dissect.target 3.20.dev31__tar.gz → 3.20.dev33__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (646) hide show
  1. {dissect_target-3.20.dev31/dissect.target.egg-info → dissect_target-3.20.dev33}/PKG-INFO +1 -1
  2. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/journal.py +108 -91
  3. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/messages.py +43 -16
  4. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33/dissect.target.egg-info}/PKG-INFO +1 -1
  5. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect.target.egg-info/SOURCES.txt +1 -1
  6. {dissect_target-3.20.dev31/tests/plugins/os/unix → dissect_target-3.20.dev33/tests/plugins/os/unix/log}/test_journal.py +12 -9
  7. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_messages.py +24 -10
  8. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/COPYRIGHT +0 -0
  9. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/LICENSE +0 -0
  10. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/MANIFEST.in +0 -0
  11. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/README.md +0 -0
  12. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/__init__.py +0 -0
  13. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/container.py +0 -0
  14. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/__init__.py +0 -0
  15. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/asdf.py +0 -0
  16. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/ewf.py +0 -0
  17. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/fortifw.py +0 -0
  18. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/hdd.py +0 -0
  19. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/hds.py +0 -0
  20. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/qcow2.py +0 -0
  21. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/raw.py +0 -0
  22. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/split.py +0 -0
  23. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/vdi.py +0 -0
  24. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/vhd.py +0 -0
  25. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/vhdx.py +0 -0
  26. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/containers/vmdk.py +0 -0
  27. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/data/autocompletion/target_bash_completion.sh +0 -0
  28. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/exceptions.py +0 -0
  29. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystem.py +0 -0
  30. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/__init__.py +0 -0
  31. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/ad1.py +0 -0
  32. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/btrfs.py +0 -0
  33. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/cb.py +0 -0
  34. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/config.py +0 -0
  35. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/cpio.py +0 -0
  36. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/dir.py +0 -0
  37. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/exfat.py +0 -0
  38. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/extfs.py +0 -0
  39. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/fat.py +0 -0
  40. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/ffs.py +0 -0
  41. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/itunes.py +0 -0
  42. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/jffs.py +0 -0
  43. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/ntfs.py +0 -0
  44. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/overlay.py +0 -0
  45. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/smb.py +0 -0
  46. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/squashfs.py +0 -0
  47. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/tar.py +0 -0
  48. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/vmfs.py +0 -0
  49. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/vmtar.py +0 -0
  50. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/xfs.py +0 -0
  51. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/filesystems/zip.py +0 -0
  52. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/__init__.py +0 -0
  53. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/cache.py +0 -0
  54. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/compat/__init__.py +0 -0
  55. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/compat/path_310.py +0 -0
  56. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/compat/path_311.py +0 -0
  57. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/compat/path_312.py +0 -0
  58. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/compat/path_39.py +0 -0
  59. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/compat/path_common.py +0 -0
  60. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/config.py +0 -0
  61. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/configutil.py +0 -0
  62. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/cyber.py +0 -0
  63. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/data/windowsZones.xml +0 -0
  64. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/descriptor_extensions.py +0 -0
  65. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/docs.py +0 -0
  66. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/fsutil.py +0 -0
  67. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/hashutil.py +0 -0
  68. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/keychain.py +0 -0
  69. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/lazy.py +0 -0
  70. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/loaderutil.py +0 -0
  71. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/localeutil.py +0 -0
  72. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/mount.py +0 -0
  73. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/mui.py +0 -0
  74. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/polypath.py +0 -0
  75. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/protobuf.py +0 -0
  76. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/record.py +0 -0
  77. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/record_modifier.py +0 -0
  78. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/regutil.py +0 -0
  79. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/shell_application_ids.py +0 -0
  80. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/shell_folder_ids.py +0 -0
  81. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/helpers/utils.py +0 -0
  82. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loader.py +0 -0
  83. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/__init__.py +0 -0
  84. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/ab.py +0 -0
  85. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/ad1.py +0 -0
  86. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/asdf.py +0 -0
  87. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/cb.py +0 -0
  88. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/cyber.py +0 -0
  89. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/dir.py +0 -0
  90. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/hyperv.py +0 -0
  91. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/itunes.py +0 -0
  92. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/kape.py +0 -0
  93. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/libvirt.py +0 -0
  94. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/local.py +0 -0
  95. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/log.py +0 -0
  96. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/mqtt.py +0 -0
  97. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/multiraw.py +0 -0
  98. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/ova.py +0 -0
  99. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/overlay.py +0 -0
  100. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/ovf.py +0 -0
  101. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/phobos.py +0 -0
  102. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/profile.py +0 -0
  103. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/pvm.py +0 -0
  104. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/pvs.py +0 -0
  105. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/raw.py +0 -0
  106. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/remote.py +0 -0
  107. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/res.py +0 -0
  108. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/smb.py +0 -0
  109. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/tanium.py +0 -0
  110. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/tar.py +0 -0
  111. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/target.py +0 -0
  112. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/utm.py +0 -0
  113. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/vb.py +0 -0
  114. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/vbox.py +0 -0
  115. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/velociraptor.py +0 -0
  116. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/vma.py +0 -0
  117. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/vmwarevm.py +0 -0
  118. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/vmx.py +0 -0
  119. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/loaders/xva.py +0 -0
  120. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugin.py +0 -0
  121. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/__init__.py +0 -0
  122. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/__init__.py +0 -0
  123. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/av/__init__.py +0 -0
  124. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/av/mcafee.py +0 -0
  125. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/av/sophos.py +0 -0
  126. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/av/symantec.py +0 -0
  127. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/av/trendmicro.py +0 -0
  128. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/__init__.py +0 -0
  129. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/brave.py +0 -0
  130. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/browser.py +0 -0
  131. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/chrome.py +0 -0
  132. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/chromium.py +0 -0
  133. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/edge.py +0 -0
  134. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/firefox.py +0 -0
  135. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/browser/iexplore.py +0 -0
  136. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/container/__init__.py +0 -0
  137. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/container/docker.py +0 -0
  138. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/other/env.py +0 -0
  139. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/remoteaccess/__init__.py +0 -0
  140. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/remoteaccess/anydesk.py +0 -0
  141. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/remoteaccess/remoteaccess.py +0 -0
  142. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/remoteaccess/teamviewer.py +0 -0
  143. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/shell/__init__.py +0 -0
  144. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/shell/powershell.py +0 -0
  145. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/shell/wget.py +0 -0
  146. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/ssh/__init__.py +0 -0
  147. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/ssh/openssh.py +0 -0
  148. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/ssh/opensshd.py +0 -0
  149. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/ssh/putty.py +0 -0
  150. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/ssh/ssh.py +0 -0
  151. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/texteditor/__init__.py +0 -0
  152. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/texteditor/texteditor.py +0 -0
  153. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/texteditor/windowsnotepad.py +0 -0
  154. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/virtualization/__init__.py +0 -0
  155. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/virtualization/vmware_workstation.py +0 -0
  156. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/vpn/__init__.py +0 -0
  157. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/vpn/openvpn.py +0 -0
  158. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/vpn/wireguard.py +0 -0
  159. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webhosting/__init__.py +0 -0
  160. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webhosting/cpanel.py +0 -0
  161. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/__init__.py +0 -0
  162. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/apache.py +0 -0
  163. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/caddy.py +0 -0
  164. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/citrix.py +0 -0
  165. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/iis.py +0 -0
  166. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/nginx.py +0 -0
  167. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/apps/webserver/webserver.py +0 -0
  168. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/__init__.py +0 -0
  169. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/docker.py +0 -0
  170. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/esxi.py +0 -0
  171. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/hyperv.py +0 -0
  172. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/parallels.py +0 -0
  173. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/qemu.py +0 -0
  174. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/virtuozzo.py +0 -0
  175. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/vmware_workstation.py +0 -0
  176. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/child/wsl.py +0 -0
  177. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/__init__.py +0 -0
  178. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/acquire_handles.py +0 -0
  179. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/acquire_hash.py +0 -0
  180. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/icat.py +0 -0
  181. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/ntfs/__init__.py +0 -0
  182. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/ntfs/mft.py +0 -0
  183. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/ntfs/mft_timeline.py +0 -0
  184. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/ntfs/usnjrnl.py +0 -0
  185. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/ntfs/utils.py +0 -0
  186. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/resolver.py +0 -0
  187. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/unix/__init__.py +0 -0
  188. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/unix/capability.py +0 -0
  189. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/unix/suid.py +0 -0
  190. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/walkfs.py +0 -0
  191. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/filesystem/yara.py +0 -0
  192. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/__init__.py +0 -0
  193. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/config.py +0 -0
  194. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/default.py +0 -0
  195. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/example.py +0 -0
  196. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/loaders.py +0 -0
  197. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/network.py +0 -0
  198. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/osinfo.py +0 -0
  199. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/plugins.py +0 -0
  200. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/scrape.py +0 -0
  201. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/general/users.py +0 -0
  202. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/__init__.py +0 -0
  203. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/__init__.py +0 -0
  204. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/_os.py +0 -0
  205. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/__init__.py +0 -0
  206. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/_os.py +0 -0
  207. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/citrix/__init__.py +0 -0
  208. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/citrix/_os.py +0 -0
  209. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/citrix/history.py +0 -0
  210. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/freebsd/__init__.py +0 -0
  211. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/freebsd/_os.py +0 -0
  212. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/ios/__init__.py +0 -0
  213. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/ios/_os.py +0 -0
  214. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/openbsd/__init__.py +0 -0
  215. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/openbsd/_os.py +0 -0
  216. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/osx/__init__.py +0 -0
  217. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/osx/_os.py +0 -0
  218. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/osx/network.py +0 -0
  219. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/bsd/osx/user.py +0 -0
  220. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/cronjobs.py +0 -0
  221. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/datetime.py +0 -0
  222. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/esxi/__init__.py +0 -0
  223. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/esxi/_os.py +0 -0
  224. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/etc/__init__.py +0 -0
  225. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/etc/etc.py +0 -0
  226. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/etc.py +0 -0
  227. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/generic.py +0 -0
  228. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/history.py +0 -0
  229. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/__init__.py +0 -0
  230. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/_os.py +0 -0
  231. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/android/__init__.py +0 -0
  232. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/android/_os.py +0 -0
  233. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/cmdline.py +0 -0
  234. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/debian/__init__.py +0 -0
  235. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/debian/_os.py +0 -0
  236. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/debian/apt.py +0 -0
  237. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/debian/dpkg.py +0 -0
  238. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/debian/vyos/__init__.py +0 -0
  239. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/debian/vyos/_os.py +0 -0
  240. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/environ.py +0 -0
  241. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/fortios/__init__.py +0 -0
  242. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/fortios/_keys.py +0 -0
  243. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/fortios/_os.py +0 -0
  244. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/fortios/generic.py +0 -0
  245. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/fortios/locale.py +0 -0
  246. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/iptables.py +0 -0
  247. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/modules.py +0 -0
  248. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/netstat.py +0 -0
  249. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/network_managers.py +0 -0
  250. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/proc.py +0 -0
  251. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/processes.py +0 -0
  252. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/redhat/__init__.py +0 -0
  253. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/redhat/_os.py +0 -0
  254. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/redhat/yum.py +0 -0
  255. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/services.py +0 -0
  256. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/sockets.py +0 -0
  257. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/suse/__init__.py +0 -0
  258. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/suse/_os.py +0 -0
  259. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/linux/suse/zypper.py +0 -0
  260. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/locale.py +0 -0
  261. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/locate/__init__.py +0 -0
  262. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/locate/gnulocate.py +0 -0
  263. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/locate/locate.py +0 -0
  264. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/locate/mlocate.py +0 -0
  265. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/locate/plocate.py +0 -0
  266. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/__init__.py +0 -0
  267. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/atop.py +0 -0
  268. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/audit.py +0 -0
  269. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/auth.py +0 -0
  270. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/lastlog.py +0 -0
  271. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/utmp.py +0 -0
  272. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/packagemanager.py +0 -0
  273. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/shadow.py +0 -0
  274. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/trash.py +0 -0
  275. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/__init__.py +0 -0
  276. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/_os.py +0 -0
  277. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/activitiescache.py +0 -0
  278. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/adpolicy.py +0 -0
  279. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/amcache.py +0 -0
  280. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/catroot.py +0 -0
  281. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/cim.py +0 -0
  282. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/clfs.py +0 -0
  283. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/credential/__init__.py +0 -0
  284. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/credential/credhist.py +0 -0
  285. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/credential/lsa.py +0 -0
  286. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/credential/sam.py +0 -0
  287. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/datetime.py +0 -0
  288. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/defender.py +0 -0
  289. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/defender_helpers/__init__.py +0 -0
  290. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/defender_helpers/defender_patterns.py +0 -0
  291. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/defender_helpers/defender_records.py +0 -0
  292. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/__init__.py +0 -0
  293. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/blob.py +0 -0
  294. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/crypto.py +0 -0
  295. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/dpapi.py +0 -0
  296. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/keyprovider/__init__.py +0 -0
  297. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/keyprovider/credhist.py +0 -0
  298. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/keyprovider/empty.py +0 -0
  299. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/keyprovider/keychain.py +0 -0
  300. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/keyprovider/keyprovider.py +0 -0
  301. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/keyprovider/lsa.py +0 -0
  302. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/dpapi/master_key.py +0 -0
  303. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/env.py +0 -0
  304. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/exchange/__init__.py +0 -0
  305. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/exchange/exchange.py +0 -0
  306. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/generic.py +0 -0
  307. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/jumplist.py +0 -0
  308. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/lnk.py +0 -0
  309. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/locale.py +0 -0
  310. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/__init__.py +0 -0
  311. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/amcache.py +0 -0
  312. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/etl.py +0 -0
  313. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/evt.py +0 -0
  314. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/evtx.py +0 -0
  315. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/pfro.py +0 -0
  316. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/log/schedlgu.py +0 -0
  317. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/network.py +0 -0
  318. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/notifications.py +0 -0
  319. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/prefetch.py +0 -0
  320. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/recyclebin.py +0 -0
  321. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/7zip.py +0 -0
  322. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/__init__.py +0 -0
  323. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/appxdebugkeys.py +0 -0
  324. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/auditpol.py +0 -0
  325. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/bam.py +0 -0
  326. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/cit.py +0 -0
  327. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/clsid.py +0 -0
  328. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/firewall.py +0 -0
  329. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/mru.py +0 -0
  330. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/muicache.py +0 -0
  331. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/nethist.py +0 -0
  332. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/recentfilecache.py +0 -0
  333. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/regf.py +0 -0
  334. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/runkeys.py +0 -0
  335. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/shellbags.py +0 -0
  336. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/shimcache.py +0 -0
  337. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/trusteddocs.py +0 -0
  338. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/usb.py +0 -0
  339. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/regf/userassist.py +0 -0
  340. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/registry.py +0 -0
  341. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/services.py +0 -0
  342. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/sru.py +0 -0
  343. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/startupinfo.py +0 -0
  344. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/syscache.py +0 -0
  345. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/task_helpers/__init__.py +0 -0
  346. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/task_helpers/tasks_job.py +0 -0
  347. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/task_helpers/tasks_records.py +0 -0
  348. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/task_helpers/tasks_xml.py +0 -0
  349. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/tasks.py +0 -0
  350. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/thumbcache.py +0 -0
  351. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/ual.py +0 -0
  352. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/wer.py +0 -0
  353. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/windows/wua_history.py +0 -0
  354. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/report.py +0 -0
  355. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/target.py +0 -0
  356. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/__init__.py +0 -0
  357. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/build_pluginlist.py +0 -0
  358. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/dd.py +0 -0
  359. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/dump/__init__.py +0 -0
  360. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/dump/run.py +0 -0
  361. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/dump/state.py +0 -0
  362. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/dump/utils.py +0 -0
  363. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/fs.py +0 -0
  364. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/fsutils.py +0 -0
  365. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/info.py +0 -0
  366. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/logging.py +0 -0
  367. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/mount.py +0 -0
  368. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/query.py +0 -0
  369. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/reg.py +0 -0
  370. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/shell.py +0 -0
  371. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/utils.py +0 -0
  372. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/tools/yara.py +0 -0
  373. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volume.py +0 -0
  374. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/__init__.py +0 -0
  375. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/bde.py +0 -0
  376. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/ddf.py +0 -0
  377. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/disk.py +0 -0
  378. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/luks.py +0 -0
  379. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/lvm.py +0 -0
  380. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/md.py +0 -0
  381. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/volumes/vmfs.py +0 -0
  382. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect.target.egg-info/dependency_links.txt +0 -0
  383. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect.target.egg-info/entry_points.txt +0 -0
  384. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect.target.egg-info/requires.txt +0 -0
  385. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect.target.egg-info/top_level.txt +0 -0
  386. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/pyproject.toml +0 -0
  387. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/setup.cfg +0 -0
  388. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/__init__.py +0 -0
  389. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/_docs/Makefile +0 -0
  390. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/_docs/conf.py +0 -0
  391. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/_docs/index.rst +0 -0
  392. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/_utils.py +0 -0
  393. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/conftest.py +0 -0
  394. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/containers/__init__.py +0 -0
  395. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/containers/test_fortifw.py +0 -0
  396. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/containers/test_split.py +0 -0
  397. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/__init__.py +0 -0
  398. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_btrfs.py +0 -0
  399. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_cb.py +0 -0
  400. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_config.py +0 -0
  401. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_cpio.py +0 -0
  402. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_dir.py +0 -0
  403. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_exfat.py +0 -0
  404. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_extfs.py +0 -0
  405. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_fat.py +0 -0
  406. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_ntfs.py +0 -0
  407. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_overlay.py +0 -0
  408. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_smb.py +0 -0
  409. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_tar.py +0 -0
  410. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_vmtar.py +0 -0
  411. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_xfs.py +0 -0
  412. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/filesystems/test_zip.py +0 -0
  413. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/__init__.py +0 -0
  414. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_cache.py +0 -0
  415. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_config.py +0 -0
  416. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_configutil.py +0 -0
  417. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_docs.py +0 -0
  418. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_fsutil.py +0 -0
  419. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_hashutil.py +0 -0
  420. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_keychain.py +0 -0
  421. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_loaderutil.py +0 -0
  422. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_localeutil.py +0 -0
  423. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_modifier.py +0 -0
  424. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_protobuf.py +0 -0
  425. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_record.py +0 -0
  426. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_regutil.py +0 -0
  427. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/helpers/test_utils.py +0 -0
  428. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/__init__.py +0 -0
  429. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_ab.py +0 -0
  430. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_asdf.py +0 -0
  431. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_cb.py +0 -0
  432. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_dir.py +0 -0
  433. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_hyperv.py +0 -0
  434. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_kape.py +0 -0
  435. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_libvirt.py +0 -0
  436. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_local.py +0 -0
  437. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_log.py +0 -0
  438. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_mqtt.py +0 -0
  439. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_multiraw.py +0 -0
  440. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_ova.py +0 -0
  441. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_overlay.py +0 -0
  442. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_ovf.py +0 -0
  443. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_phobos.py +0 -0
  444. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_pvm.py +0 -0
  445. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_pvs.py +0 -0
  446. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_remote.py +0 -0
  447. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_smb.py +0 -0
  448. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_tanium.py +0 -0
  449. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_tar.py +0 -0
  450. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_utm.py +0 -0
  451. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_vbox.py +0 -0
  452. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_velociraptor.py +0 -0
  453. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/loaders/test_vmwarevm.py +0 -0
  454. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/__init__.py +0 -0
  455. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/__init__.py +0 -0
  456. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/av/__init__.py +0 -0
  457. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/av/test_mcafee.py +0 -0
  458. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/av/test_sophos.py +0 -0
  459. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/av/test_symantec.py +0 -0
  460. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/av/test_trendmicro.py +0 -0
  461. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/__init__.py +0 -0
  462. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/test_brave.py +0 -0
  463. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/test_chrome.py +0 -0
  464. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/test_chromium.py +0 -0
  465. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/test_edge.py +0 -0
  466. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/test_firefox.py +0 -0
  467. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/browser/test_iexplore.py +0 -0
  468. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/container/__init__.py +0 -0
  469. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/container/test_docker.py +0 -0
  470. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/other/__init__.py +0 -0
  471. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/other/test_envfile.py +0 -0
  472. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/remoteaccess/__init__.py +0 -0
  473. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/remoteaccess/test_anydesk.py +0 -0
  474. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/remoteaccess/test_teamviewer.py +0 -0
  475. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/shell/__init__.py +0 -0
  476. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/shell/test_powershell.py +0 -0
  477. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/shell/test_wget.py +0 -0
  478. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/ssh/__init__.py +0 -0
  479. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/ssh/test_openssh.py +0 -0
  480. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/ssh/test_opensshd.py +0 -0
  481. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/ssh/test_putty.py +0 -0
  482. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/texteditor/__init__.py +0 -0
  483. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/texteditor/test_texteditor.py +0 -0
  484. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/virtualization/__init__.py +0 -0
  485. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/virtualization/test_vmware_workstation.py +0 -0
  486. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/vpn/__init__.py +0 -0
  487. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/vpn/test_openvpn.py +0 -0
  488. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/vpn/test_wireguard.py +0 -0
  489. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webhosting/__init__.py +0 -0
  490. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webhosting/test_cpanel.py +0 -0
  491. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/__init__.py +0 -0
  492. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/test_apache.py +0 -0
  493. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/test_caddy.py +0 -0
  494. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/test_citrix.py +0 -0
  495. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/test_iis.py +0 -0
  496. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/test_nginx.py +0 -0
  497. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/apps/webserver/test_webserver.py +0 -0
  498. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/__init__.py +0 -0
  499. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_docker.py +0 -0
  500. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_hyperv.py +0 -0
  501. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_parallels.py +0 -0
  502. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_qemu.py +0 -0
  503. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_virtuozzo.py +0 -0
  504. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_vmware_workstation.py +0 -0
  505. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/child/test_wsl.py +0 -0
  506. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/__init__.py +0 -0
  507. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/ntfs/__init__.py +0 -0
  508. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/ntfs/test_mft.py +0 -0
  509. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/ntfs/test_usnjrnl.py +0 -0
  510. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/test_acquire_handles.py +0 -0
  511. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/test_acquire_hash.py +0 -0
  512. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/test_icat.py +0 -0
  513. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/test_resolver.py +0 -0
  514. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/test_walkfs.py +0 -0
  515. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/test_yara.py +0 -0
  516. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/unix/__init__.py +0 -0
  517. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/unix/test_capability.py +0 -0
  518. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/filesystem/unix/test_suid.py +0 -0
  519. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/__init__.py +0 -0
  520. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/test_config.py +0 -0
  521. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/test_default.py +0 -0
  522. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/test_network.py +0 -0
  523. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/test_plugins.py +0 -0
  524. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/test_scrape.py +0 -0
  525. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/general/test_users.py +0 -0
  526. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/__init__.py +0 -0
  527. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/__init__.py +0 -0
  528. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/__init__.py +0 -0
  529. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/citrix/__init__.py +0 -0
  530. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/citrix/test__os.py +0 -0
  531. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/citrix/test_history.py +0 -0
  532. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/osx/__init__.py +0 -0
  533. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/osx/test__os.py +0 -0
  534. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/osx/test_network.py +0 -0
  535. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/bsd/osx/test_user.py +0 -0
  536. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/esxi/__init__.py +0 -0
  537. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/esxi/test__os.py +0 -0
  538. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/__init__.py +0 -0
  539. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/android/__init__.py +0 -0
  540. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/android/test__os.py +0 -0
  541. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/debian/__init__.py +0 -0
  542. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/debian/test_apt.py +0 -0
  543. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/debian/test_dpkg.py +0 -0
  544. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/fortios/test_keys.py +0 -0
  545. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/redhat/__init__.py +0 -0
  546. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/redhat/test_yum.py +0 -0
  547. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/suse/__init__.py +0 -0
  548. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/suse/test_zypper.py +0 -0
  549. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test__os.py +0 -0
  550. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_cmdline.py +0 -0
  551. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_environ.py +0 -0
  552. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_iptables.py +0 -0
  553. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_modules.py +0 -0
  554. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_netstat.py +0 -0
  555. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_proc.py +0 -0
  556. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_processes.py +0 -0
  557. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_services.py +0 -0
  558. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/linux/test_sockets.py +0 -0
  559. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/locate/__init__.py +0 -0
  560. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/locate/test_gnulocate.py +0 -0
  561. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/locate/test_mlocate.py +0 -0
  562. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/locate/test_plocate.py +0 -0
  563. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/__init__.py +0 -0
  564. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_atop.py +0 -0
  565. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_audit.py +0 -0
  566. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_auth.py +0 -0
  567. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_lastlog.py +0 -0
  568. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_utmp.py +0 -0
  569. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test__os.py +0 -0
  570. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_generic.py +0 -0
  571. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_history.py +0 -0
  572. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_ips.py +0 -0
  573. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_locale.py +0 -0
  574. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_packagemanager.py +0 -0
  575. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_shadow.py +0 -0
  576. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_trash.py +0 -0
  577. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_users.py +0 -0
  578. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/test_version.py +0 -0
  579. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/__init__.py +0 -0
  580. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/credential/__init__.py +0 -0
  581. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/credential/test_credhist.py +0 -0
  582. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/credential/test_lsa.py +0 -0
  583. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/credential/test_sam.py +0 -0
  584. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/log/test_etl.py +0 -0
  585. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/log/test_evt.py +0 -0
  586. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/log/test_evtx.py +0 -0
  587. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/log/test_schedlgu.py +0 -0
  588. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/__init__.py +0 -0
  589. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_appxdebugkeys.py +0 -0
  590. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_cit.py +0 -0
  591. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_clsid.py +0 -0
  592. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_muicache.py +0 -0
  593. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_shellbags.py +0 -0
  594. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_trusteddocs.py +0 -0
  595. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_usb.py +0 -0
  596. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/regf/test_userassist.py +0 -0
  597. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test__os.py +0 -0
  598. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_adpolicy.py +0 -0
  599. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_amcache.py +0 -0
  600. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_catroot.py +0 -0
  601. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_clfs.py +0 -0
  602. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_datetime.py +0 -0
  603. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_defender.py +0 -0
  604. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_dpapi.py +0 -0
  605. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_env.py +0 -0
  606. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_generic.py +0 -0
  607. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_jumplist.py +0 -0
  608. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_lnk.py +0 -0
  609. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_locale.py +0 -0
  610. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_mru.py +0 -0
  611. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_network.py +0 -0
  612. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_notifications.py +0 -0
  613. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_prefetch.py +0 -0
  614. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_recyclebin.py +0 -0
  615. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_registry.py +0 -0
  616. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_shimcache.py +0 -0
  617. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_sru.py +0 -0
  618. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_syscache.py +0 -0
  619. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_tasks.py +0 -0
  620. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_thumbcache.py +0 -0
  621. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_ual.py +0 -0
  622. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_wer.py +0 -0
  623. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/windows/test_wua_history.py +0 -0
  624. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_container.py +0 -0
  625. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_filesystem.py +0 -0
  626. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_plugin.py +0 -0
  627. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_registration.py +0 -0
  628. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_report.py +0 -0
  629. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_target.py +0 -0
  630. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_tests.py +0 -0
  631. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/test_volume.py +0 -0
  632. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/__init__.py +0 -0
  633. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_dump.py +0 -0
  634. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_fs.py +0 -0
  635. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_fsutils.py +0 -0
  636. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_info.py +0 -0
  637. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_mount.py +0 -0
  638. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_query.py +0 -0
  639. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_reg.py +0 -0
  640. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_shell.py +0 -0
  641. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_utils.py +0 -0
  642. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/tools/test_yara.py +0 -0
  643. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/volumes/__init__.py +0 -0
  644. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/volumes/test_bde.py +0 -0
  645. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/volumes/test_md.py +0 -0
  646. {dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tox.ini +0 -0
{dissect_target-3.20.dev31/dissect.target.egg-info → dissect_target-3.20.dev33}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: dissect.target
3
- Version: 3.20.dev31
3
+ Version: 3.20.dev33
4
4
  Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
5
5
  Author-email: Dissect Team <dissect@fox-it.com>
6
6
  License: Affero General Public License v3
{dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/journal.py RENAMED
@@ -1,7 +1,8 @@
1
1
  from __future__ import annotations
2
2
 
3
+ import logging
3
4
  import lzma
4
- from typing import BinaryIO, Callable, Iterator
5
+ from typing import Any, BinaryIO, Callable, Iterator
5
6
 
6
7
  import zstandard
7
8
  from dissect.cstruct import cstruct
@@ -13,6 +14,8 @@ from dissect.target.exceptions import UnsupportedPluginError
13
14
  from dissect.target.helpers.record import TargetRecordDescriptor
14
15
  from dissect.target.plugin import Plugin, export
15
16
 
17
+ log = logging.getLogger(__name__)
18
+
16
19
  # The events have undocumented fields that are not part of the record
17
20
  JournalRecord = TargetRecordDescriptor(
18
21
  "linux/log/journal",
@@ -28,7 +31,7 @@ JournalRecord = TargetRecordDescriptor(
28
31
  ("varint", "errno"),
29
32
  ("string", "invocation_id"),
30
33
  ("string", "user_invocation_id"),
31
- ("varint", "syslog_facility"),
34
+ ("string", "syslog_facility"),
32
35
  ("string", "syslog_identifier"),
33
36
  ("varint", "syslog_pid"),
34
37
  ("string", "syslog_raw"),
@@ -70,11 +73,13 @@ JournalRecord = TargetRecordDescriptor(
70
73
  ("path", "udev_devlink"),
71
74
  # Other fields
72
75
  ("string", "journal_hostname"),
73
- ("path", "filepath"),
76
+ ("path", "source"),
74
77
  ],
75
78
  )
76
79
 
77
80
  journal_def = """
81
+ #define HEADER_SIGNATURE b"LPKSHHRH"
82
+
78
83
  typedef uint8 uint8_t;
79
84
  typedef uint32 le32_t;
80
85
  typedef uint64 le64_t;
@@ -100,7 +105,7 @@ flag IncompatibleFlag : le32_t {
100
105
  };
101
106
 
102
107
  struct Header {
103
- uint8_t signature[8];
108
+ char signature[8];
104
109
  le32_t compatible_flags;
105
110
  IncompatibleFlag incompatible_flags;
106
111
  State state;
@@ -165,7 +170,7 @@ struct ObjectHeader {
165
170
 
166
171
  // The first four members are copied from ObjectHeader, so that the size can be used as the length of payload
167
172
  struct DataObject {
168
- ObjectType type;
173
+ // ObjectType type;
169
174
  ObjectFlag flags;
170
175
  uint8_t reserved[6];
171
176
  le64_t size;
@@ -181,7 +186,7 @@ struct DataObject {
181
186
  // If the HEADER_INCOMPATIBLE_COMPACT flag is set, two extra fields are stored to allow immediate access
182
187
  // to the tail entry array in the DATA object's entry array chain.
183
188
  struct DataObject_Compact {
184
- ObjectType type;
189
+ // ObjectType type;
185
190
  ObjectFlag flags;
186
191
  uint8_t reserved[6];
187
192
  le64_t size;
@@ -236,7 +241,7 @@ struct EntryObject_Compact {
236
241
 
237
242
  // The first four members are copied from from ObjectHeader, so that the size can be used as the length of entry_object_offsets
238
243
  struct EntryArrayObject {
239
- ObjectType type;
244
+ // ObjectType type;
240
245
  uint8_t flags;
241
246
  uint8_t reserved[6];
242
247
  le64_t size;
@@ -245,7 +250,7 @@ struct EntryArrayObject {
245
250
  };
246
251
 
247
252
  struct EntryArrayObject_Compact {
248
- ObjectType type;
253
+ // ObjectType type;
249
254
  uint8_t flags;
250
255
  uint8_t reserved[6];
251
256
  le64_t size;
@@ -257,9 +262,19 @@ struct EntryArrayObject_Compact {
257
262
  c_journal = cstruct().load(journal_def)
258
263
 
259
264
 
260
- def get_optional(value: str, to_type: Callable):
265
+ def get_optional(value: str, to_type: Callable) -> Any | None:
261
266
  """Return the value if True, otherwise return None."""
262
- return to_type(value) if value else None
267
+
268
+ if not value:
269
+ return None
270
+
271
+ try:
272
+ return to_type(value)
273
+
274
+ except ValueError as e:
275
+ log.error("Unable to cast '%s' to %s", value, to_type)
276
+ log.debug("", exc_info=e)
277
+ return None
263
278
 
264
279
 
265
280
  class JournalFile:
@@ -273,136 +288,138 @@ class JournalFile:
273
288
  def __init__(self, fh: BinaryIO, target: Target):
274
289
  self.fh = fh
275
290
  self.target = target
276
- self.header = c_journal.Header(self.fh)
277
- self.signature = "".join(chr(c) for c in self.header.signature)
278
- self.entry_array_offset = self.header.entry_array_offset
279
291
 
280
- def entry_object_offsets(self) -> Iterator[int]:
281
- """Read object entry arrays."""
292
+ try:
293
+ self.header = c_journal.Header(self.fh)
294
+ except EOFError as e:
295
+ raise ValueError(f"Invalid systemd Journal file: {e}")
282
296
 
283
- offset = self.entry_array_offset
284
-
285
- # Entry Array with next_entry_array_offset set to 0 is the last in the list
286
- while offset != 0:
287
- self.fh.seek(offset)
288
-
289
- object = c_journal.ObjectHeader(self.fh)
290
-
291
- if object.type == c_journal.ObjectType.OBJECT_ENTRY_ARRAY:
292
- # After the object is checked, read again but with EntryArrayObject instead of ObjectHeader
293
- self.fh.seek(offset)
294
-
295
- if self.header.incompatible_flags & c_journal.IncompatibleFlag.HEADER_INCOMPATIBLE_COMPACT:
296
- entry_array_object = c_journal.EntryArrayObject_Compact(self.fh)
297
- else:
298
- entry_array_object = c_journal.EntryArrayObject(self.fh)
299
-
300
- for entry_object_offset in entry_array_object.entry_object_offsets:
301
- # Check if the offset is not zero and points to nothing
302
- if entry_object_offset:
303
- yield entry_object_offset
304
-
305
- offset = entry_array_object.next_entry_array_offset
297
+ if self.header.signature != c_journal.HEADER_SIGNATURE:
298
+ raise ValueError(f"Journal file has invalid magic header: {self.header.signature!r}'")
306
299
 
307
300
  def decode_value(self, value: bytes) -> tuple[str, str]:
308
- value = value.decode(encoding="utf-8", errors="surrogateescape").strip()
309
-
310
- # Strip leading underscores part of the field name
311
- value = value.lstrip("_")
312
-
301
+ """Decode the given bytes to a key value pair."""
302
+ value = value.decode(errors="surrogateescape").strip().lstrip("_")
313
303
  key, value = value.split("=", 1)
314
304
  key = key.lower()
315
-
316
305
  return key, value
317
306
 
318
307
  def __iter__(self) -> Iterator[dict[str, int | str]]:
319
308
  "Iterate over the entry objects to read payloads."
320
309
 
321
- for offset in self.entry_object_offsets():
310
+ offset = self.header.entry_array_offset
311
+ while offset != 0:
322
312
  self.fh.seek(offset)
323
313
 
314
+ if self.fh.read(1)[0] != c_journal.ObjectType.OBJECT_ENTRY_ARRAY:
315
+ raise ValueError(f"Expected OBJECT_ENTRY_ARRAY at offset {offset}")
316
+
317
+ if self.header.incompatible_flags & c_journal.IncompatibleFlag.HEADER_INCOMPATIBLE_COMPACT:
318
+ entry_array_object = c_journal.EntryArrayObject_Compact(self.fh)
319
+ else:
320
+ entry_array_object = c_journal.EntryArrayObject(self.fh)
321
+
322
+ for entry_object_offset in entry_array_object.entry_object_offsets:
323
+ if entry_object_offset:
324
+ yield from self._parse_entry_object(offset=entry_object_offset)
325
+
326
+ offset = entry_array_object.next_entry_array_offset
327
+
328
+ def _parse_entry_object(self, offset: int) -> Iterator[dict]:
329
+ self.fh.seek(offset)
330
+
331
+ try:
324
332
  if self.header.incompatible_flags & c_journal.IncompatibleFlag.HEADER_INCOMPATIBLE_COMPACT:
325
333
  entry = c_journal.EntryObject_Compact(self.fh)
326
334
  else:
327
335
  entry = c_journal.EntryObject(self.fh)
328
336
 
329
- event = {}
330
- event["ts"] = ts.from_unix_us(entry.realtime)
337
+ except EOFError as e:
338
+ self.target.log.warning("Unable to read Journal EntryObject at offset %s in: %s", offset, self.fh)
339
+ self.target.log.debug("", exc_info=e)
340
+ return
331
341
 
332
- for item in entry.items:
333
- try:
334
- self.fh.seek(item.object_offset)
342
+ event = {"ts": ts.from_unix_us(entry.realtime)}
343
+ for item in entry.items:
344
+ try:
345
+ self.fh.seek(item.object_offset)
335
346
 
336
- object = c_journal.ObjectHeader(self.fh)
347
+ if self.fh.read(1)[0] != c_journal.ObjectType.OBJECT_DATA:
348
+ continue
337
349
 
338
- if object.type == c_journal.ObjectType.OBJECT_DATA:
339
- self.fh.seek(item.object_offset)
350
+ if self.header.incompatible_flags & c_journal.IncompatibleFlag.HEADER_INCOMPATIBLE_COMPACT:
351
+ data_object = c_journal.DataObject_Compact(self.fh)
352
+ else:
353
+ data_object = c_journal.DataObject(self.fh)
340
354
 
341
- if self.header.incompatible_flags & c_journal.IncompatibleFlag.HEADER_INCOMPATIBLE_COMPACT:
342
- data_object = c_journal.DataObject_Compact(self.fh)
343
- else:
344
- data_object = c_journal.DataObject(self.fh)
355
+ if not data_object.payload:
356
+ continue
345
357
 
346
- data = data_object.payload
358
+ data = data_object.payload
347
359
 
348
- if not data:
349
- # If the payload is empty
350
- continue
351
- elif data_object.flags & c_journal.ObjectFlag.OBJECT_COMPRESSED_XZ:
352
- data = lzma.decompress(data)
353
- elif data_object.flags & c_journal.ObjectFlag.OBJECT_COMPRESSED_LZ4:
354
- data = lz4.decompress(data[8:])
355
- elif data_object.flags & c_journal.ObjectFlag.OBJECT_COMPRESSED_ZSTD:
356
- data = zstandard.decompress(data)
360
+ if data_object.flags & c_journal.ObjectFlag.OBJECT_COMPRESSED_XZ:
361
+ data = lzma.decompress(data)
357
362
 
358
- key, value = self.decode_value(data)
359
- event[key] = value
363
+ elif data_object.flags & c_journal.ObjectFlag.OBJECT_COMPRESSED_LZ4:
364
+ data = lz4.decompress(data[8:])
360
365
 
361
- except Exception as e:
362
- self.target.log.warning(
363
- "The data object in Journal file %s could not be parsed",
364
- getattr(self.fh, "name", None),
365
- exc_info=e,
366
- )
367
- continue
366
+ elif data_object.flags & c_journal.ObjectFlag.OBJECT_COMPRESSED_ZSTD:
367
+ data = zstandard.decompress(data)
368
+
369
+ key, value = self.decode_value(data)
370
+ event[key] = value
371
+
372
+ except Exception as e:
373
+ self.target.log.warning(
374
+ "Journal DataObject could not be parsed at offset %s in %s",
375
+ item.object_offset,
376
+ getattr(self.fh, "name", None),
377
+ )
378
+ self.target.log.debug("", exc_info=e)
379
+ continue
368
380
 
369
- yield event
381
+ yield event
370
382
 
371
383
 
372
384
  class JournalPlugin(Plugin):
385
+ """Systemd Journal plugin."""
386
+
373
387
  JOURNAL_PATHS = ["/var/log/journal"] # TODO: /run/systemd/journal
374
388
  JOURNAL_GLOB = "*/*.journal*" # The extensions .journal and .journal~
375
- JOURNAL_SIGNATURE = "LPKSHHRH"
376
389
 
377
390
  def __init__(self, target: Target):
378
391
  super().__init__(target)
379
- self.journal_paths = []
392
+ self.journal_files = []
380
393
 
381
- for _path in self.JOURNAL_PATHS:
382
- self.journal_paths.extend(self.target.fs.path(_path).glob(self.JOURNAL_GLOB))
394
+ for journal_path in self.JOURNAL_PATHS:
395
+ self.journal_files.extend(self.target.fs.path(journal_path).glob(self.JOURNAL_GLOB))
383
396
 
384
397
  def check_compatible(self) -> None:
385
- if not len(self.journal_paths):
398
+ if not self.journal_files:
386
399
  raise UnsupportedPluginError("No journald files found")
387
400
 
388
401
  @export(record=JournalRecord)
389
402
  def journal(self) -> Iterator[JournalRecord]:
390
- """Return the content of Systemd Journal log files.
403
+ """Return the contents of Systemd Journal log files.
391
404
 
392
405
  References:
393
406
  - https://wiki.archlinux.org/title/Systemd/Journal
394
407
  - https://github.com/systemd/systemd/blob/9203abf79f1d05fdef9b039e7addf9fc5a27752d/man/systemd.journal-fields.xml
395
408
  """ # noqa: E501
396
-
397
409
  path_function = self.target.fs.path
398
410
 
399
- for _path in self.journal_paths:
400
- fh = _path.open()
411
+ for journal_file in self.journal_files:
412
+ if not journal_file.is_file():
413
+ self.target.log.warning("Unable to parse journal file as it is not a file: %s", journal_file)
414
+ continue
401
415
 
402
- journal = JournalFile(fh, self.target)
416
+ try:
417
+ fh = journal_file.open()
418
+ journal = JournalFile(fh, self.target)
403
419
 
404
- if not journal.signature == self.JOURNAL_SIGNATURE:
405
- self.target.log.warning("The Journal log file %s has an invalid magic header", _path)
420
+ except Exception as e:
421
+ self.target.log.warning("Unable to parse journal file structure: %s: %s", journal_file, str(e))
422
+ self.target.log.debug("", exc_info=e)
406
423
  continue
407
424
 
408
425
  for entry in journal:
@@ -417,7 +434,7 @@ class JournalPlugin(Plugin):
417
434
  errno=get_optional(entry.get("errno"), int),
418
435
  invocation_id=entry.get("invocation_id"),
419
436
  user_invocation_id=entry.get("user_invocation_id"),
420
- syslog_facility=get_optional(entry.get("syslog_facility"), int),
437
+ syslog_facility=entry.get("syslog_facility"),
421
438
  syslog_identifier=entry.get("syslog_identifier"),
422
439
  syslog_pid=get_optional(entry.get("syslog_pid"), int),
423
440
  syslog_raw=entry.get("syslog_raw"),
@@ -456,6 +473,6 @@ class JournalPlugin(Plugin):
456
473
  udev_devnode=get_optional(entry.get("udev_devnode"), path_function),
457
474
  udev_devlink=get_optional(entry.get("udev_devlink"), path_function),
458
475
  journal_hostname=entry.get("hostname"),
459
- filepath=_path,
476
+ source=journal_file,
460
477
  _target=self.target,
461
478
  )
{dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect/target/plugins/os/unix/log/messages.py RENAMED
@@ -1,9 +1,13 @@
1
+ from __future__ import annotations
2
+
1
3
  import re
4
+ from datetime import datetime, timezone, tzinfo
2
5
  from pathlib import Path
3
6
  from typing import Iterator
4
7
 
5
8
  from dissect.target import Target
6
9
  from dissect.target.exceptions import UnsupportedPluginError
10
+ from dissect.target.helpers.fsutil import open_decompress
7
11
  from dissect.target.helpers.record import TargetRecordDescriptor
8
12
  from dissect.target.helpers.utils import year_rollover_helper
9
13
  from dissect.target.plugin import Plugin, alias, export
@@ -66,7 +70,7 @@ class MessagesPlugin(Plugin):
66
70
 
67
71
  for log_file in self.log_files:
68
72
  if "cloud-init" in log_file.name:
69
- yield from self._parse_cloud_init_log(log_file)
73
+ yield from self._parse_cloud_init_log(log_file, tzinfo)
70
74
  continue
71
75
 
72
76
  for ts, line in year_rollover_helper(log_file, RE_TS, DEFAULT_TS_LOG_FORMAT, tzinfo):
@@ -83,7 +87,7 @@ class MessagesPlugin(Plugin):
83
87
  _target=self.target,
84
88
  )
85
89
 
86
- def _parse_cloud_init_log(self, log_file: Path) -> Iterator[MessagesRecord]:
90
+ def _parse_cloud_init_log(self, log_file: Path, tzinfo: tzinfo | None = timezone.utc) -> Iterator[MessagesRecord]:
87
91
  """Parse a cloud-init.log file.
88
92
 
89
93
  Lines are structured in the following format:
@@ -96,18 +100,41 @@ class MessagesPlugin(Plugin):
96
100
 
97
101
  Returns: ``MessagesRecord``
98
102
  """
99
- for line in log_file.open("rt").readlines():
100
- if line := line.strip():
101
- if match := RE_CLOUD_INIT_LINE.match(line):
102
- match = match.groupdict()
103
- yield MessagesRecord(
104
- ts=match["ts"].split(",")[0],
105
- daemon=match["daemon"],
106
- pid=None,
107
- message=match["message"],
108
- source=log_file,
109
- _target=self.target,
110
- )
111
- else:
112
- self.target.log.warning("Could not match cloud-init log line")
103
+
104
+ ts_fmt = "%Y-%m-%d %H:%M:%S,%f"
105
+
106
+ with open_decompress(log_file, "rt") as fh:
107
+ for line in fh:
108
+ if not (line := line.strip()):
109
+ continue
110
+
111
+ if not (match := RE_CLOUD_INIT_LINE.match(line)):
112
+ self.target.log.warning("Could not match cloud-init log line in file: %s", log_file)
113
113
  self.target.log.debug("No match for line '%s'", line)
114
+ continue
115
+
116
+ values = match.groupdict()
117
+
118
+ # Actual format is ``YYYY-MM-DD HH:MM:SS,000`` (asctime with milliseconds) but python has no strptime
119
+ # operator for 3 digit milliseconds, so we convert and pad to six digit microseconds.
120
+ # https://github.com/canonical/cloud-init/blob/main/cloudinit/log/loggers.py#DEFAULT_LOG_FORMAT
121
+ # https://docs.python.org/3/library/logging.html#asctime
122
+ raw_ts, _, milliseconds = values["ts"].rpartition(",")
123
+ raw_ts += "," + str((int(milliseconds) * 1000)).zfill(6)
124
+
125
+ try:
126
+ ts = datetime.strptime(raw_ts, ts_fmt).replace(tzinfo=tzinfo)
127
+
128
+ except ValueError as e:
129
+ self.target.log.warning("Timestamp '%s' does not match format '%s'", raw_ts, ts_fmt)
130
+ self.target.log.debug("", exc_info=e)
131
+ ts = datetime(1970, 1, 1, 0, 0, 0, 0)
132
+
133
+ yield MessagesRecord(
134
+ ts=ts,
135
+ daemon=values["daemon"],
136
+ pid=None,
137
+ message=values["message"],
138
+ source=log_file,
139
+ _target=self.target,
140
+ )
{dissect_target-3.20.dev31 → dissect_target-3.20.dev33/dissect.target.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: dissect.target
3
- Version: 3.20.dev31
3
+ Version: 3.20.dev33
4
4
  Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
5
5
  Author-email: Dissect Team <dissect@fox-it.com>
6
6
  License: Affero General Public License v3
{dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/dissect.target.egg-info/SOURCES.txt RENAMED
@@ -534,7 +534,6 @@ tests/plugins/os/unix/test__os.py
534
534
  tests/plugins/os/unix/test_generic.py
535
535
  tests/plugins/os/unix/test_history.py
536
536
  tests/plugins/os/unix/test_ips.py
537
- tests/plugins/os/unix/test_journal.py
538
537
  tests/plugins/os/unix/test_locale.py
539
538
  tests/plugins/os/unix/test_packagemanager.py
540
539
  tests/plugins/os/unix/test_shadow.py
@@ -580,6 +579,7 @@ tests/plugins/os/unix/log/__init__.py
580
579
  tests/plugins/os/unix/log/test_atop.py
581
580
  tests/plugins/os/unix/log/test_audit.py
582
581
  tests/plugins/os/unix/log/test_auth.py
582
+ tests/plugins/os/unix/log/test_journal.py
583
583
  tests/plugins/os/unix/log/test_lastlog.py
584
584
  tests/plugins/os/unix/log/test_messages.py
585
585
  tests/plugins/os/unix/log/test_utmp.py
{dissect_target-3.20.dev31/tests/plugins/os/unix → dissect_target-3.20.dev33/tests/plugins/os/unix/log}/test_journal.py RENAMED
@@ -1,27 +1,30 @@
1
1
  from flow.record.fieldtypes import datetime as dt
2
2
 
3
+ from dissect.target.filesystem import VirtualFilesystem
3
4
  from dissect.target.plugins.os.unix.log.journal import JournalPlugin
5
+ from dissect.target.target import Target
4
6
  from tests._utils import absolute_path
5
7
 
6
8
 
7
- def test_journal_plugin(target_unix, fs_unix):
9
+ def test_journal_plugin(target_unix: Target, fs_unix: VirtualFilesystem) -> None:
10
+ """test linux systemd journal file parsing."""
11
+
8
12
  data_file = absolute_path("_data/plugins/os/unix/log/journal/journal")
9
13
  fs_unix.map_file("var/log/journal/1337/user-1000.journal", data_file)
10
-
11
14
  target_unix.add_plugin(JournalPlugin)
12
15
 
13
16
  results = list(target_unix.journal())
14
- record = results[0]
15
-
16
17
  assert len(results) == 2
17
18
 
19
+ record = results[0]
18
20
  assert record.ts == dt("2023-05-19T16:22:38.841870+00:00")
19
- assert (
20
- record.message
21
- == "Window manager warning: last_user_time (928062) is greater than comparison timestamp (928031). This most likely represents a buggy client sending inaccurate timestamps in messages such as _NET_ACTIVE_WINDOW. Trying to work around..." # noqa: E501
21
+ assert record.message == (
22
+ "Window manager warning: last_user_time (928062) is greater than comparison timestamp (928031). "
23
+ "This most likely represents a buggy client sending inaccurate timestamps in messages such as "
24
+ "_NET_ACTIVE_WINDOW. Trying to work around..."
22
25
  )
23
- assert record.syslog_facility == 3
26
+ assert record.syslog_facility == "3"
24
27
  assert record.syslog_identifier == "gnome-shell"
25
28
  assert record.pid == 2096
26
29
  assert record.transport == "stdout"
27
- assert str(record.filepath) == "/var/log/journal/1337/user-1000.journal"
30
+ assert record.source == "/var/log/journal/1337/user-1000.journal"
{dissect_target-3.20.dev31 → dissect_target-3.20.dev33}/tests/plugins/os/unix/log/test_messages.py RENAMED
@@ -1,3 +1,4 @@
1
+ import gzip
1
2
  import tarfile
2
3
  import textwrap
3
4
  from datetime import datetime, timezone
@@ -5,8 +6,6 @@ from io import BytesIO
5
6
  from unittest.mock import patch
6
7
  from zoneinfo import ZoneInfo
7
8
 
8
- from flow.record.fieldtypes import datetime as dt
9
-
10
9
  from dissect.target import Target
11
10
  from dissect.target.filesystem import VirtualFilesystem
12
11
  from dissect.target.filesystems.tar import TarFilesystem
@@ -83,8 +82,8 @@ def test_unix_log_messages_compressed_timezone_year_rollover() -> None:
83
82
  assert len(results) == 2
84
83
  assert isinstance(results[0], type(MessagesRecord()))
85
84
  assert isinstance(results[1], type(MessagesRecord()))
86
- assert results[0].ts == dt(2020, 12, 31, 3, 14, 0, tzinfo=ZoneInfo("America/Chicago"))
87
- assert results[1].ts == dt(2021, 1, 1, 13, 37, 0, tzinfo=ZoneInfo("America/Chicago"))
85
+ assert results[0].ts == datetime(2020, 12, 31, 3, 14, 0, tzinfo=ZoneInfo("America/Chicago"))
86
+ assert results[1].ts == datetime(2021, 1, 1, 13, 37, 0, tzinfo=ZoneInfo("America/Chicago"))
88
87
 
89
88
 
90
89
  def test_unix_log_messages_malformed_log_year_rollover(target_unix_users: Target, fs_unix: VirtualFilesystem) -> None:
@@ -108,19 +107,34 @@ def test_unix_log_messages_malformed_log_year_rollover(target_unix_users: Target
108
107
  assert len(results) == 2
109
108
 
110
109
 
111
- def test_unix_messages_cloud_init(target_unix_users: Target, fs_unix: VirtualFilesystem) -> None:
110
+ def test_unix_messages_cloud_init(target_unix: Target, fs_unix: VirtualFilesystem) -> None:
111
+ """test if we correctly parse plaintext and compressed cloud-init log files."""
112
+
112
113
  messages = """
113
114
  2005-08-09 11:55:21,000 - foo.py[DEBUG]: This is a cloud-init message!
114
115
  2005-08-09 11:55:21,001 - util.py[DEBUG]: Cloud-init v. 1.2.3-4ubuntu5 running 'init-local' at Tue, 9 Aug 2005 11:55:21 +0000. Up 13.37 seconds.
115
116
  """ # noqa: E501
116
- fs_unix.map_file_fh("/var/log/installer/cloud-init.log", BytesIO(textwrap.dedent(messages).encode()))
117
+ msg_bytes = textwrap.dedent(messages).encode()
117
118
 
118
- target_unix_users.add_plugin(MessagesPlugin)
119
+ fs_unix.map_file_fh("/etc/timezone", BytesIO(b"Europe/Amsterdam"))
120
+ fs_unix.map_file_fh("/var/log/installer/cloud-init.log", BytesIO(msg_bytes))
121
+ fs_unix.map_file_fh("/var/log/installer/cloud-init.log.1.gz", BytesIO(gzip.compress(msg_bytes)))
122
+ target_unix.add_plugin(MessagesPlugin)
119
123
 
120
- results = list(target_unix_users.messages())
121
- assert len(results) == 2
122
- assert results[0].ts == dt(2005, 8, 9, 11, 55, 21)
124
+ results = sorted(list(target_unix.messages()), key=lambda r: r.source)
125
+ assert len(results) == 4
126
+
127
+ assert results[0].ts == datetime(2005, 8, 9, 11, 55, 21, 0, tzinfo=ZoneInfo("Europe/Amsterdam"))
123
128
  assert results[0].daemon == "foo.py"
124
129
  assert results[0].pid is None
125
130
  assert results[0].message == "This is a cloud-init message!"
126
131
  assert results[0].source == "/var/log/installer/cloud-init.log"
132
+
133
+ assert results[-1].ts == datetime(2005, 8, 9, 11, 55, 21, 1_000, tzinfo=ZoneInfo("Europe/Amsterdam"))
134
+ assert results[-1].daemon == "util.py"
135
+ assert results[-1].pid is None
136
+ assert (
137
+ results[-1].message
138
+ == "Cloud-init v. 1.2.3-4ubuntu5 running 'init-local' at Tue, 9 Aug 2005 11:55:21 +0000. Up 13.37 seconds." # noqa: E501
139
+ )
140
+ assert results[-1].source == "/var/log/installer/cloud-init.log.1.gz"