Ejemplo n.º 1
0
    def as_text(self):
        t = '--- start share ---\n'
        t += 'Share Name: ' + str(self.get_name()) + '\n'
        t += 'Description: ' + str(self.get_description()) + '\n'
        if self.get_path():
            t += 'Path: ' + str(self.get_path()) + '\n'
        else:
            t += 'Path: None\n'
        t += 'Passwd: ' + str(self.get_passwd()) + '\n'
        t += 'Current Uses: ' + str(self.get_current_uses()) + '\n'
        t += 'Max Uses: ' + str(self.get_max_uses()) + '\n'
        t += 'Permissions: ' + str(self.get_permissions()) + '\n'

        if self.get_path():
            f = File(self.get_path())
            if f.exists():
                if f.get_sd():
                    t += 'Directory Security Descriptor:\n'
                    t += f.get_sd().as_text() + '\n'
                else:
                    t += 'Directory Security Descriptor: None (can\'t read sd)\n'
            else:
                t += 'Directory Security Descriptor: None (path doesn\'t exist)\n'
        else:
            t += 'Directory Security Descriptor: None (no path)\n'

        if self.get_sd():
            t += 'Share Security Descriptor:\n'
            t += self.get_sd().as_text() + '\n'
        else:
            t += 'Share Security Descriptor: None\n'

        t += '--- end share ---\n'
        return t
Ejemplo n.º 2
0
def find_in_path(f):
    f_str = f.get_name()
    for d in os.environ.get('PATH').split(';'):
        #print "[D] looking in path for %s" % d + "\\" + f_str
        if os.path.exists(d + "\\" + f_str):
            #print "[D] found in path %s" % d + "\\" + f_str
            return File(d + "\\" + f_str)
    return None
Ejemplo n.º 3
0
    def dumptab_all_files(self):
        # Record info about all directories
        include_dirs = 1

        #  Identify all NTFS drives
        prog_dirs = []
        for d in Drives().get_fixed_drives():
            print(wpc.utils.tab_line("info", "drive", d.get_name(),
                                     d.get_fs()))
            if d.get_fs() == 'NTFS':
                prog_dirs.append(d.get_name())

        # Walk the directory tree of each NTFS drive
        for directory in prog_dirs:
            for filename in wpc.utils.dirwalk(directory, '*', include_dirs):
                f = File(filename)
                print(f.as_tab())
Ejemplo n.º 4
0
 def get_exe_file(self):
     if not self.exe_file:
         filename = self.get_exe_path_clean()
         if filename:  # might be None
             self.exe_file = File(filename)
         else:
             self.exe_file = None
     return self.exe_file
Ejemplo n.º 5
0
    def dumptab_program_files(self):
        # Record info about all directories
        include_dirs = 1

        prog_dirs = []
        if os.getenv('ProgramFiles'):
            prog_dirs.append(os.environ['ProgramFiles'])

        if os.getenv('ProgramFiles(x86)'):
            prog_dirs.append(os.environ['ProgramFiles(x86)'])

        for directory in prog_dirs:
            # Walk program files directories looking for executables
            for filename in wpc.utils.dirwalk(
                    directory, wpc.conf.executable_file_extensions,
                    include_dirs):
                f = File(filename)
                print(f.as_tab())
Ejemplo n.º 6
0
 def get_dlls(self):
     if self.dlls == []:
         if self.get_mhs():
             for mh in self.get_mhs():
                 dll = win32process.GetModuleFileNameEx(self.get_ph(), mh)
                 #print dll
                 self.dlls.append(File(dll))
                 #dump_perms(dll, 'file', {'brief': 1})
     return self.dlls
Ejemplo n.º 7
0
    def dump_all_files(self):
        # Record info about all directories
        include_dirs = 1

        # TODO other drives too

        prog_dirs = ['c:\\']

        count = 0
        for dir in prog_dirs:
            # Walk program files directories looking for executables
            for filename in wpc.utils.dirwalk(dir, '*', include_dirs):
                f = File(filename)
                #print "[D] Processing %s" % f.get_name()
                # TODO check file owner, parent paths, etc.  Maybe use is_replaceable instead?
                aces = f.get_dangerous_aces()
                count = count + 1
                for ace in aces:
                    for p in ace.get_perms():
                        print("%s\t%s\t%s\t%s\t%s" %
                              (f.get_type(), f.get_name(), ace.get_type(),
                               ace.get_principal().get_fq_name(), p))
Ejemplo n.º 8
0
def lookup_files_for_clsid(clsid):
    results = []
    # Potentially intersting subkeys of clsids are listed here:
    # http://msdn.microsoft.com/en-us/library/windows/desktop/ms691424(v=vs.85).aspx

    for v in ("InprocServer", "InprocServer32", "LocalServer",
              "LocalServer32"):
        r = RegKey("HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\" + clsid +
                   "\\" + v)
        if r.is_present:
            d = r.get_value("")  # "(Default)" value
            if d:
                d = env_expand(d)
                results.append([r, v, File(d)])
    #    else:
    #        print "[i] Skipping non-existent clsid: %s" % r.get_name()

    return results
Ejemplo n.º 9
0
 def add_by_name(self, name):
     f = File(name)
     self.add(f)
Ejemplo n.º 10
0
 def get_exe(self):
     if not self.exe:
         if self.get_exe_path_dirty():
             self.exe = File(self.get_exe_path_clean())
     return self.exe