Esempi in Python per Regedit

Esempio n. 1

File: registry.py Progetto: spaceliberty/dpapick

    def test_get_lsa_secrets(self):
        r = registry.Regedit()

        secrets = r.get_lsa_secrets(W7_SECURITY_HIVE, W7_SYSTEM_HIVE)

        self.assertTrue("DPAPI_SYSTEM" in secrets)
        self.assertEquals(secrets["DPAPI_SYSTEM"]["CurrVal"], self.expected)

Esempio n. 2

File: wifi.py Progetto: skydancer0919/OwadeReborn

    def getwifipassword(self, systemhive, securityhive, masterkeydir,
                        profiledirectory):
        """
        getwifipassword returns all wifi passwords located at X:/ProgramData/Microsoft/Wlansvc
        """
        reg = registry.Regedit()
        secrets = reg.get_lsa_secrets(securityhive, systemhive)
        dpapi_system = secrets.get('DPAPI_SYSTEM')['CurrVal']

        mkp = masterkey.MasterKeyPool()
        mkp.loadDirectory(masterkeydir)
        mkp.addSystemCredential(dpapi_system)
        mkp.try_credential_hash(None, None)

        finalpass = dict()

        for root, _, files in os.walk(profiledirectory):
            for file in files:
                filepath = os.path.join(root, file)
                with open(filepath, 'r') as f:
                    file_data = f.read().replace('\x0a',
                                                 '').replace('\x0d', '')
                    wifi_name = re.search('<name>([^<]+)</name>', file_data)
                    wifi_name = wifi_name.group(1)
                    key_material_re = re.search(
                        '<keyMaterial>([0-9A-F]+)</keyMaterial>', file_data)
                    if not key_material_re:
                        continue
                    key_material = key_material_re.group(1)
                    wblob = blob.DPAPIBlob(key_material.decode('hex'))
                    wifi_pwd = '<not decrypted>'
                    mks = mkp.getMasterKeys(wblob.mkguid)
                    for mk in mks:
                        if mk.decrypted:
                            wblob.decrypt(mk.get_key())
                            if wblob.decrypted:
                                wifi_pwd = wblob.cleartext
                            break
                    print 'Wifi:{} Password:{}'.format(wifi_name, wifi_pwd)
                    finalpass[wifi_name] = wifi_pwd
        print finalpass
        return finalpass

Esempio n. 3

File: registry.py Progetto: spaceliberty/dpapick

    def test_get_lsa_key(self):
        r = registry.Regedit()

        self.assertRaises(ValueError, r.get_lsa_key, W7_SECURITY_HIVE)
        r.get_syskey(W7_SYSTEM_HIVE)
        self.assertEquals(r.get_lsa_key(W7_SECURITY_HIVE), self.lsakey)

Esempio n. 4

File: registry.py Progetto: spaceliberty/dpapick

    def test_get_syskey(self):
        r = registry.Regedit()

        self.assertEquals(r.get_syskey(W7_SYSTEM_HIVE), self.syskey)

Esempio n. 5

File: creddec.py Progetto: osogama/dpapilab

    umkp = None
    if options.masterkeydir:
        umkp = masterkey.MasterKeyPool()
        umkp.loadDirectory(options.masterkeydir)
        if options.credhist:
            umkp.addCredhistFile(options.sid, options.credhist)
        if options.password:
            umkp.try_credential(options.sid, options.password)
        elif options.pwdhash:
            umkp.try_credential_hash(
                options.sid, options.pwdhash.decode('hex'))

    smkp = None
    if options.sysmkdir and options.system and options.security:
        reg = registry.Regedit()
        secrets = reg.get_lsa_secrets(options.security, options.system)
        dpapi_system = secrets.get('DPAPI_SYSTEM')['CurrVal']
        smkp = masterkey.MasterKeyPool()
        smkp.loadDirectory(options.sysmkdir)
        smkp.addSystemCredential(dpapi_system)
        smkp.try_credential_hash(None, None)
        can_decrypt_sys_blob = True

    for cred_file in args:
        with open(cred_file, 'rb') as fin:
            print '-'*79

            enc_cred = vaultstruct.CREDENTIAL_FILE.parse(fin.read())
            print enc_cred