dissect.target 3.19.dev54__py3-none-any.whl → 3.19.dev56__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dissect/target/plugins/os/unix/linux/_os.py +3 -0
- dissect/target/plugins/os/unix/linux/redhat/_os.py +1 -1
- dissect/target/plugins/os/unix/locale.py +17 -6
- dissect/target/plugins/os/windows/adpolicy.py +4 -1
- dissect/target/plugins/os/windows/regf/shimcache.py +2 -2
- dissect/target/plugins/os/windows/task_helpers/tasks_xml.py +1 -1
- dissect/target/tools/query.py +2 -2
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/METADATA +1 -1
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/RECORD +14 -14
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/LICENSE +0 -0
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/WHEEL +0 -0
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/top_level.txt +0 -0
|
@@ -76,6 +76,9 @@ class LinuxPlugin(UnixPlugin, LinuxNetworkManager):
|
|
|
76
76
|
or self._os_release.get("DISTRIB_RELEASE", "")
|
|
77
77
|
)
|
|
78
78
|
|
|
79
|
+
if not any([name, version, distrib_description]):
|
|
80
|
+
return None
|
|
81
|
+
|
|
79
82
|
if len(f"{name} {version}") > len(distrib_description):
|
|
80
83
|
distrib_description = f"{name} {version}"
|
|
81
84
|
|
|
@@ -1,4 +1,7 @@
|
|
|
1
|
+
from __future__ import annotations
|
|
2
|
+
|
|
1
3
|
from pathlib import Path
|
|
4
|
+
from typing import Iterator
|
|
2
5
|
|
|
3
6
|
from dissect.target.helpers.localeutil import normalize_language
|
|
4
7
|
from dissect.target.helpers.record import TargetRecordDescriptor
|
|
@@ -30,7 +33,7 @@ class LocalePlugin(Plugin):
|
|
|
30
33
|
pass
|
|
31
34
|
|
|
32
35
|
@export(property=True)
|
|
33
|
-
def timezone(self):
|
|
36
|
+
def timezone(self) -> str | None:
|
|
34
37
|
"""Get the timezone of the system."""
|
|
35
38
|
|
|
36
39
|
# /etc/timezone should contain a simple timezone string
|
|
@@ -58,15 +61,23 @@ class LocalePlugin(Plugin):
|
|
|
58
61
|
size = p_localtime.stat().st_size
|
|
59
62
|
sha1 = p_localtime.get().sha1()
|
|
60
63
|
for path in self.target.fs.path("/usr/share/zoneinfo").rglob("*"):
|
|
64
|
+
# Ignore posix files in zoneinfo directory (RHEL).
|
|
65
|
+
if path.name.startswith("posix"):
|
|
66
|
+
continue
|
|
67
|
+
|
|
61
68
|
if path.is_file() and path.stat().st_size == size and path.get().sha1() == sha1:
|
|
62
69
|
return timezone_from_path(path)
|
|
63
70
|
|
|
64
71
|
@export(property=True)
|
|
65
|
-
def language(self):
|
|
72
|
+
def language(self) -> list[str]:
|
|
66
73
|
"""Get the configured locale(s) of the system."""
|
|
67
|
-
|
|
68
|
-
# these paths are Linux specific.
|
|
69
|
-
locale_paths = [
|
|
74
|
+
|
|
75
|
+
# Although this purports to be a generic function for Unix targets, these paths are Linux specific.
|
|
76
|
+
locale_paths = [
|
|
77
|
+
"/etc/default/locale",
|
|
78
|
+
"/etc/locale.conf",
|
|
79
|
+
"/etc/sysconfig/i18n",
|
|
80
|
+
]
|
|
70
81
|
|
|
71
82
|
found_languages = []
|
|
72
83
|
|
|
@@ -79,7 +90,7 @@ class LocalePlugin(Plugin):
|
|
|
79
90
|
return found_languages
|
|
80
91
|
|
|
81
92
|
@export(record=UnixKeyboardRecord)
|
|
82
|
-
def keyboard(self):
|
|
93
|
+
def keyboard(self) -> Iterator[UnixKeyboardRecord]:
|
|
83
94
|
"""Get the keyboard layout(s) of the system."""
|
|
84
95
|
|
|
85
96
|
paths = ["/etc/default/keyboard", "/etc/vconsole.conf"] + list(
|
|
@@ -69,7 +69,10 @@ class ADPolicyPlugin(Plugin):
|
|
|
69
69
|
xml = task_file.read_text()
|
|
70
70
|
tree = ElementTree.fromstring(xml)
|
|
71
71
|
for task in tree.findall(".//{*}Task"):
|
|
72
|
-
|
|
72
|
+
# https://github.com/python/cpython/issues/83122
|
|
73
|
+
if (properties := task.find("Properties")) is None:
|
|
74
|
+
properties = task
|
|
75
|
+
|
|
73
76
|
task_data = ElementTree.tostring(task)
|
|
74
77
|
yield ADPolicyRecord(
|
|
75
78
|
last_modification_time=task_file_stat.st_mtime,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import binascii
|
|
2
2
|
from datetime import datetime
|
|
3
|
-
from enum import IntEnum
|
|
3
|
+
from enum import IntEnum
|
|
4
4
|
from io import BytesIO
|
|
5
5
|
from typing import Callable, Generator, Optional, Tuple, Union
|
|
6
6
|
|
|
@@ -116,7 +116,7 @@ class SHIMCACHE_WIN_TYPE(IntEnum):
|
|
|
116
116
|
VERSION_NT61 = 0x0601
|
|
117
117
|
VERSION_NT52 = 0x0502
|
|
118
118
|
|
|
119
|
-
VERSION_WIN81_NO_HEADER = auto()
|
|
119
|
+
VERSION_WIN81_NO_HEADER = 0x1002 # auto()
|
|
120
120
|
|
|
121
121
|
|
|
122
122
|
def win_10_path(ed: Structure) -> str:
|
|
@@ -189,7 +189,7 @@ class XmlTask:
|
|
|
189
189
|
bytes: The raw XML data as string of the element if found, otherwise None.
|
|
190
190
|
"""
|
|
191
191
|
data = self.task_element.find(xml_path) if xml_path else self.task_element
|
|
192
|
-
if data:
|
|
192
|
+
if data is not None:
|
|
193
193
|
return ElementTree.tostring(data, encoding="utf-8").strip()
|
|
194
194
|
|
|
195
195
|
def get_triggers(self) -> Iterator[GroupedRecord]:
|
dissect/target/tools/query.py
CHANGED
|
@@ -5,7 +5,7 @@ import argparse
|
|
|
5
5
|
import logging
|
|
6
6
|
import pathlib
|
|
7
7
|
import sys
|
|
8
|
-
from datetime import datetime
|
|
8
|
+
from datetime import datetime, timezone
|
|
9
9
|
from typing import Callable
|
|
10
10
|
|
|
11
11
|
from flow.record import RecordPrinter, RecordStreamWriter, RecordWriter
|
|
@@ -390,7 +390,7 @@ def main():
|
|
|
390
390
|
log.debug("", exc_info=e)
|
|
391
391
|
parser.exit(1)
|
|
392
392
|
|
|
393
|
-
timestamp = datetime.
|
|
393
|
+
timestamp = datetime.now(tz=timezone.utc)
|
|
394
394
|
|
|
395
395
|
execution_report.set_plugin_stats(PLUGINS)
|
|
396
396
|
log.debug("%s", execution_report.get_formatted_report())
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.19.
|
|
3
|
+
Version: 3.19.dev56
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -197,7 +197,7 @@ dissect/target/plugins/os/unix/datetime.py,sha256=gKfBdPyUirt3qmVYfOJ1oZXRPn8wRz
|
|
|
197
197
|
dissect/target/plugins/os/unix/etc.py,sha256=HoPEC1hxqurSnAXQAK-jf_HxdBIDe-1z_qSw_n-ViI4,258
|
|
198
198
|
dissect/target/plugins/os/unix/generic.py,sha256=6_MJrV1LbIxNQJwAZR0HEQljoxwF5BPQC1SfCTcaSHg,2127
|
|
199
199
|
dissect/target/plugins/os/unix/history.py,sha256=rvRlcHw3wEtgdyfjX-RBLQUQAd0uHzfZmfW6FUb6s5U,6435
|
|
200
|
-
dissect/target/plugins/os/unix/locale.py,sha256=
|
|
200
|
+
dissect/target/plugins/os/unix/locale.py,sha256=XOcKBwfK3YJ266eBFKNc1xaZgY8QEQGJOS8PJRJt4ME,4292
|
|
201
201
|
dissect/target/plugins/os/unix/packagemanager.py,sha256=Wm2AAJOD_B3FAcZNXgWtSm_YwbvrHBYOP8bPmOXNjG4,2427
|
|
202
202
|
dissect/target/plugins/os/unix/shadow.py,sha256=W6W6rMru7IVnuBc6sl5wsRWTOrJdS1s7_2_q7QRf7Is,4148
|
|
203
203
|
dissect/target/plugins/os/unix/bsd/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -219,7 +219,7 @@ dissect/target/plugins/os/unix/esxi/_os.py,sha256=s6pAgUyfHh3QcY6sgvk5uVMmLvqK1t
|
|
|
219
219
|
dissect/target/plugins/os/unix/etc/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
220
220
|
dissect/target/plugins/os/unix/etc/etc.py,sha256=px_UwtPuk_scD-3nKJQZ0ao5lus9-BrSU4lPZWelYzI,2541
|
|
221
221
|
dissect/target/plugins/os/unix/linux/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
222
|
-
dissect/target/plugins/os/unix/linux/_os.py,sha256=
|
|
222
|
+
dissect/target/plugins/os/unix/linux/_os.py,sha256=ktEx_VhRB9vvZePo3-np2_L3yzUPq1Cc_D_1lnPq4-4,3023
|
|
223
223
|
dissect/target/plugins/os/unix/linux/cmdline.py,sha256=AyMfndt3UsmJtoOyZYC8nWq2GZg9oPvn8SiI3M4NxnE,1622
|
|
224
224
|
dissect/target/plugins/os/unix/linux/environ.py,sha256=UOQD7Xmu754u2oAh3L5g5snuz-gv4jbWbVy46qszYjo,1881
|
|
225
225
|
dissect/target/plugins/os/unix/linux/iptables.py,sha256=qTzY5PHHXA33WnPYb5NESgoSwI7ECZ8YPoEe_Fmln-8,6045
|
|
@@ -243,7 +243,7 @@ dissect/target/plugins/os/unix/linux/fortios/_os.py,sha256=Cyw6KyGNc-uZn2WDlD-7G
|
|
|
243
243
|
dissect/target/plugins/os/unix/linux/fortios/generic.py,sha256=tT4-lE0Z_DeDIN3zHrQbE8JB3cRJop1_TiEst-Au0bs,1230
|
|
244
244
|
dissect/target/plugins/os/unix/linux/fortios/locale.py,sha256=VDdk60sqe2JTfftssO05C667-_BpI3kcqKOTVzO3ueU,5209
|
|
245
245
|
dissect/target/plugins/os/unix/linux/redhat/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
246
|
-
dissect/target/plugins/os/unix/linux/redhat/_os.py,sha256=
|
|
246
|
+
dissect/target/plugins/os/unix/linux/redhat/_os.py,sha256=fHXBFJ3ZJDs4mbyI1oubCgkD5liGPZuJzclz-fUGXYc,584
|
|
247
247
|
dissect/target/plugins/os/unix/linux/redhat/yum.py,sha256=kEvB-C2CNoqxSbgGRZiuo6CMPBo_hMWy2KQIE4SNkdQ,2134
|
|
248
248
|
dissect/target/plugins/os/unix/linux/suse/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
249
249
|
dissect/target/plugins/os/unix/linux/suse/_os.py,sha256=eaqgnkbunBJ2Hf_GE96THjfT3ybVIZvtWId-dx3JMV4,575
|
|
@@ -264,7 +264,7 @@ dissect/target/plugins/os/unix/log/utmp.py,sha256=1nPHIaBUHt_9z6PDrvyqg4huKLihUa
|
|
|
264
264
|
dissect/target/plugins/os/windows/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
265
265
|
dissect/target/plugins/os/windows/_os.py,sha256=uBa0dVkFxDsxHAU3T23UEIOCgAx5R6cIpCgbGq3fflY,13131
|
|
266
266
|
dissect/target/plugins/os/windows/activitiescache.py,sha256=Q2aILnhJ2rp2AwEbWwyBuSLjMbGqaYJTsavSbfkcFKE,6741
|
|
267
|
-
dissect/target/plugins/os/windows/adpolicy.py,sha256=
|
|
267
|
+
dissect/target/plugins/os/windows/adpolicy.py,sha256=qjv0s-gAIGKCznWdVOARJbLXnCKYgvzoFNWoXnq3m1M,7102
|
|
268
268
|
dissect/target/plugins/os/windows/amcache.py,sha256=ZZNOs3bILTf0AGkDkhoatndl0j39DXkstN7oOyxJECU,27188
|
|
269
269
|
dissect/target/plugins/os/windows/catroot.py,sha256=QVwMF5nuMzCkWnoOMs5BkwYoKN61HKmlxo8mKMoD3w8,10937
|
|
270
270
|
dissect/target/plugins/os/windows/cim.py,sha256=jsrpu6TZpBUh7VWI9AV2Ib5bebTwsvqOwRfa5gjJd7c,3056
|
|
@@ -323,14 +323,14 @@ dissect/target/plugins/os/windows/regf/recentfilecache.py,sha256=goS6ajLIh6ZU-Gq
|
|
|
323
323
|
dissect/target/plugins/os/windows/regf/regf.py,sha256=D1GrljF-sV8cWIjWJ3zH7k52i1OWD8poEC_PIeZMEis,3419
|
|
324
324
|
dissect/target/plugins/os/windows/regf/runkeys.py,sha256=-2HcdnVytzCt1xwgAI8rHDnwk8kwLPWURumvhrGnIHU,4278
|
|
325
325
|
dissect/target/plugins/os/windows/regf/shellbags.py,sha256=hXAqThFkHmGPmhNRSXwMNzw25kAyIC6OOZivgpPEwTQ,25679
|
|
326
|
-
dissect/target/plugins/os/windows/regf/shimcache.py,sha256=
|
|
326
|
+
dissect/target/plugins/os/windows/regf/shimcache.py,sha256=TY7GEFnxb8h99q12CzM0SwVlUymi4hFPae3uuM0M6kY,9998
|
|
327
327
|
dissect/target/plugins/os/windows/regf/trusteddocs.py,sha256=3yvpBDM-Asg0rvGN2TwALGRm9DYogG6TxRau9D6FBbw,3700
|
|
328
328
|
dissect/target/plugins/os/windows/regf/usb.py,sha256=nSAHB4Cdd0wF2C1EK_XYOfWCyqOgTZCLfDhuSmr7rdM,9709
|
|
329
329
|
dissect/target/plugins/os/windows/regf/userassist.py,sha256=bSioEQdqUxdGwkdgMUfDIY2_pzrl9PdxPjmzmMaIwHs,5490
|
|
330
330
|
dissect/target/plugins/os/windows/task_helpers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
331
331
|
dissect/target/plugins/os/windows/task_helpers/tasks_job.py,sha256=7w3UGOiTAUQkP3xQ3sj4X3MTgHUJmmfdgiEadWmYquI,21197
|
|
332
332
|
dissect/target/plugins/os/windows/task_helpers/tasks_records.py,sha256=vpCyKqLQSzI5ymD1h5P6RncLEE47YtmjDFwKA16dVZ4,4046
|
|
333
|
-
dissect/target/plugins/os/windows/task_helpers/tasks_xml.py,sha256=
|
|
333
|
+
dissect/target/plugins/os/windows/task_helpers/tasks_xml.py,sha256=fKwh9jtOP_gzWC_QTyuNScAvjJzWJphSz436aPknXzQ,15280
|
|
334
334
|
dissect/target/tools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
335
335
|
dissect/target/tools/build_pluginlist.py,sha256=5fomcuMwsVzcnYx5Htf5f9lSwsLeUUvomLUXNA4t7m4,849
|
|
336
336
|
dissect/target/tools/dd.py,sha256=rTM-lgXxrYBpVAtJqFqAatDz45bLoD8-mFt_59Q3Lio,1928
|
|
@@ -339,7 +339,7 @@ dissect/target/tools/fsutils.py,sha256=dyAdp2fzydcozaIZ1mFTpdUeVcibYNJCHN8AFw5Fo
|
|
|
339
339
|
dissect/target/tools/info.py,sha256=8nnbqFUYeo4NLPE7ORcTBcDL-TioGB2Nqc1TKcu5qdY,5715
|
|
340
340
|
dissect/target/tools/logging.py,sha256=5ZnumtMWLyslxfrUGZ4ntRyf3obOOhmn8SBjKfdLcEg,4174
|
|
341
341
|
dissect/target/tools/mount.py,sha256=L_0tSmiBdW4aSaF0vXjB0bAkTC0kmT2N1hrbW6s5Jow,3254
|
|
342
|
-
dissect/target/tools/query.py,sha256=
|
|
342
|
+
dissect/target/tools/query.py,sha256=XgMDSfaN4SivJmIIEntYJOXcOEwWrUp_tYt5AjEtB4k,15602
|
|
343
343
|
dissect/target/tools/reg.py,sha256=FDsiBBDxjWVUBTRj8xn82vZe-J_d9piM-TKS3PHZCcM,3193
|
|
344
344
|
dissect/target/tools/shell.py,sha256=dmshIriwdd_UwrdUcTfWkcYD8Z0mjzbDqwyZG-snDdM,50482
|
|
345
345
|
dissect/target/tools/utils.py,sha256=nnhjNW8v99eVZQ-CgxTbsi8Wa6Z2XKDFr1aWakgq9jc,12191
|
|
@@ -356,10 +356,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
356
356
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
357
357
|
dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
|
|
358
358
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
359
|
-
dissect.target-3.19.
|
|
360
|
-
dissect.target-3.19.
|
|
361
|
-
dissect.target-3.19.
|
|
362
|
-
dissect.target-3.19.
|
|
363
|
-
dissect.target-3.19.
|
|
364
|
-
dissect.target-3.19.
|
|
365
|
-
dissect.target-3.19.
|
|
359
|
+
dissect.target-3.19.dev56.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
360
|
+
dissect.target-3.19.dev56.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
361
|
+
dissect.target-3.19.dev56.dist-info/METADATA,sha256=L-B6HjmylvgtkkqzQNrLepKXEn8hhjbxaW8R8xvb-3Y,12897
|
|
362
|
+
dissect.target-3.19.dev56.dist-info/WHEEL,sha256=cVxcB9AmuTcXqmwrtPhNK88dr7IR_b6qagTj0UvIEbY,91
|
|
363
|
+
dissect.target-3.19.dev56.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
|
|
364
|
+
dissect.target-3.19.dev56.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
365
|
+
dissect.target-3.19.dev56.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{dissect.target-3.19.dev54.dist-info → dissect.target-3.19.dev56.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
|
File without changes
|