def getStartups():
"""Returns two lists, with global startups ans user startups. The lists may
be empty if something goes wrong"""
user_startup_path = regOps.getRegistryValue(
"HKEY_CURRENT_USER",
"Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\",
"Startup")
global_startup_path = regOps.getRegistryValue(
"HKEY_LOCAL_MACHINE",
"SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\",
"common startup")
user_startups = commandHandler.getOutput(
["dir", "/a/b", smartStr.normalize(user_startup_path)])
user_startups = user_startups.split("\n")
global_startups = commandHandler.getOutput(
["dir", "/a/b", smartStr.normalize(global_startup_path)])
global_startups = global_startups.split("\n")
for startup in list(user_startups):
if startup == "" or startup.strip().lower().endswith(".ini"):
user_startups.remove(startup)
for startup in list(global_startups):
if startup == "" or startup.strip().lower().endswith(".ini"):
global_startups.remove(startup)
global_startups = [
smartStr.normalize(global_startup)
for global_startup in global_startups
]
user_startups = [
smartStr.normalize(user_startup) for user_startup in user_startups
]
return global_startups, user_startups
def getDrivers(whitelist):
"""Gather the drivers available in this machine. Returns a list with all
services, or a list with an error message if there's an error"""
drvs = commandHandler.getOutput("sc query type= driver")
if drvs == "":
errorHandler.logError("sc calling\nThis computer can't execute sc", err)
return ["Este computador não executa o comando sc. Impossível descobrir drivers."]
drvs = parseSC("DRV", drvs, whitelist)
return drvs
def getServices(whitelist):
"""Gather the services available in this machine. Returns a list with all
services, or a list with an error message if there's an error"""
serv = commandHandler.getOutput("sc query type= service")
if serv == "":
errorHandler.logError("sc calling\nThis computer can't execute sc", err)
return ["Este computador não executa o comando sc. Impossível descobrir serviços."]
serv = parseSC("SRV", serv, whitelist)
return serv
def running_processes():
"""Returns the running processes or an error message if that's not possible"""
processes_list = commandHandler.getOutput("wmic process get description,executablepath")
if processes_list == "":
yield "This computer can't execute wmic"
else:
processes_list = processes_list.split("\n")[3:]
for line in processes_list:
parsed_line = smartStr.normalize(line.strip()).split(" ")
if parsed_line:
yield smartStr.normalize(" ".join(parsed_line[1:]).strip())
def running_processes():
"""Returns the running processes or an error message if that's not possible"""
processes_list = commandHandler.getOutput(
"wmic process get description,executablepath")
if processes_list == "":
yield "This computer can't execute wmic"
else:
processes_list = processes_list.split("\n")[3:]
for line in processes_list:
parsed_line = smartStr.normalize(line.strip()).split(" ")
if parsed_line:
yield smartStr.normalize(" ".join(parsed_line[1:]).strip())
def getStartups():
"""Returns two lists, with global startups ans user startups. The lists may
be empty if something goes wrong"""
user_startup_path = regOps.getRegistryValue(
"HKEY_CURRENT_USER", "Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\", "Startup"
)
global_startup_path = regOps.getRegistryValue(
"HKEY_LOCAL_MACHINE", "SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\", "common startup"
)
user_startups = commandHandler.getOutput(["dir", "/a/b", smartStr.normalize(user_startup_path)])
user_startups = user_startups.split("\n")
global_startups = commandHandler.getOutput(["dir", "/a/b", smartStr.normalize(global_startup_path)])
global_startups = global_startups.split("\n")
for startup in list(user_startups):
if startup == "" or startup.strip().lower().endswith(".ini"):
user_startups.remove(startup)
for startup in list(global_startups):
if startup == "" or startup.strip().lower().endswith(".ini"):
global_startups.remove(startup)
global_startups = [smartStr.normalize(global_startup) for global_startup in global_startups]
user_startups = [smartStr.normalize(user_startup) for user_startup in user_startups]
return global_startups, user_startups
def searchAutorun():
"""Scans every local drive looking for autoruns"""
devices = GetLogicalDriveStrings().split("\\\x00")[:-1]
autoruns = []
if "A:" in devices:
devices.remove("A:")
# List comprehention. Isn't it beautiful?
fixed_devices = [device for device in devices if GetDriveType(device) == DRIVE_FIXED]
for device in fixed_devices:
device_content = commandHandler.getOutput(["dir", "/a/b", device + "\\"])
if "autorun.inf" in device_content or "autorun.exe" in device_content:
autoruns.append(device)
return autoruns
def searchAutorun():
"""Scans every local drive looking for autoruns"""
devices = GetLogicalDriveStrings().split("\\\x00")[:-1]
autoruns = []
if "A:" in devices:
devices.remove("A:")
# List comprehention. Isn't it beautiful?
fixed_devices = [device for device in devices if GetDriveType(device) == DRIVE_FIXED]
for device in fixed_devices:
device_content = commandHandler.getOutput(["dir", "/a/b", device + "\\"])
if "autorun.inf" in device_content or "autorun.exe" in device_content:
autoruns.append(device)
return autoruns
