dissect.target.tools.shell

Module Contents

Classes

AnsiColors	ANSI color escape sequences.
ExtendedCmd	Subclassed cmd.Cmd to provide some additional features.
TargetCmd	Subclassed cmd.Cmd to provide some additional features.
TargetHubCli	Hub Cli for interacting with multiple targets.
TargetCli	CLI for interacting with a target and browsing the filesystem.
UnixConfigTreeCli	CLI for interacting with a target and browsing the filesystem.
RegistryCli	CLI for browsing the registry.

Functions

readline_escape	Escape a string or values in dictionary for readline prompt.
arg_str_to_arg_list	Convert a commandline string to a list of command line arguments.
extend_args	Extend the arguments of the given func with the provided argparse.Namespace.
build_pipe	Generator context manager that chains piped subprocessess and
build_pipe_stdout	Generator context manager that chains piped subprocessess, with a chain's
open_shell	Helper method for starting a regular, Python or registry shell for one or multiple targets.
target_shell	Helper method for starting a TargetCli or TargetHubCli for one or multiple targets.
python_shell	Helper method for starting a (I)Python shell with multiple targets.
create_cli	Helper method for instatiating the appropriate CLI.
run_cli	Helper method for running a cmd.Cmd cli.
main

Attributes

log
readline
ANSI_COLORS

dissect.target.tools.shell.log

dissect.target.tools.shell.readline = None

dissect.target.tools.shell.readline_escape(s: str | dict[str, str]) → str | dict[str, str]

Escape a string or values in dictionary for readline prompt.

Used to embed terminal-specific escape sequences in prompts.

References

• https://wiki.hackzine.org/development/misc/readline-color-prompt.html

• http://stackoverflow.com/a/9468954/148845

• RL_PROMPT_START_IGNORE = “
  ”

• RL_PROMPT_END_IGNORE = “”

class dissect.target.tools.shell.AnsiColors

Bases: dissect.target.helpers.utils.StrEnum

ANSI color escape sequences.

RESET = '\x1b[0m'

RED = '\x1b[31m'

GREEN = '\x1b[32m'

YELLOW = '\x1b[33m'

BLUE = '\x1b[34m'

MAGENTA = '\x1b[35m'

CYAN = '\x1b[36m'

WHITE = '\x1b[37m'

BOLD_RED = '\x1b[1;31m'

BOLD_GREEN = '\x1b[1;32m'

BOLD_YELLOW = '\x1b[1;33m'

BOLD_BLUE = '\x1b[1;34m'

BOLD_MAGENTA = '\x1b[1;35m'

BOLD_CYAN = '\x1b[1;36m'

BOLD_WHITE = '\x1b[1;37m'

classmethod as_dict() → dict[str, str]

Return ANSI color escape sequences as a dictionary.

dissect.target.tools.shell.ANSI_COLORS

class dissect.target.tools.shell.ExtendedCmd(cyber: bool = False)

Bases: cmd.Cmd

Subclassed cmd.Cmd to provide some additional features.

Add new simple commands by implementing:

do_<cmd>(self, line)

Add new complex commands by implementing:

cmd_<cmd>(self, args, stdout)

Simple commands are plain cmd.Cmd commands. Output is generally presented using print().

Complex command allow @arg decorators for argparse argument parsing. Additionally, complex commands allow their output to be piped to external commands. Complex commands should therefor always write to the stdout handle that is passed as argument.

CMD_PREFIX = 'cmd_'

DEFAULT_RUNCOMMANDS_FILE = None

debug = False

cyber = False

__getattr__(attr: str) → Any

preloop() → None

Hook method executed once when the cmdloop() method is called.

static check_compatible(target: dissect.target.target.Target) → bool

register_aliases() → None

get_names() → list[str]

default(line: str) → bool

Called on an input line when the command prefix is not recognized.

If this method is not overridden, it prints an error message and returns.

emptyline() → None

This function forces Python’s cmd.Cmd module to behave like a regular shell.

When entering an empty command, the cmd module will by default repeat the previous command. By defining an empty emptyline function we make sure no command is executed instead.

References

• https://stackoverflow.com/a/16479030

• https://github.com/python/cpython/blob/3.12/Lib/cmd.py#L10

do_man(line: str) → bool

alias for help

complete_man(*args) → list[str]

do_unalias(line: str) → bool

delete runtime alias

do_alias(line: str) → bool

create a runtime alias

do_clear(line: str) → bool

clear the terminal screen

do_cls(line: str) → bool

alias for clear

do_exit(line: str) → bool

exit shell

do_cyber(line: str) → bool

cyber

do_debug(line: str) → bool

toggle debug mode

class dissect.target.tools.shell.TargetCmd(target: dissect.target.target.Target)

Bases: ExtendedCmd

Subclassed cmd.Cmd to provide some additional features.

Add new simple commands by implementing:

do_<cmd>(self, line)

Add new complex commands by implementing:

cmd_<cmd>(self, args, stdout)

Simple commands are plain cmd.Cmd commands. Output is generally presented using print().

Complex command allow @arg decorators for argparse argument parsing. Additionally, complex commands allow their output to be piped to external commands. Complex commands should therefor always write to the stdout handle that is passed as argument.

DEFAULT_HISTFILE = '~/.dissect_history'

DEFAULT_HISTFILESIZE = 10000

DEFAULT_HISTDIR = None

DEFAULT_HISTDIRFMT = '.dissect_history_{uid}_{target}'

DEFAULT_RUNCOMMANDS_FILE = '~/.targetrc'

CONFIG_KEY_RUNCOMMANDS_FILE = 'TARGETRCFILE'

target

histfilesize

histdir

preloop() → None

Hook method executed once when the cmdloop() method is called.

postloop() → None

Hook method executed once when the cmdloop() method is about to return.

do_python(line: str) → bool

drop into a Python shell

class dissect.target.tools.shell.TargetHubCli(targets: list[dissect.target.target.Target], cli: TargetCmd)

Bases: cmd.Cmd

Hub Cli for interacting with multiple targets.

prompt = 'dissect> '

doc_header = Multiline-String

Show Value

"""Target Hub
==========
List and enter targets by using 'list' and 'enter'.

Documented commands (type help <topic>):"""

targets

default(line: str) → bool

Called on an input line when the command prefix is not recognized.

If this method is not overridden, it prints an error message and returns.

emptyline() → None

Called when an empty line is entered in response to the prompt.

If this method is not overridden, it repeats the last nonempty command entered.

do_exit(line: str) → bool

exit shell

do_list(line: str) → bool

list the loaded targets

do_enter(line: str) → bool

enter a target by number or name

complete_enter(text: str, line: str, begidx: int, endidx: int) → list[str]

do_python(line: str) → bool

drop into a Python shell

class dissect.target.tools.shell.TargetCli(target: dissect.target.target.Target)

Bases: TargetCmd

CLI for interacting with a target and browsing the filesystem.

prompt_base

cwd = None

property prompt: str

completedefault(text: str, line: str, begidx: int, endidx: int) → list[str]

Method called to complete an input line when no command-specific complete_*() method is available.

By default, it returns an empty list.

resolve_path(path: str) → dissect.target.helpers.fsutil.TargetPath

resolve_glob_path(path: str) → Iterator[dissect.target.helpers.fsutil.TargetPath]

check_file(path: str) → dissect.target.helpers.fsutil.TargetPath | None

check_dir(path: str) → dissect.target.helpers.fsutil.TargetPath | None

check_path(path: str) → dissect.target.helpers.fsutil.TargetPath | None

chdir(path: str) → None

Change directory to the given path.

do_cd(line: str) → bool

change directory

do_pwd(line: str) → bool

print current directory

do_disks(line: str) → bool

print target disks

do_volumes(line: str) → bool

print target volumes

do_filesystems(line: str) → bool

print target filesystems

do_info(line: str) → bool

print target information

cmd_ls(args: argparse.Namespace, stdout: TextIO) → bool

list directory contents

cmd_ll(args: argparse.Namespace, stdout: TextIO) → bool

alias for ls -la

cmd_tree(args: argparse.Namespace, stdout: TextIO) → bool

alias for ls -R

cmd_find(args: argparse.Namespace, stdout: TextIO) → bool

search for files in a directory hierarchy

cmd_stat(args: argparse.Namespace, stdout: TextIO) → bool

display file status

cmd_attr(args: argparse.Namespace, stdout: TextIO) → bool

display file attributes

cmd_file(args: argparse.Namespace, stdout: TextIO) → bool

determine file type

cmd_save(args: argparse.Namespace, stdout: TextIO) → bool

save a common file or directory to the host filesystem

cmd_cat(args: argparse.Namespace, stdout: TextIO) → bool

print file content

cmd_zcat(args: argparse.Namespace, stdout: TextIO) → bool

print file content from compressed files

cmd_hexdump(args: argparse.Namespace, stdout: TextIO) → bool

print a hexdump of a file

cmd_hash(args: argparse.Namespace, stdout: TextIO) → bool

print the MD5, SHA1 and SHA256 hashes of a file

cmd_less(args: argparse.Namespace, stdout: TextIO) → bool

open the first 10 MB of a file with less

cmd_zless(args: argparse.Namespace, stdout: TextIO) → bool

open the first 10 MB of a compressed file with zless

cmd_readlink(args: argparse.Namespace, stdout: TextIO) → bool

print resolved symbolic links or canonical file names

cmd_registry(args: argparse.Namespace, stdout: TextIO) → bool

drop into a registry shell

cmd_enter(args: argparse.Namespace, stdout: TextIO) → bool

load one or more files as sub-targets and drop into a sub-shell

class dissect.target.tools.shell.UnixConfigTreeCli(target: dissect.target.target.Target)

Bases: TargetCli

CLI for interacting with a target and browsing the filesystem.

config_tree

prompt_base

cwd = None

property prompt: str

check_compatible() → bool

resolve_path(path: str | dissect.target.helpers.fsutil.TargetPath | None) → dissect.target.helpers.fsutil.TargetPath

resolve_key(path) → dissect.target.filesystem.FilesystemEntry

resolve_glob_path(path: dissect.target.helpers.fsutil.TargetPath) → Iterator[dissect.target.helpers.fsutil.TargetPath]

class dissect.target.tools.shell.RegistryCli(target: dissect.target.target.Target, registry: dissect.target.helpers.regutil.RegfHive | None = None)

Bases: TargetCmd

CLI for browsing the registry.

DEFAULT_RUNCOMMANDS_FILE = '~/.targetrc.registry'

CONFIG_KEY_RUNCOMMANDS_FILE = 'TARGETRCFILE_REGISTRY'

prompt_base

registry

cwd = None

static check_compatible(target: dissect.target.target.Target) → bool

property prompt: str

completedefault(text: str, line: str, begidx: int, endidx: int) → list[str]

Method called to complete an input line when no command-specific complete_*() method is available.

By default, it returns an empty list.

resolve_key(path: str) → dissect.target.helpers.regutil.RegistryKey

check_key(path: str) → dissect.target.helpers.regutil.RegistryKey

check_value(path: str) → dissect.target.helpers.regutil.RegistryValue

chdir(path: str) → None

scandir(path: str, color: bool = False) → list[tuple[dissect.target.helpers.regutil.RegistryKey | dissect.target.helpers.regutil.RegistryValue, str]]

do_cd(line: str) → bool

change subkey

do_up(line: str) → bool

go up a subkey

do_pwd(line: str) → bool

print current path

do_recommend(line: str) → bool

recommend a key

cmd_ls(args: argparse.Namespace, stdout: TextIO) → bool

cmd_cat(args: argparse.Namespace, stdout: TextIO) → bool

cmd_hexdump(args: argparse.Namespace, stdout: TextIO) → bool

dissect.target.tools.shell.arg_str_to_arg_list(args: str) → list[str]

Convert a commandline string to a list of command line arguments.

dissect.target.tools.shell.extend_args(args: argparse.Namespace, func: Callable) → argparse.Namespace

Extend the arguments of the given func with the provided argparse.Namespace.

dissect.target.tools.shell.build_pipe(pipe_parts: list[str], pipe_stdout: int = subprocess.PIPE) → Iterator[tuple[TextIO, BinaryIO]]

Generator context manager that chains piped subprocessess and returns a tuple (chain input stream, chain output stream).

On context exit the generator will close the input stream and wait for the subprocessess to finish.

dissect.target.tools.shell.build_pipe_stdout(pipe_parts: list[str]) → Iterator[TextIO]

Generator context manager that chains piped subprocessess, with a chain’s outgoing stream configured to be parent’s stdout.

Generator returns a chain’s input stream from build_pipe generator.

dissect.target.tools.shell.open_shell(targets: list[str | pathlib.Path], python: bool, registry: bool, commands: list[str] | None) → None

Helper method for starting a regular, Python or registry shell for one or multiple targets.

dissect.target.tools.shell.target_shell(targets: list[dissect.target.target.Target], cli_cls: type[TargetCmd], commands: list[str] | None) → None

Helper method for starting a TargetCli or TargetHubCli for one or multiple targets.

dissect.target.tools.shell.python_shell(targets: list[dissect.target.target.Target], commands: list[str] | None = None) → None

Helper method for starting a (I)Python shell with multiple targets.

dissect.target.tools.shell.create_cli(targets: list[dissect.target.target.Target], cli_cls: type[TargetCmd]) → cmd.Cmd | None

Helper method for instatiating the appropriate CLI.

dissect.target.tools.shell.run_cli(cli: cmd.Cmd) → None

Helper method for running a cmd.Cmd cli.

Loops cli.cmdloop(), skipping KeyboardInterrupts. This is done so that ctrl+c doesn’t exit the shell but only resets the current line.

dissect.target.tools.shell.main() → None