dissect.target 3.20.dev18__py3-none-any.whl → 3.20.dev20__py3-none-any.whl

dissect/target/plugins/apps/virtualization/vmware_workstation.py

@@ -0,0 +1,61 @@
+from typing import Iterator
+
+from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
+from dissect.target.helpers.fsutil import TargetPath
+from dissect.target.helpers.record import create_extended_descriptor
+from dissect.target.plugin import Plugin, alias, export
+from dissect.target.plugins.general.users import UserDetails
+from dissect.target.target import Target
+
+VmwareDragAndDropRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
+    "virtualization/vmware/clipboard",
+    [
+        ("datetime", "ts"),
+        ("path", "path"),
+    ],
+)
+
+VMWARE_DND_PATHS = [
+    # Windows
+    "AppData/Local/Temp/VmwareDND",
+    # Linux
+    ".cache/vmware/drag_and_drop",
+]
+
+
+class VmwareWorkstationPlugin(Plugin):
+    """VMware Workstation plugin."""
+
+    __namespace__ = "vmware"
+
+    def __init__(self, target: Target):
+        super().__init__(target)
+        self.dnd_dirs = list(self.find_dnd_dirs())
+
+    def check_compatible(self) -> None:
+        if not self.dnd_dirs:
+            raise UnsupportedPluginError("No VMware Workstation DnD artifact(s) found")
+
+    def find_dnd_dirs(self) -> Iterator[tuple[UserDetails, TargetPath]]:
+        for user_details in self.target.user_details.all_with_home():
+            for dnd_path in VMWARE_DND_PATHS:
+                if (dnd_dir := user_details.home_path.joinpath(dnd_path)).exists():
+                    yield user_details, dnd_dir
+
+    @alias("draganddrop")
+    @export(record=VmwareDragAndDropRecord)
+    def clipboard(self) -> Iterator[VmwareDragAndDropRecord]:
+        """Yield cached VMware Workstation drag-and-drop file artifacts."""
+
+        for user_details, dnd_dir in self.dnd_dirs:
+            for file in dnd_dir.rglob("*/*"):
+                if file.is_dir():
+                    continue
+
+                yield VmwareDragAndDropRecord(
+                    ts=file.lstat().st_mtime,
+                    path=file,
+                    _user=user_details.user,
+                    _target=self.target,
+                )

dissect/target/plugins/child/vmware_workstation.py

@@ -1,29 +1,44 @@
+from typing import Iterator
+
 from dissect.target.exceptions import UnsupportedPluginError
+from dissect.target.helpers.fsutil import TargetPath
 from dissect.target.helpers.record import ChildTargetRecord
 from dissect.target.plugin import ChildTargetPlugin
+from dissect.target.target import Target
+
+INVENTORY_PATHS = [
+    # Windows
+    "AppData/Roaming/VMware/inventory.vmls",
+    # Linux
+    ".vmware/inventory.vmls",
+]
+
+
+def find_vm_inventory(target: Target) -> Iterator[TargetPath]:
+    """Search for inventory.vmls files in user home folders.
 
+    Does not support older vmAutoStart.xml or vmInventory.xml formats."""
 
-def find_vm_inventory(target):
     for user_details in target.user_details.all_with_home():
-        inv_file = user_details.home_path.joinpath("AppData/Roaming/VMware/inventory.vmls")
-        if inv_file.exists():
-            yield inv_file
+        for inv_path in INVENTORY_PATHS:
+            if (inv_file := user_details.home_path.joinpath(inv_path)).exists():
+                yield inv_file
 
 
-class WorkstationChildTargetPlugin(ChildTargetPlugin):
+class VmwareWorkstationChildTargetPlugin(ChildTargetPlugin):
     """Child target plugin that yields from VMware Workstation VM inventory."""
 
     __type__ = "vmware_workstation"
 
-    def __init__(self, target):
+    def __init__(self, target: Target):
         super().__init__(target)
         self.inventories = list(find_vm_inventory(target))
 
     def check_compatible(self) -> None:
-        if not len(self.inventories):
+        if not self.inventories:
             raise UnsupportedPluginError("No VMWare inventories found")
 
-    def list_children(self):
+    def list_children(self) -> Iterator[ChildTargetRecord]:
         for inv in self.inventories:
             for line in inv.open("rt"):
                 line = line.strip()

dissect/target/tools/shell.py

@@ -1410,29 +1410,38 @@ def build_pipe_stdout(pipe_parts: list[str]) -> Iterator[TextIO]:
         yield pipe_stdin
 
 
-def open_shell(targets: list[str | pathlib.Path], python: bool, registry: bool) -> None:
+def open_shell(targets: list[str | pathlib.Path], python: bool, registry: bool, commands: list[str] | None) -> None:
     """Helper method for starting a regular, Python or registry shell for one or multiple targets."""
     targets = list(Target.open_all(targets))
 
     if python:
-        python_shell(targets)
+        python_shell(targets, commands=commands)
     else:
         cli_cls = RegistryCli if registry else TargetCli
-        target_shell(targets, cli_cls=cli_cls)
+        target_shell(targets, cli_cls=cli_cls, commands=commands)
 
 
-def target_shell(targets: list[Target], cli_cls: type[TargetCmd]) -> None:
+def target_shell(targets: list[Target], cli_cls: type[TargetCmd], commands: list[str] | None) -> None:
     """Helper method for starting a :class:`TargetCli` or :class:`TargetHubCli` for one or multiple targets."""
     if cli := create_cli(targets, cli_cls):
+        if commands is not None:
+            for command in commands:
+                cli.onecmd(command)
+            return
         run_cli(cli)
 
 
-def python_shell(targets: list[Target]) -> None:
+def python_shell(targets: list[Target], commands: list[str] | None) -> None:
     """Helper method for starting a (I)Python shell with multiple targets."""
     banner = "Loaded targets in 'targets' variable. First target is in 't'."
     ns = {"targets": targets, "t": targets[0]}
 
     try:
+        if commands is not None:
+            for command in commands:
+                eval(command, ns)
+            return
+
         import IPython
 
         IPython.embed(header=banner, user_ns=ns, colors="linux")
@@ -1512,7 +1521,7 @@ def main() -> None:
         default=None,
         help="select a specific loader (i.e. vmx, raw)",
     )
-
+    parser.add_argument("-c", "--commands", action="store", nargs="*", help="commands to execute")
     configure_generic_arguments(parser)
     args, rest = parser.parse_known_args()
     args.targets = args_to_uri(args.targets, args.loader, rest) if args.loader else args.targets
@@ -1537,7 +1546,7 @@ def main() -> None:
             )
 
     try:
-        open_shell(args.targets, args.python, args.registry)
+        open_shell(args.targets, args.python, args.registry, args.commands)
     except TargetError as e:
         log.error(e)
         log.debug("", exc_info=e)

{dissect.target-3.20.dev18.dist-info → dissect.target-3.20.dev20.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.20.dev18
+Version: 3.20.dev20
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.20.dev18.dist-info → dissect.target-3.20.dev20.dist-info}/RECORD

@@ -141,6 +141,8 @@ dissect/target/plugins/apps/ssh/ssh.py,sha256=d3U8PJbtMvOV3K0wV_9KzGt2oRs-mfNQz1
 dissect/target/plugins/apps/texteditor/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/texteditor/texteditor.py,sha256=h-tF1x2hLlgeNM3W-0Z9g0mjjkb9ietT1D5c-9GaMr8,543
 dissect/target/plugins/apps/texteditor/windowsnotepad.py,sha256=BXGhcwWIW6zlQyD_nHpc1r5Lxt6WMvhfqY2PWf0A6pw,14852
+dissect/target/plugins/apps/virtualization/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+dissect/target/plugins/apps/virtualization/vmware_workstation.py,sha256=7G-MRZCMN6aSYfs5NpaW2wkezqlx_EXq9-GzdbvtRrk,2088
 dissect/target/plugins/apps/vpn/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/apps/vpn/openvpn.py,sha256=d-DGINTIHP_bvv3T09ZwbezHXGctvCyAhJ482m2_-a0,7654
 dissect/target/plugins/apps/vpn/wireguard.py,sha256=SoAMED_bwWJQ3nci5qEY-qV4wJKSSDZQ8K7DoJRYq0k,6521
@@ -160,7 +162,7 @@ dissect/target/plugins/child/hyperv.py,sha256=R2qVeu4p_9V53jO-65znN0LwX9v3FVA-9j
 dissect/target/plugins/child/parallels.py,sha256=jeBT_NvTQbQBaUjqGWTy2I5Q5OWlrogoyWHRXjOhLis,2255
 dissect/target/plugins/child/qemu.py,sha256=vNzQwzFO964jYaI67MlX8vpWyHxpegjIU5F29zHKOGI,791
 dissect/target/plugins/child/virtuozzo.py,sha256=Mx4ZxEl21g7IYkzraw4FBZup5EfrkFDv4WuTE3hxguw,1206
-dissect/target/plugins/child/vmware_workstation.py,sha256=8wkA_tSufvBUyp4XQHzRzFETf5ROlyyO_MVS3TExyfw,1570
+dissect/target/plugins/child/vmware_workstation.py,sha256=eLvgi_aFUaMN1tC5X4RN85nKQdsuRQygrFYtNMAERTc,2030
 dissect/target/plugins/child/wsl.py,sha256=IssQgYET1T-XR5ZX2lGlNFJ_u_3QECpMF_7kXu09HTE,2469
 dissect/target/plugins/filesystem/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 dissect/target/plugins/filesystem/acquire_handles.py,sha256=-pX_akH5GrYe0HofXOa2Il75knZH6ZKgru4BFcrElkM,1731
@@ -351,7 +353,7 @@ dissect/target/tools/logging.py,sha256=5ZnumtMWLyslxfrUGZ4ntRyf3obOOhmn8SBjKfdLc
 dissect/target/tools/mount.py,sha256=8GRYnu4xEmFBHxuIZAYhOMyyTGX8fat1Ou07DNiUnW4,3945
 dissect/target/tools/query.py,sha256=e-yAN9zdQjuOiTuoOQoo17mVEQGGcOgaA9YkF4GYpkM,15394
 dissect/target/tools/reg.py,sha256=FDsiBBDxjWVUBTRj8xn82vZe-J_d9piM-TKS3PHZCcM,3193
-dissect/target/tools/shell.py,sha256=0RqcPmOmFEQ0-5Efqm8ZdGbTeZw2OXFFaCGNyCCzUVs,53714
+dissect/target/tools/shell.py,sha256=EBGuQS2PDfDgLPghgAjK1G7zoAjm2Gu6eZ9yz0qsuk4,54198
 dissect/target/tools/utils.py,sha256=JJZDSso1CEK2sv4Z3HJNgqxH6G9S5lbmV-C3h-XmcMo,12035
 dissect/target/tools/yara.py,sha256=70k-2VMulf1EdkX03nCACzejaOEcsFHOyX-4E40MdQU,2044
 dissect/target/tools/dump/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -366,10 +368,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
 dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
 dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
 dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
-dissect.target-3.20.dev18.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.20.dev18.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.20.dev18.dist-info/METADATA,sha256=mgzYr9ayweYe6lsopWNXI3cfGRMDemWb8ydUGkZayvU,12897
-dissect.target-3.20.dev18.dist-info/WHEEL,sha256=GV9aMThwP_4oNCtvEC2ec3qUYutgWeAzklro_0m4WJQ,91
-dissect.target-3.20.dev18.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
-dissect.target-3.20.dev18.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.20.dev18.dist-info/RECORD,,
+dissect.target-3.20.dev20.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.20.dev20.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.20.dev20.dist-info/METADATA,sha256=qcWPvlyV_0KYf8HyQw-3mgtk1fjvjHv9cWtY9-ab4GM,12897
+dissect.target-3.20.dev20.dist-info/WHEEL,sha256=GV9aMThwP_4oNCtvEC2ec3qUYutgWeAzklro_0m4WJQ,91
+dissect.target-3.20.dev20.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
+dissect.target-3.20.dev20.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.20.dev20.dist-info/RECORD,,