dissect.target.plugins.apps.remoteaccess.anydesk#

Module Contents#

Classes#

AnydeskPlugin

Anydesk plugin.

class dissect.target.plugins.apps.remoteaccess.anydesk.AnydeskPlugin(target)#

Bases: dissect.target.plugins.apps.remoteaccess.remoteaccess.RemoteAccessPlugin

Anydesk plugin.

__namespace__ = 'anydesk'#
SERVICE_GLOBS = ['/sysvol/ProgramData/AnyDesk/*.trace', '/sysvol/ProgramData/AnyDesk/ad_*/*.trace',...#
USER_GLOBS = ['appdata/roaming/AnyDesk/*.trace', 'appdata/roaming/AnyDesk/ad_*/*.trace', '.anydesk/*.trace',...#
check_compatible() None#

Perform a compatibility check with the target.

This function should return None if the plugin is compatible with the current target (self.target). For example, check if a certain file exists. Otherwise it should raise an UnsupportedPluginError.

Raises:

UnsupportedPluginError – If the plugin could not be loaded.

logs()#

Return the content of the AnyDesk logs.

AnyDesk is a remote desktop application and can be used by adversaries to get (persistent) access to a machine. Log files (.trace files) are retrieved from various location based on OS and client type.

References