Skip to content

Commit

Permalink
Dependency updates (#137)
Browse files Browse the repository at this point in the history
  • Loading branch information
@puffyCid
puffyCid committed May 4, 2024
1 parent 97e3018 commit cf04b26
Show file tree
Hide file tree
Showing 33 changed files with 286 additions and 273 deletions.
386 changes: 194 additions & 192 deletions Cargo.lock
View file

Large diffs are not rendered by default.

12 changes: 6 additions & 6 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,14 @@ license = "MIT"
edition = "2021"

[workspace.dependencies]
serde = { version = "1.0.197", features = ["derive"] }
serde = { version = "1.0.200", features = ["derive"] }
log = "0.4.21"
serde_json = "1.0.115"
serde_json = "1.0.116"
toml = "0.8.12"
base64 = "0.22.0"
base64 = "0.22.1"
tokio = { version = "1.37.0", features = ["full"] }
flate2 = { version = "1.0.28", features = ["any_zlib", "zlib-ng"] }
flate2 = { version = "1.0.30", features = ["any_zlib", "zlib-ng"] }
glob = "0.3.1"
reqwest = { version = "0.12.3", features = ["json", "blocking"] }
sysinfo = "0.30.10"
reqwest = { version = "0.12.4", features = ["json", "blocking"] }
sysinfo = "0.30.11"
uuid = { version = "1.8.0", features = ["v4"] }
8 changes: 4 additions & 4 deletions core/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ regex = "1.10.4"
byteorder = "1.5.0"
walkdir = "2.5.0"
home = "0.5.9"
chrono = "0.4.37"
chrono = "0.4.38"
simplelog = "0.12.2"
zip = { version = "0.6.6", default-features = false }
jsonwebtoken = "9.3.0"
Expand All @@ -44,13 +44,13 @@ elf = "0.7.4"
ruzstd = "0.6.0"
lz4_flex = "0.11.3"
xz2 = { version = "0.1.7", default-features = false, features = ["static"] }
macos-unifiedlogs = { git = "https://github.com/mandiant/macos-UnifiedLogs", rev = "315da6f59b4995bbcc053fcf100ebae9869a186b" }
macos-unifiedlogs = { git = "https://github.com/mandiant/macos-UnifiedLogs", rev = "3e87dfa8b1233d5280c45b0a0f769695d3c2ae81" }
plist = "1.6.1"

common = { path = "../common" }

# Deno Runtime integration
deno_core = { version = "0.274.0" }
deno_core = { version = "0.278.0" }
tokio = { workspace = true }

# Windows API Dependencies
Expand All @@ -59,7 +59,7 @@ ntapi = "0.4.1"

# Dependencies at compile time
[build-dependencies]
deno_core = { version = "0.274.0" }
deno_core = { version = "0.278.0" }

# Dependencies for tests
[dev-dependencies]
Expand Down
4 changes: 2 additions & 2 deletions core/src/artifacts/os/linux/journals/journal.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ pub(crate) fn parse_journal_file(path: &str) -> Result<Vec<Journal>, JournalErro
entries.entries.append(&mut entry_array.entries);
offset = entry_array.next_entry_array_offset;

if offset_tracker.get(&offset).is_some() {
if offset_tracker.contains_key(&offset) {
error!("[journal] Found recursive offset. Exiting now");
break;
}
Expand Down Expand Up @@ -176,7 +176,7 @@ fn get_entries(
};
entries.entries.append(&mut entry_array.entries);
offset = entry_array.next_entry_array_offset;
if offset_tracker.get(&offset).is_some() {
if offset_tracker.contains_key(&offset) {
error!("[journal] Found recursive offset. Exiting now");
break;
}
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/macos/bookmarks/bookmark.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ struct StandardDataRecord {
_data_length: u32,
/**Data type: STRING, four (4) bytes, true, false, URL, UUID, etc */
data_type: u32,
/**The actual `Bookmark` data. Based on data_type */
/**The actual `Bookmark` data. Based on `data_type` */
record_data: Vec<u8>,
/**Record type associated with TOC entry */
record_type: u32,
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/macos/loginitems/loginitem.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ pub(crate) fn loginitems_bundled_apps_path(
}

loginitems_data.app_binary = key;
loginitems_data.source_path = file.clone();
loginitems_data.source_path.clone_from(&file);
loginitems_vec.push(loginitems_data);
}
}
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/windows/accounts/users.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ pub(crate) fn parse_user_info(path: &str) -> Result<Vec<UserInfo>, AccountError>
}
};

info.username = value.clone();
info.username.clone_from(&value);

// Loop through user info in the "V" key
for (key_info, value_info) in &sid_info {
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/windows/bits/files.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ pub(crate) fn get_files(column_rows: &[Vec<TableDump>]) -> Result<Vec<FileInfo>,
// Only two (2) columns in BITS table (as of Win11)
for column in rows {
if column.column_name == "Id" {
file.file_id = column.column_data.clone();
file.file_id.clone_from(&column.column_data);
}

if column.column_name == "Blob" {
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/windows/bits/jobs.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ pub(crate) fn get_jobs(column_rows: &[Vec<TableDump>]) -> Result<Vec<JobInfo>, B
// Only two (2) columns in BITS table (as of Win11)
for column in rows {
if column.column_name == "Id" {
job.job_id = column.column_data.clone();
job.job_id.clone_from(&column.column_data);
}

if column.column_name == "Blob" {
Expand Down
4 changes: 2 additions & 2 deletions core/src/artifacts/os/windows/ese/catalog.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,11 @@ pub(crate) struct Catalog {
pub(crate) catalog_type: CatalogType,
/**Fixed data */
pub(crate) id: i32,
/** Fixed data - Column only if the catalog_type is Column, otherwise father data page (FDP) */
/** Fixed data - Column only if the `catalog_type` is Column, otherwise father data page (FDP) */
pub(crate) column_or_father_data_page: i32,
/**Fixed data */
pub(crate) space_usage: i32,
/**Fixed data - If catalog_type is Column then these are columns flags */
/**Fixed data - If `catalog_type` is Column then these are columns flags */
pub(crate) flags: i32,
/**Fixed data */
pub(crate) pages_or_locale: i32,
Expand Down
6 changes: 3 additions & 3 deletions core/src/artifacts/os/windows/ese/tables.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -557,7 +557,7 @@ pub(crate) fn read_ese<'a, T: std::io::Seek + std::io::Read>(
col.append(&mut final_prefix);

if key == &col {
column.column_data = value.clone();
column.column_data.clone_from(value);
break;
}
}
Expand Down Expand Up @@ -1015,8 +1015,8 @@ fn parse_tagged_data<'a>(
for tag in full_tags {
for entry in column_info.iter_mut() {
if entry.column_id == tag.column as i32 {
entry.column_data = tag.data.clone();
entry.column_tagged_flags = tag.flags.clone();
entry.column_data.clone_from(&tag.data);
entry.column_tagged_flags.clone_from(&tag.flags);
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/windows/ntfs/parser.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ pub(crate) fn ntfs_filelist(
start_path_depth += 1;
}
// restore original start path
start_path = rawfile_params.start_path.clone();
start_path.clone_from(&rawfile_params.start_path);

// Before parsing the NTFS data, grab Windows SIDs so we can map files to User and Group SIDs
let sids = SecurityIDs::get_security_ids(&root_dir, &mut ntfs_parser.fs, &ntfs_parser.ntfs)?;
Expand Down
2 changes: 1 addition & 1 deletion core/src/artifacts/os/windows/search/properties.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ pub(crate) fn parse_prop_id_lookup(
let mut props = HashMap::new();
for column in rows {
if column.column_name == "WorkID" {
id = column.column_data.clone();
id.clone_from(&column.column_data);
continue;
}

Expand Down
8 changes: 4 additions & 4 deletions core/src/artifacts/os/windows/search/tables/indexgthr.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,13 +57,13 @@ pub(crate) fn parse_index_gthr(
}
}
}
"FileName" => entry.entry = column.column_data.clone(),
"FileName" => entry.entry.clone_from(&column.column_data),
_ => continue,
}
}

if let Some(props) = lookups.get(&entry.document_id.to_string()) {
entry.properties = props.clone();
entry.properties.clone_from(props);
}

entries.push(entry);
Expand Down Expand Up @@ -152,13 +152,13 @@ pub(crate) fn parse_index_gthr_path(
}
}
}
"FileName" => entry.entry = column.column_data.clone(),
"FileName" => entry.entry.clone_from(&column.column_data),
_ => continue,
}
}

if let Some(props) = lookups.get(&entry.document_id.to_string()) {
entry.properties = props.clone();
entry.properties.clone_from(props);
}

entries.push(entry);
Expand Down
20 changes: 10 additions & 10 deletions core/src/artifacts/os/windows/services/service.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ pub(crate) fn parse_services(path: &str) -> Result<Vec<ServicesData>, ServicesEr
for entry in entries {
// Get the service name when starting loop
if current_service.is_empty() {
current_service = entry.name.clone();
current_service.clone_from(&entry.name);
}

// Services may have multiple subkeys. Group services together until we arrive at next service
Expand All @@ -35,7 +35,7 @@ pub(crate) fn parse_services(path: &str) -> Result<Vec<ServicesData>, ServicesEr
service_group.clear();

// After done with parsing, start new Service collection
current_service = entry.name.clone();
current_service.clone_from(&entry.name);
service_group.push(entry);
}

Expand Down Expand Up @@ -73,20 +73,20 @@ fn collect_service(service_data: &Vec<RegistryEntry>, service_name: &str) -> Ser
if info.values.is_empty() {
if info.name == service_name {
service.modified = info.last_modified;
service.reg_path = info.path.clone();
service.reg_path.clone_from(&info.path);
}
continue;
}

for value in &info.values {
if info.name == service_name {
service.modified = info.last_modified;
service.reg_path = info.path.clone();
service.reg_path.clone_from(&info.path);
// Get Service metadata associated with Service Name key
metadata(value, &mut service);
}
if info.name == "Parameters" && value.value.to_lowercase() == "servicedll" {
service.service_dll = value.data.clone();
service.service_dll.clone_from(&value.data);
}
}
}
Expand All @@ -97,20 +97,20 @@ fn collect_service(service_data: &Vec<RegistryEntry>, service_name: &str) -> Ser
/// Get metadata associated with Service
fn metadata(value: &KeyValue, service: &mut ServicesData) {
match value.value.as_str() {
"Description" => service.description = value.data.clone(),
"DisplayName" => service.display_name = value.data.clone(),
"Description" => service.description.clone_from(&value.data),
"DisplayName" => service.display_name.clone_from(&value.data),
"ErrorControl" => service.error_control = error_control(&value.data.clone()),
"FailureActions" => {
// Attempt to Service actions if Service fails
(service.failure_actions, service.reset_period) =
failure_actions(&value.data).unwrap_or_default();
}
"ImagePath" => service.path = value.data.clone(),
"ObjectName" => service.account = value.data.clone(),
"ImagePath" => service.path.clone_from(&value.data),
"ObjectName" => service.account.clone_from(&value.data),
"ServiceSidType" => service.state = service_state(&value.data.clone()),
"Start" => service.start_mode = start_mode(&value.data.clone()),
"Type" => service.service_type = service_type(&value.data.clone()),
"FailureCommand" => service.failure_command = value.data.clone(),
"FailureCommand" => service.failure_command.clone_from(&value.data),
"RequiredPrivileges" => {
service.required_privileges = value.data.split('\n').map(str::to_string).collect();
}
Expand Down
26 changes: 13 additions & 13 deletions core/src/artifacts/os/windows/srum/tables/application.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,17 +43,17 @@ pub(crate) fn parse_application(
}
"AppId" => {
if let Some(value) = lookups.get(&column.column_data) {
app.app_id = value.clone();
app.app_id.clone_from(value);
continue;
}
app.app_id = column.column_data.clone();
app.app_id.clone_from(&column.column_data);
}
"UserId" => {
if let Some(value) = lookups.get(&column.column_data) {
app.user_id = value.clone();
app.user_id.clone_from(value);
continue;
}
app.user_id = column.column_data.clone();
app.user_id.clone_from(&column.column_data);
}
"ForegroundCycleTime" => {
app.foreground_cycle_time =
Expand Down Expand Up @@ -193,17 +193,17 @@ pub(crate) fn parse_app_timeline(
}
"AppId" => {
if let Some(value) = lookups.get(&column.column_data) {
energy.app_id = value.clone();
energy.app_id.clone_from(value);
continue;
}
energy.app_id = column.column_data.clone();
energy.app_id.clone_from(&column.column_data);
}
"UserId" => {
if let Some(value) = lookups.get(&column.column_data) {
energy.user_id = value.clone();
energy.user_id.clone_from(value);
continue;
}
energy.user_id = column.column_data.clone();
energy.user_id.clone_from(&column.column_data);
}
"Flags" => energy.flags = column.column_data.parse::<i32>().unwrap_or_default(),
"EndTime" => {
Expand Down Expand Up @@ -379,24 +379,24 @@ pub(crate) fn parse_vfu_provider(
}
"AppId" => {
if let Some(value) = lookups.get(&column.column_data) {
app.app_id = value.clone();
app.app_id.clone_from(value);
continue;
}
app.app_id = column.column_data.clone();
app.app_id.clone_from(&column.column_data);
}
"UserId" => {
if let Some(value) = lookups.get(&column.column_data) {
app.user_id = value.clone();
app.user_id.clone_from(value);
continue;
}
app.user_id = column.column_data.clone();
app.user_id.clone_from(&column.column_data);
}
"Flags" => app.flags = column.column_data.parse::<i32>().unwrap_or_default(),
"StartTime" => {
app.start_time = column.column_data.parse::<i64>().unwrap_or_default();
}
"EndTime" => app.end_time = column.column_data.parse::<i64>().unwrap_or_default(),
"Usage" => app.usage = column.column_data.clone(),
"Usage" => app.usage.clone_from(&column.column_data),
_ => continue,
}
}
Expand Down
18 changes: 9 additions & 9 deletions core/src/artifacts/os/windows/srum/tables/energy.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,19 +29,19 @@ pub(crate) fn parse_energy(
}
"AppId" => {
if let Some(value) = lookups.get(&column.column_data) {
energy.app_id = value.clone();
energy.app_id.clone_from(value);
continue;
}
energy.app_id = column.column_data.clone();
energy.app_id.clone_from(&column.column_data);
}
"UserId" => {
if let Some(value) = lookups.get(&column.column_data) {
energy.user_id = value.clone();
energy.user_id.clone_from(value);
continue;
}
energy.user_id = column.column_data.clone();
energy.user_id.clone_from(&column.column_data);
}
"BinaryData" => energy.binary_data = column.column_data.clone(),
"BinaryData" => energy.binary_data.clone_from(&column.column_data),
_ => continue,
}
}
Expand Down Expand Up @@ -89,17 +89,17 @@ pub(crate) fn parse_energy_usage(
}
"AppId" => {
if let Some(value) = lookups.get(&column.column_data) {
energy.app_id = value.clone();
energy.app_id.clone_from(value);
continue;
}
energy.app_id = column.column_data.clone();
energy.app_id.clone_from(&column.column_data);
}
"UserId" => {
if let Some(value) = lookups.get(&column.column_data) {
energy.user_id = value.clone();
energy.user_id.clone_from(value);
continue;
}
energy.user_id = column.column_data.clone();
energy.user_id.clone_from(&column.column_data);
}
"EventTimestamp" => {
energy.event_timestamp = column.column_data.parse::<i64>().unwrap();
Expand Down
Loading

0 comments on commit cf04b26

Please sign in to comment.