PyPI - dissect.target - Versions diffs - 3.19.dev58__py3-none-any.whl → 3.20__py3-none-any.whl - Mend

dissect.target 3.19.dev58py3-none-any.whl → 3.20py3-none-any.whl

Files changed (180) hide show

dissect/target/container.py +1 -1
dissect/target/exceptions.py +6 -5
dissect/target/filesystem.py +2 -2
dissect/target/filesystems/btrfs.py +14 -5
dissect/target/filesystems/config.py +5 -1
dissect/target/filesystems/extfs.py +5 -4
dissect/target/filesystems/fat.py +22 -16
dissect/target/filesystems/ffs.py +11 -4
dissect/target/filesystems/jffs.py +12 -7
dissect/target/filesystems/ntfs.py +22 -6
dissect/target/filesystems/overlay.py +14 -4
dissect/target/filesystems/smb.py +3 -3
dissect/target/filesystems/squashfs.py +4 -4
dissect/target/filesystems/vmfs.py +4 -4
dissect/target/filesystems/xfs.py +15 -8
dissect/target/helpers/compat/path_common.py +5 -5
dissect/target/helpers/configutil.py +128 -32
dissect/target/helpers/cyber.py +2 -0
dissect/target/helpers/data/windowsZones.xml +19 -23
dissect/target/helpers/docs.py +1 -1
dissect/target/helpers/keychain.py +2 -0
dissect/target/helpers/mount.py +2 -1
dissect/target/helpers/record.py +29 -2
dissect/target/helpers/record_modifier.py +5 -1
dissect/target/helpers/regutil.py +56 -26
dissect/target/loader.py +1 -1
dissect/target/loaders/mqtt.py +104 -9
dissect/target/loaders/proxmox.py +68 -0
dissect/target/loaders/vma.py +1 -1
dissect/target/loaders/xva.py +1 -1
dissect/target/plugin.py +24 -21
dissect/target/plugins/apps/av/mcafee.py +2 -0
dissect/target/plugins/apps/av/sophos.py +2 -0
dissect/target/plugins/apps/av/trendmicro.py +2 -0
dissect/target/plugins/apps/browser/chromium.py +27 -6
dissect/target/plugins/apps/container/docker.py +48 -32
dissect/target/plugins/apps/editor/__init__.py +0 -0
dissect/target/plugins/apps/editor/editor.py +23 -0
dissect/target/plugins/apps/{texteditor → editor}/windowsnotepad.py +40 -31
dissect/target/plugins/apps/other/__init__.py +0 -0
dissect/target/plugins/apps/other/env.py +56 -0
dissect/target/plugins/apps/shell/powershell.py +6 -2
dissect/target/plugins/apps/shell/wget.py +91 -0
dissect/target/plugins/apps/ssh/openssh.py +2 -0
dissect/target/plugins/apps/ssh/opensshd.py +2 -0
dissect/target/plugins/apps/virtualization/__init__.py +0 -0
dissect/target/plugins/apps/virtualization/vmware_workstation.py +61 -0
dissect/target/plugins/apps/vpn/wireguard.py +9 -9
dissect/target/plugins/apps/webhosting/cpanel.py +2 -0
dissect/target/plugins/apps/webserver/caddy.py +2 -0
dissect/target/plugins/apps/webserver/nginx.py +2 -0
dissect/target/plugins/child/esxi.py +3 -1
dissect/target/plugins/child/parallels.py +68 -0
dissect/target/plugins/child/proxmox.py +23 -0
dissect/target/plugins/child/virtuozzo.py +12 -8
dissect/target/plugins/child/vmware_workstation.py +23 -8
dissect/target/plugins/filesystem/acquire_hash.py +2 -1
dissect/target/plugins/filesystem/icat.py +15 -11
dissect/target/plugins/filesystem/ntfs/mft.py +10 -6
dissect/target/plugins/filesystem/ntfs/mft_timeline.py +3 -1
dissect/target/plugins/filesystem/ntfs/usnjrnl.py +2 -0
dissect/target/plugins/filesystem/ntfs/utils.py +3 -1
dissect/target/plugins/filesystem/unix/suid.py +4 -1
dissect/target/plugins/filesystem/walkfs.py +2 -0
dissect/target/plugins/general/example.py +2 -2
dissect/target/plugins/general/loaders.py +18 -5
dissect/target/plugins/general/network.py +20 -5
dissect/target/plugins/general/osinfo.py +1 -0
dissect/target/plugins/general/plugins.py +53 -10
dissect/target/plugins/os/unix/_os.py +70 -44
dissect/target/plugins/os/unix/applications.py +78 -0
dissect/target/plugins/os/unix/bsd/citrix/history.py +2 -0
dissect/target/plugins/os/unix/bsd/osx/_os.py +4 -21
dissect/target/plugins/os/unix/bsd/osx/network.py +92 -0
dissect/target/plugins/os/unix/bsd/osx/user.py +4 -0
dissect/target/plugins/os/unix/cronjobs.py +8 -4
dissect/target/plugins/os/unix/etc/etc.py +4 -0
dissect/target/plugins/os/unix/generic.py +2 -0
dissect/target/plugins/os/unix/history.py +27 -25
dissect/target/plugins/os/unix/linux/_os.py +8 -10
dissect/target/plugins/os/unix/linux/cmdline.py +2 -0
dissect/target/plugins/os/unix/linux/debian/apt.py +4 -1
dissect/target/plugins/os/unix/linux/debian/dpkg.py +3 -3
dissect/target/plugins/os/unix/linux/debian/proxmox/__init__.py +0 -0
dissect/target/plugins/os/unix/linux/debian/proxmox/_os.py +141 -0
dissect/target/plugins/os/unix/linux/debian/proxmox/vm.py +29 -0
dissect/target/plugins/os/unix/linux/debian/snap.py +79 -0
dissect/target/plugins/os/unix/linux/environ.py +2 -0
dissect/target/plugins/os/unix/linux/fortios/_os.py +74 -63
dissect/target/plugins/os/unix/linux/fortios/generic.py +2 -0
dissect/target/plugins/os/unix/linux/fortios/locale.py +2 -0
dissect/target/plugins/os/unix/linux/modules.py +2 -0
dissect/target/plugins/os/unix/linux/netstat.py +2 -0
dissect/target/{helpers → plugins/os/unix/linux}/network_managers.py +11 -9
dissect/target/plugins/os/unix/linux/processes.py +2 -0
dissect/target/plugins/os/unix/linux/redhat/yum.py +4 -1
dissect/target/plugins/os/unix/linux/services.py +5 -3
dissect/target/plugins/os/unix/linux/sockets.py +2 -0
dissect/target/plugins/os/unix/linux/suse/zypper.py +4 -1
dissect/target/plugins/os/unix/locale.py +2 -0
dissect/target/plugins/os/unix/locate/gnulocate.py +4 -2
dissect/target/plugins/os/unix/locate/mlocate.py +2 -0
dissect/target/plugins/os/unix/locate/plocate.py +3 -1
dissect/target/plugins/os/unix/log/atop.py +2 -0
dissect/target/plugins/os/unix/log/audit.py +3 -1
dissect/target/plugins/os/unix/log/auth.py +351 -38
dissect/target/plugins/os/unix/log/journal.py +123 -101
dissect/target/plugins/os/unix/log/lastlog.py +5 -3
dissect/target/plugins/os/unix/log/messages.py +51 -27
dissect/target/plugins/os/unix/log/utmp.py +52 -71
dissect/target/plugins/os/unix/packagemanager.py +5 -38
dissect/target/plugins/os/unix/shadow.py +3 -1
dissect/target/plugins/os/unix/trash.py +132 -0
dissect/target/plugins/os/windows/_os.py +22 -41
dissect/target/plugins/os/windows/activitiescache.py +9 -4
dissect/target/plugins/os/windows/adpolicy.py +2 -1
dissect/target/plugins/os/windows/amcache.py +16 -13
dissect/target/plugins/os/windows/defender.py +4 -3
dissect/target/plugins/os/windows/dpapi/keyprovider/credhist.py +3 -0
dissect/target/plugins/os/windows/dpapi/keyprovider/empty.py +3 -0
dissect/target/plugins/os/windows/dpapi/keyprovider/keychain.py +3 -0
dissect/target/plugins/os/windows/dpapi/keyprovider/lsa.py +3 -0
dissect/target/plugins/os/windows/env.py +1 -2
dissect/target/plugins/os/windows/exchange/exchange.py +6 -4
dissect/target/plugins/os/windows/generic.py +68 -19
dissect/target/plugins/os/windows/lnk.py +2 -0
dissect/target/plugins/os/windows/locale.py +9 -3
dissect/target/plugins/os/windows/log/etl.py +5 -4
dissect/target/plugins/os/windows/log/evt.py +12 -8
dissect/target/plugins/os/windows/log/evtx.py +9 -7
dissect/target/plugins/os/windows/log/mssql.py +103 -0
dissect/target/plugins/os/windows/log/pfro.py +2 -1
dissect/target/plugins/os/windows/network.py +380 -0
dissect/target/plugins/os/windows/notifications.py +6 -4
dissect/target/plugins/os/windows/prefetch.py +7 -2
dissect/target/plugins/os/windows/regf/7zip.py +9 -1
dissect/target/plugins/os/windows/regf/applications.py +62 -0
dissect/target/plugins/os/windows/regf/auditpol.py +2 -1
dissect/target/plugins/os/windows/regf/bam.py +3 -1
dissect/target/plugins/os/windows/regf/cit.py +14 -12
dissect/target/plugins/os/windows/regf/clsid.py +6 -3
dissect/target/plugins/os/windows/regf/firewall.py +2 -1
dissect/target/plugins/os/windows/regf/mru.py +9 -8
dissect/target/plugins/os/windows/regf/nethist.py +6 -3
dissect/target/plugins/os/windows/regf/recentfilecache.py +3 -1
dissect/target/plugins/os/windows/regf/regf.py +5 -1
dissect/target/plugins/os/windows/regf/shellbags.py +351 -345
dissect/target/plugins/os/windows/regf/shimcache.py +1 -1
dissect/target/plugins/os/windows/regf/usb.py +2 -1
dissect/target/plugins/os/windows/regf/userassist.py +2 -1
dissect/target/plugins/os/windows/registry.py +11 -0
dissect/target/plugins/os/windows/services.py +3 -2
dissect/target/plugins/os/windows/startupinfo.py +7 -2
dissect/target/plugins/os/windows/syscache.py +5 -2
dissect/target/plugins/os/windows/tasks.py +1 -1
dissect/target/plugins/os/windows/thumbcache.py +11 -5
dissect/target/plugins/os/windows/ual.py +12 -9
dissect/target/plugins/os/windows/wer.py +21 -6
dissect/target/plugins/os/windows/wua_history.py +0 -1
dissect/target/target.py +13 -8
dissect/target/tools/dump/utils.py +4 -0
dissect/target/tools/fsutils.py +1 -1
dissect/target/tools/info.py +1 -1
dissect/target/tools/mount.py +15 -5
dissect/target/tools/query.py +15 -9
dissect/target/tools/shell.py +98 -9
dissect/target/tools/utils.py +7 -7
dissect/target/volume.py +4 -4
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/METADATA +6 -2
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/RECORD +176 -160
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/WHEEL +1 -1
dissect/target/helpers/targetd.py +0 -58
dissect/target/loaders/targetd.py +0 -223
dissect/target/plugins/apps/texteditor/texteditor.py +0 -13
dissect/target/plugins/os/unix/etc.py +0 -9
/dissect/target/plugins/apps/{texteditor → database}/__init__.py +0 -0
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/COPYRIGHT +0 -0
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/LICENSE +0 -0
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/entry_points.txt +0 -0
{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/top_level.txt +0 -0

dissect/target/helpers/targetd.py DELETED Viewed

@@ -1,58 +0,0 @@
-from __future__ import annotations
-import functools
-from typing import Any, Callable, Optional, Union
-from dissect.util.stream import AlignedStream
-from dissect.target.exceptions import FatalError
-from dissect.target.loader import Loader
-class TargetdStream(AlignedStream):
-    def _read(self, offset: int, length: int) -> bytes:
-        return b""
-# Marker interface to indicate this loader loads targets from remote machines
-class ProxyLoader(Loader):
-    pass
-class TargetdInvalidStateError(FatalError):
-    pass
-class CommandProxy:
-    def __init__(self, loader: Loader, func: Callable, namespace: Optional[str] = None):
-        self._loader = loader
-        self._func = func
-        self._namespace = namespace or func
-    def __getattr__(self, func: Union[Callable, str]) -> CommandProxy:
-        if func == "func":
-            return self._func.func
-        self._func = func
-        return self
-    def command(self) -> Callable:
-        namespace = None if self._func == self._namespace else self._namespace
-        return self._get(namespace, self._func)
-    def _get(self, namespace: Optional[str], plugin_func: Callable) -> Callable:
-        if namespace:
-            func = functools.update_wrapper(
-                functools.partial(self._loader.plugin_bridge, plugin_func=self._func, namespace=self._namespace),
-                self._loader.plugin_bridge,
-            )
-        else:
-            func = functools.update_wrapper(
-                functools.partial(self._loader.plugin_bridge, plugin_func=plugin_func), self._loader.plugin_bridge
-            )
-        return func
-    def __call__(self, *args, **kwargs) -> Any:
-        return self.command()(*args, **kwargs)
-    def __repr__(self) -> str:
-        return str(self._get(None, "get")(**{"property_name": self._func}))

dissect/target/loaders/targetd.py DELETED Viewed

@@ -1,223 +0,0 @@
-from __future__ import annotations
-import functools
-import ssl
-import time
-import urllib
-from pathlib import Path
-from platform import os
-from typing import Any, Callable, Optional, Union
-from dissect.target.containers.raw import RawContainer
-from dissect.target.exceptions import LoaderError
-# to avoid loading issues during automatic loader detection
-from dissect.target.helpers.targetd import (
-    CommandProxy,
-    ProxyLoader,
-    TargetdInvalidStateError,
-    TargetdStream,
-)
-from dissect.target.loader import Loader
-from dissect.target.plugin import Plugin, export
-from dissect.target.target import Target
-TARGETD_AVAILABLE = False
-try:
-    from flow import remoting
-    from targetd.clients import Client
-    TARGETD_AVAILABLE = True
-except Exception:
-    pass
-class TargetdLoader(ProxyLoader):
-    """Load remote targets through a broker."""
-    instance = None
-    def __init__(self, path: Union[Path, str], **kwargs):
-        super().__init__(path)
-        self._plugin_func = None
-        self.client = None
-        self.output = None
-        self.peers = 1
-        self.cacert = None
-        self.adapter = "Flow.Remoting"
-        self.host = "localhost"
-        self.port = 1883
-        self.chunking = True
-        self.local_link = "unix:///tmp/targetd" if os.name == "posix" else "pipe:///tmp/targetd"
-        # @todo Add these options to loader help (when available)
-        self.configurables = [
-            ["cacert", Path, "SSL: cacert file"],
-            ["host", str, "IP-address of targetd broker"],
-            ["port", int, "Port for connecting to targetd broker"],
-            ["local_link", str, "Domain socket or named pipe"],
-            ["adapter", str, "Adapter to use"],
-            ["peers", int, "Minimum number of hosts to wait for before executing query"],
-            ["chunking", int, "Chunk mode"],
-        ]
-        uri = kwargs.get("parsed_path")
-        if uri is None:
-            raise LoaderError("No URI connection details have been passed.")
-        self.uri = uri.path
-        self.options = dict(urllib.parse.parse_qsl(uri.query, keep_blank_values=True))
-    def _process_options(self, target: Target) -> None:
-        for configurable_details in self.configurables:
-            configurable, value_type, description = configurable_details
-            configuration = self.options.get(configurable)
-            if not configuration:
-                default_value = getattr(self, configurable)
-                target.log.warning("%s not configured, using: %s=%s", description, configurable, default_value)
-            else:
-                setattr(self, configurable, value_type(configuration))
-    @export(output="record", cache=False)
-    def plugin_bridge(self, *args, **kwargs) -> list[Any]:
-        """Command Execution Bridge Plugin for Targetd.
-        This is a generic plugin interceptor that becomes active only if using
-        the targetd loader. This plugin acts as a bridge to connect to the Targetd broker
-        and will translate the requested plugin-operation into Targetd-commands using the selected
-        adapter (i.e. Flow.Remoting).
-        """
-        if not TARGETD_AVAILABLE:
-            raise ImportError("This loader requires the targetd package to be installed.")
-        self.output = None
-        self.has_output = False
-        plugin_func = kwargs.pop("plugin_func", None)
-        if self.client is None:
-            ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
-            ssl_context.check_hostname = False
-            if self.cacert and not self.cacert.exists():
-                raise LoaderError(f"file not found: {self.cacert}")
-            if self.cacert:
-                ssl_context.load_verify_locations(self.cacert)
-            else:
-                ssl_context.load_default_certs(purpose=ssl.Purpose.SERVER_AUTH)
-            self.client = Client(self.host, self.port, ssl_context, [self.uri], self.local_link, "targetd")
-            self.client.module_fullname = "dissect.target.loaders"
-            self.client.module_fromlist = ["command_runner"]
-            self.client.command = plugin_func
-            try:
-                self.client.start(*args, **kwargs)
-            except Exception:
-                # If something happens that prevents targetd from properly closing/resetting the
-                # connection, this exception is thrown during the next connection and the connection
-                # is closed properly after all so that the next time the loader will be able to
-                # use a new connection with a new session.
-                self.client.close()
-                raise TargetdInvalidStateError("Targetd connection is in invalid state, retry.")
-        else:
-            self.client.command = plugin_func
-            self.client.exec_command(*args, **kwargs)
-        while not self.has_output:
-            time.sleep(1)
-        return self.output
-    def _get_command(self, func: str, namespace: str = None) -> tuple[Loader, functools.partial]:
-        return (self, CommandProxy(self, func, namespace=namespace))
-    def each(self, func: Callable, target: Optional[Target] = None) -> Any:
-        """Allows you to attach a scriptlet (function) to each of the remote hosts.
-        The results of the function are accumulated using +=. Exceptions are
-        catched and logged as warnings.
-        Usage:
-        def my_function(remote_target):
-            ...do something interesting...
-        targets = Target.open( targetd://... )
-        targets.each(my_function)
-        """
-        result = None
-        if not self.client:
-            target.init()
-        for peer in self.client.peers:
-            target.select(peer)
-            try:
-                if result is None:
-                    result = func(target)
-                else:
-                    result += func(target)
-            except Exception as failure:
-                target.log.warning("Exception while applying function to target: %s: %s", peer, failure)
-        return result
-    def _add_plugin(self, plugin: Plugin):
-        plugin.check_compatibe = lambda: True
-    def map(self, target: Target) -> None:
-        if TargetdLoader.instance:
-            raise Exception("You can only initiated 1 targetd control connection per session.")
-        self._process_options(target)
-        target.disks.add(RawContainer(TargetdStream()))
-        target.get_function = self._get_command
-        target.add_plugin = self._add_plugin
-        target.each = functools.update_wrapper(functools.partial(self.each, target=target), self.each)
-        TargetdLoader.instance = self
-    @staticmethod
-    def detect(path: Path) -> bool:
-        # You can only activate this loader by URI-scheme "targetd://"
-        return False
-    def __del__(self) -> None:
-        if self.client:
-            self.client.close()
-if TARGETD_AVAILABLE:
-    # Loader has to provide the control script for targetd in this case
-    def command_runner(link: str, targetd: Client, *args, **kwargs) -> None:
-        caller = TargetdLoader.instance
-        if not targetd.rpcs:
-            targetd.easy_connect_remoting(remoting, link, caller.peers)
-        obj = targetd.rpcs
-        if namespace := kwargs.get("namespace", None):
-            obj = getattr(obj, namespace)
-        caller.has_output = True
-        if targetd.command == "init":
-            caller.output = True
-            return
-        if targetd.command == "select":
-            targetd.rpcs.select(*args)
-            caller.output = True
-            return
-        if targetd.command == "deselect":
-            targetd.rpcs.deselect()
-            caller.output = True
-            return
-        func = getattr(obj, targetd.command)
-        result = func(*args, **kwargs)
-        if result is not None:
-            if targetd.command == "get":
-                result = list(result)[0]
-            elif caller.chunking:
-                data = []
-                gen = func()
-                targetd.reset()
-                while True:
-                    try:
-                        data.append(next(gen))
-                    except Exception:
-                        break
-                result = data
-            caller.output = result
-        targetd.reset()

dissect/target/plugins/apps/texteditor/texteditor.py DELETED Viewed

@@ -1,13 +0,0 @@
-from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
-from dissect.target.helpers.record import create_extended_descriptor
-from dissect.target.plugin import NamespacePlugin
-GENERIC_TAB_CONTENTS_RECORD_FIELDS = [("string", "content"), ("path", "path"), ("string", "deleted_content")]
-TexteditorTabContentRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
-    "texteditor/tab", GENERIC_TAB_CONTENTS_RECORD_FIELDS
-)
-class TexteditorPlugin(NamespacePlugin):
-    __namespace__ = "texteditor"

dissect/target/plugins/os/unix/etc.py DELETED Viewed

@@ -1,9 +0,0 @@
-from dissect.target import Target
-from dissect.target.plugins.general.config import ConfigurationTreePlugin
-class EtcTree(ConfigurationTreePlugin):
-    __namespace__ = "etc"
-    def __init__(self, target: Target):
-        super().__init__(target, "/etc")

/dissect/target/plugins/apps/{texteditor → database}/__init__.py RENAMED Viewed

File without changes

{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/COPYRIGHT RENAMED Viewed

File without changes

{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/LICENSE RENAMED Viewed

File without changes

{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{dissect.target-3.19.dev58.dist-info → dissect.target-3.20.dist-info}/top_level.txt RENAMED Viewed

File without changes

dissect.target 3.19.dev58__py3-none-any.whl → 3.20__py3-none-any.whl

dissect.target 3.19.dev58py3-none-any.whl → 3.20py3-none-any.whl