PyPI - dissect.target - Versions diffs - 3.19.dev40__py3-none-any.whl → 3.19.dev41__py3-none-any.whl - Mend

dissect.target 3.19.dev40py3-none-any.whl → 3.19.dev41py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

dissect/target/tools/shell.py CHANGED Viewed

@@ -1,7 +1,8 @@
+from __future__ import annotations
 import argparse
 import cmd
 import contextlib
-import datetime
 import fnmatch
 import io
 import itertools
@@ -13,27 +14,33 @@ import random
 import re
 import shlex
 import shutil
-import stat
 import subprocess
 import sys
 from contextlib import contextmanager
-from typing import Any, BinaryIO, Callable, Iterator, Optional, TextIO, Union
+from datetime import datetime, timedelta, timezone
+from typing import Any, BinaryIO, Callable, Iterator, TextIO
 from dissect.cstruct import hexdump
 from flow.record import RecordOutput
 from dissect.target.exceptions import (
-    FileNotFoundError,
     PluginError,
     RegistryError,
     RegistryKeyNotFoundError,
     RegistryValueNotFoundError,
     TargetError,
 )
-from dissect.target.filesystem import FilesystemEntry, LayerFilesystemEntry
+from dissect.target.filesystem import FilesystemEntry
 from dissect.target.helpers import cyber, fsutil, regutil
-from dissect.target.plugin import PluginFunction, arg
+from dissect.target.plugin import PluginFunction, alias, arg, clone_alias
 from dissect.target.target import Target
+from dissect.target.tools.fsutils import (
+    fmt_ls_colors,
+    ls_scandir,
+    print_ls,
+    print_stat,
+    print_xattr,
+)
 from dissect.target.tools.info import print_target_info
 from dissect.target.tools.utils import (
     args_to_uri,
@@ -52,47 +59,23 @@ logging.raiseExceptions = False
 try:
     import readline
-    # remove `-` as an autocomplete delimeter on Linux
+    # remove `-`, `$` and `{` as an autocomplete delimeter on Linux
     # https://stackoverflow.com/questions/27288340/python-cmd-on-linux-does-not-autocomplete-special-characters-or-symbols
-    readline.set_completer_delims(readline.get_completer_delims().replace("-", "").replace("$", ""))
+    readline.set_completer_delims(readline.get_completer_delims().replace("-", "").replace("$", "").replace("{", ""))
+    # Fix autocomplete on macOS
+    # https://stackoverflow.com/a/7116997
+    if "libedit" in readline.__doc__:
+        readline.parse_and_bind("bind ^I rl_complete")
+    else:
+        readline.parse_and_bind("tab: complete")
 except ImportError:
     # Readline is not available on Windows
     log.warning("Readline module is not available")
     readline = None
-# ['mode', 'addr', 'dev', 'nlink', 'uid', 'gid', 'size', 'atime', 'mtime', 'ctime']
-STAT_TEMPLATE = """  File: {path} {symlink}
-  Size: {size}          {filetype}
- Inode: {inode}   Links: {nlink}
-Access: ({modeord}/{modestr})  Uid: ( {uid} )   Gid: ( {gid} )
-Access: {atime}
-Modify: {mtime}
-Change: {ctime}"""
-FALLBACK_LS_COLORS = "rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32"  # noqa: E501
-def prepare_ls_colors() -> dict[str, str]:
-    """Parse the LS_COLORS environment variable so we can use it later."""
-    d = {}
-    ls_colors = os.environ.get("LS_COLORS", FALLBACK_LS_COLORS)
-    for line in ls_colors.split(":"):
-        if not line:
-            continue
-        ft, _, value = line.partition("=")
-        if ft.startswith("*"):
-            ft = ft[1:]
-        d[ft] = f"\x1b[{value}m{{}}\x1b[0m"
-    return d
-LS_COLORS = prepare_ls_colors()
-class TargetCmd(cmd.Cmd):
+class ExtendedCmd(cmd.Cmd):
     """Subclassed cmd.Cmd to provide some additional features.
     Add new simple commands by implementing:
@@ -112,49 +95,25 @@ class TargetCmd(cmd.Cmd):
     CMD_PREFIX = "cmd_"
-    DEFAULT_HISTFILE = "~/.dissect_history"
-    DEFAULT_HISTFILESIZE = 10_000
-    DEFAULT_HISTDIR = None
-    DEFAULT_HISTDIRFMT = ".dissect_history_{uid}_{target}"
-    def __init__(self, target: Target):
+    def __init__(self, cyber: bool = False):
         cmd.Cmd.__init__(self)
-        self.target = target
         self.debug = False
+        self.cyber = cyber
         self.identchars += "."
-        self.histfilesize = getattr(target._config, "HISTFILESIZE", self.DEFAULT_HISTFILESIZE)
-        self.histdir = getattr(target._config, "HISTDIR", self.DEFAULT_HISTDIR)
-        if self.histdir:
-            self.histdirfmt = getattr(target._config, "HISTDIRFMT", self.DEFAULT_HISTDIRFMT)
-            self.histfile = pathlib.Path(self.histdir).resolve() / pathlib.Path(
-                self.histdirfmt.format(uid=os.getuid(), target=target.name)
-            )
-        else:
-            self.histfile = pathlib.Path(getattr(target._config, "HISTFILE", self.DEFAULT_HISTFILE)).expanduser()
-    def preloop(self) -> None:
-        if readline and self.histfile.exists():
-            try:
-                readline.read_history_file(self.histfile)
-            except Exception as e:
-                log.debug("Error reading history file: %s", e)
-    def postloop(self) -> None:
-        if readline:
-            readline.set_history_length(self.histfilesize)
-            try:
-                readline.write_history_file(self.histfile)
-            except Exception as e:
-                log.debug("Error writing history file: %s", e)
+        self.register_aliases()
     def __getattr__(self, attr: str) -> Any:
         if attr.startswith("help_"):
             _, _, command = attr.partition("_")
+            def print_help(command: str, func: Callable) -> None:
+                parser = generate_argparse_for_bound_method(func, usage_tmpl=f"{command} {{usage}}")
+                parser.print_help()
             try:
                 func = getattr(self, self.CMD_PREFIX + command)
-                return lambda: print(func.__doc__)
+                return lambda: print_help(command, func)
             except AttributeError:
                 pass
@@ -164,6 +123,16 @@ class TargetCmd(cmd.Cmd):
     def check_compatible(target: Target) -> bool:
         return True
+    def register_aliases(self) -> None:
+        for name in self.get_names():
+            if name.startswith(self.CMD_PREFIX):
+                func = getattr(self.__class__, name)
+                for alias_name in getattr(func, "__aliases__", []):
+                    if not alias_name.startswith(self.CMD_PREFIX):
+                        alias_name = self.CMD_PREFIX + alias_name
+                    clone_alias(self.__class__, func, alias_name)
     def get_names(self) -> list[str]:
         names = cmd.Cmd.get_names(self)
@@ -175,44 +144,49 @@ class TargetCmd(cmd.Cmd):
         return names
-    def default(self, line: str) -> Optional[bool]:
+    def _handle_command(self, line: str) -> bool | None:
+        """Check whether custom handling of the cmd can be performed and if so, do it.
+        If a custom handling of the cmd was performed, return the result (a boolean indicating whether the shell should
+        exit). If not, return None. Can be overridden by subclasses to perform further / other 'custom command' checks.
+        """
         if line == "EOF":
             return True
-        # Override default command execution to first attempt complex
-        # command execution, and then target plugin command execution
+        # Override default command execution to first attempt complex command execution
         command, command_args_str, line = self.parseline(line)
-        try:
+        if hasattr(self, self.CMD_PREFIX + command):
             return self._exec_command(command, command_args_str)
-        except AttributeError:
-            pass
-        if plugins := list(find_and_filter_plugins(self.target, command, [])):
-            return self._exec_target(plugins, command_args_str)
+        # Return None if no custom command was found to be run
+        return None
-        return cmd.Cmd.default(self, line)
+    def default(self, line: str) -> bool:
+        if (should_exit := self._handle_command(line)) is not None:
+            return should_exit
+        # Fallback to default
+        cmd.Cmd.default(self, line)
+        return False
     def emptyline(self) -> None:
         """This function forces Python's cmd.Cmd module to behave like a regular shell.
         When entering an empty command, the cmd module will by default repeat the previous command.
         By defining an empty ``emptyline`` function we make sure no command is executed instead.
-        See https://stackoverflow.com/a/16479030
+        Resources:
+            - https://stackoverflow.com/a/16479030
+            - https://github.com/python/cpython/blob/3.12/Lib/cmd.py#L10
         """
         pass
-    def _exec(
-        self, func: Callable[[list[str], TextIO], bool], command_args_str: str, no_cyber: bool = False
-    ) -> Optional[bool]:
+    def _exec(self, func: Callable[[list[str], TextIO], bool], command_args_str: str, no_cyber: bool = False) -> bool:
         """Command execution helper that chains initial command and piped subprocesses (if any) together."""
         argparts = []
         if command_args_str is not None:
-            lexer = shlex.shlex(command_args_str, posix=True, punctuation_chars=True)
-            lexer.wordchars += "$"
-            lexer.whitespace_split = True
-            argparts = list(lexer)
+            argparts = arg_str_to_arg_list(command_args_str)
         if "|" in argparts:
             pipeidx = argparts.index("|")
@@ -223,15 +197,16 @@ class TargetCmd(cmd.Cmd):
             except OSError as e:
                 # in case of a failure in a subprocess
                 print(e)
+                return False
         else:
             ctx = contextlib.nullcontext()
-            if self.target.props.get("cyber") and not no_cyber:
+            if self.cyber and not no_cyber:
                 ctx = cyber.cyber(color=None, run_at_end=True)
             with ctx:
                 return func(argparts, sys.stdout)
-    def _exec_command(self, command: str, command_args_str: str) -> Optional[bool]:
+    def _exec_command(self, command: str, command_args_str: str) -> bool:
         """Command execution helper for ``cmd_`` commands."""
         cmdfunc = getattr(self, self.CMD_PREFIX + command)
         argparser = generate_argparse_for_bound_method(cmdfunc, usage_tmpl=f"{command} {{usage}}")
@@ -240,21 +215,122 @@ class TargetCmd(cmd.Cmd):
             try:
                 args = argparser.parse_args(argparts)
             except SystemExit:
-                return
+                return False
             return cmdfunc(args, stdout)
         # These commands enter a subshell, which doesn't work well with cyber
         no_cyber = cmdfunc.__func__ in (TargetCli.cmd_registry, TargetCli.cmd_enter)
         return self._exec(_exec_, command_args_str, no_cyber)
-    def _exec_target(self, funcs: list[PluginFunction], command_args_str: str) -> Optional[bool]:
+    def do_man(self, line: str) -> bool:
+        """alias for help"""
+        return self.do_help(line)
+    def complete_man(self, *args) -> list[str]:
+        return cmd.Cmd.complete_help(self, *args)
+    def do_clear(self, line: str) -> bool:
+        """clear the terminal screen"""
+        os.system("cls||clear")
+        return False
+    def do_cls(self, line: str) -> bool:
+        """alias for clear"""
+        return self.do_clear(line)
+    def do_exit(self, line: str) -> bool:
+        """exit shell"""
+        return True
+    def do_cyber(self, line: str) -> bool:
+        """cyber"""
+        self.cyber = not self.cyber
+        word, color = {False: ("D I S E N", cyber.Color.RED), True: ("E N", cyber.Color.YELLOW)}[self.cyber]
+        with cyber.cyber(color=color):
+            print(f"C Y B E R - M O D E - {word} G A G E D")
+        return False
+    def do_debug(self, line: str) -> bool:
+        """toggle debug mode"""
+        self.debug = not self.debug
+        if self.debug:
+            print("Debug mode on")
+        else:
+            print("Debug mode off")
+        return False
+class TargetCmd(ExtendedCmd):
+    DEFAULT_HISTFILE = "~/.dissect_history"
+    DEFAULT_HISTFILESIZE = 10_000
+    DEFAULT_HISTDIR = None
+    DEFAULT_HISTDIRFMT = ".dissect_history_{uid}_{target}"
+    def __init__(self, target: Target):
+        self.target = target
+        # history file
+        self.histfilesize = getattr(target._config, "HISTFILESIZE", self.DEFAULT_HISTFILESIZE)
+        self.histdir = getattr(target._config, "HISTDIR", self.DEFAULT_HISTDIR)
+        if self.histdir:
+            self.histdirfmt = getattr(target._config, "HISTDIRFMT", self.DEFAULT_HISTDIRFMT)
+            self.histfile = pathlib.Path(self.histdir).resolve() / pathlib.Path(
+                self.histdirfmt.format(uid=os.getuid(), target=target.name)
+            )
+        else:
+            self.histfile = pathlib.Path(getattr(target._config, "HISTFILE", self.DEFAULT_HISTFILE)).expanduser()
+        # prompt format
+        if ps1 := getattr(target._config, "PS1", None):
+            if "{cwd}" in ps1 and "{base}" in ps1:
+                self.prompt_ps1 = ps1
+        elif getattr(target._config, "NO_COLOR", None) or os.getenv("NO_COLOR"):
+            self.prompt_ps1 = "{base}:{cwd}$ "
+        else:
+            self.prompt_ps1 = "\x1b[1;32m{base}\x1b[0m:\x1b[1;34m{cwd}\x1b[0m$ "
+        super().__init__(self.target.props.get("cyber"))
+    def preloop(self) -> None:
+        if readline and self.histfile.exists():
+            try:
+                readline.read_history_file(self.histfile)
+            except Exception as e:
+                log.debug("Error reading history file: %s", e)
+    def postloop(self) -> None:
+        if readline:
+            readline.set_history_length(self.histfilesize)
+            try:
+                readline.write_history_file(self.histfile)
+            except Exception as e:
+                log.debug("Error writing history file: %s", e)
+    def _handle_command(self, line: str) -> bool | None:
+        if (should_exit := super()._handle_command(line)) is not None:
+            return should_exit
+        # The parent class has already attempted complex command execution, we now attempt target plugin command
+        # execution
+        command, command_args_str, line = self.parseline(line)
+        if plugins := list(find_and_filter_plugins(self.target, command, [])):
+            return self._exec_target(plugins, command_args_str)
+        # We didn't execute a function on the target
+        return None
+    def _exec_target(self, funcs: list[PluginFunction], command_args_str: str) -> bool:
         """Command exection helper for target plugins."""
-        def _exec_(argparts: list[str], stdout: TextIO) -> Optional[bool]:
+        def _exec_(argparts: list[str], stdout: TextIO) -> None:
             try:
                 output, value, _ = execute_function_on_target(self.target, func, argparts)
             except SystemExit:
-                return False
+                return
             if output == "record":
                 # if the command results are piped to another process,
@@ -276,45 +352,21 @@ class TargetCmd(cmd.Cmd):
             else:
                 print(value, file=stdout)
-        result = None
         for func in funcs:
             try:
-                result = self._exec(_exec_, command_args_str)
+                self._exec(_exec_, command_args_str)
             except PluginError as err:
                 if self.debug:
                     raise err
                 self.target.log.error(err)
-        return result
+        # Keep the shell open
+        return False
-    def do_python(self, line: str) -> Optional[bool]:
+    def do_python(self, line: str) -> bool:
         """drop into a Python shell"""
         python_shell([self.target])
-    def do_clear(self, line: str) -> Optional[bool]:
-        """clear the terminal screen"""
-        os.system("cls||clear")
-    def do_cyber(self, line: str) -> Optional[bool]:
-        """cyber"""
-        self.target.props["cyber"] = not bool(self.target.props.get("cyber"))
-        word, color = {False: ("D I S E N", cyber.Color.RED), True: ("E N", cyber.Color.YELLOW)}[
-            self.target.props["cyber"]
-        ]
-        with cyber.cyber(color=color):
-            print(f"C Y B E R - M O D E - {word} G A G E D")
-    def do_exit(self, line: str) -> Optional[bool]:
-        """exit shell"""
-        return True
-    def do_debug(self, line: str) -> Optional[bool]:
-        """toggle debug mode"""
-        self.debug = not self.debug
-        if self.debug:
-            print("Debug mode on")
-        else:
-            print("Debug mode off")
+        return False
 class TargetHubCli(cmd.Cmd):
@@ -337,24 +389,26 @@ class TargetHubCli(cmd.Cmd):
         self._clicache = {}
-    def default(self, line: str) -> Optional[bool]:
+    def default(self, line: str) -> bool:
         if line == "EOF":
             return True
-        return cmd.Cmd.default(self, line)
+        cmd.Cmd.default(self, line)
+        return False
     def emptyline(self) -> None:
         pass
-    def do_exit(self, line: str) -> Optional[bool]:
+    def do_exit(self, line: str) -> bool:
         """exit shell"""
         return True
-    def do_list(self, line: str) -> Optional[bool]:
+    def do_list(self, line: str) -> bool:
         """list the loaded targets"""
         print("\n".join([f"{i:2d}: {e}" for i, e in enumerate(self._names)]))
+        return False
-    def do_enter(self, line: str) -> Optional[bool]:
+    def do_enter(self, line: str) -> bool:
         """enter a target by number or name"""
         if line.isdigit():
@@ -364,24 +418,25 @@ class TargetHubCli(cmd.Cmd):
                 idx = self._names_lower.index(line.lower())
             except ValueError:
                 print("Unknown name")
-                return
+                return False
         if idx >= len(self.targets):
             print("Unknown target")
-            return
+            return False
         try:
             cli = self._clicache[idx]
         except KeyError:
             target = self.targets[idx]
             if not self._targetcli.check_compatible(target):
-                return
+                return False
             cli = self._targetcli(self.targets[idx])
             self._clicache[idx] = cli
         print(f"Entering {idx}: {self._names[idx]}")
         run_cli(cli)
+        return False
     def complete_enter(self, text: str, line: str, begidx: int, endidx: int) -> list[str]:
         if not text:
@@ -395,32 +450,41 @@ class TargetHubCli(cmd.Cmd):
         return compl
-    def do_python(self, line: str) -> Optional[bool]:
+    def do_python(self, line: str) -> bool:
         """drop into a Python shell"""
         python_shell(self.targets)
+        return False
 class TargetCli(TargetCmd):
     """CLI for interacting with a target and browsing the filesystem."""
     def __init__(self, target: Target):
+        self.prompt_base = _target_name(target)
         TargetCmd.__init__(self, target)
-        self.prompt_base = target.name
-        self._clicache = {}
+        self._clicache = {}
         self.cwd = None
         self.chdir("/")
     @property
     def prompt(self) -> str:
-        return f"{self.prompt_base} {self.cwd}> "
+        return self.prompt_ps1.format(base=self.prompt_base, cwd=self.cwd)
-    def completedefault(self, text: str, line: str, begidx: int, endidx: int):
-        path = line[:begidx].rsplit(" ")[-1]
+    def completedefault(self, text: str, line: str, begidx: int, endidx: int) -> list[str]:
+        path = self.resolve_path(line[:begidx].rsplit(" ")[-1])
         textlower = text.lower()
-        r = [fname for _, fname in self.scandir(path) if fname.lower().startswith(textlower)]
-        return r
+        suggestions = []
+        for fpath, fname in ls_scandir(path):
+            if not fname.lower().startswith(textlower):
+                continue
+            # Add a trailing slash to directories, to allow for easier traversal of the filesystem
+            suggestion = f"{fname}/" if fpath.is_dir() else fname
+            suggestions.append(suggestion)
+        return suggestions
     def resolve_path(self, path: str) -> fsutil.TargetPath:
         if not path:
@@ -448,7 +512,7 @@ class TargetCli(TargetCmd):
                 # component
                 print(err)
-    def check_file(self, path: str) -> Optional[fsutil.TargetPath]:
+    def check_file(self, path: str) -> fsutil.TargetPath | None:
         path = self.resolve_path(path)
         if not path.exists():
             print(f"{path}: No such file")
@@ -464,7 +528,7 @@ class TargetCli(TargetCmd):
         return path
-    def check_dir(self, path: str) -> Optional[fsutil.TargetPath]:
+    def check_dir(self, path: str) -> fsutil.TargetPath | None:
         path = self.resolve_path(path)
         if not path.exists():
             print(f"{path}: No such directory")
@@ -480,70 +544,51 @@ class TargetCli(TargetCmd):
         return path
+    def check_path(self, path: str) -> fsutil.TargetPath | None:
+        path = self.resolve_path(path)
+        if not path.exists():
+            print(f"{path}: No such file or directory")
+            return
+        return path
     def chdir(self, path: str) -> None:
         """Change directory to the given path."""
         if path := self.check_dir(path):
             self.cwd = path
-    def scandir(self, path: str, color: bool = False) -> list[tuple[fsutil.TargetPath, str]]:
-        """List a directory for the given path."""
-        path = self.resolve_path(path)
-        result = []
-        if path.exists() and path.is_dir():
-            for file_ in path.iterdir():
-                file_type = None
-                if color:
-                    if file_.is_symlink():
-                        file_type = "ln"
-                    elif file_.is_dir():
-                        file_type = "di"
-                    elif file_.is_file():
-                        file_type = "fi"
-                result.append((file_, fmt_ls_colors(file_type, file_.name) if color else file_.name))
-                # If we happen to scan an NTFS filesystem see if any of the
-                # entries has an alternative data stream and also list them.
-                entry = file_.get()
-                if isinstance(entry, LayerFilesystemEntry):
-                    if entry.entries.fs.__type__ == "ntfs":
-                        attrs = entry.lattr()
-                        for data_stream in attrs.DATA:
-                            if data_stream.name != "":
-                                name = f"{file_.name}:{data_stream.name}"
-                                result.append((file_, fmt_ls_colors(file_type, name) if color else name))
-            result.sort(key=lambda e: e[0].name)
-        return result
-    def do_cd(self, line: str) -> Optional[bool]:
+    def do_cd(self, line: str) -> bool:
         """change directory"""
         self.chdir(line)
+        return False
-    def do_pwd(self, line: str) -> Optional[bool]:
+    def do_pwd(self, line: str) -> bool:
         """print current directory"""
         print(self.cwd)
+        return False
-    def do_disks(self, line: str) -> Optional[bool]:
+    def do_disks(self, line: str) -> bool:
         """print target disks"""
         for d in self.target.disks:
             print(str(d))
+        return False
-    def do_volumes(self, line: str) -> Optional[bool]:
+    def do_volumes(self, line: str) -> bool:
         """print target volumes"""
         for v in self.target.volumes:
             print(str(v))
+        return False
-    def do_filesystems(self, line: str) -> Optional[bool]:
+    def do_filesystems(self, line: str) -> bool:
         """print target filesystems"""
         for fs in self.target.filesystems:
             print(str(fs))
+        return False
-    def do_info(self, line: str) -> Optional[bool]:
+    def do_info(self, line: str) -> bool:
         """print target information"""
-        return print_target_info(self.target)
+        print_target_info(self.target)
+        return False
     @arg("path", nargs="?")
     @arg("-l", action="store_true")
@@ -552,129 +597,137 @@ class TargetCli(TargetCmd):
     @arg("-R", "--recursive", action="store_true", help="recursively list subdirectories encountered")
     @arg("-c", action="store_true", dest="use_ctime", help="show time when file status was last changed")
     @arg("-u", action="store_true", dest="use_atime", help="show time of last access")
-    def cmd_ls(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    @alias("l")
+    @alias("dir")
+    def cmd_ls(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """list directory contents"""
         path = self.resolve_path(args.path)
         if args.use_ctime and args.use_atime:
             print("can't specify -c and -u at the same time")
-            return
+            return False
-        if not path or not path.exists():
-            return
+        if not path or not self.check_dir(path):
+            return False
-        self._print_ls(args, path, 0, stdout)
+        if path.is_file():
+            print(args.path)  # mimic ls behaviour
+            return False
-    def _print_ls(self, args: argparse.Namespace, path: fsutil.TargetPath, depth: int, stdout: TextIO) -> None:
-        path = self.resolve_path(path)
-        subdirs = []
+        print_ls(path, 0, stdout, args.l, args.human_readable, args.recursive, args.use_ctime, args.use_atime)
+        return False
-        if path.is_dir():
-            contents = self.scandir(path, color=True)
-        elif path.is_file():
-            contents = [(path, path.name)]
-        if depth > 0:
-            print(f"\n{str(path)}:", file=stdout)
-        if not args.l:
-            for target_path, name in contents:
-                print(name, file=stdout)
-                if target_path.is_dir():
-                    subdirs.append(target_path)
-        else:
-            if len(contents) > 1:
-                print(f"total {len(contents)}", file=stdout)
-            for target_path, name in contents:
-                self.print_extensive_file_stat(args=args, stdout=stdout, target_path=target_path, name=name)
-                if target_path.is_dir():
-                    subdirs.append(target_path)
-        if args.recursive and subdirs:
-            for subdir in subdirs:
-                self._print_ls(args, subdir, depth + 1, stdout)
-    def print_extensive_file_stat(
-        self, args: argparse.Namespace, stdout: TextIO, target_path: fsutil.TargetPath, name: str
-    ) -> None:
-        """Print the file status."""
-        try:
-            entry = target_path.get()
-            stat = entry.lstat()
-            symlink = f" -> {entry.readlink()}" if entry.is_symlink() else ""
-            show_time = stat.st_mtime
-            if args.use_ctime:
-                show_time = stat.st_ctime
-            elif args.use_atime:
-                show_time = stat.st_atime
-            utc_time = datetime.datetime.utcfromtimestamp(show_time).isoformat()
-            print(
-                f"{stat_modestr(stat)} {stat.st_uid:4d} {stat.st_gid:4d} {stat.st_size:6d} {utc_time} {name}{symlink}",
-                file=stdout,
-            )
+    @arg("path", nargs="?")
+    def cmd_ll(self, args: argparse.Namespace, stdout: TextIO) -> bool:
+        """alias for ls -la"""
+        args = extend_args(args, self.cmd_ls)
+        args.l = True  # noqa: E741
+        args.a = True
+        return self.cmd_ls(args, stdout)
-        except FileNotFoundError:
-            print(
-                f"??????????    ?    ?      ? ????-??-??T??:??:??.?????? {name}",
-                file=stdout,
-            )
+    @arg("path", nargs="?")
+    def cmd_tree(self, args: argparse.Namespace, stdout: TextIO) -> bool:
+        """alias for ls -R"""
+        args = extend_args(args, self.cmd_ls)
+        args.recursive = True
+        return self.cmd_ls(args, stdout)
     @arg("path", nargs="?")
-    @arg("-name", default="*")
-    @arg("-iname")
-    def cmd_find(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    @arg("-name", default="*", help="path to match with")
+    @arg("-iname", help="like -name, but the match is case insensitive")
+    @arg("-atime", type=int, help="file was last accessed n*24 hours ago")
+    @arg("-mtime", type=int, help="file was last modified n*24 hours ago")
+    @arg("-ctime", type=int, help="file (windows) or metadata (unix) was last changed n*24 hours ago")
+    @arg("-btime", type=int, help="file was born n*24 hours ago (ext4)")
+    def cmd_find(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """search for files in a directory hierarchy"""
         path = self.resolve_path(args.path)
-        if not path:
-            return
+        if not path or not self.check_dir(path):
+            return False
+        matches = []
+        now = datetime.now(tz=timezone.utc)
+        do_time_compare = any([args.mtime, args.atime])
         if args.iname:
             pattern = re.compile(fnmatch.translate(args.iname), re.IGNORECASE)
             for f in path.rglob("*"):
                 if pattern.match(f.name):
-                    print(f, file=stdout)
-        elif args.name:
+                    matches.append(f) if do_time_compare else print(f, file=stdout)
+        else:
             for f in path.rglob(args.name):
+                matches.append(f) if do_time_compare else print(f, file=stdout)
+        def compare(now: datetime, then_ts: float, offset: int) -> bool:
+            then = datetime.fromtimestamp(then_ts, tz=timezone.utc)
+            return now - timedelta(hours=offset * 24) > then
+        if do_time_compare:
+            for f in matches:
+                s = f.lstat()
+                if args.mtime and compare(now, s.st_mtime, offset=args.mtime):
+                    continue
+                if args.atime and compare(now, s.st_atime, offset=args.atime):
+                    continue
+                if args.ctime and compare(now, s.st_ctime, offset=args.ctime):
+                    continue
+                if args.btime and compare(now, s.st_birthtime, offset=args.btime):
+                    continue
                 print(f, file=stdout)
+        return False
     @arg("path")
     @arg("-L", "--dereference", action="store_true")
-    def cmd_stat(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_stat(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """display file status"""
         path = self.resolve_path(args.path)
-        if not path:
-            return
+        if not path or not self.check_path(path):
+            return False
+        print_stat(path, stdout, args.dereference)
+        return False
+    @arg("path")
+    @arg("-d", "--dump", action="store_true")
+    @arg("-R", "--recursive", action="store_true")
+    @alias("getfattr")
+    def cmd_attr(self, args: argparse.Namespace, stdout: TextIO) -> bool:
+        """display file attributes"""
+        path = self.resolve_path(args.path)
+        if not path or not self.check_path(path):
+            return False
+        try:
+            if attr := path.get().attr():
+                print_xattr(path.name, attr, stdout)
+        except Exception:
+            pass
+        if args.recursive:
+            for child in path.rglob("*"):
+                try:
+                    if child_attr := child.get().attr():
+                        print_xattr(child, child_attr, stdout)
+                        print()
+                except Exception:
+                    pass
-        symlink = f"-> {path.readlink()}" if path.is_symlink() else ""
-        s = path.stat() if args.dereference else path.lstat()
-        res = STAT_TEMPLATE.format(
-            path=path,
-            symlink=symlink,
-            size=s.st_size,
-            filetype="",
-            inode=s.st_ino,
-            nlink=s.st_nlink,
-            modeord=oct(stat.S_IMODE(s.st_mode)),
-            modestr=stat_modestr(s),
-            uid=s.st_uid,
-            gid=s.st_gid,
-            atime=datetime.datetime.utcfromtimestamp(s.st_atime).isoformat(),
-            mtime=datetime.datetime.utcfromtimestamp(s.st_mtime).isoformat(),
-            ctime=datetime.datetime.utcfromtimestamp(s.st_ctime).isoformat(),
-        )
-        print(res, file=stdout)
+        return False
     @arg("path")
-    def cmd_file(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_file(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """determine file type"""
         path = self.check_file(args.path)
         if not path:
-            return
+            return False
         fh = path.open()
@@ -686,11 +739,12 @@ class TargetCli(TargetCmd):
         p.wait()
         filetype = p.stdout.read().decode().split(":", 1)[1].strip()
         print(f"{path}: {filetype}", file=stdout)
+        return False
     @arg("path", nargs="+")
     @arg("-o", "--out", default=".")
     @arg("-v", "--verbose", action="store_true")
-    def cmd_save(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_save(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """save a common file or directory to the host filesystem"""
         dst_path = pathlib.Path(args.out).resolve()
@@ -719,7 +773,7 @@ class TargetCli(TargetCmd):
             return diverging_path
         def save_path(
-            src_path: pathlib.Path, dst_path: pathlib.Path, create_dst_subdir: Optional[pathlib.Path] = None
+            src_path: pathlib.Path, dst_path: pathlib.Path, create_dst_subdir: pathlib.Path | None = None
         ) -> None:
             """Save a common file or directory in src_path to dst_path.
@@ -798,8 +852,8 @@ class TargetCli(TargetCmd):
             try:
                 first_src_path = next(src_paths)
             except StopIteration:
-                print(f"{path}: no such file or directory")
-                return
+                print(f"{path}: No such file or directory")
+                return False
             try:
                 second_src_path = next(src_paths)
@@ -820,10 +874,18 @@ class TargetCli(TargetCmd):
                         extra_dir = get_diverging_path(src_path, reference_path).parent
                         save_path(src_path, dst_path, create_dst_subdir=extra_dir)
+        return False
     @arg("path")
-    def cmd_cat(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    @alias("type")
+    def cmd_cat(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """print file content"""
-        paths = self.resolve_glob_path(args.path)
+        paths = list(self.resolve_glob_path(args.path))
+        if not paths:
+            print(f"{args.path}: No such file or directory")
+            return False
         stdout = stdout.buffer
         for path in paths:
             path = self.check_file(path)
@@ -834,11 +896,17 @@ class TargetCli(TargetCmd):
             shutil.copyfileobj(fh, stdout)
             stdout.flush()
         print("")
+        return False
     @arg("path")
-    def cmd_zcat(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_zcat(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """print file content from compressed files"""
-        paths = self.resolve_glob_path(args.path)
+        paths = list(self.resolve_glob_path(args.path))
+        if not paths:
+            print(f"{args.path}: No such file or directory")
+            return False
         stdout = stdout.buffer
         for path in paths:
             path = self.check_file(path)
@@ -849,45 +917,70 @@ class TargetCli(TargetCmd):
             shutil.copyfileobj(fh, stdout)
             stdout.flush()
+        return False
     @arg("path")
-    def cmd_hexdump(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
-        """print a hexdump of the first X bytes"""
+    @arg("-n", "--length", type=int, default=16 * 20, help="amount of bytes to read")
+    @arg("-s", "--skip", type=int, default=0, help="skip offset bytes from the beginning")
+    @arg("-p", "--hex", action="store_true", default=False, help="output in plain hexdump style")
+    @arg("-C", "--canonical", action="store_true")
+    @alias("xxd")
+    def cmd_hexdump(self, args: argparse.Namespace, stdout: TextIO) -> bool:
+        """print a hexdump of a file"""
         path = self.check_file(args.path)
         if not path:
-            return
+            return False
+        fh = path.open("rb")
+        if args.skip > 0:
+            fh.seek(args.skip + 1)
+        if args.hex:
+            print(fh.read(args.length).hex(), file=stdout)
+        else:
+            print(hexdump(fh.read(args.length), output="string"), file=stdout)
-        print(hexdump(path.open().read(16 * 20), output="string"), file=stdout)
+        return False
     @arg("path")
-    def cmd_hash(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    @alias("digest")
+    @alias("shasum")
+    def cmd_hash(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """print the MD5, SHA1 and SHA256 hashes of a file"""
         path = self.check_file(args.path)
         if not path:
-            return
+            return False
         md5, sha1, sha256 = path.get().hash()
         print(f"MD5:\t{md5}\nSHA1:\t{sha1}\nSHA256:\t{sha256}", file=stdout)
+        return False
     @arg("path")
-    def cmd_less(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    @alias("head")
+    @alias("more")
+    def cmd_less(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """open the first 10 MB of a file with less"""
         path = self.check_file(args.path)
         if not path:
-            return
+            return False
         pydoc.pager(path.open("rt", errors="ignore").read(10 * 1024 * 1024))
+        return False
     @arg("path")
-    def cmd_zless(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    @alias("zhead")
+    @alias("zmore")
+    def cmd_zless(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """open the first 10 MB of a compressed file with zless"""
         path = self.check_file(args.path)
         if not path:
-            return
+            return False
         pydoc.pager(fsutil.open_decompress(path, "rt").read(10 * 1024 * 1024))
+        return False
     @arg("path", nargs="+")
-    def cmd_readlink(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_readlink(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """print resolved symbolic links or canonical file names"""
         for path in args.path:
             path = self.resolve_path(path)
@@ -896,12 +989,14 @@ class TargetCli(TargetCmd):
             print(path.get().readlink(), file=stdout)
+        return False
     @arg("path", nargs="?", help="load a hive from the given path")
-    def cmd_registry(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_registry(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """drop into a registry shell"""
         if self.target.os == "linux":
             run_cli(UnixConfigTreeCli(self.target))
-            return
+            return False
         hive = None
@@ -909,7 +1004,7 @@ class TargetCli(TargetCmd):
         if args.path:
             path = self.check_file(args.path)
             if not path:
-                return
+                return False
             hive = regutil.RegfHive(path)
             clikey = f"registry_{path}"
@@ -918,26 +1013,26 @@ class TargetCli(TargetCmd):
             cli = self._clicache[clikey]
         except KeyError:
             if not hive and not RegistryCli.check_compatible(self.target):
-                return
+                return False
             cli = RegistryCli(self.target, hive)
             self._clicache[clikey] = cli
         run_cli(cli)
-        # Print an additional empty newline after exit
         print()
+        return False
     @arg("targets", metavar="TARGETS", nargs="*", help="targets to load")
     @arg("-p", "--python", action="store_true", help="(I)Python shell")
     @arg("-r", "--registry", action="store_true", help="registry shell")
-    def cmd_enter(self, args: argparse.Namespace, stdout: TextIO) -> None:
+    def cmd_enter(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         """load one or more files as sub-targets and drop into a sub-shell"""
         paths = [self.resolve_path(path) for path in args.targets]
         if args.python:
             # Quick path that doesn't require CLI caching
-            return open_shell(paths, args.python, args.registry)
+            open_shell(paths, args.python, args.registry)
+            return False
         clikey = tuple(str(path) for path in paths)
         try:
@@ -946,33 +1041,32 @@ class TargetCli(TargetCmd):
             targets = list(Target.open_all(paths))
             cli = create_cli(targets, RegistryCli if args.registry else TargetCli)
             if not cli:
-                return
+                return False
             self._clicache[clikey] = cli
         run_cli(cli)
-        # Print an additional empty newline after exit
         print()
+        return False
 class UnixConfigTreeCli(TargetCli):
     def __init__(self, target: Target):
         TargetCmd.__init__(self, target)
         self.config_tree = target.etc()
-        self.prompt_base = target.name
+        self.prompt_base = _target_name(target)
         self.cwd = None
         self.chdir("/")
     @property
     def prompt(self) -> str:
-        return f"{self.prompt_base}/config_tree {self.cwd}> "
+        return f"(config tree) {self.prompt_base}:{self.cwd}$ "
     def check_compatible(target: Target) -> bool:
         return target.has_function("etc")
-    def resolve_path(self, path: Optional[Union[str, fsutil.TargetPath]]) -> fsutil.TargetPath:
+    def resolve_path(self, path: str | fsutil.TargetPath | None) -> fsutil.TargetPath:
         if not path:
             return self.cwd
@@ -1006,12 +1100,12 @@ class UnixConfigTreeCli(TargetCli):
 class RegistryCli(TargetCmd):
     """CLI for browsing the registry."""
-    def __init__(self, target: Target, registry: Optional[regutil.RegfHive] = None):
-        TargetCmd.__init__(self, target)
-        self.registry = registry or target.registry
+    def __init__(self, target: Target, registry: regutil.RegfHive | None = None):
+        self.prompt_base = _target_name(target)
-        self.prompt_base = target.name
+        TargetCmd.__init__(self, target)
+        self.registry = registry or target.registry
         self.cwd = None
         self.chdir("\\")
@@ -1024,8 +1118,7 @@ class RegistryCli(TargetCmd):
     @property
     def prompt(self) -> str:
-        prompt_end = self.cwd.strip("\\")
-        return f"{self.prompt_base}/registry {prompt_end}> "
+        return "(registry) " + self.prompt_ps1.format(base=self.prompt_base, cwd=self.cwd)
     def completedefault(self, text: str, line: str, begidx: int, endidx: int) -> list[str]:
         path = line[:begidx].rsplit(" ")[-1]
@@ -1065,9 +1158,7 @@ class RegistryCli(TargetCmd):
         if self.check_key(path):
             self.cwd = "\\" + path.strip("\\")
-    def scandir(
-        self, path: str, color: bool = False
-    ) -> list[tuple[Union[regutil.RegistryKey, regutil.RegistryValue], str]]:
+    def scandir(self, path: str, color: bool = False) -> list[tuple[regutil.RegistryKey | regutil.RegistryValue, str]]:
         try:
             key = self.resolve_key(path)
         except RegistryError:
@@ -1083,56 +1174,95 @@ class RegistryCli(TargetCmd):
         r.sort(key=lambda e: e[0].name)
         return r
-    def do_cd(self, line: str) -> Optional[bool]:
+    def do_cd(self, line: str) -> bool:
         """change subkey"""
+        if line == "..":
+            try:
+                self.resolve_key(self.cwd + "\\..")
+            except RegistryError:
+                self.do_up(line)
+                return False
         self.chdir(line)
+        return False
-    def do_up(self, line: str) -> Optional[bool]:
+    def do_up(self, line: str) -> bool:
         """go up a subkey"""
         parent = self.cwd.rpartition("\\")[0]
         if not parent:
             parent = "\\"
         self.chdir(parent)
+        return False
-    def do_pwd(self, line: str) -> Optional[bool]:
+    def do_pwd(self, line: str) -> bool:
         """print current path"""
-        print(self.cwd)
+        print(self.cwd.lstrip("\\"))
+        return False
-    def do_recommend(self, line: str) -> Optional[bool]:
+    def do_recommend(self, line: str) -> bool:
         """recommend a key"""
         print(random.choice([name for _, name in self.scandir(None)]))
+        return False
     @arg("path", nargs="?")
-    def cmd_ls(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_ls(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         key = self.check_key(args.path)
         if not key:
-            return
+            return False
         r = self.scandir(key, color=True)
         print("\n".join([name for _, name in r]), file=stdout)
+        return False
     @arg("value")
-    def cmd_cat(self, args: argparse.Namespace, stdout: TextIO) -> Optional[bool]:
+    def cmd_cat(self, args: argparse.Namespace, stdout: TextIO) -> bool:
         value = self.check_value(args.value)
         if not value:
-            return
+            return False
         print(repr(value.value), file=stdout)
+        return False
+    @arg("value")
+    @arg("-p", "--hex", action="store_true")
+    @alias("xxd")
+    def cmd_hexdump(self, args: argparse.Namespace, stdout: TextIO) -> bool:
+        value = self.check_value(args.value)
+        if not value:
+            return False
+        if args.hex:
+            print(value.value.hex(), file=stdout)
+        else:
+            print(hexdump(value.value, output="string"), file=stdout)
-def fmt_ls_colors(ft: str, name: str) -> str:
-    """Helper method to colorize strings according to LS_COLORS."""
-    try:
-        return LS_COLORS[ft].format(name)
-    except KeyError:
-        pass
+        return False
+def arg_str_to_arg_list(args: str) -> list[str]:
+    """Convert a commandline string to a list of command line arguments."""
+    lexer = shlex.shlex(args, posix=True, punctuation_chars=True)
+    lexer.wordchars += "$"
+    lexer.whitespace_split = True
+    return list(lexer)
-    try:
-        return LS_COLORS[fsutil.splitext(name)[1]].format(name)
-    except KeyError:
-        pass
-    return name
+def extend_args(args: argparse.Namespace, func: Callable) -> argparse.Namespace:
+    """Extend the arguments of the given ``func`` with the provided ``argparse.Namespace``."""
+    for short, kwargs in func.__args__:
+        name = kwargs.get("dest", short[-1]).lstrip("-").replace("-", "_")
+        if not hasattr(args, name):
+            setattr(args, name, None)
+    return args
+def _target_name(target: Target) -> str:
+    """Return a target name for cmd.Cmd base prompts."""
+    if target.has_function("domain") and target.domain:
+        return f"{target.name}.{target.domain}"
+    return target.name
 @contextmanager
@@ -1200,15 +1330,7 @@ def build_pipe_stdout(pipe_parts: list[str]) -> Iterator[TextIO]:
         yield pipe_stdin
-def stat_modestr(st: fsutil.stat_result) -> str:
-    """Helper method for generating a mode string from a numerical mode value."""
-    is_dir = "d" if stat.S_ISDIR(st.st_mode) else "-"
-    dic = {"7": "rwx", "6": "rw-", "5": "r-x", "4": "r--", "0": "---"}
-    perm = str(oct(st.st_mode)[-3:])
-    return is_dir + "".join(dic.get(x, x) for x in perm)
-def open_shell(targets: list[Union[str, pathlib.Path]], python: bool, registry: bool) -> None:
+def open_shell(targets: list[str | pathlib.Path], python: bool, registry: bool) -> None:
     """Helper method for starting a regular, Python or registry shell for one or multiple targets."""
     targets = list(Target.open_all(targets))
@@ -1246,7 +1368,7 @@ def python_shell(targets: list[Target]) -> None:
         print()
-def create_cli(targets: list[Target], cli_cls: type[TargetCmd]) -> Optional[cmd.Cmd]:
+def create_cli(targets: list[Target], cli_cls: type[TargetCmd]) -> cmd.Cmd | None:
     """Helper method for instatiating the appropriate CLI."""
     if len(targets) == 1:
         target = targets[0]
@@ -1275,6 +1397,9 @@ def run_cli(cli: cmd.Cmd) -> None:
             return
         except KeyboardInterrupt:
+            # Run postloop so the interrupted command is added to the history file
+            cli.postloop()
             # Add a line when pressing ctrl+c, so the next one starts at a new line
             print()
@@ -1286,6 +1411,8 @@ def run_cli(cli: cmd.Cmd) -> None:
                 print(f"*** Unhandled error: {e}")
                 print("If you wish to see the full debug trace, enable debug mode.")
+            cli.postloop()
 @catch_sigpipe
 def main() -> None:
@@ -1311,8 +1438,7 @@ def main() -> None:
     args.targets = args_to_uri(args.targets, args.loader, rest) if args.loader else args.targets
     process_generic_arguments(args)
-    # For the shell tool we want -q to log slightly more then just CRITICAL
-    # messages.
+    # For the shell tool we want -q to log slightly more then just CRITICAL messages.
     if args.quiet:
         logging.getLogger("dissect").setLevel(level=logging.ERROR)

dissect.target 3.19.dev40__py3-none-any.whl → 3.19.dev41__py3-none-any.whl

dissect.target 3.19.dev40py3-none-any.whl → 3.19.dev41py3-none-any.whl