dissect.target 3.19.dev3__py3-none-any.whl → 3.19.dev5__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dissect/target/plugins/os/windows/defender.py +6 -3
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/METADATA +1 -1
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/RECORD +8 -8
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/LICENSE +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/WHEEL +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.19.dev3.dist-info → dissect.target-3.19.dev5.dist-info}/top_level.txt +0 -0
|
@@ -7,7 +7,7 @@ from pathlib import Path
|
|
|
7
7
|
from typing import Any, BinaryIO, Generator, Iterable, Iterator, TextIO, Union
|
|
8
8
|
|
|
9
9
|
import dissect.util.ts as ts
|
|
10
|
-
from dissect.cstruct import
|
|
10
|
+
from dissect.cstruct import cstruct
|
|
11
11
|
from flow.record import Record
|
|
12
12
|
|
|
13
13
|
from dissect.target import plugin
|
|
@@ -357,7 +357,7 @@ class QuarantineEntry:
|
|
|
357
357
|
resource_info = c_defender.QuarantineEntrySection2(resource_buf)
|
|
358
358
|
|
|
359
359
|
# List holding all quarantine entry resources that belong to this quarantine entry.
|
|
360
|
-
self.resources = []
|
|
360
|
+
self.resources: list[QuarantineEntryResource] = []
|
|
361
361
|
|
|
362
362
|
for offset in resource_info.EntryOffsets:
|
|
363
363
|
resource_buf.seek(offset)
|
|
@@ -393,7 +393,7 @@ class QuarantineEntryResource:
|
|
|
393
393
|
# Move pointer
|
|
394
394
|
offset += 4 + field.Size
|
|
395
395
|
|
|
396
|
-
def _add_field(self, field:
|
|
396
|
+
def _add_field(self, field: c_defender.QuarantineEntryResourceField) -> None:
|
|
397
397
|
if field.Identifier == FIELD_IDENTIFIER.CQuaResDataID_File:
|
|
398
398
|
self.resource_id = field.Data.hex().upper()
|
|
399
399
|
elif field.Identifier == FIELD_IDENTIFIER.PhysicalPath:
|
|
@@ -627,6 +627,9 @@ class MicrosoftDefenderPlugin(plugin.Plugin):
|
|
|
627
627
|
if suffix.search(mplog_line):
|
|
628
628
|
break
|
|
629
629
|
match = pattern.match(block)
|
|
630
|
+
if not match:
|
|
631
|
+
return
|
|
632
|
+
|
|
630
633
|
data = match.groupdict()
|
|
631
634
|
data["_target"] = self.target
|
|
632
635
|
data["source_log"] = source
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.19.
|
|
3
|
+
Version: 3.19.dev5
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -264,7 +264,7 @@ dissect/target/plugins/os/windows/cim.py,sha256=jsrpu6TZpBUh7VWI9AV2Ib5bebTwsvqO
|
|
|
264
264
|
dissect/target/plugins/os/windows/clfs.py,sha256=begVsZ-CY97Ksh6S1g03LjyBgu8ERY2hfNDWYPj0GXI,4872
|
|
265
265
|
dissect/target/plugins/os/windows/credhist.py,sha256=YSjuyd53Augdy_lKKzZHtx5Ozt0HzF6LDYIOb-8P1Pw,7058
|
|
266
266
|
dissect/target/plugins/os/windows/datetime.py,sha256=YKHUZU6lkKJocq15y0yCwvIIOb1Ej-kfvEBmHbrdIGw,9467
|
|
267
|
-
dissect/target/plugins/os/windows/defender.py,sha256=
|
|
267
|
+
dissect/target/plugins/os/windows/defender.py,sha256=zh3brEvJmknD5ef0PGuLZ1G95Fgdh-dlgi-ZEbADKXo,32716
|
|
268
268
|
dissect/target/plugins/os/windows/env.py,sha256=-u9F9xWy6PUbQmu5Tv_MDoVmy6YB-7CbHokIK_T3S44,13891
|
|
269
269
|
dissect/target/plugins/os/windows/generic.py,sha256=BSvDPfB9faU0uquMj0guw5tnR_97Nn0XAEE4k05BFSQ,22273
|
|
270
270
|
dissect/target/plugins/os/windows/lnk.py,sha256=On1k0PODYggQM1j514qFepBACCV2Z2u61Q4Ba6e3Y2c,8179
|
|
@@ -345,10 +345,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
345
345
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
346
346
|
dissect/target/volumes/md.py,sha256=j1K1iKmspl0C_OJFc7-Q1BMWN2OCC5EVANIgVlJ_fIE,1673
|
|
347
347
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
348
|
-
dissect.target-3.19.
|
|
349
|
-
dissect.target-3.19.
|
|
350
|
-
dissect.target-3.19.
|
|
351
|
-
dissect.target-3.19.
|
|
352
|
-
dissect.target-3.19.
|
|
353
|
-
dissect.target-3.19.
|
|
354
|
-
dissect.target-3.19.
|
|
348
|
+
dissect.target-3.19.dev5.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
349
|
+
dissect.target-3.19.dev5.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
350
|
+
dissect.target-3.19.dev5.dist-info/METADATA,sha256=TKB8Wx1Fvkwzq3944Efo00hpLX8qs9mBroe7t9kHWQo,12718
|
|
351
|
+
dissect.target-3.19.dev5.dist-info/WHEEL,sha256=y4mX-SOX4fYIkonsAGA5N0Oy-8_gI4FXw5HNI1xqvWg,91
|
|
352
|
+
dissect.target-3.19.dev5.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
|
|
353
|
+
dissect.target-3.19.dev5.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
354
|
+
dissect.target-3.19.dev5.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|