Python win32security.OWNER_SECURITY_INFORMATION Examples
The following are 11
code examples of win32security.OWNER_SECURITY_INFORMATION().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
win32security
, or try the search function
.
.
Example #1
| Source File: _path.py From Computable with MIT License | 6 votes |
|
def get_owner(self):
r""" Return the name of the owner of this file or directory.
This follows symbolic links.
On Windows, this returns a name of the form ur'DOMAIN\User Name'.
On Windows, a group can own a file or directory.
"""
if os.name == 'nt':
if win32security is None:
raise Exception("path.owner requires win32all to be installed")
desc = win32security.GetFileSecurity(
self, win32security.OWNER_SECURITY_INFORMATION)
sid = desc.GetSecurityDescriptorOwner()
account, domain, typecode = win32security.LookupAccountSid(None, sid)
return domain + u'\\' + account
else:
if pwd is None:
raise NotImplementedError("path.owner is not implemented on this platform.")
st = self.stat()
return pwd.getpwuid(st.st_uid).pw_name
Example #2
| Source File: windows-privesc-check.py From WHP with Do What The F*ck You Want To Public License | 6 votes |
|
def check_registry():
for key_string in reg_paths:
parts = key_string.split("\\")
hive = parts[0]
key_string = "\\".join(parts[1:])
try:
keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
#print "Can't open: " + hive + "\\" + key_string
continue
sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
if weak_perms:
vprint(hive + "\\" + key_string)
#print weak_perms
if verbose == 0:
sys.stdout.write(".")
save_issue("WPC003", "writable_reg_paths", weak_perms)
# print_weak_perms("x", weak_perms)
print
# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms) # weak perms on event log reg key
Example #3
| Source File: platform_windows.py From scalyr-agent-2 with Apache License 2.0 | 6 votes |
|
def get_file_owner(self, file_path):
"""Returns the user name of the owner of the specified file.
@param file_path: The path of the file.
@type file_path: str
@return: The user name of the owner.
@rtype: str
"""
sd = win32security.GetFileSecurity(
file_path, win32security.OWNER_SECURITY_INFORMATION
)
owner_sid = sd.GetSecurityDescriptorOwner()
name, domain, account_type = win32security.LookupAccountSid(None, owner_sid)
if name == "Administrators":
return self.__local_administrators
else:
return "%s\\%s" % (domain, name)
Example #4
| Source File: platform_windows.py From scalyr-agent-2 with Apache License 2.0 | 6 votes |
|
def set_file_owner(self, file_path, owner):
"""Sets the owner of the specified file.
@param file_path: The path of the file.
@param owner: The new owner of the file. This should be a string returned by either `get_file_ower` or
`get_current_user`.
@type file_path: str
@type owner: str
"""
# Lookup the user info by their name. We need their sid, which will be in the 0th element of user_info.
domain_user = owner.split("\\")
user_info = win32security.LookupAccountName(domain_user[0], domain_user[1])
# Get the current acl so we can just replace the owner information.
owner_acl = win32security.GetFileSecurity(
file_path, win32security.OWNER_SECURITY_INFORMATION
)
owner_acl.SetSecurityDescriptorOwner(user_info[0], True)
win32security.SetFileSecurity(
file_path, win32security.OWNER_SECURITY_INFORMATION, owner_acl
)
Example #5
| Source File: windowsprivcheck.py From LHF with GNU General Public License v3.0 | 6 votes |
|
def check_registry():
for key_string in reg_paths:
parts = key_string.split("\\")
hive = parts[0]
key_string = "\\".join(parts[1:])
try:
keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
#print "Can't open: " + hive + "\\" + key_string
continue
sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
if weak_perms:
vprint(hive + "\\" + key_string)
#print weak_perms
if verbose == 0:
sys.stdout.write(".")
save_issue("WPC003", "writable_reg_paths", weak_perms)
# print_weak_perms("x", weak_perms)
print
# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms) # weak perms on event log reg key
Example #6
| Source File: windows-privesc-check.py From WHP with Do What The F*ck You Want To Public License | 5 votes |
|
def check_weak_perms(object_name, object_type_s, perms):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type == None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return check_weak_perms_sd(object_name, object_type_s, sd, perms)
Example #7
| Source File: windows-privesc-check.py From WHP with Do What The F*ck You Want To Public License | 5 votes |
|
def dump_perms(object_name, object_type_s, options={}):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type == None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return dump_sd(object_name, object_type_s, sd, options)
Example #8
| Source File: path.py From click-configfile with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
def __get_owner_windows(self):
"""
Return the name of the owner of this file or directory. Follow
symbolic links.
Return a name of the form ``r'DOMAIN\\User Name'``; may be a group.
.. seealso:: :attr:`owner`
"""
desc = win32security.GetFileSecurity(
self, win32security.OWNER_SECURITY_INFORMATION)
sid = desc.GetSecurityDescriptorOwner()
account, domain, typecode = win32security.LookupAccountSid(None, sid)
return domain + '\\' + account
Example #9
| Source File: utils.py From Fastir_Collector with GNU General Public License v3.0 | 5 votes |
|
def check_permissions(path, logger):
logger.info("I am", win32api.GetUserNameEx(win32con.NameSamCompatible))
logger.info(path)
sd = win32security.GetFileSecurity(path, win32security.OWNER_SECURITY_INFORMATION)
owner_sid = sd.GetSecurityDescriptorOwner()
name, domain, _ = win32security.LookupAccountSid(None, owner_sid)
logger.info("File owned by %s\\%s" % (domain, name))
Example #10
| Source File: windowsprivcheck.py From LHF with GNU General Public License v3.0 | 5 votes |
|
def check_weak_perms(object_name, object_type_s, perms):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type is None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return check_weak_perms_sd(object_name, object_type_s, sd, perms)
Example #11
| Source File: windowsprivcheck.py From LHF with GNU General Public License v3.0 | 5 votes |
|
def dump_perms(object_name, object_type_s, options={}):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type is None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return dump_sd(object_name, object_type_s, sd, options)
