dissect.target.plugins.general.default#
Module Contents#
Classes#
Base class for OS plugins. |
- class dissect.target.plugins.general.default.DefaultPlugin(target: dissect.target.target.Target)#
Bases:
dissect.target.plugin.OSPluginBase class for OS plugins.
This provides a base class for certain common functions of OS’s, which each OS plugin has to implement separately.
For example, it provides an interface for retrieving the hostname and users of a target.
- __skip__ = True#
- classmethod detect(target: dissect.target.target.Target) dissect.target.filesystem.Filesystem | None#
Provide detection of this OSPlugin on a given filesystem.
Note: must be implemented as a classmethod.
- Parameters:
fs –
Filesystemto detect the OS on.- Returns:
The root filesystem / sysvol when found.
- classmethod create(target: dissect.target.target.Target, sysvol: dissect.target.filesystem.Filesystem) DefaultPlugin#
Initiate this OSPlugin with the given target and detected filesystem.
Note: must be implemented as a classmethod.
- Parameters:
target – The Target object.
sysvol – The filesystem that was detected in the detect() function.
- Returns:
An instantiated version of the OSPlugin.
- hostname() str | None#
Required OS function.
Implementations must be decorated with
@export(property=True).- Returns:
The hostname as string.
- ips() list[str]#
Required OS function.
Implementations must be decorated with
@export(property=True).- Returns:
The IPs as list.
- version() str | None#
Required OS function.
Implementations must be decorated with
@export(property=True).- Returns:
The OS version as string.
- users() list[flow.record.Record]#
Required OS function.
Implementations must be decorated with @export.
- Returns:
A list of user records.
- os() str#
Required OS function.
Implementations must be decorated with
@export(property=True).- Returns:
A slug of the OS name, e.g. ‘windows’ or ‘linux’.
- architecture() str | None#
Required OS function.
Implementations must be decorated with
@export(property=True).- Returns:
A slug of the OS architecture, e.g. ‘x86_32-unix’, ‘MIPS-linux’ or ‘AMD64-win32’, or ‘unknown’ if the architecture is unknown.