dissect.target.helpers.keychain

Module Contents

Classes

KeyType	Generic enumeration.
Key

Functions

register_key
get_all_keys
get_keys_for_provider
get_keys_without_provider
parse_key_type
register_wildcard_value
register_keychain_file	Register all keys from provided keychain file.

Attributes

log
KEYCHAIN

dissect.target.helpers.keychain.log

class dissect.target.helpers.keychain.KeyType

Bases: enum.Enum

Generic enumeration.

Derive from this class to define new enumerations.

PASSPHRASE = 'passphrase'

RECOVERY_KEY = 'recovery_key'

FILE = 'file'

class dissect.target.helpers.keychain.Key

Bases: NamedTuple

key_type: KeyType

value: str

provider: str

identifier: str

dissect.target.helpers.keychain.KEYCHAIN: Set[Key]

dissect.target.helpers.keychain.register_key(key_type: KeyType, value: str, identifier: str = None, provider: str = None)

dissect.target.helpers.keychain.get_all_keys() → List[Key]

dissect.target.helpers.keychain.get_keys_for_provider(provider: str) → List[Key]

dissect.target.helpers.keychain.get_keys_without_provider() → List[Key]

dissect.target.helpers.keychain.parse_key_type(key_type_name: str) → KeyType

dissect.target.helpers.keychain.register_wildcard_value(value: str)

dissect.target.helpers.keychain.register_keychain_file(keychain_path: pathlib.Path)

Register all keys from provided keychain file.

The keychain file is a CSV file in “excel” dialect with the columns:

provider,key_type,identifier,value

Values in columns key_type and value are required, provider and identifier are optional. Example of the CSV-serialised data:

bitlocker,recovery_key,,312268-409816-583517-486695-627121-599511-664389-145640 bitlocker,passphrase,,Password1234 ,passphrase,,AnotherTestPassword bitlocker,passphrase,b6ad258a-2725-4a42-93c6-844478bf7a90,Password1234 bitlocker,passphrase,,”Password with comma, space and quotes ‘ and “” inside”