dissect.target 3.20.dev58__py3-none-any.whl → 3.20.dev60__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- dissect/target/plugins/os/unix/log/journal.py +15 -10
- dissect/target/plugins/os/windows/network.py +5 -6
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/METADATA +1 -1
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/RECORD +9 -9
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/LICENSE +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/WHEEL +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/top_level.txt +0 -0
|
@@ -277,6 +277,11 @@ def get_optional(value: str, to_type: Callable) -> Any | None:
|
|
|
277
277
|
return None
|
|
278
278
|
|
|
279
279
|
|
|
280
|
+
# Sometimes stringy None is inserted by external tools like Ansible
|
|
281
|
+
def int_or_none(value: str) -> int | None:
|
|
282
|
+
return int(value) if value and value != "None" else None
|
|
283
|
+
|
|
284
|
+
|
|
280
285
|
class JournalFile:
|
|
281
286
|
"""Parse Systemd Journal file format.
|
|
282
287
|
|
|
@@ -427,30 +432,30 @@ class JournalPlugin(Plugin):
|
|
|
427
432
|
ts=entry.get("ts"),
|
|
428
433
|
message=entry.get("message"),
|
|
429
434
|
message_id=entry.get("message_id"),
|
|
430
|
-
priority=
|
|
435
|
+
priority=int_or_none(entry.get("priority")),
|
|
431
436
|
code_file=get_optional(entry.get("code_file"), path_function),
|
|
432
|
-
code_line=
|
|
437
|
+
code_line=int_or_none(entry.get("code_line")),
|
|
433
438
|
code_func=entry.get("code_func"),
|
|
434
|
-
errno=
|
|
439
|
+
errno=int_or_none(entry.get("errno")),
|
|
435
440
|
invocation_id=entry.get("invocation_id"),
|
|
436
441
|
user_invocation_id=entry.get("user_invocation_id"),
|
|
437
442
|
syslog_facility=entry.get("syslog_facility"),
|
|
438
443
|
syslog_identifier=entry.get("syslog_identifier"),
|
|
439
|
-
syslog_pid=
|
|
444
|
+
syslog_pid=int_or_none(entry.get("syslog_pid")),
|
|
440
445
|
syslog_raw=entry.get("syslog_raw"),
|
|
441
446
|
documentation=entry.get("documentation"),
|
|
442
|
-
tid=
|
|
447
|
+
tid=int_or_none(entry.get("tid")),
|
|
443
448
|
unit=entry.get("unit"),
|
|
444
449
|
user_unit=entry.get("user_unit"),
|
|
445
|
-
pid=
|
|
446
|
-
uid=
|
|
447
|
-
gid=
|
|
450
|
+
pid=int_or_none(entry.get("pid")),
|
|
451
|
+
uid=int_or_none(entry.get("uid")),
|
|
452
|
+
gid=int_or_none(entry.get("gid")),
|
|
448
453
|
comm=entry.get("comm"),
|
|
449
454
|
exe=get_optional(entry.get("exe"), path_function),
|
|
450
455
|
cmdline=entry.get("cmdline"),
|
|
451
456
|
cap_effective=entry.get("cap_effective"),
|
|
452
|
-
audit_session=
|
|
453
|
-
audit_loginuid=
|
|
457
|
+
audit_session=int_or_none(entry.get("audit_session")),
|
|
458
|
+
audit_loginuid=int_or_none(entry.get("audit_loginuid")),
|
|
454
459
|
systemd_cgroup=get_optional(entry.get("systemd_cgroup"), path_function),
|
|
455
460
|
systemd_slice=entry.get("systemd_slice"),
|
|
456
461
|
systemd_unit=entry.get("systemd_unit"),
|
|
@@ -257,7 +257,8 @@ class WindowsNetworkPlugin(NetworkPlugin):
|
|
|
257
257
|
continue
|
|
258
258
|
|
|
259
259
|
# Extract the network device configuration for given interface id
|
|
260
|
-
config
|
|
260
|
+
if not (config := self._extract_network_device_config(net_cfg_instance_id)):
|
|
261
|
+
continue
|
|
261
262
|
|
|
262
263
|
# Extract a network device name for given interface id
|
|
263
264
|
try:
|
|
@@ -313,9 +314,7 @@ class WindowsNetworkPlugin(NetworkPlugin):
|
|
|
313
314
|
_target=self.target,
|
|
314
315
|
)
|
|
315
316
|
|
|
316
|
-
def _extract_network_device_config(
|
|
317
|
-
self, interface_id: str
|
|
318
|
-
) -> list[dict[str, str | list], dict[str, str | list]] | None:
|
|
317
|
+
def _extract_network_device_config(self, interface_id: str) -> list[dict[str, set | bool | None]]:
|
|
319
318
|
"""Extract network device configuration from the given interface_id for all ControlSets on the system."""
|
|
320
319
|
|
|
321
320
|
dhcp_config = {
|
|
@@ -344,10 +343,10 @@ class WindowsNetworkPlugin(NetworkPlugin):
|
|
|
344
343
|
)
|
|
345
344
|
)
|
|
346
345
|
except RegistryKeyNotFoundError:
|
|
347
|
-
return
|
|
346
|
+
return []
|
|
348
347
|
|
|
349
348
|
if not len(keys):
|
|
350
|
-
return
|
|
349
|
+
return []
|
|
351
350
|
|
|
352
351
|
for key in keys:
|
|
353
352
|
# Extract DHCP configuration from the registry
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.20.
|
|
3
|
+
Version: 3.20.dev60
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -269,7 +269,7 @@ dissect/target/plugins/os/unix/log/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQe
|
|
|
269
269
|
dissect/target/plugins/os/unix/log/atop.py,sha256=zjG5eKS-X0mpBXs-Sg2f7RfQvtjt0T8JcteNd9DB_ok,16361
|
|
270
270
|
dissect/target/plugins/os/unix/log/audit.py,sha256=rZwxC90Q0FOB5BZxplTJwCTIp0hdVpaps1e3C1fRYaM,3754
|
|
271
271
|
dissect/target/plugins/os/unix/log/auth.py,sha256=9NJvlo7Vbsp_ENJFpKd04PH_sUuOy6ueSBwQqY0MtKo,14546
|
|
272
|
-
dissect/target/plugins/os/unix/log/journal.py,sha256=
|
|
272
|
+
dissect/target/plugins/os/unix/log/journal.py,sha256=hhsvKs78BPv0vJN360fKVHqyBCdLUWxdv6ZUa4tqpD8,17795
|
|
273
273
|
dissect/target/plugins/os/unix/log/lastlog.py,sha256=Wr3-2n1-GwckN9mSx-yM55N6_L0PQyx6TGHoEvuc6c0,2515
|
|
274
274
|
dissect/target/plugins/os/unix/log/messages.py,sha256=XtjZ0a2budgQm_K5JT3fMf7JcjuD0AelcD3zOFN2xpI,5732
|
|
275
275
|
dissect/target/plugins/os/unix/log/utmp.py,sha256=k2A69s2qUT2JunJrH8GO6nQ0zMDotXMTaj8OzQ7ljj8,7336
|
|
@@ -288,7 +288,7 @@ dissect/target/plugins/os/windows/generic.py,sha256=RJ1znzsIa4CFxmdMh91SjMY_pnjw
|
|
|
288
288
|
dissect/target/plugins/os/windows/jumplist.py,sha256=3gZk6O1B3lKK2Jxe0B-HapOCEehk94CYNvCVDpQC9nQ,11773
|
|
289
289
|
dissect/target/plugins/os/windows/lnk.py,sha256=KTqhw0JMW-KjAxe4xlRDNSRSx-th-_nPVgTGyBaKmW0,7891
|
|
290
290
|
dissect/target/plugins/os/windows/locale.py,sha256=QiLWGgWrGBGHiXgep5iSOo6VNim4YC-xd4MdW0BUJPA,2486
|
|
291
|
-
dissect/target/plugins/os/windows/network.py,sha256=
|
|
291
|
+
dissect/target/plugins/os/windows/network.py,sha256=ni-qK1PyA3UJD3lRJZGEBLAXcwDVKXPa3rIor9G5OSw,11283
|
|
292
292
|
dissect/target/plugins/os/windows/notifications.py,sha256=xxfMEY_noDxMVqvT3QS1a3j-X3qAYikOtT6v2owxuCY,17480
|
|
293
293
|
dissect/target/plugins/os/windows/prefetch.py,sha256=wbbYoy05gWbJfRsM2ci4wPG7kM58OocVwXD3hkQlbRw,10647
|
|
294
294
|
dissect/target/plugins/os/windows/recyclebin.py,sha256=zx58hDCvcrD_eJl9nJmr_i80krSN03ya8nQzWFr2Tw0,4917
|
|
@@ -378,10 +378,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
378
378
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
379
379
|
dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
|
|
380
380
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
381
|
-
dissect.target-3.20.
|
|
382
|
-
dissect.target-3.20.
|
|
383
|
-
dissect.target-3.20.
|
|
384
|
-
dissect.target-3.20.
|
|
385
|
-
dissect.target-3.20.
|
|
386
|
-
dissect.target-3.20.
|
|
387
|
-
dissect.target-3.20.
|
|
381
|
+
dissect.target-3.20.dev60.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
382
|
+
dissect.target-3.20.dev60.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
383
|
+
dissect.target-3.20.dev60.dist-info/METADATA,sha256=PKJNh3uYMVxvxjgCZEqLjaaCG0258UlC3scxrul0ngQ,13025
|
|
384
|
+
dissect.target-3.20.dev60.dist-info/WHEEL,sha256=a7TGlA-5DaHMRrarXjVbQagU3Man_dCnGIWMJr5kRWo,91
|
|
385
|
+
dissect.target-3.20.dev60.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
|
|
386
|
+
dissect.target-3.20.dev60.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
387
|
+
dissect.target-3.20.dev60.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
|
File without changes
|