dissect.target 3.20.dev58__py3-none-any.whl → 3.20.dev60__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- dissect/target/plugins/os/unix/log/journal.py +15 -10
- dissect/target/plugins/os/windows/network.py +5 -6
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/METADATA +1 -1
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/RECORD +9 -9
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/COPYRIGHT +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/LICENSE +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/WHEEL +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/entry_points.txt +0 -0
- {dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/top_level.txt +0 -0
|
@@ -277,6 +277,11 @@ def get_optional(value: str, to_type: Callable) -> Any | None:
|
|
|
277
277
|
return None
|
|
278
278
|
|
|
279
279
|
|
|
280
|
+
# Sometimes stringy None is inserted by external tools like Ansible
|
|
281
|
+
def int_or_none(value: str) -> int | None:
|
|
282
|
+
return int(value) if value and value != "None" else None
|
|
283
|
+
|
|
284
|
+
|
|
280
285
|
class JournalFile:
|
|
281
286
|
"""Parse Systemd Journal file format.
|
|
282
287
|
|
|
@@ -427,30 +432,30 @@ class JournalPlugin(Plugin):
|
|
|
427
432
|
ts=entry.get("ts"),
|
|
428
433
|
message=entry.get("message"),
|
|
429
434
|
message_id=entry.get("message_id"),
|
|
430
|
-
priority=
|
|
435
|
+
priority=int_or_none(entry.get("priority")),
|
|
431
436
|
code_file=get_optional(entry.get("code_file"), path_function),
|
|
432
|
-
code_line=
|
|
437
|
+
code_line=int_or_none(entry.get("code_line")),
|
|
433
438
|
code_func=entry.get("code_func"),
|
|
434
|
-
errno=
|
|
439
|
+
errno=int_or_none(entry.get("errno")),
|
|
435
440
|
invocation_id=entry.get("invocation_id"),
|
|
436
441
|
user_invocation_id=entry.get("user_invocation_id"),
|
|
437
442
|
syslog_facility=entry.get("syslog_facility"),
|
|
438
443
|
syslog_identifier=entry.get("syslog_identifier"),
|
|
439
|
-
syslog_pid=
|
|
444
|
+
syslog_pid=int_or_none(entry.get("syslog_pid")),
|
|
440
445
|
syslog_raw=entry.get("syslog_raw"),
|
|
441
446
|
documentation=entry.get("documentation"),
|
|
442
|
-
tid=
|
|
447
|
+
tid=int_or_none(entry.get("tid")),
|
|
443
448
|
unit=entry.get("unit"),
|
|
444
449
|
user_unit=entry.get("user_unit"),
|
|
445
|
-
pid=
|
|
446
|
-
uid=
|
|
447
|
-
gid=
|
|
450
|
+
pid=int_or_none(entry.get("pid")),
|
|
451
|
+
uid=int_or_none(entry.get("uid")),
|
|
452
|
+
gid=int_or_none(entry.get("gid")),
|
|
448
453
|
comm=entry.get("comm"),
|
|
449
454
|
exe=get_optional(entry.get("exe"), path_function),
|
|
450
455
|
cmdline=entry.get("cmdline"),
|
|
451
456
|
cap_effective=entry.get("cap_effective"),
|
|
452
|
-
audit_session=
|
|
453
|
-
audit_loginuid=
|
|
457
|
+
audit_session=int_or_none(entry.get("audit_session")),
|
|
458
|
+
audit_loginuid=int_or_none(entry.get("audit_loginuid")),
|
|
454
459
|
systemd_cgroup=get_optional(entry.get("systemd_cgroup"), path_function),
|
|
455
460
|
systemd_slice=entry.get("systemd_slice"),
|
|
456
461
|
systemd_unit=entry.get("systemd_unit"),
|
|
@@ -257,7 +257,8 @@ class WindowsNetworkPlugin(NetworkPlugin):
|
|
|
257
257
|
continue
|
|
258
258
|
|
|
259
259
|
# Extract the network device configuration for given interface id
|
|
260
|
-
config
|
|
260
|
+
if not (config := self._extract_network_device_config(net_cfg_instance_id)):
|
|
261
|
+
continue
|
|
261
262
|
|
|
262
263
|
# Extract a network device name for given interface id
|
|
263
264
|
try:
|
|
@@ -313,9 +314,7 @@ class WindowsNetworkPlugin(NetworkPlugin):
|
|
|
313
314
|
_target=self.target,
|
|
314
315
|
)
|
|
315
316
|
|
|
316
|
-
def _extract_network_device_config(
|
|
317
|
-
self, interface_id: str
|
|
318
|
-
) -> list[dict[str, str | list], dict[str, str | list]] | None:
|
|
317
|
+
def _extract_network_device_config(self, interface_id: str) -> list[dict[str, set | bool | None]]:
|
|
319
318
|
"""Extract network device configuration from the given interface_id for all ControlSets on the system."""
|
|
320
319
|
|
|
321
320
|
dhcp_config = {
|
|
@@ -344,10 +343,10 @@ class WindowsNetworkPlugin(NetworkPlugin):
|
|
|
344
343
|
)
|
|
345
344
|
)
|
|
346
345
|
except RegistryKeyNotFoundError:
|
|
347
|
-
return
|
|
346
|
+
return []
|
|
348
347
|
|
|
349
348
|
if not len(keys):
|
|
350
|
-
return
|
|
349
|
+
return []
|
|
351
350
|
|
|
352
351
|
for key in keys:
|
|
353
352
|
# Extract DHCP configuration from the registry
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: dissect.target
|
|
3
|
-
Version: 3.20.
|
|
3
|
+
Version: 3.20.dev60
|
|
4
4
|
Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
|
|
5
5
|
Author-email: Dissect Team <dissect@fox-it.com>
|
|
6
6
|
License: Affero General Public License v3
|
|
@@ -269,7 +269,7 @@ dissect/target/plugins/os/unix/log/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQe
|
|
|
269
269
|
dissect/target/plugins/os/unix/log/atop.py,sha256=zjG5eKS-X0mpBXs-Sg2f7RfQvtjt0T8JcteNd9DB_ok,16361
|
|
270
270
|
dissect/target/plugins/os/unix/log/audit.py,sha256=rZwxC90Q0FOB5BZxplTJwCTIp0hdVpaps1e3C1fRYaM,3754
|
|
271
271
|
dissect/target/plugins/os/unix/log/auth.py,sha256=9NJvlo7Vbsp_ENJFpKd04PH_sUuOy6ueSBwQqY0MtKo,14546
|
|
272
|
-
dissect/target/plugins/os/unix/log/journal.py,sha256=
|
|
272
|
+
dissect/target/plugins/os/unix/log/journal.py,sha256=hhsvKs78BPv0vJN360fKVHqyBCdLUWxdv6ZUa4tqpD8,17795
|
|
273
273
|
dissect/target/plugins/os/unix/log/lastlog.py,sha256=Wr3-2n1-GwckN9mSx-yM55N6_L0PQyx6TGHoEvuc6c0,2515
|
|
274
274
|
dissect/target/plugins/os/unix/log/messages.py,sha256=XtjZ0a2budgQm_K5JT3fMf7JcjuD0AelcD3zOFN2xpI,5732
|
|
275
275
|
dissect/target/plugins/os/unix/log/utmp.py,sha256=k2A69s2qUT2JunJrH8GO6nQ0zMDotXMTaj8OzQ7ljj8,7336
|
|
@@ -288,7 +288,7 @@ dissect/target/plugins/os/windows/generic.py,sha256=RJ1znzsIa4CFxmdMh91SjMY_pnjw
|
|
|
288
288
|
dissect/target/plugins/os/windows/jumplist.py,sha256=3gZk6O1B3lKK2Jxe0B-HapOCEehk94CYNvCVDpQC9nQ,11773
|
|
289
289
|
dissect/target/plugins/os/windows/lnk.py,sha256=KTqhw0JMW-KjAxe4xlRDNSRSx-th-_nPVgTGyBaKmW0,7891
|
|
290
290
|
dissect/target/plugins/os/windows/locale.py,sha256=QiLWGgWrGBGHiXgep5iSOo6VNim4YC-xd4MdW0BUJPA,2486
|
|
291
|
-
dissect/target/plugins/os/windows/network.py,sha256=
|
|
291
|
+
dissect/target/plugins/os/windows/network.py,sha256=ni-qK1PyA3UJD3lRJZGEBLAXcwDVKXPa3rIor9G5OSw,11283
|
|
292
292
|
dissect/target/plugins/os/windows/notifications.py,sha256=xxfMEY_noDxMVqvT3QS1a3j-X3qAYikOtT6v2owxuCY,17480
|
|
293
293
|
dissect/target/plugins/os/windows/prefetch.py,sha256=wbbYoy05gWbJfRsM2ci4wPG7kM58OocVwXD3hkQlbRw,10647
|
|
294
294
|
dissect/target/plugins/os/windows/recyclebin.py,sha256=zx58hDCvcrD_eJl9nJmr_i80krSN03ya8nQzWFr2Tw0,4917
|
|
@@ -378,10 +378,10 @@ dissect/target/volumes/luks.py,sha256=OmCMsw6rCUXG1_plnLVLTpsvE1n_6WtoRUGQbpmu1z
|
|
|
378
378
|
dissect/target/volumes/lvm.py,sha256=wwQVR9I3G9YzmY6UxFsH2Y4MXGBcKL9aayWGCDTiWMU,2269
|
|
379
379
|
dissect/target/volumes/md.py,sha256=7ShPtusuLGaIv27SvEETtgsuoQyAa4iAAeOR1NEaajI,1689
|
|
380
380
|
dissect/target/volumes/vmfs.py,sha256=-LoUbn9WNwTtLi_4K34uV_-wDw2W5hgaqxZNj4UmqAQ,1730
|
|
381
|
-
dissect.target-3.20.
|
|
382
|
-
dissect.target-3.20.
|
|
383
|
-
dissect.target-3.20.
|
|
384
|
-
dissect.target-3.20.
|
|
385
|
-
dissect.target-3.20.
|
|
386
|
-
dissect.target-3.20.
|
|
387
|
-
dissect.target-3.20.
|
|
381
|
+
dissect.target-3.20.dev60.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
|
|
382
|
+
dissect.target-3.20.dev60.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
|
|
383
|
+
dissect.target-3.20.dev60.dist-info/METADATA,sha256=PKJNh3uYMVxvxjgCZEqLjaaCG0258UlC3scxrul0ngQ,13025
|
|
384
|
+
dissect.target-3.20.dev60.dist-info/WHEEL,sha256=a7TGlA-5DaHMRrarXjVbQagU3Man_dCnGIWMJr5kRWo,91
|
|
385
|
+
dissect.target-3.20.dev60.dist-info/entry_points.txt,sha256=BWuxAb_6AvUAQpIQOQU0IMTlaF6TDht2AIZK8bHd-zE,492
|
|
386
|
+
dissect.target-3.20.dev60.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
|
|
387
|
+
dissect.target-3.20.dev60.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
{dissect.target-3.20.dev58.dist-info → dissect.target-3.20.dev60.dist-info}/entry_points.txt
RENAMED
|
File without changes
|
|
File without changes
|