`dissect.target.plugins.os.unix.bsd.citrix.history`¶

Module Contents¶

Classes¶

CitrixCommandHistoryPlugin

Citrix command history plugin.

Attributes¶

`RE_CITRIX_NETSCALER_BASH_HISTORY_DATE`
`CITRIX_NETSCALER_BASH_HISTORY_RE`

dissect.target.plugins.os.unix.bsd.citrix.history.RE_CITRIX_NETSCALER_BASH_HISTORY_DATE¶

dissect.target.plugins.os.unix.bsd.citrix.history.CITRIX_NETSCALER_BASH_HISTORY_RE¶

class dissect.target.plugins.os.unix.bsd.citrix.history.CitrixCommandHistoryPlugin(target: dissect.target.Target)¶

Bases: dissect.target.plugins.os.unix.history.CommandHistoryPlugin

Citrix command history plugin.

COMMAND_HISTORY_ABSOLUTE_PATHS = (('citrix-netscaler-bash', '/var/log/bash.log*'),)¶

COMMAND_HISTORY_RELATIVE_PATHS = (('bash', '.bash_history'), ('fish', '.local/share/fish/fish_history'), ('mongodb', '.dbshell'),...¶

commandhistory() → Iterator[dissect.target.plugins.os.unix.history.CommandHistoryRecord]¶

Return shell history for all users.

When using a shell, history of the used commands is kept on the system.

parse_netscaler_bash_history(path: dissect.target.helpers.fsutil.TargetPath) → Iterator[dissect.target.plugins.os.unix.history.CommandHistoryRecord]¶: Parse bash.log* contents.

parse_netscaler_cli_history(history_file: dissect.target.helpers.fsutil.TargetPath, user: dissect.target.helpers.record.UnixUserRecord) → Iterator[dissect.target.plugins.os.unix.history.CommandHistoryRecord]¶

Parses the history file of the Citrix Netscaler CLI.

The only difference compared to generic bash history files is that the first line will start with _HiStOrY_V2_, which we will skip.

dissect.target.plugins.os.unix.bsd.citrix.history¶

Module Contents¶

Classes¶

Attributes¶

`dissect.target.plugins.os.unix.bsd.citrix.history`¶