Python winreg.REG_DWORD Examples

The following are 9 code examples of winreg.REG_DWORD(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module winreg , or try the search function .
Example #1
Source File: TaskManager.py    From Crypter with GNU General Public License v3.0 6 votes vote down vote up
def enable(self):
        '''
        @summary: Disables Windows Task Manager
        '''
        key_exists = False
        
        # Try to read the key
        try:
            reg = winreg.OpenKeyEx(winreg.HKEY_CURRENT_USER, self.DISABLE_KEY_LOCATION)
            disabled = winreg.QueryValueEx(reg, "DisableTaskMgr")[0]
            winreg.CloseKey(reg)
            key_exists = True
        except:
            pass
            
        # If key exists and is disabled, enable it
        if key_exists and disabled:
            reg = winreg.OpenKey(winreg.HKEY_CURRENT_USER,
                                  self.DISABLE_KEY_LOCATION,
                                  0,
                                  winreg.KEY_SET_VALUE)
            winreg.SetValueEx(reg, "DisableTaskMgr", 0,  winreg.REG_DWORD, 0x00000000)
            winreg.CloseKey(reg) 
Example #2
Source File: registry.py    From rekall with GNU General Public License v2.0 5 votes vote down vote up
def Reg2Py(data, size, data_type):
    if data_type == winreg.REG_DWORD:
        if size == 0:
            return 0
        return ctypes.cast(data, ctypes.POINTER(ctypes.c_int)).contents.value
    elif data_type == winreg.REG_SZ or data_type == winreg.REG_EXPAND_SZ:
        return ctypes.wstring_at(data, size // 2).rstrip(u"\x00")
    elif data_type == winreg.REG_MULTI_SZ:
        return ctypes.wstring_at(data, size // 2).rstrip(u"\x00").split(u"\x00")
    else:
        if size == 0:
            return None
        return ctypes.string_at(data, size) 
Example #3
Source File: TaskManager.py    From Crypter with GNU General Public License v3.0 5 votes vote down vote up
def disable(self):
        '''
        @summary: Disables Windows Task Manager
        '''
        key_exists = False
        

        # Try to read the key
        try:
            reg = winreg.OpenKeyEx(winreg.HKEY_CURRENT_USER, self.DISABLE_KEY_LOCATION)
            disabled = winreg.QueryValueEx(reg, "DisableTaskMgr")[0]
            winreg.CloseKey(reg)
            key_exists = True
        except:
            pass
        
        # If key doesn't exist, create it and set to disabled
        if not key_exists:
            reg = winreg.CreateKey(winreg.HKEY_CURRENT_USER,
                                  self.DISABLE_KEY_LOCATION)
            winreg.SetValueEx(reg, "DisableTaskMgr", 0,  winreg.REG_DWORD, 0x00000001)
            winreg.CloseKey(reg)
        # If enabled, disable it
        elif key_exists and not disabled:
            reg = winreg.OpenKey(winreg.HKEY_CURRENT_USER,
                                  self.DISABLE_KEY_LOCATION,
                                  0,
                                  winreg.KEY_SET_VALUE)
            winreg.SetValueEx(reg, "DisableTaskMgr", 0,  winreg.REG_DWORD, 0x00000001)
            winreg.CloseKey(reg) 
Example #4
Source File: resolver.py    From script.elementum.burst with Do What The F*ck You Want To Public License 4 votes vote down vote up
def _win32_is_nic_enabled(self, lm, guid, interface_key):
        # Look in the Windows Registry to determine whether the network
        # interface corresponding to the given guid is enabled.
        #
        # (Code contributed by Paul Marks, thanks!)
        #
        try:
            # This hard-coded location seems to be consistent, at least
            # from Windows 2000 through Vista.
            connection_key = _winreg.OpenKey(
                lm,
                r'SYSTEM\CurrentControlSet\Control\Network'
                r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
                r'\%s\Connection' % guid)

            try:
                # The PnpInstanceID points to a key inside Enum
                (pnp_id, ttype) = _winreg.QueryValueEx(
                    connection_key, 'PnpInstanceID')

                if ttype != _winreg.REG_SZ:
                    raise ValueError

                device_key = _winreg.OpenKey(
                    lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)

                try:
                    # Get ConfigFlags for this device
                    (flags, ttype) = _winreg.QueryValueEx(
                        device_key, 'ConfigFlags')

                    if ttype != _winreg.REG_DWORD:
                        raise ValueError

                    # Based on experimentation, bit 0x1 indicates that the
                    # device is disabled.
                    return not flags & 0x1

                finally:
                    device_key.Close()
            finally:
                connection_key.Close()
        except (EnvironmentError, ValueError):
            # Pre-vista, enabled interfaces seem to have a non-empty
            # NTEContextList; this was how dnspython detected enabled
            # nics before the code above was contributed.  We've retained
            # the old method since we don't know if the code above works
            # on Windows 95/98/ME.
            try:
                (nte, ttype) = _winreg.QueryValueEx(interface_key,
                                                    'NTEContextList')
                return nte is not None
            except WindowsError:  # pylint: disable=undefined-variable
                return False 
Example #5
Source File: resolver.py    From Cloudmare with GNU General Public License v3.0 4 votes vote down vote up
def _win32_is_nic_enabled(self, lm, guid, interface_key):
        # Look in the Windows Registry to determine whether the network
        # interface corresponding to the given guid is enabled.
        #
        # (Code contributed by Paul Marks, thanks!)
        #
        try:
            # This hard-coded location seems to be consistent, at least
            # from Windows 2000 through Vista.
            connection_key = _winreg.OpenKey(
                lm,
                r'SYSTEM\CurrentControlSet\Control\Network'
                r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
                r'\%s\Connection' % guid)

            try:
                # The PnpInstanceID points to a key inside Enum
                (pnp_id, ttype) = _winreg.QueryValueEx(
                    connection_key, 'PnpInstanceID')

                if ttype != _winreg.REG_SZ:
                    raise ValueError

                device_key = _winreg.OpenKey(
                    lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)

                try:
                    # Get ConfigFlags for this device
                    (flags, ttype) = _winreg.QueryValueEx(
                        device_key, 'ConfigFlags')

                    if ttype != _winreg.REG_DWORD:
                        raise ValueError

                    # Based on experimentation, bit 0x1 indicates that the
                    # device is disabled.
                    return not (flags & 0x1)

                finally:
                    device_key.Close()
            finally:
                connection_key.Close()
        except (EnvironmentError, ValueError):
            # Pre-vista, enabled interfaces seem to have a non-empty
            # NTEContextList; this was how dnspython detected enabled
            # nics before the code above was contributed.  We've retained
            # the old method since we don't know if the code above works
            # on Windows 95/98/ME.
            try:
                (nte, ttype) = _winreg.QueryValueEx(interface_key,
                                                    'NTEContextList')
                return nte is not None
            except WindowsError:
                return False 
Example #6
Source File: resolver.py    From elasticintel with GNU General Public License v3.0 4 votes vote down vote up
def _win32_is_nic_enabled(self, lm, guid, interface_key):
        # Look in the Windows Registry to determine whether the network
        # interface corresponding to the given guid is enabled.
        #
        # (Code contributed by Paul Marks, thanks!)
        #
        try:
            # This hard-coded location seems to be consistent, at least
            # from Windows 2000 through Vista.
            connection_key = _winreg.OpenKey(
                lm,
                r'SYSTEM\CurrentControlSet\Control\Network'
                r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
                r'\%s\Connection' % guid)

            try:
                # The PnpInstanceID points to a key inside Enum
                (pnp_id, ttype) = _winreg.QueryValueEx(
                    connection_key, 'PnpInstanceID')

                if ttype != _winreg.REG_SZ:
                    raise ValueError

                device_key = _winreg.OpenKey(
                    lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)

                try:
                    # Get ConfigFlags for this device
                    (flags, ttype) = _winreg.QueryValueEx(
                        device_key, 'ConfigFlags')

                    if ttype != _winreg.REG_DWORD:
                        raise ValueError

                    # Based on experimentation, bit 0x1 indicates that the
                    # device is disabled.
                    return not flags & 0x1

                finally:
                    device_key.Close()
            finally:
                connection_key.Close()
        except (EnvironmentError, ValueError):
            # Pre-vista, enabled interfaces seem to have a non-empty
            # NTEContextList; this was how dnspython detected enabled
            # nics before the code above was contributed.  We've retained
            # the old method since we don't know if the code above works
            # on Windows 95/98/ME.
            try:
                (nte, ttype) = _winreg.QueryValueEx(interface_key,
                                                    'NTEContextList')
                return nte is not None
            except WindowsError:  # pylint: disable=undefined-variable
                return False 
Example #7
Source File: resolver.py    From bazarr with GNU General Public License v3.0 4 votes vote down vote up
def _win32_is_nic_enabled(self, lm, guid, interface_key):
        # Look in the Windows Registry to determine whether the network
        # interface corresponding to the given guid is enabled.
        #
        # (Code contributed by Paul Marks, thanks!)
        #
        try:
            # This hard-coded location seems to be consistent, at least
            # from Windows 2000 through Vista.
            connection_key = _winreg.OpenKey(
                lm,
                r'SYSTEM\CurrentControlSet\Control\Network'
                r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
                r'\%s\Connection' % guid)

            try:
                # The PnpInstanceID points to a key inside Enum
                (pnp_id, ttype) = _winreg.QueryValueEx(
                    connection_key, 'PnpInstanceID')

                if ttype != _winreg.REG_SZ:
                    raise ValueError

                device_key = _winreg.OpenKey(
                    lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)

                try:
                    # Get ConfigFlags for this device
                    (flags, ttype) = _winreg.QueryValueEx(
                        device_key, 'ConfigFlags')

                    if ttype != _winreg.REG_DWORD:
                        raise ValueError

                    # Based on experimentation, bit 0x1 indicates that the
                    # device is disabled.
                    return not flags & 0x1

                finally:
                    device_key.Close()
            finally:
                connection_key.Close()
        except (EnvironmentError, ValueError):
            # Pre-vista, enabled interfaces seem to have a non-empty
            # NTEContextList; this was how dnspython detected enabled
            # nics before the code above was contributed.  We've retained
            # the old method since we don't know if the code above works
            # on Windows 95/98/ME.
            try:
                (nte, ttype) = _winreg.QueryValueEx(interface_key,
                                                    'NTEContextList')
                return nte is not None
            except WindowsError:  # pylint: disable=undefined-variable
                return False 
Example #8
Source File: resolver.py    From arissploit with GNU General Public License v3.0 4 votes vote down vote up
def _win32_is_nic_enabled(self, lm, guid, interface_key):
        # Look in the Windows Registry to determine whether the network
        # interface corresponding to the given guid is enabled.
        #
        # (Code contributed by Paul Marks, thanks!)
        #
        try:
            # This hard-coded location seems to be consistent, at least
            # from Windows 2000 through Vista.
            connection_key = _winreg.OpenKey(
                lm,
                r'SYSTEM\CurrentControlSet\Control\Network'
                r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
                r'\%s\Connection' % guid)

            try:
                # The PnpInstanceID points to a key inside Enum
                (pnp_id, ttype) = _winreg.QueryValueEx(
                    connection_key, 'PnpInstanceID')

                if ttype != _winreg.REG_SZ:
                    raise ValueError

                device_key = _winreg.OpenKey(
                    lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)

                try:
                    # Get ConfigFlags for this device
                    (flags, ttype) = _winreg.QueryValueEx(
                        device_key, 'ConfigFlags')

                    if ttype != _winreg.REG_DWORD:
                        raise ValueError

                    # Based on experimentation, bit 0x1 indicates that the
                    # device is disabled.
                    return not (flags & 0x1)

                finally:
                    device_key.Close()
            finally:
                connection_key.Close()
        except (EnvironmentError, ValueError):
            # Pre-vista, enabled interfaces seem to have a non-empty
            # NTEContextList; this was how dnspython detected enabled
            # nics before the code above was contributed.  We've retained
            # the old method since we don't know if the code above works
            # on Windows 95/98/ME.
            try:
                (nte, ttype) = _winreg.QueryValueEx(interface_key,
                                                    'NTEContextList')
                return nte is not None
            except WindowsError:
                return False 
Example #9
Source File: resolver.py    From Tautulli with GNU General Public License v3.0 4 votes vote down vote up
def _win32_is_nic_enabled(self, lm, guid, interface_key):
        # Look in the Windows Registry to determine whether the network
        # interface corresponding to the given guid is enabled.
        #
        # (Code contributed by Paul Marks, thanks!)
        #
        try:
            # This hard-coded location seems to be consistent, at least
            # from Windows 2000 through Vista.
            connection_key = _winreg.OpenKey(
                lm,
                r'SYSTEM\CurrentControlSet\Control\Network'
                r'\{4D36E972-E325-11CE-BFC1-08002BE10318}'
                r'\%s\Connection' % guid)

            try:
                # The PnpInstanceID points to a key inside Enum
                (pnp_id, ttype) = _winreg.QueryValueEx(
                    connection_key, 'PnpInstanceID')

                if ttype != _winreg.REG_SZ:
                    raise ValueError

                device_key = _winreg.OpenKey(
                    lm, r'SYSTEM\CurrentControlSet\Enum\%s' % pnp_id)

                try:
                    # Get ConfigFlags for this device
                    (flags, ttype) = _winreg.QueryValueEx(
                        device_key, 'ConfigFlags')

                    if ttype != _winreg.REG_DWORD:
                        raise ValueError

                    # Based on experimentation, bit 0x1 indicates that the
                    # device is disabled.
                    return not (flags & 0x1)

                finally:
                    device_key.Close()
            finally:
                connection_key.Close()
        except (EnvironmentError, ValueError):
            # Pre-vista, enabled interfaces seem to have a non-empty
            # NTEContextList; this was how dnspython detected enabled
            # nics before the code above was contributed.  We've retained
            # the old method since we don't know if the code above works
            # on Windows 95/98/ME.
            try:
                (nte, ttype) = _winreg.QueryValueEx(interface_key,
                                                    'NTEContextList')
                return nte is not None
            except WindowsError:
                return False