Python _winreg.HKEY_USERS Examples

The following are 4 code examples of _winreg.HKEY_USERS(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module _winreg , or try the search function .
Example #1
Source File: rpath.py    From r-bridge-install with Apache License 2.0 5 votes vote down vote up 
def _user_hive(username=None):
    """Find the registry hive for a particular user."""
    hive_base = None
    sids = _user_sids()
    if username and username in sids:
        sid = sids[username]
        root_key = winreg.HKEY_USERS
        try:
            hive_reg = winreg.OpenKey(root_key, sid, 0, READ_ACCESS)
            if hive_reg:
                hive_base = sid
        except:
            pass
    return hive_base
Example #2
Source File: userRegistry.py    From CIS-ESP with Apache License 2.0 5 votes vote down vote up 
def getUserRegistry(computerName,objRegistry,hostPath,tmpIndicators,registryList):
	print computerName + " - checking user Registry"
	
	for hive,username,userpath in registryList:
		if hive == _winreg.HKEY_LOCAL_MACHINE:
			print computerName + " - user Registry: checking logged out user (" + username + ")..."
		elif hive == _winreg.HKEY_USERS:
			print computerName + " - user Registry: checking logged in user (" + username + ")..."
		pollReg(computerName,hostPath,username,hive,userpath,objRegistry,tmpIndicators)
Example #3
Source File: support.py    From CIS-ESP with Apache License 2.0 5 votes vote down vote up 
def getLoginStatus(profile_path,profileSID,username,objRegistry):
	result,subkeys = objRegistry.EnumKey(hDefKey=_winreg.HKEY_USERS,sSubKeyName=profileSID)
	if result == 0:
		return [_winreg.HKEY_USERS,profileSID]
	else:
		return [_winreg.HKEY_LOCAL_MACHINE,username]

#works with the common types of registry keys
Example #4
Source File: shellbags.py    From CIS-ESP with Apache License 2.0 5 votes vote down vote up 
def getShellbags(computerName,objRegistry,hostPath,registryList):
	print computerName + " - checking shellbags"
	userpath2 = ""
	
	for hive,username,userpath in registryList:
		outFile = open(hostPath + "\SHELLBAGS-" + username + "-" + computerName + ".csv", "w")
		outFile.write("path,created,modified,accessed\n")
		
		if hive == _winreg.HKEY_LOCAL_MACHINE:
			print computerName + " - shellbags: checking logged out user (" + username + ")..."
			userpath2 = userpath + "2"
		elif hive == _winreg.HKEY_USERS:
			print computerName + " - shellbags: checking logged in user (" + username + ")..."
			userpath2 = userpath + "\Software\Classes"
			
		keys = [userpath + "\Software\Microsoft\Windows\Shell", userpath + "\Software\Microsoft\Windows\ShellNoRoam",
			userpath2 + "\Local Settings\Software\Microsoft\Windows\Shell", userpath2 + "\Local Settings\Software\Microsoft\Windows\ShellNoRoam"]
		
		shellbags = []
		
		for key in keys:
			new_shellbags = get_shellbags(objRegistry,hive,key)
			shellbags.extend(new_shellbags)
		
		for shellbag in shellbags:
			outFile.write(support.convert_to_string(shellbag["path"]).replace(","," ") + "," + support.convert_to_string(shellbag["crtime"]) + "," + 
				support.convert_to_string(shellbag["mtime"]) + "," + support.convert_to_string(shellbag["atime"]) + "\n")
		outFile.close()