Lint fix

Author: p0dalirius

sharehound/__main__.py

@@ -303,8 +303,12 @@ def parseArgs():
         )
     ):
         parser.print_help()
-        print("\n[!] No targets specified. Either provide targets with -tt/--target or -tf/--targets-file,")
-        print("    or provide AD credentials (-ai, -au, -ap/-ah) to scan all computers from Active Directory.")
+        print(
+            "\n[!] No targets specified. Either provide targets with -tt/--target or -tf/--targets-file,"
+        )
+        print(
+            "    or provide AD credentials (-ai, -au, -ap/-ah) to scan all computers from Active Directory."
+        )
         sys.exit(0)
 
     if (args.auth_password is not None) and (args.auth_hashes is not None):
@@ -358,6 +362,7 @@ def main():
         logger.error("Failed to load targets: %s" % str(err))
         if options.debug:
             import traceback
+
             traceback.print_exc()
         sys.exit(1)
     logger.info("Targeting %d hosts" % len(targets))

sharehound/collector/collect_contents_at_depth.py

@@ -6,7 +6,7 @@
 
 import ntpath
 import os
-from threading import Lock, Event
+from threading import Event, Lock
 from typing import Optional
 
 from bhopengraph.Node import Node

sharehound/collector/collect_contents_in_share.py

@@ -4,7 +4,7 @@
 # Author             : Remi Gascou (@podalirius_)
 # Date created       : 12 Aug 2025
 
-from threading import Lock, Event
+from threading import Event, Lock
 from typing import Optional
 
 from shareql.evaluate.evaluator import RulesEvaluator

sharehound/collector/collect_share_rights.py

@@ -120,21 +120,31 @@ def collect_share_rights(
     used_fallback = False
 
     try:
-        logger.debug(f"[collect_share_rights] Retrieving security descriptor for share: {share_name}")
+        logger.debug(
+            f"[collect_share_rights] Retrieving security descriptor for share: {share_name}"
+        )
         sd = smb_session.get_share_security_descriptor(share_name)
 
         if sd is None or len(sd) == 0:
             # Try fallback: get the root folder's security descriptor
-            logger.debug(f"[collect_share_rights] Share-level security descriptor unavailable for '{share_name}', trying root folder fallback...")
+            logger.debug(
+                f"[collect_share_rights] Share-level security descriptor unavailable for '{share_name}', trying root folder fallback..."
+            )
             sd = smb_session.get_share_root_security_descriptor(share_name)
             if sd is not None and len(sd) > 0:
                 used_fallback = True
-                logger.debug(f"[collect_share_rights] Using root folder NTFS permissions as fallback for share: {share_name}")
+                logger.debug(
+                    f"[collect_share_rights] Using root folder NTFS permissions as fallback for share: {share_name}"
+                )
             else:
-                logger.warning(f"[collect_share_rights] Could not retrieve security descriptor for share: {share_name} (both share-level and root folder fallback failed). No share rights edges will be created. This may be due to insufficient privileges or the remote registry service being disabled.")
+                logger.warning(
+                    f"[collect_share_rights] Could not retrieve security descriptor for share: {share_name} (both share-level and root folder fallback failed). No share rights edges will be created. This may be due to insufficient privileges or the remote registry service being disabled."
+                )
                 return share_rights
 
-        logger.debug(f"[collect_share_rights] Security descriptor retrieved ({len(sd)} bytes) for share: {share_name}{' (via root folder fallback)' if used_fallback else ''}")
+        logger.debug(
+            f"[collect_share_rights] Security descriptor retrieved ({len(sd)} bytes) for share: {share_name}{' (via root folder fallback)' if used_fallback else ''}"
+        )
 
         # Parse the security descriptor
         security_descriptor = ldaptypes.SR_SECURITY_DESCRIPTOR()
@@ -147,20 +157,28 @@ def collect_share_rights(
 
         dacl_data = security_descriptor["Dacl"]["Data"]
         if dacl_data is None or len(dacl_data) == 0:
-            logger.debug(f"[collect_share_rights] DACL is empty (no ACEs) for share: {share_name}")
+            logger.debug(
+                f"[collect_share_rights] DACL is empty (no ACEs) for share: {share_name}"
+            )
             return share_rights
 
-        logger.debug(f"[collect_share_rights] DACL contains {len(dacl_data)} ACE(s) for share: {share_name}")
+        logger.debug(
+            f"[collect_share_rights] DACL contains {len(dacl_data)} ACE(s) for share: {share_name}"
+        )
 
         # Process each ACE in the DACL
         for ace_index, ace in enumerate(dacl_data):
             # Check if ACE has a valid SID
             if "Ace" not in ace.fields or "Sid" not in ace["Ace"].fields:
-                logger.debug(f"[collect_share_rights] ACE #{ace_index}: Invalid ACE structure, skipping")
+                logger.debug(
+                    f"[collect_share_rights] ACE #{ace_index}: Invalid ACE structure, skipping"
+                )
                 continue
 
             if len(ace["Ace"]["Sid"]) == 0:
-                logger.debug(f"[collect_share_rights] ACE #{ace_index}: Empty SID, skipping")
+                logger.debug(
+                    f"[collect_share_rights] ACE #{ace_index}: Empty SID, skipping"
+                )
                 continue
 
             aceType = ace["AceType"]
@@ -170,26 +188,38 @@ def collect_share_rights(
             sid = aceSid.formatCanonical()
 
             # Log ACE type
-            ace_type_name = "ACCESS_ALLOWED" if aceType == ACCESS_ALLOWED_ACE_TYPE else \
-                           "ACCESS_DENIED" if aceType == ACCESS_DENIED_ACE_TYPE else \
-                           f"UNKNOWN({aceType})"
-            logger.debug(f"[collect_share_rights] ACE #{ace_index}: Type={ace_type_name}, SID={sid}, Mask=0x{maskValue:08X}")
+            ace_type_name = (
+                "ACCESS_ALLOWED"
+                if aceType == ACCESS_ALLOWED_ACE_TYPE
+                else (
+                    "ACCESS_DENIED"
+                    if aceType == ACCESS_DENIED_ACE_TYPE
+                    else f"UNKNOWN({aceType})"
+                )
+            )
+            logger.debug(
+                f"[collect_share_rights] ACE #{ace_index}: Type={ace_type_name}, SID={sid}, Mask=0x{maskValue:08X}"
+            )
 
             # Only process ACCESS_ALLOWED ACEs
             if aceType != ACCESS_ALLOWED_ACE_TYPE:
-                logger.debug(f"[collect_share_rights] ACE #{ace_index}: Skipping non-ACCESS_ALLOWED ACE (type={aceType})")
+                logger.debug(
+                    f"[collect_share_rights] ACE #{ace_index}: Skipping non-ACCESS_ALLOWED ACE (type={aceType})"
+                )
                 continue
 
             # Check for specific rights and create edges
-            access_flags = [
-                flag for flag in AccessMaskFlags if flag.value & maskValue
-            ]
+            access_flags = [flag for flag in AccessMaskFlags if flag.value & maskValue]
 
             if len(access_flags) == 0:
-                logger.debug(f"[collect_share_rights] ACE #{ace_index}: No matching access flags for mask 0x{maskValue:08X}")
+                logger.debug(
+                    f"[collect_share_rights] ACE #{ace_index}: No matching access flags for mask 0x{maskValue:08X}"
+                )
                 continue
 
-            logger.debug(f"[collect_share_rights] ACE #{ace_index}: Matched flags: {[flag.name for flag in access_flags]}")
+            logger.debug(
+                f"[collect_share_rights] ACE #{ace_index}: Matched flags: {[flag.name for flag in access_flags]}"
+            )
 
             # Map access flags to edge kinds
             edges_added = []
@@ -201,14 +231,20 @@ def collect_share_rights(
                     edges_added.append(edgeName)
 
             if edges_added:
-                logger.debug(f"[collect_share_rights] ACE #{ace_index}: Created {len(edges_added)} edge(s) for SID {sid}: {edges_added}")
+                logger.debug(
+                    f"[collect_share_rights] ACE #{ace_index}: Created {len(edges_added)} edge(s) for SID {sid}: {edges_added}"
+                )
 
         # Summary
         total_edges = sum(len(edges) for edges in share_rights.values())
-        logger.debug(f"[collect_share_rights] Summary for share '{share_name}': {len(share_rights)} SID(s), {total_edges} total edge(s)")
+        logger.debug(
+            f"[collect_share_rights] Summary for share '{share_name}': {len(share_rights)} SID(s), {total_edges} total edge(s)"
+        )
 
     except Exception as err:
-        logger.debug(f"[collect_share_rights] Error processing share rights for {share_name}: {err}")
+        logger.debug(
+            f"[collect_share_rights] Error processing share rights for {share_name}: {err}"
+        )
         raise err
 
     return share_rights

sharehound/collector/collect_shares.py

@@ -109,9 +109,13 @@ def collect_shares(
         logger.debug(f"[collect_shares] can_process({share_name}) = {can_process}")
         if can_process:
             ogc.add_path_to_graph()
-            logger.debug(f"[collect_shares] Total edges created so far for share '{share_name}': {ogc.get_total_edges_created()}")
+            logger.debug(
+                f"[collect_shares] Total edges created so far for share '{share_name}': {ogc.get_total_edges_created()}"
+            )
         else:
-            logger.debug(f"[collect_shares] Skipping add_path_to_graph for share '{share_name}' because can_process returned False")
+            logger.debug(
+                f"[collect_shares] Skipping add_path_to_graph for share '{share_name}' because can_process returned False"
+            )
 
         # Collect contents of the share
         (

sharehound/collector/opengraph_context.py

@@ -55,7 +55,9 @@ class OpenGraphContext:
     logger: Optional[Union[Logger, TaskLogger]]
     total_edges_created: int
 
-    def __init__(self, graph: OpenGraph, logger: Optional[Union[Logger, TaskLogger]] = None):
+    def __init__(
+        self, graph: OpenGraph, logger: Optional[Union[Logger, TaskLogger]] = None
+    ):
         self.graph = graph
         self.host = (None, {})
         self.share = (None, {})
@@ -80,7 +82,7 @@ def add_path_to_graph(self) -> None:
                 self.logger.debug("[add_path_to_graph] Host is None, skipping")
             return None
         self.graph.add_node_without_validation(self.host)
-        
+
         # Add edge [HostsNetworkShare] from BloodHound Computer to NetworkShareHost
         # This links the ShareHound graph to existing BloodHound Computer nodes
         # by matching the Computer's name property (uppercase) to the NetworkShareHost's id
@@ -95,19 +97,27 @@ def add_path_to_graph(self) -> None:
         )
         self.total_edges_created += 1
         if self.logger:
-            self.logger.debug(f"[add_path_to_graph] Created edge HostsNetworkShare: Computer(name={self.host.id.upper()}) -> NetworkShareHost(id={self.host.id})")
+            self.logger.debug(
+                f"[add_path_to_graph] Created edge HostsNetworkShare: Computer(name={self.host.id.upper()}) -> NetworkShareHost(id={self.host.id})"
+            )
 
         share_node, share_rights = self.share
         if share_node is None:
             if self.logger:
                 self.logger.debug("[add_path_to_graph] Share node is None, skipping")
             return None
         self.graph.add_node_without_validation(share_node)
-        
+
         if self.logger:
-            rights_count = sum(len(edges) for edges in share_rights.values()) if share_rights else 0
-            self.logger.debug(f"[add_path_to_graph] Adding share '{share_node.id}' with {len(share_rights)} SID(s) and {rights_count} rights edge(s)")
-        
+            rights_count = (
+                sum(len(edges) for edges in share_rights.values())
+                if share_rights
+                else 0
+            )
+            self.logger.debug(
+                f"[add_path_to_graph] Adding share '{share_node.id}' with {len(share_rights)} SID(s) and {rights_count} rights edge(s)"
+            )
+
         self.add_rights_to_graph(share_node.id, share_rights, "share")
 
         # Add edge [HasNetworkShare] from host to share
@@ -120,7 +130,9 @@ def add_path_to_graph(self) -> None:
         )
         self.total_edges_created += 1
         if self.logger:
-            self.logger.debug(f"[add_path_to_graph] Created edge HasNetworkShare: {self.host.id} -> {share_node.id}")
+            self.logger.debug(
+                f"[add_path_to_graph] Created edge HasNetworkShare: {self.host.id} -> {share_node.id}"
+            )
 
         # At this point we have created
         # (Host) --[HasNetworkShare]--> ((NetworkShareSMB|NetworkShareDFS))
@@ -140,7 +152,9 @@ def add_path_to_graph(self) -> None:
             )
             self.total_edges_created += 1
             if self.logger:
-                self.logger.debug(f"[add_path_to_graph] Created edge Contains: {parent_id} -> {directory_node.id}")
+                self.logger.debug(
+                    f"[add_path_to_graph] Created edge Contains: {parent_id} -> {directory_node.id}"
+                )
             parent_id = directory_node.id
 
         # At this point we have created
@@ -163,12 +177,16 @@ def add_path_to_graph(self) -> None:
         )
         self.total_edges_created += 1
         if self.logger:
-            self.logger.debug(f"[add_path_to_graph] Created edge Contains: {parent_id} -> {element_node.id}")
+            self.logger.debug(
+                f"[add_path_to_graph] Created edge Contains: {parent_id} -> {element_node.id}"
+            )
 
         # At this point we have created
         # (Host) --[Expose]--> ((NetworkShareSMB|NetworkShareDFS)) --[Contains]--> ((File)|(Directory))* --[Contains]--> ((File)|(Directory))
 
-    def add_rights_to_graph(self, element_id: str, rights: dict, element_type: str = "element") -> None:
+    def add_rights_to_graph(
+        self, element_id: str, rights: dict, element_type: str = "element"
+    ) -> None:
         """
         Add rights to the graph
 
@@ -183,12 +201,16 @@ def add_rights_to_graph(self, element_id: str, rights: dict, element_type: str =
 
         if rights is None:
             if self.logger:
-                self.logger.warning(f"[add_rights_to_graph] Rights is None for {element_type}: {element_id}")
+                self.logger.warning(
+                    f"[add_rights_to_graph] Rights is None for {element_type}: {element_id}"
+                )
             return
 
         if len(rights) == 0:
             if self.logger:
-                self.logger.debug(f"[add_rights_to_graph] No rights to add for {element_type}: {element_id}")
+                self.logger.debug(
+                    f"[add_rights_to_graph] No rights to add for {element_type}: {element_id}"
+                )
             return
 
         edges_created_for_element = 0
@@ -206,10 +228,14 @@ def add_rights_to_graph(self, element_id: str, rights: dict, element_type: str =
                 self.total_edges_created += 1
                 edges_created_for_element += 1
                 if self.logger:
-                    self.logger.debug(f"[add_rights_to_graph] Created edge: {sid} --[{right_edge}]--> {element_id}")
+                    self.logger.debug(
+                        f"[add_rights_to_graph] Created edge: {sid} --[{right_edge}]--> {element_id}"
+                    )
 
         if self.logger:
-            self.logger.debug(f"[add_rights_to_graph] Created {edges_created_for_element} rights edge(s) for {element_type}: {element_id}")
+            self.logger.debug(
+                f"[add_rights_to_graph] Created {edges_created_for_element} rights edge(s) for {element_type}: {element_id}"
+            )
 
     def push_path(self, node: Node, rights: dict):
         """
@@ -461,4 +487,6 @@ def log_summary(self) -> None:
             None
         """
         if self.logger:
-            self.logger.debug(f"[OpenGraphContext] Total edges created in this context: {self.total_edges_created}")
+            self.logger.debug(
+                f"[OpenGraphContext] Total edges created in this context: {self.total_edges_created}"
+            )