def main():
args_parser = argparse.ArgumentParser(description="Tests get_version.")
options = args_parser.parse_args()
try:
pyregf.get_version()
except Exception:
return False
return True
def main():
args_parser = argparse.ArgumentParser(
description="Tests get_version.")
options = args_parser.parse_args()
try:
pyregf.get_version()
except Exception:
return False
return True
def PrintHeader(options):
"""Print header information, including library versions."""
print frontend_utils.FormatHeader('File Parsed')
print u'{:>20s}'.format(options.file_to_parse)
print frontend_utils.FormatHeader('Versions')
print frontend_utils.FormatOutputString('plaso engine', plaso.GetVersion())
print frontend_utils.FormatOutputString('pyevt', pyevt.get_version())
print frontend_utils.FormatOutputString('pyevtx', pyevtx.get_version())
print frontend_utils.FormatOutputString('pylnk', pylnk.get_version())
print frontend_utils.FormatOutputString('pymsiecf', pymsiecf.get_version())
print frontend_utils.FormatOutputString('pyregf', pyregf.get_version())
if options.filter:
print frontend_utils.FormatHeader('Filter Used')
print frontend_utils.FormatOutputString('Filter String', options.filter)
if options.parsers:
print frontend_utils.FormatHeader('Parser Filter Used')
print frontend_utils.FormatOutputString('Parser String', options.parsers)
def PrintHeader(options):
"""Print header information, including library versions."""
print frontend_utils.FormatHeader('File Parsed')
print u'{:>20s}'.format(options.file_to_parse)
print frontend_utils.FormatHeader('Versions')
print frontend_utils.FormatOutputString('plaso engine', plaso.GetVersion())
print frontend_utils.FormatOutputString('pyevt', pyevt.get_version())
print frontend_utils.FormatOutputString('pyevtx', pyevtx.get_version())
print frontend_utils.FormatOutputString('pylnk', pylnk.get_version())
print frontend_utils.FormatOutputString('pymsiecf', pymsiecf.get_version())
print frontend_utils.FormatOutputString('pyregf', pyregf.get_version())
if options.filter:
print frontend_utils.FormatHeader('Filter Used')
print frontend_utils.FormatOutputString('Filter String',
options.filter)
if options.parsers:
print frontend_utils.FormatHeader('Parser Filter Used')
print frontend_utils.FormatOutputString('Parser String',
options.parsers)
# -*- coding: utf-8 -*- """Class to represent a Windows Registry file.""" import abc import pyregf # TODO: implement dfvfs_pyregf if pyregf.get_version() < u'20130716': raise ImportWarning(u'registry_file.py requires pyregf 20130716 or later.') REG_NONE = 0 REG_SZ = 1 REG_EXPAND_SZ = 2 REG_BINARY = 3 REG_DWORD = 4 REG_DWORD_LITTLE_ENDIAN = 4 REG_DWORD_BIG_ENDIAN = 5 REG_LINK = 6 REG_MULTI_SZ = 7 REG_RESOURCE_LIST = 8 REG_FULL_RESOURCE_DESCRIPTOR = 9 REG_RESOURCE_REQUIREMENT_LIST = 10 REG_QWORD = 11 class RegistryFile(object): """Class that defines a Windows Registry file."""
def test_get_version(self):
"""Tests the get_version function."""
version = pyregf.get_version()
def test_get_version(self):
"""Tests the get_version function."""
version = pyregf.get_version()
self.assertIsNotNone(version)
import pyregf
from dfdatetime import filetime
from dfvfs.file_io import file_object_io
from dfvfs.lib import errors
from dfvfs.path import factory
from dfvfs.path import path_spec as dfvfs_path_spec
from dfvfs.resolver import resolver
from dfvfs.resolver_helpers import manager as resolver_helpers_manager
from dfvfs.resolver_helpers import resolver_helper
from dfvfs.vfs import file_entry
from dfvfs.vfs import file_system as dfvfs_file_system
from dfvfs.vfs import vfs_stat
if pyregf.get_version() < '20150411':
raise ImportWarning('dfVFS pyregf requires at least pyregf 20150411.')
# The type indicator definition.
TYPE_INDICATOR_REGF = 'REGF'
# The file-like object.
# TODO: this should likely be a value file-like object.
class RegfFile(file_object_io.FileObjectIO):
"""Class that implements a file-like object using pyregf."""
def _OpenFileObject(self, path_spec):
"""Opens the file-like object defined by path specification.
Args:
path_spec (path.PathSpec): the path specification.
def GetLibraryVersion(): """Return the pyregf and libregf version.""" return pyregf.get_version()
# -*- coding: utf-8 -*-
"""Class to represent a Windows Registry file."""
import abc
import pyregf
# TODO: implement dfvfs_pyregf
if pyregf.get_version() < u"20130716":
raise ImportWarning(u"registry_file.py requires pyregf 20130716 or later.")
REG_NONE = 0
REG_SZ = 1
REG_EXPAND_SZ = 2
REG_BINARY = 3
REG_DWORD = 4
REG_DWORD_LITTLE_ENDIAN = 4
REG_DWORD_BIG_ENDIAN = 5
REG_LINK = 6
REG_MULTI_SZ = 7
REG_RESOURCE_LIST = 8
REG_FULL_RESOURCE_DESCRIPTOR = 9
REG_RESOURCE_REQUIREMENT_LIST = 10
REG_QWORD = 11
class RegistryFile(object):
"""Class that defines a Windows Registry file."""
def GetLibraryVersion():
"""Return the pyregf and libregf version."""
return pyregf.get_version()
# -*- coding: utf-8 -*-
"""Pyregf specific implementation for the Windows Registry file access."""
import logging
from plaso.lib import errors
from plaso.lib import timelib
from plaso.winreg import interface
import pyregf
if pyregf.get_version() < '20150315':
raise ImportWarning(u'WinPyregf requires at least pyregf 20150315.')
class WinPyregfKey(interface.WinRegKey):
"""Implementation of a Windows Registry key using pyregf."""
def __init__(self, pyregf_key, parent_path=u'', root=False):
"""Initializes a Windows Registry key object.
Args:
pyregf_key: An instance of a pyregf.key object.
parent_path: The path of the parent key.
root: A boolean key indicating we are dealing with a root key.
"""
super(WinPyregfKey, self).__init__()
self._pyregf_key = pyregf_key
# Adding few checks to make sure the root key is not
# invalid in plugin checks (root key is equal to the
# path separator).
if parent_path == self.PATH_SEPARATOR:
"""The pyregf Windows Registry extension for dfVFS."""
from dfvfs.file_io import file_object_io
from dfvfs.lib import date_time
from dfvfs.lib import errors
from dfvfs.path import factory
from dfvfs.path import path_spec as dfvfs_path_spec
from dfvfs.resolver import resolver
from dfvfs.resolver import resolver_helper
from dfvfs.vfs import file_entry
from dfvfs.vfs import file_system as dfvfs_file_system
from dfvfs.vfs import vfs_stat
import pyregf
if pyregf.get_version() < '20150411':
raise ImportWarning(u'dfVFS pyregf requires at least pyregf 20150411.')
# The type indicator definition.
TYPE_INDICATOR_REGF = u'REGF'
# The file-like object.
# TODO: this should likely be a value file-like object.
class RegfFile(file_object_io.FileObjectIO):
"""Class that implements a file-like object using pyregf."""
def _OpenFileObject(self, path_spec):
"""Opens the file-like object defined by path specification.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""Pyregf specific implementation for the Windows Registry file access."""
import logging
from plaso.lib import errors
from plaso.lib import timelib
from plaso.winreg import interface
import pyregf
if pyregf.get_version() < '20130716':
raise ImportWarning('WinPyregf requires at least pyregf 20130716.')
class WinPyregfKey(interface.WinRegKey):
"""Implementation of a Windows Registry key using pyregf."""
def __init__(self, pyregf_key, parent_path=u'', root=False):
"""Initializes a Windows Registry key object.
Args:
pyregf_key: An instance of a pyregf.key object.
parent_path: The path of the parent key.
root: A boolean key indicating we are dealing with a root key.
"""
super(WinPyregfKey, self).__init__()
self._pyregf_key = pyregf_key
def test_get_version(self): """Tests the get_version function.""" version = pyregf.get_version()
# -*- coding: utf-8 -*-
"""Pyregf specific implementation for the Windows Registry file access."""
import logging
from plaso.lib import errors
from plaso.lib import timelib
from plaso.winreg import interface
import pyregf
if pyregf.get_version() < '20150315':
raise ImportWarning(u'WinPyregf requires at least pyregf 20150315.')
class WinPyregfKey(interface.WinRegKey):
"""Implementation of a Windows Registry key using pyregf."""
def __init__(self, pyregf_key, parent_path=u'', root=False):
"""Initializes a Windows Registry key object.
Args:
pyregf_key: An instance of a pyregf.key object.
parent_path: The path of the parent key.
root: A boolean key indicating we are dealing with a root key.
"""
super(WinPyregfKey, self).__init__()
self._pyregf_key = pyregf_key
# Adding few checks to make sure the root key is not
# invalid in plugin checks (root key is equal to the
