dissect.target.loaders.mqtt¶
Module Contents¶
Classes¶
Basic buffered stream that provides easy aligned reads. |
|
Load remote targets through a broker. |
Functions¶
Validates that the provided value is a strictly positive integer. |
|
Convert a string value to an integer representing a valid port number. |
|
Validates that the given value is a valid case name consisting of |
Attributes¶
- dissect.target.loaders.mqtt.log¶
- dissect.target.loaders.mqtt.DISK_INDEX_OFFSET = 9¶
- dissect.target.loaders.mqtt.suppress(func: Callable) Callable¶
- class dissect.target.loaders.mqtt.InfoMessage¶
- disks: list[DiskMessage]¶
- class dissect.target.loaders.mqtt.DiskMessage¶
- index: int = 0¶
- sector_size: int = 0¶
- total_size: int = 0¶
- class dissect.target.loaders.mqtt.MQTTTransferRatePerSecond(window_size: int = 10)¶
- window_size = 10¶
- timestamps = []¶
- bytes = []¶
- record(timestamp: float, byte_count: int) MQTTTransferRatePerSecond¶
- class dissect.target.loaders.mqtt.MQTTStream(stream: MQTTConnection, disk_id: int, size: int | None = None)¶
Bases:
dissect.util.stream.AlignedStreamBasic buffered stream that provides easy aligned reads.
- Must be subclassed for various stream implementations. Subclasses can implement:
_read(offset, length)
_seek(pos, whence=io.SEEK_SET)
The offset and length for _read are guaranteed to be aligned. The only time that overriding _seek would make sense is if there’s no known size of your stream, but still want to provide SEEK_END functionality.
Most subclasses of AlignedStream take one or more file-like objects as source. Operations on these subclasses, like reading, will modify the source file-like object as a side effect.
- Parameters:
size – The size of the stream. This is used in read and seek operations. None if unknown.
align – The alignment size. Read operations are aligned on this boundary. Also determines buffer size.
- stream¶
- disk_id¶
- class dissect.target.loaders.mqtt.MQTTDiagnosticLine(connection: MQTTConnection, total_peers: int)¶
- connection¶
- total_peers¶
- display() None¶
- start() None¶
- class dissect.target.loaders.mqtt.MQTTConnection(broker: Broker, host: str)¶
- broker = None¶
- host = None¶
- prev = -1¶
- factor = 1¶
- prefetch_factor_inc = 10¶
- retries = 0¶
- info¶
- read¶
- topo(peers: int) list[str]¶
- class dissect.target.loaders.mqtt.Broker(broker: str, port: str, key: str, crt: str, ca: str, case: str, username: str, password: str, **kwargs)¶
- broker_host = None¶
- broker_port = None¶
- private_key_file = None¶
- certificate_file = None¶
- cacert_file = None¶
- mqtt_client = None¶
- connected = False¶
- case = None¶
- bytes_received = 0¶
- monitor = False¶
- username = None¶
- password = None¶
- diskinfo¶
- index¶
- topo¶
- factor = 1¶
- command¶
- clear_cache() None¶
- read(host: str, disk_id: int, seek_address: int, read_length: int) SeekMessage¶
- disk(host: str) DiskMessage¶
- peers(host: str) list[str]¶
- seek(host: str, disk_id: int, offset: int, flength: int, optimization_strategy: int) None¶
- info(host: str) None¶
- topology(host: str) None¶
- connect() None¶
- dissect.target.loaders.mqtt.strictly_positive(value: str) int¶
Validates that the provided value is a strictly positive integer.
This function is intended to be used as a type for argparse arguments.
- Parameters:
value (str) – The value to validate.
- Returns:
The validated integer value.
- Return type:
int
- Raises:
argparse.ArgumentTypeError – If the value is not a strictly positive integer.
- dissect.target.loaders.mqtt.port(value: str) int¶
Convert a string value to an integer representing a valid port number.
This function is intended to be used as a type for argparse arguments.
- Parameters:
value (str) – The string representation of the port number.
- Returns:
The port number as an integer.
- Return type:
int
- Raises:
argparse.ArgumentTypeError – If the port number is not an integer or out of the valid range (1-65535).
- dissect.target.loaders.mqtt.case(value: str) str¶
Validates that the given value is a valid case name consisting of alphanumeric characters and underscores only.
This function is intended to be used as a type for argparse arguments.
- Parameters:
value (str) – The case name to validate.
- Returns:
The validated case name if it matches the required pattern.
- Return type:
str
- Raises:
argparse.ArgumentTypeError – If the case name does not match the required pattern.
- class dissect.target.loaders.mqtt.MQTTLoader(path: pathlib.Path | str, **kwargs)¶
Bases:
dissect.target.loader.LoaderLoad remote targets through a broker.
- connection = None¶
- broker = None¶
- peers = []¶
- static detect(path: pathlib.Path) bool¶
Detects wether this
Loaderclass can load this specificpath.- Parameters:
path – The target path to check.
- Returns:
Trueif thepathcan be loaded by aLoaderinstance.Falseotherwise.
- find_all(**kwargs) Iterator[str]¶
Finds all targets to load from
path.This can be used to open multiple targets from a target path that doesn’t necessarily map to files on a disk. For example, a wildcard in a hostname a loader that opens targets from an API or Unix socket, such as the Carbon Black loader.
- Parameters:
path – The location to a target to try and open multiple paths from.
- Returns:
All the target paths found from the source path.
- map(target: dissect.target.target.Target) None¶
Maps the loaded path into a
Target.- Parameters:
target – The target that we’re mapping into.