dissect.target 3.9.dev17__py3-none-any.whl → 3.9.dev18__py3-none-any.whl

dissect/target/plugins/os/windows/registry.py

@@ -98,6 +98,10 @@ class RegistryPlugin(Plugin):
             if not bcd.exists():
                 continue
 
+            if bcd.stat().st_size == 0:
+                self.target.log.warning("Empty BCD hive: %s", bcd)
+                continue
+
             try:
                 hf = RegfHive(bcd)
                 self.add_hive("BCD", hf, bcd)
@@ -116,7 +120,11 @@ class RegistryPlugin(Plugin):
             user = user_details.user
             ntuser = user_details.home_path.joinpath("ntuser.dat")
 
-            if ntuser.exists():
+            if not ntuser.exists():
+                self.target.log.debug("Could not find ntuser.dat: %s", ntuser)
+            elif ntuser.stat().st_size == 0:
+                self.target.log.warning("Empty NTUSER.DAT hive: %s", ntuser)
+            else:
                 try:
                     ntuserhive = RegfHive(ntuser)
                     self.add_hive(user.sid, ntuserhive, ntuser)
@@ -126,11 +134,14 @@ class RegistryPlugin(Plugin):
                     self._hives_to_users[ntuserhive] = user_details
                 except Exception as e:
                     self.target.log.warning("Could not open ntuser.dat: %s", ntuser, exc_info=e)
-            else:
-                self.target.log.debug("Could not find ntuser.dat: %s", ntuser)
 
             usrclass = user_details.home_path.joinpath("AppData/Local/Microsoft/Windows/usrclass.dat")
-            if usrclass.exists():
+
+            if not usrclass.exists():
+                self.target.log.debug("Could not find usrclass.dat: %s", usrclass)
+            elif usrclass.stat().st_size == 0:
+                self.target.log.warning("Empty UsrClass.DAT hive: %s", usrclass)
+            else:
                 try:
                     usr_class_hive = RegfHive(usrclass)
                     self.add_hive(f"{user.sid}_Classes", usr_class_hive, usrclass)
@@ -140,8 +151,6 @@ class RegistryPlugin(Plugin):
                     self._hives_to_users[usr_class_hive] = user_details
                 except Exception as e:
                     self.target.log.warning("Could not open usrclass.dat: %s", usrclass, exc_info=e)
-            else:
-                self.target.log.debug("Could not find usrclass.dat: %s", usrclass)
 
         self._users_loaded = True
 

{dissect.target-3.9.dev17.dist-info → dissect.target-3.9.dev18.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dissect.target
-Version: 3.9.dev17
+Version: 3.9.dev18
 Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3

{dissect.target-3.9.dev17.dist-info → dissect.target-3.9.dev18.dist-info}/RECORD

@@ -200,7 +200,7 @@ dissect/target/plugins/os/windows/locale.py,sha256=YlRqFteHGSE-A21flbCKP1jXUTgyX
 dissect/target/plugins/os/windows/notifications.py,sha256=tBgZKnDCXWFtz7chHIo5cKQf2swcTTB3MMcecfTZ-4w,4773
 dissect/target/plugins/os/windows/prefetch.py,sha256=favUyI5Pywi8Ho8fUye3gnXcM9BqEIMhFcSa1idQQBg,10304
 dissect/target/plugins/os/windows/recyclebin.py,sha256=aqp1kc8A6k5UTt6ebycuejPd0QJwNIX1xIu21M0CUGU,4926
-dissect/target/plugins/os/windows/registry.py,sha256=gIKbUTejfcCVz-5vcOrCPbYRLuieNV5BMo891_4_X3A,10034
+dissect/target/plugins/os/windows/registry.py,sha256=ToES2n1Uhb6c65uKjxCr01gX9_AwWEvnhOPJKz-8C80,10426
 dissect/target/plugins/os/windows/sam.py,sha256=0wJIQbYLZ6kVM0U1nSIh8c2pHYW-z3wWfgZ1ZPeqZnQ,15787
 dissect/target/plugins/os/windows/services.py,sha256=p2v4z4YM-K3G2cnWIHVyPgsJgfrlDpvXz7gUvltIUD4,6059
 dissect/target/plugins/os/windows/sru.py,sha256=4Vybz3_RJYNbLZXKYGOouUKZNWyOUSgSTf4JAGN2O7w,16808
@@ -256,10 +256,10 @@ dissect/target/volumes/bde.py,sha256=gYGg5yF9MNARwNzEkrEfZmKkxyZW4rhLkpdnPJCbhGk
 dissect/target/volumes/disk.py,sha256=95grSsPt1BLVpKwTclwQYzPFGKTkFFqapIk0RoGWf38,968
 dissect/target/volumes/lvm.py,sha256=zXAfszxNR6tOGrKAtAa_E-JhjI-sXQyR4VYLXD-kqCw,1616
 dissect/target/volumes/vmfs.py,sha256=mlAJ8278tYaoRjk1u6tFFlCaDQUrVu5ZZE4ikiFvxi8,1707
-dissect.target-3.9.dev17.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
-dissect.target-3.9.dev17.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
-dissect.target-3.9.dev17.dist-info/METADATA,sha256=ijZ5AXm8QEtKleFpC9pyOBhOtpNPDm9YUld6ahHXPOA,9752
-dissect.target-3.9.dev17.dist-info/WHEEL,sha256=pkctZYzUS4AYVn6dJ-7367OJZivF2e8RA9b_ZBjif18,92
-dissect.target-3.9.dev17.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
-dissect.target-3.9.dev17.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
-dissect.target-3.9.dev17.dist-info/RECORD,,
+dissect.target-3.9.dev18.dist-info/COPYRIGHT,sha256=m-9ih2RVhMiXHI2bf_oNSSgHgkeIvaYRVfKTwFbnJPA,301
+dissect.target-3.9.dev18.dist-info/LICENSE,sha256=DZak_2itbUtvHzD3E7GNUYSRK6jdOJ-GqncQ2weavLA,34523
+dissect.target-3.9.dev18.dist-info/METADATA,sha256=i583ZR2F-YfmeJJE-G0ZYQt49YMFInseprhhpl_zvg0,9752
+dissect.target-3.9.dev18.dist-info/WHEEL,sha256=pkctZYzUS4AYVn6dJ-7367OJZivF2e8RA9b_ZBjif18,92
+dissect.target-3.9.dev18.dist-info/entry_points.txt,sha256=tvFPa-Ap-gakjaPwRc6Fl6mxHzxEZ_arAVU-IUYeo_s,447
+dissect.target-3.9.dev18.dist-info/top_level.txt,sha256=Mn-CQzEYsAbkxrUI0TnplHuXnGVKzxpDw_po_sXpvv4,8
+dissect.target-3.9.dev18.dist-info/RECORD,,