Skip to content
/ adiskreader Public

Async Python library to parse local and remote disk images.

License

View license
74 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

skelsec/adiskreader

BranchesTags

Repository files navigation

Supported Python versions Documentation Status Twitter

🚩 Sponsors

If you like this project, consider purchasing licenses of OctoPwn, our full pentesting suite that runs in your browser!
For notifications on new builds/releases and other info, hop on to our Discord

adiskreader

Async Python library to parse local and remote disk images.

🚩 Runs in the browser

This project, alongside with many other pentester tools runs in the browser with the power of OctoPwn!
Check out the community version at OctoPwn - Live

Description

The project is still in developement, expect issues

This is a library with a simple API to read (only read) and recover files from disk images (vhdx) or raw disks/partitions obtained by dd or similar command. Opening a file on the disk image provides an async fileobject so you can perform file operations like read seek tell without extracting the entire file.
It comes with an example console client to demonstrate the core features.

Features

Datasource

File Gzip SMB SSH(SFTP)
✔️ ✔️ ✔️ ✔️

Disk

Raw VHD VHDX VMDK
✔️ ✔️ ✔️

Partition

MBR GPT
✔️ ✔️

Filesystem

FAT12 FAT16 FAT32 VFAT NTFS EXT4 EXFAT
✔️ ✔️ ✔️ ✔️ ✔️

Install

git clone and pip install . should do the trick.
After install use the adiskreader-console executable for the sample client

Usage

adiskreader-console

Interactive sample client that tries to automatically "mount" the disk image specified by the source URL like:

Parsing a VHDX file over SMB

adiskreader-console smb+ntlm-password://TEST\victim@10.10.10.2/sharename/foldername/disk.vhdx

Parsing a VHD file over SSH

adiskreader-console ssh+password+vhd://test:test@10.10.10.3/mnt/hgfs/vhdxtest/17763.737.amd64fre.rs5_release_svc_refresh.190906-2324_server_serverdatacentereval_en-us_1.vhd

Parsing a local VHDX file

adiskreader-console file://C:\Users\test\images\test.vhdx

Parsing a gzipped raw disk image

adiskreader-console file+gz:///home/user/images/test.gz.raw

Using the API

At the moment there is no documentation, so you'll have to rely on the code itself :(

Testing

tests require installing guestmount

Kudos

FAT

The FAT filesystem operations are provided by a modifyed verson of PyFATFs. Original project is licensed under MIT, can be found here

Generic info

This C# library is awesome sauce for all things disk reading/writing! https://github.com/DiscUtils/DiscUtils

About

Async Python library to parse local and remote disk images.

Resources

Readme

License

View license
Activity

Stars

74 stars

Watchers

1 watching

Forks

7 forks
Report repository

Releases 1

0.0.1 Latest
Aug 20, 2024

Packages

No packages published

Contributors 2

  •  
  •  

Languages