dissect.target 3.20.2.dev12__py3-none-any.whl → 3.20.2.dev14__py3-none-any.whl

dissect/target/plugins/os/unix/linux/_os.py

@@ -8,6 +8,7 @@ from dissect.target.plugins.os.unix._os import UnixPlugin
 from dissect.target.plugins.os.unix.bsd.osx._os import MacPlugin
 from dissect.target.plugins.os.unix.linux.network_managers import (
     LinuxNetworkManager,
+    parse_unix_dhcp_leases,
     parse_unix_dhcp_log_messages,
 )
 from dissect.target.plugins.os.windows._os import WindowsPlugin
@@ -39,8 +40,11 @@ class LinuxPlugin(UnixPlugin, LinuxNetworkManager):
         for ip_set in self.network_manager.get_config_value("ips"):
             ips.update(ip_set)
 
-        for ip in parse_unix_dhcp_log_messages(self.target, iter_all=False):
-            ips.add(ip)
+        if dhcp_lease_ips := parse_unix_dhcp_leases(self.target):
+            ips.update(dhcp_lease_ips)
+
+        elif dhcp_log_ips := parse_unix_dhcp_log_messages(self.target, iter_all=False):
+            ips.update(dhcp_log_ips)
 
         return list(ips)
 

dissect/target/plugins/os/unix/linux/network_managers.py

@@ -12,6 +12,7 @@ from typing import TYPE_CHECKING, Any, Callable, Iterable, Iterator, Match
 from defusedxml import ElementTree
 
 from dissect.target.exceptions import PluginError
+from dissect.target.helpers import configutil
 
 if TYPE_CHECKING:
     from dissect.target.helpers.fsutil import TargetPath
@@ -601,6 +602,40 @@ def parse_unix_dhcp_log_messages(target: Target, iter_all: bool = False) -> set[
     return ips
 
 
+def parse_unix_dhcp_leases(target: Target) -> set[str]:
+    """Parse NetworkManager and dhclient DHCP ``.lease`` files.
+
+    Resources:
+        - https://linux.die.net/man/5/dhclient.conf
+
+    Args:
+        target: Target to discover and obtain network information from.
+
+    Returns:
+        A set of found DHCP IP addresses.
+    """
+    ips = set()
+
+    for lease_file in chain(
+        target.fs.path("/var/lib/NetworkManager").glob("*.lease*"),
+        target.fs.path("/var/lib/dhcp").glob("*.lease*"),
+        target.fs.path("/var/lib/dhclient").glob("*.lease*"),
+    ):
+        lease_text = lease_file.read_text()
+
+        if "lease {" in lease_text:
+            for line in lease_text.split("\n"):
+                if "fixed-address" in line:
+                    ips.add(line.split(" ")[-1].strip(";"))
+
+        elif "ADDRESS=" in lease_text:
+            lease = configutil.parse(lease_file, hint="env")
+            if ip := lease.get("ADDRESS"):
+                ips.add(ip)
+
+    return ips
+
+
 def should_ignore_ip(ip: str) -> bool:
     for i in IGNORED_IPS:
         if ip.startswith(i):

dissect/target/plugins/os/windows/log/mssql.py

@@ -35,7 +35,7 @@ class MssqlPlugin(Plugin):
 
     __namespace__ = "mssql"
 
-    MSSQL_KEY = "HKLM\\SOFTWARE\\Microsoft\\Microsoft SQL Server"
+    MSSQL_KEY_GLOB = "HKLM\\SOFTWARE\\Microsoft\\Microsoft SQL Server\\MSSQL*.*"
     FILE_GLOB = "ERRORLOG*"
 
     def __init__(self, target: Target):
@@ -44,7 +44,7 @@ class MssqlPlugin(Plugin):
 
     def check_compatible(self) -> None:
         if not self.instances:
-            raise UnsupportedPluginError("System does not seem to be running SQL Server")
+            raise UnsupportedPluginError("No Microsoft SQL Server instances have been found")
 
     @export(record=MssqlErrorlogRecord)
     def errorlog(self) -> Iterator[MssqlErrorlogRecord]:
@@ -89,15 +89,8 @@ class MssqlPlugin(Plugin):
 
                     buf += line
 
-    def _find_instances(self) -> list[str, TargetPath]:
-        instances = []
-
-        for subkey in self.target.registry.key(self.MSSQL_KEY).subkeys():
-            if subkey.name.startswith("MSSQL") and "." in subkey.name:
-                instances.append(
-                    (
-                        subkey.name,
-                        self.target.fs.path(subkey.subkey("SQLServerAgent").value("ErrorLogFile").value).parent,
-                    )
-                )
-        return instances
+    def _find_instances(self) -> set[str, TargetPath]:
+        return {
+            (subkey.name, self.target.fs.path(subkey.subkey("SQLServerAgent").value("ErrorLogFile").value).parent)
+            for subkey in self.target.registry.glob_ext(self.MSSQL_KEY_GLOB)
+        }

{dissect.target-3.20.2.dev12.dist-info → dissect.target-3.20.2.dev14.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.20.2.dev12
+Version: 3.20.2.dev14
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.20.2.dev12.dist-info → dissect.target-3.20.2.dev14.dist-info}/RECORD

@@ -227,14 +227,14 @@ dissect/target/plugins/os/unix/esxi/_os.py,sha256=eTI6zVubEmdx02mMDyTpmf2J53IzhW
 dissect/target/plugins/os/unix/etc/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/unix/etc/etc.py,sha256=YSCRZZfQvmzaR5VWhTJhB8pIGliL6Nw5ruhdfvYKYaM,2783
 dissect/target/plugins/os/unix/linux/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/os/unix/linux/_os.py,sha256=k1aHhWqocSHMVbF54VDw9wqwa0QSToOa69TMKAyQcxw,2979
+dissect/target/plugins/os/unix/linux/_os.py,sha256=C3IM_6dSixt_9Tsjjy6-LaT4IIkl3hiBuoo8LXTW4Dg,3137
 dissect/target/plugins/os/unix/linux/cmdline.py,sha256=n_Uetoplx33XpIY27oPtMaw1E2AbAEeGLCSkxHshWgY,1673
 dissect/target/plugins/os/unix/linux/environ.py,sha256=n7KttVzUtBHTIXQuS1DI5Azv6tM__d9gGqhPR_3ArIE,1932
 dissect/target/plugins/os/unix/linux/iptables.py,sha256=qTzY5PHHXA33WnPYb5NESgoSwI7ECZ8YPoEe_Fmln-8,6045
 dissect/target/plugins/os/unix/linux/modules.py,sha256=-LThb5mcKtngVfIICpdOGLtgJPc99WQ8Qufwddt8YgQ,2500
 dissect/target/plugins/os/unix/linux/netstat.py,sha256=EBpbK4BD3pZ0fKCR3ZMmVip4eQ0f6x_9yumA8vsUKPw,1691
 dissect/target/plugins/os/unix/linux/network.py,sha256=KfGfYhtrzpHHefaHjTpdbGSLu6IN4anweYt3V02D9zU,14392
-dissect/target/plugins/os/unix/linux/network_managers.py,sha256=atvcHPXFHVeCD5ipygqpR8pOgSexCGKIvVZz3Z8ITLA,25770
+dissect/target/plugins/os/unix/linux/network_managers.py,sha256=h5kOQe8yAYx18kGD_0zc6Mda5PK-MuQQI34MlNkUXKw,26815
 dissect/target/plugins/os/unix/linux/proc.py,sha256=jm35fAasnNbObN2tpflwQuCfVYLDkTP2EDrzYG42ZSk,23354
 dissect/target/plugins/os/unix/linux/processes.py,sha256=xAJswf06HZsY8JhQ11xfJw1OLTZ1q9XZbu7_a7k2UpY,2019
 dissect/target/plugins/os/unix/linux/services.py,sha256=cZWmoVImbl7foKQfBpiKjeC2kjvfRUpM-ympFQorwHI,4128
@@ -330,7 +330,7 @@ dissect/target/plugins/os/windows/log/amcache.py,sha256=TabtjNx9Ve-u-Fn0K95A0v_S
 dissect/target/plugins/os/windows/log/etl.py,sha256=t5GpunjzYMvAO9CBOP1ynH6053_PlasnIEIvlLNLU10,7255
 dissect/target/plugins/os/windows/log/evt.py,sha256=pYRVK3u309yK5pJoogohHWV2a_Lev8FK2zte_ys4SN8,7133
 dissect/target/plugins/os/windows/log/evtx.py,sha256=eSnMkU7HRmIDZ19WRsF9li08HuEOo51pRJDN2JOua5U,6148
-dissect/target/plugins/os/windows/log/mssql.py,sha256=sn9LZvKTaam15G1Vl2BZp2P6uph7_jw03L8P9NjlMKw,3745
+dissect/target/plugins/os/windows/log/mssql.py,sha256=YB0BfaW1j6UzPf90n9vP7M_ez-Ufq1enpNsBmwgSk4U,3542
 dissect/target/plugins/os/windows/log/pfro.py,sha256=d53Mm7ovZa9crSwVRPwjMVxTd_jCGtE1Kv07GslX9_s,2789
 dissect/target/plugins/os/windows/log/schedlgu.py,sha256=JaP8H8eTEypWXhx2aFSR_IMam6rQiksbLKhMr_U4fz8,5570
 dissect/target/plugins/os/windows/regf/7zip.py,sha256=Ox8cLyQtbyYQS7m4eY3onNv1K8N2IkS5wexrC55Urd4,3444
@@ -383,10 +383,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.20.2.dev12.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.20.2.dev12.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.20.2.dev12.dist-info/METADATA,sha256=au0kJQvTe9SWFe37c1WTFl7D7EqigPuUR1X7vtXQLK4,13184
-dissect.target-3.20.2.dev12.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
-dissect.target-3.20.2.dev12.dist-info/entry_points.txt,sha256=yQwLCWUuzHgS6-sfCcRk66gAfoCfqXdCjqKjvhnQW8o,537
-dissect.target-3.20.2.dev12.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.20.2.dev12.dist-info/RECORD,,
+dissect.target-3.20.2.dev14.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.20.2.dev14.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.20.2.dev14.dist-info/METADATA,sha256=es_MUgD-RMEcA-o_NR1_ZB5SV0nGzcDVh_4UsHXqTzY,13184
+dissect.target-3.20.2.dev14.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
+dissect.target-3.20.2.dev14.dist-info/entry_points.txt,sha256=yQwLCWUuzHgS6-sfCcRk66gAfoCfqXdCjqKjvhnQW8o,537
+dissect.target-3.20.2.dev14.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.20.2.dev14.dist-info/RECORD,,