From 80512e0a780d655e6df5332a2a2333dcafa09c55 Mon Sep 17 00:00:00 2001
From: Nariman <nariman.etemadi@fox-it.com>
Date: Fri, 20 Sep 2024 11:23:49 +0200
Subject: [PATCH] Refactor class attribute

---
 dissect/target/plugins/os/windows/network.py | 34 ++++++++------------
 tests/plugins/os/windows/test_network.py     | 18 +++++++----
 2 files changed, 24 insertions(+), 28 deletions(-)

diff --git a/dissect/target/plugins/os/windows/network.py b/dissect/target/plugins/os/windows/network.py
index dbb7b328c..cbfe77a48 100644
--- a/dissect/target/plugins/os/windows/network.py
+++ b/dissect/target/plugins/os/windows/network.py
@@ -223,26 +223,11 @@ def _try_value(subkey: RegistryKey, value: str) -> str | list | None:
 
 
 class WindowsNetworkPlugin(NetworkPlugin):
-    """
-    Windows Network Plugin
-
-    This class interacts with the Windows registry to extract the network configuration.
-
-    Attributes:
-        REGISTRY_KEY_INTERFACE (str): Interface parameters for TCP/IP.
-        REGISTRY_KEY_CONTROLSET (str): Control set for network class.
-        REGISTRY_KEY_CONNECTION (str): Network connection settings.
-    """
-
-    REGISTRY_KEY_INTERFACE = "HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces\\"
-    REGISTRY_KEY_CONTROLSET = "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Class\\{4d36e972-e325-11ce-bfc1-08002be10318}"
-    REGISTRY_KEY_CONNECTION = (
-        "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Network\\{4D36E972-E325-11CE-BFC1-08002BE10318}\\"
-    )
-
     def _interfaces(self) -> Iterator[WindowsInterfaceRecord]:
         # Get all the network interfaces
-        for keys in self.target.registry.keys(self.REGISTRY_KEY_CONTROLSET):
+        for keys in self.target.registry.keys(
+            "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Class\\{4d36e972-e325-11ce-bfc1-08002be10318}"
+        ):
             for subkey in keys.subkeys():
                 device_info = {}
 
@@ -257,12 +242,17 @@ def _interfaces(self) -> Iterator[WindowsInterfaceRecord]:
                     continue
 
                 # Extract the network device name for given interface id
-                name_key = self.target.registry.key(self.REGISTRY_KEY_CONNECTION + f"{net_cfg_instance_id}\\Connection")
+                name_key = self.target.registry.key(
+                    f"HKLM\\SYSTEM\\CurrentControlSet\\Control\\Network\\"
+                    f"{{4D36E972-E325-11CE-BFC1-08002BE10318}}\\{net_cfg_instance_id}\\Connection"
+                )
                 if value_name := _try_value(name_key, "Name"):
                     device_info["name"] = value_name
 
                 # Extract the metric value from the REGISTRY_KEY_INTERFACE key
-                interface_key = self.target.registry.key(self.REGISTRY_KEY_INTERFACE + net_cfg_instance_id)
+                interface_key = self.target.registry.key(
+                    f"HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces\\{net_cfg_instance_id}"
+                )
                 if value_metric := _try_value(interface_key, "InterfaceMetric"):
                     device_info["metric"] = value_metric
 
@@ -298,7 +288,9 @@ def _extract_network_device_config(
 
         # Get the registry keys for the given interface id
         try:
-            keys = self.target.registry.key(self.REGISTRY_KEY_INTERFACE + interface_id)
+            keys = self.target.registry.key(
+                f"HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces\\{interface_id}"
+            )
         except RegistryKeyNotFoundError:
             return None
 
diff --git a/tests/plugins/os/windows/test_network.py b/tests/plugins/os/windows/test_network.py
index 7d0d040e5..6c0cde066 100644
--- a/tests/plugins/os/windows/test_network.py
+++ b/tests/plugins/os/windows/test_network.py
@@ -6,7 +6,6 @@
 
 import pytest
 
-from dissect.target.plugins.os.windows.network import WindowsNetworkPlugin
 from dissect.target.target import Target
 
 
@@ -16,6 +15,11 @@ class MockRegVal:
     value: str | int
 
 
+REGISTRY_KEY_INTERFACE = "HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces\\"
+REGISTRY_KEY_CONTROLSET = "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Class\\{4d36e972-e325-11ce-bfc1-08002be10318}"
+REGISTRY_KEY_CONNECTION = "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Network\\{4D36E972-E325-11CE-BFC1-08002BE10318}\\"
+
+
 @pytest.mark.parametrize(
     "mock_values, expected_values",
     [
@@ -154,8 +158,8 @@ def test_windows_network(
         mock_registry
         if name
         in [
-            f"{WindowsNetworkPlugin.REGISTRY_KEY_CONNECTION}TESTINGINSTANCEID\\Connection",
-            f"{WindowsNetworkPlugin.REGISTRY_KEY_INTERFACE}TESTINGINSTANCEID",
+            f"{REGISTRY_KEY_CONNECTION}TESTINGINSTANCEID\\Connection",
+            f"{REGISTRY_KEY_INTERFACE}TESTINGINSTANCEID",
         ]
         else None
     )
@@ -208,8 +212,8 @@ def test_windows_network_none(
         mock_registry
         if name
         in [
-            f"{WindowsNetworkPlugin.REGISTRY_KEY_CONNECTION}TESTINGINSTANCEID\\Connection",
-            f"{WindowsNetworkPlugin.REGISTRY_KEY_INTERFACE}TESTINGINSTANCEID",
+            f"{REGISTRY_KEY_CONNECTION}TESTINGINSTANCEID\\Connection",
+            f"{REGISTRY_KEY_INTERFACE}TESTINGINSTANCEID",
         ]
         else None
     )
@@ -303,8 +307,8 @@ def test_network_dhcp_and_static(
         mock_registry
         if name
         in [
-            f"{WindowsNetworkPlugin.REGISTRY_KEY_CONNECTION}TESTINGINSTANCEID\\Connection",
-            f"{WindowsNetworkPlugin.REGISTRY_KEY_INTERFACE}TESTINGINSTANCEID",
+            f"{REGISTRY_KEY_CONNECTION}TESTINGINSTANCEID\\Connection",
+            f"{REGISTRY_KEY_INTERFACE}TESTINGINSTANCEID",
         ]
         else None
     )