PyPI - dissect.target - Versions diffs - 3.20.2.dev13__py3-none-any.whl → 3.20.2.dev15__py3-none-any.whl - Mend

dissect.target 3.20.2.dev13py3-none-any.whl → 3.20.2.dev15py3-none-any.whl

Files changed (11) hide show

dissect/target/plugins/os/windows/amcache.py CHANGED Viewed

@@ -66,7 +66,7 @@ FileAppcompatRecord = TargetRecordDescriptor(
         ("varint", "reference"),
         ("path", "path"),
         ("string", "language_code"),
-        ("digest", "digests"),
+        ("digest", "digest"),
         ("string", "program_id"),
         ("string", "pe_header_checksum"),
         ("string", "pe_size_of_image"),
@@ -126,7 +126,7 @@ ApplicationFileAppcompatRecord = TargetRecordDescriptor(
     [
         ("datetime", "mtime_regf"),
         ("string", "program_id"),
-        ("digest", "digests"),
+        ("digest", "digest"),
         ("path", "path"),
         ("string", "hash_path"),
         ("wstring", "name"),
@@ -224,7 +224,7 @@ class AmcachePluginOldMixin:
                     reference=int(subkey.name, 16),
                     path=self.target.fs.path(subkey_data["full_path"]) if subkey_data.get("full_path") else None,
                     language_code=subkey_data.get("language_code"),
-                    digests=[None, subkey_data["sha1"][-40:] if subkey_data.get("sha1") else None, None],
+                    digest=(None, subkey_data["sha1"][-40:] if subkey_data.get("sha1") else None, None),
                     program_id=subkey_data.get("program_id"),
                     pe_header_checksum=subkey_data.get("pe_header_checksum"),
                     pe_size_of_image=subkey_data.get("pe_size_of_image"),
@@ -468,7 +468,7 @@ class AmcachePlugin(AmcachePluginOldMixin, Plugin):
             yield ApplicationFileAppcompatRecord(
                 mtime_regf=entry.timestamp,
                 program_id=entry_data.get("ProgramId"),
-                digests=[None, sha1_digest, None],
+                digest=(None, sha1_digest, None),
                 path=self.target.fs.path(entry_data.get("LowerCaseLongPath")),
                 link_date=parse_win_datetime(entry_data.get("LinkDate")),
                 hash_path=entry_data.get("LongPathHash"),

dissect/target/plugins/os/windows/log/amcache.py CHANGED Viewed

@@ -31,7 +31,7 @@ COMMON_ELEMENTS = [
     ("string", "bin_file_version"),
     ("string", "bin_product_version"),
     ("string", "binary_type"),
-    ("digest", "digests"),
+    ("digest", "digest"),
     ("wstring", "file_version"),
     ("wstring", "company_name"),
     ("wstring", "file_description"),
@@ -82,11 +82,11 @@ def create_record(
         size_of_image=install_properties.get("sizeofimage"),
         file_description=install_properties.get("filedescription"),
         size=install_properties.get("size"),
-        digests=[
+        digest=(
             None,
             install_properties.get("id")[4:],
             None,
-        ],  # remove leading zeros from the entry to create a sha1 hash
+        ),  # remove leading zeros from the entry to create a sha1 hash
         company_name=install_properties.get("companyname"),
         binary_type=install_properties.get("binarytype"),
         bin_product_version=install_properties.get("binproductversion"),

dissect/target/plugins/os/windows/log/mssql.py CHANGED Viewed

@@ -35,7 +35,7 @@ class MssqlPlugin(Plugin):
     __namespace__ = "mssql"
-    MSSQL_KEY = "HKLM\\SOFTWARE\\Microsoft\\Microsoft SQL Server"
+    MSSQL_KEY_GLOB = "HKLM\\SOFTWARE\\Microsoft\\Microsoft SQL Server\\MSSQL*.*"
     FILE_GLOB = "ERRORLOG*"
     def __init__(self, target: Target):
@@ -44,7 +44,7 @@ class MssqlPlugin(Plugin):
     def check_compatible(self) -> None:
         if not self.instances:
-            raise UnsupportedPluginError("System does not seem to be running SQL Server")
+            raise UnsupportedPluginError("No Microsoft SQL Server instances have been found")
     @export(record=MssqlErrorlogRecord)
     def errorlog(self) -> Iterator[MssqlErrorlogRecord]:
@@ -89,15 +89,8 @@ class MssqlPlugin(Plugin):
                     buf += line
-    def _find_instances(self) -> list[str, TargetPath]:
-        instances = []
-        for subkey in self.target.registry.key(self.MSSQL_KEY).subkeys():
-            if subkey.name.startswith("MSSQL") and "." in subkey.name:
-                instances.append(
-                    (
-                        subkey.name,
-                        self.target.fs.path(subkey.subkey("SQLServerAgent").value("ErrorLogFile").value).parent,
-                    )
-                )
-        return instances
+    def _find_instances(self) -> set[str, TargetPath]:
+        return {
+            (subkey.name, self.target.fs.path(subkey.subkey("SQLServerAgent").value("ErrorLogFile").value).parent)
+            for subkey in self.target.registry.glob_ext(self.MSSQL_KEY_GLOB)
+        }

dissect/target/plugins/os/windows/syscache.py CHANGED Viewed

@@ -11,7 +11,7 @@ SyscacheRecord = TargetRecordDescriptor(
     "windows/syscache/object",
     [
         ("datetime", "regf_mtime"),
-        ("digest", "digests"),
+        ("digest", "digest"),
         ("string", "program_id"),
         ("string", "file_id"),
         ("varint", "object_id"),
@@ -84,7 +84,7 @@ class SyscachePlugin(Plugin):
                 yield SyscacheRecord(
                     regf_mtime=subkey.ts,
-                    digests=[None, ae_file_id[4:] if ae_file_id else None, None],
+                    digest=(None, ae_file_id[4:] if ae_file_id else None, None),
                     program_id=ae_program_id,
                     file_id=f"{file_segment}#{file_id >> 48}",
                     object_id=subkey.value("_ObjectId_").value,

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
 Name: dissect.target
-Version: 3.20.2.dev13
+Version: 3.20.2.dev15
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/RECORD RENAMED Viewed

@@ -280,7 +280,7 @@ dissect/target/plugins/os/windows/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeR
 dissect/target/plugins/os/windows/_os.py,sha256=SUTfCPEVi2ADfjsQQJad6dEsnKUzRtsKJXOlEuiT9Xk,12462
 dissect/target/plugins/os/windows/activitiescache.py,sha256=_I-rc7hAKRgqfFexsJq5nkIAV3E31byG4KeBQeDBehg,7051
 dissect/target/plugins/os/windows/adpolicy.py,sha256=ul8lKlG9ExABnd6yVLMPFFgVxN74CG4T3MvcRuBLHJc,7158
-dissect/target/plugins/os/windows/amcache.py,sha256=1jq-S80_FIzGegrqQ6HqrjmaAPTyxyn69HxnbRBlaUc,27608
+dissect/target/plugins/os/windows/amcache.py,sha256=PEQry72tVtMOdKkvlxfJhObj8OuJMnA8mG-7G-dB0bk,27604
 dissect/target/plugins/os/windows/catroot.py,sha256=59KfdNPcoA5NQtpj4_e3wzPDsyB1RYIu049UeIhLuEk,11390
 dissect/target/plugins/os/windows/cim.py,sha256=jsrpu6TZpBUh7VWI9AV2Ib5bebTwsvqOwRfa5gjJd7c,3056
 dissect/target/plugins/os/windows/clfs.py,sha256=begVsZ-CY97Ksh6S1g03LjyBgu8ERY2hfNDWYPj0GXI,4872
@@ -299,7 +299,7 @@ dissect/target/plugins/os/windows/registry.py,sha256=f6ka__6KXvdqRMRRJzlCAYaIpTZ
 dissect/target/plugins/os/windows/services.py,sha256=Q3_ZNYvWBXHVsNYwNAaiV93oHI0j0PJ9f1a2MJbR93E,6131
 dissect/target/plugins/os/windows/sru.py,sha256=sOM7CyMkW8XIXzI75GL69WoqUrSK2X99TFIfdQR2D64,17767
 dissect/target/plugins/os/windows/startupinfo.py,sha256=LarIAfB-sB6rzmh1rzxhiGWqy3VupKMpWLUpN1azB2I,3574
-dissect/target/plugins/os/windows/syscache.py,sha256=SXJxwyC34WPUpo0zGqbthdLPSPCsjfifsF4KscGvruw,3542
+dissect/target/plugins/os/windows/syscache.py,sha256=kR3Pc-Irtz6Ob2pv2CkKCWrL17LENxplNoer9VaOa2s,3540
 dissect/target/plugins/os/windows/tasks.py,sha256=Bpy3tosncnFuGRqomEtB1jwJCVehZq4suhUznjtq4wo,5718
 dissect/target/plugins/os/windows/thumbcache.py,sha256=jAceapDdP9bNLGZchJ1l1okm7_7xiYHRbI2hVGAzMPk,4249
 dissect/target/plugins/os/windows/ual.py,sha256=S43ltndKKrs2SqeDLgZv4dzdqtJD8c3Y0Z8FK-Y9IOA,10076
@@ -326,11 +326,11 @@ dissect/target/plugins/os/windows/dpapi/keyprovider/lsa.py,sha256=QU3Hj5todELhSo
 dissect/target/plugins/os/windows/exchange/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/os/windows/exchange/exchange.py,sha256=40x9_KOmoW24Z-S4eJiczBsOEyZFjwBoU2um86szqMg,1644
 dissect/target/plugins/os/windows/log/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-dissect/target/plugins/os/windows/log/amcache.py,sha256=TabtjNx9Ve-u-Fn0K95A0v_SLGzn2YeNPHrcQvjVKJc,5877
+dissect/target/plugins/os/windows/log/amcache.py,sha256=IsgUZgKW0Ayhd-5obcERJJLvCC1KD0P5ie7PlWComRA,5875
 dissect/target/plugins/os/windows/log/etl.py,sha256=t5GpunjzYMvAO9CBOP1ynH6053_PlasnIEIvlLNLU10,7255
 dissect/target/plugins/os/windows/log/evt.py,sha256=pYRVK3u309yK5pJoogohHWV2a_Lev8FK2zte_ys4SN8,7133
 dissect/target/plugins/os/windows/log/evtx.py,sha256=eSnMkU7HRmIDZ19WRsF9li08HuEOo51pRJDN2JOua5U,6148
-dissect/target/plugins/os/windows/log/mssql.py,sha256=sn9LZvKTaam15G1Vl2BZp2P6uph7_jw03L8P9NjlMKw,3745
+dissect/target/plugins/os/windows/log/mssql.py,sha256=YB0BfaW1j6UzPf90n9vP7M_ez-Ufq1enpNsBmwgSk4U,3542
 dissect/target/plugins/os/windows/log/pfro.py,sha256=d53Mm7ovZa9crSwVRPwjMVxTd_jCGtE1Kv07GslX9_s,2789
 dissect/target/plugins/os/windows/log/schedlgu.py,sha256=JaP8H8eTEypWXhx2aFSR_IMam6rQiksbLKhMr_U4fz8,5570
 dissect/target/plugins/os/windows/regf/7zip.py,sha256=Ox8cLyQtbyYQS7m4eY3onNv1K8N2IkS5wexrC55Urd4,3444
@@ -383,10 +383,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.20.2.dev13.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.20.2.dev13.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.20.2.dev13.dist-info/METADATA,sha256=9Lzw8f76ZYkGqAxYcbnxFjZx1JDFuQk_GTqfbStg8q0,13184
-dissect.target-3.20.2.dev13.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
-dissect.target-3.20.2.dev13.dist-info/entry_points.txt,sha256=yQwLCWUuzHgS6-sfCcRk66gAfoCfqXdCjqKjvhnQW8o,537
-dissect.target-3.20.2.dev13.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.20.2.dev13.dist-info/RECORD,,
+dissect.target-3.20.2.dev15.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.20.2.dev15.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.20.2.dev15.dist-info/METADATA,sha256=FH0zPNArdOL1Cw_baWdBdKn4_nFjYVKolpY_iHD1iQM,13184
+dissect.target-3.20.2.dev15.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
+dissect.target-3.20.2.dev15.dist-info/entry_points.txt,sha256=yQwLCWUuzHgS6-sfCcRk66gAfoCfqXdCjqKjvhnQW8o,537
+dissect.target-3.20.2.dev15.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.20.2.dev15.dist-info/RECORD,,

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/WHEEL RENAMED Viewed

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.6.0)
+Generator: setuptools (75.8.0)
 Root-Is-Purelib: true
 Tag: py3-none-any

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/COPYRIGHT RENAMED Viewed

File without changes

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/LICENSE RENAMED Viewed

File without changes

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{dissect.target-3.20.2.dev13.dist-info → dissect.target-3.20.2.dev15.dist-info}/top_level.txt RENAMED Viewed

File without changes

dissect.target 3.20.2.dev13__py3-none-any.whl → 3.20.2.dev15__py3-none-any.whl

dissect.target 3.20.2.dev13py3-none-any.whl → 3.20.2.dev15py3-none-any.whl