvkwzq3944Efo00hpLX8qs9mBroe7t9kHWQo,12718
|
|
351
|
+
dissect.target-3.19.dev5.dist-info/WHEEL,sha256=y4mX-SOX4fYIkonsAGA5N0Oy-8_gI4FXw5HNI1xqvWg,91
|
|
352
|
+
dissect.target-3.19.dev5.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
|
|
353
|
+
dissect.target-3.19.dev5.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
354
|
+
dissect.target-3.19.dev5.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|