Python win32security.OWNER_SECURITY_INFORMATION Examples

The following are 11 code examples of win32security.OWNER_SECURITY_INFORMATION(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module win32security , or try the search function .
Example #1
Source File: _path.py    From Computable with MIT License 6 votes vote down vote up
def get_owner(self):
        r""" Return the name of the owner of this file or directory.

        This follows symbolic links.

        On Windows, this returns a name of the form ur'DOMAIN\User Name'.
        On Windows, a group can own a file or directory.
        """
        if os.name == 'nt':
            if win32security is None:
                raise Exception("path.owner requires win32all to be installed")
            desc = win32security.GetFileSecurity(
                self, win32security.OWNER_SECURITY_INFORMATION)
            sid = desc.GetSecurityDescriptorOwner()
            account, domain, typecode = win32security.LookupAccountSid(None, sid)
            return domain + u'\\' + account
        else:
            if pwd is None:
                raise NotImplementedError("path.owner is not implemented on this platform.")
            st = self.stat()
            return pwd.getpwuid(st.st_uid).pw_name 
Example #2
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 6 votes vote down vote up
def check_registry():
	for key_string in reg_paths:
		parts = key_string.split("\\")
		hive = parts[0]
		key_string = "\\".join(parts[1:])
		try:
			keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			#print "Can't open: " + hive + "\\" + key_string
			continue
		
		sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
		weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
		if weak_perms:
			vprint(hive + "\\" + key_string)
			#print weak_perms
			if verbose == 0:
				sys.stdout.write(".")
			save_issue("WPC003", "writable_reg_paths", weak_perms)
			# print_weak_perms("x", weak_perms)
	print

# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms)  # weak perms on event log reg key 
Example #3
Source File: platform_windows.py    From scalyr-agent-2 with Apache License 2.0 6 votes vote down vote up
def get_file_owner(self, file_path):
        """Returns the user name of the owner of the specified file.

        @param file_path: The path of the file.
        @type file_path: str

        @return: The user name of the owner.
        @rtype: str
        """
        sd = win32security.GetFileSecurity(
            file_path, win32security.OWNER_SECURITY_INFORMATION
        )
        owner_sid = sd.GetSecurityDescriptorOwner()
        name, domain, account_type = win32security.LookupAccountSid(None, owner_sid)
        if name == "Administrators":
            return self.__local_administrators
        else:
            return "%s\\%s" % (domain, name) 
Example #4
Source File: platform_windows.py    From scalyr-agent-2 with Apache License 2.0 6 votes vote down vote up
def set_file_owner(self, file_path, owner):
        """Sets the owner of the specified file.

        @param file_path: The path of the file.
        @param owner: The new owner of the file.  This should be a string returned by either `get_file_ower` or
            `get_current_user`.
        @type file_path: str
        @type owner: str
        """
        # Lookup the user info by their name.  We need their sid, which will be in the 0th element of user_info.
        domain_user = owner.split("\\")
        user_info = win32security.LookupAccountName(domain_user[0], domain_user[1])

        # Get the current acl so we can just replace the owner information.
        owner_acl = win32security.GetFileSecurity(
            file_path, win32security.OWNER_SECURITY_INFORMATION
        )

        owner_acl.SetSecurityDescriptorOwner(user_info[0], True)
        win32security.SetFileSecurity(
            file_path, win32security.OWNER_SECURITY_INFORMATION, owner_acl
        ) 
Example #5
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 6 votes vote down vote up
def check_registry():
	for key_string in reg_paths:
		parts = key_string.split("\\")
		hive = parts[0]
		key_string = "\\".join(parts[1:])
		try:
			keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			#print "Can't open: " + hive + "\\" + key_string
			continue
		
		sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
		weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
		if weak_perms:
			vprint(hive + "\\" + key_string)
			#print weak_perms
			if verbose == 0:
				sys.stdout.write(".")
			save_issue("WPC003", "writable_reg_paths", weak_perms)
			# print_weak_perms("x", weak_perms)
	print

# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms)  # weak perms on event log reg key 
Example #6
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 5 votes vote down vote up
def check_weak_perms(object_name, object_type_s, perms):
	object_type = None
	if object_type_s == 'file':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'directory':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'service':
		object_type = win32security.SE_SERVICE
	
	if object_type == win32security.SE_FILE_OBJECT:
#		if not os.path.exists(object_name):
#			print "WARNING: %s doesn't exist" % object_name
			
		if os.path.isfile(object_name):
			object_type_s = 'file'
		else:
			object_type_s = 'directory'
	
	if object_type == None:
		print "ERROR: Unknown object type %s" % object_type_s
		exit(1)
		
	try: 
		sd = win32security.GetNamedSecurityInfo (
			object_name,
			object_type,
			win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
		)
	except:
		# print "WARNING: Can't get security descriptor for " + object_name + ".  skipping.  (" + details[2] + ")"
		return []
	
	return check_weak_perms_sd(object_name, object_type_s, sd, perms) 
Example #7
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 5 votes vote down vote up
def dump_perms(object_name, object_type_s, options={}):
	object_type = None
	if object_type_s == 'file':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'directory':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'service':
		object_type = win32security.SE_SERVICE
	
	if object_type == win32security.SE_FILE_OBJECT:
#		if not os.path.exists(object_name):
#			print "WARNING: %s doesn't exist" % object_name
			
		if os.path.isfile(object_name):
			object_type_s = 'file'
		else:
			object_type_s = 'directory'
	
	if object_type == None:
		print "ERROR: Unknown object type %s" % object_type_s
		exit(1)
		
	try: 
		sd = win32security.GetNamedSecurityInfo (
			object_name,
			object_type,
			win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
		)
	except:
		# print "WARNING: Can't get security descriptor for " + object_name + ".  skipping.  (" + details[2] + ")"
		return []
	
	return dump_sd(object_name, object_type_s, sd, options) 
Example #8
Source File: path.py    From click-configfile with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
def __get_owner_windows(self):
        """
        Return the name of the owner of this file or directory. Follow
        symbolic links.

        Return a name of the form ``r'DOMAIN\\User Name'``; may be a group.

        .. seealso:: :attr:`owner`
        """
        desc = win32security.GetFileSecurity(
            self, win32security.OWNER_SECURITY_INFORMATION)
        sid = desc.GetSecurityDescriptorOwner()
        account, domain, typecode = win32security.LookupAccountSid(None, sid)
        return domain + '\\' + account 
Example #9
Source File: utils.py    From Fastir_Collector with GNU General Public License v3.0 5 votes vote down vote up
def check_permissions(path, logger):
    logger.info("I am", win32api.GetUserNameEx(win32con.NameSamCompatible))
    logger.info(path)
    sd = win32security.GetFileSecurity(path, win32security.OWNER_SECURITY_INFORMATION)
    owner_sid = sd.GetSecurityDescriptorOwner()
    name, domain, _ = win32security.LookupAccountSid(None, owner_sid)
    logger.info("File owned by %s\\%s" % (domain, name)) 
Example #10
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 5 votes vote down vote up
def check_weak_perms(object_name, object_type_s, perms):
	object_type = None
	if object_type_s == 'file':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'directory':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'service':
		object_type = win32security.SE_SERVICE
	
	if object_type == win32security.SE_FILE_OBJECT:
#		if not os.path.exists(object_name):
#			print "WARNING: %s doesn't exist" % object_name
			
		if os.path.isfile(object_name):
			object_type_s = 'file'
		else:
			object_type_s = 'directory'
	
	if object_type is None:
		print "ERROR: Unknown object type %s" % object_type_s
		exit(1)
		
	try: 
		sd = win32security.GetNamedSecurityInfo (
			object_name,
			object_type,
			win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
		)
	except:
		# print "WARNING: Can't get security descriptor for " + object_name + ".  skipping.  (" + details[2] + ")"
		return []
	
	return check_weak_perms_sd(object_name, object_type_s, sd, perms) 
Example #11
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 5 votes vote down vote up
def dump_perms(object_name, object_type_s, options={}):
	object_type = None
	if object_type_s == 'file':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'directory':
		object_type = win32security.SE_FILE_OBJECT
	if object_type_s == 'service':
		object_type = win32security.SE_SERVICE
	
	if object_type == win32security.SE_FILE_OBJECT:
#		if not os.path.exists(object_name):
#			print "WARNING: %s doesn't exist" % object_name
			
		if os.path.isfile(object_name):
			object_type_s = 'file'
		else:
			object_type_s = 'directory'
	
	if object_type is None:
		print "ERROR: Unknown object type %s" % object_type_s
		exit(1)
		
	try: 
		sd = win32security.GetNamedSecurityInfo (
			object_name,
			object_type,
			win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
		)
	except:
		# print "WARNING: Can't get security descriptor for " + object_name + ".  skipping.  (" + details[2] + ")"
		return []
	
	return dump_sd(object_name, object_type_s, sd, options)