Esempio n. 1
0
    def __init__(self, filename):
        self._pFile = WINTRUST_FILE_INFO(filename)

        self.cbStruct = DWORD(sizeof(self))
        self.pPolicyCallbackData = None
        self.pSIPClientData = None
        self.dwUIChoice = WTD_UI_NONE
        self.fdwRevocationChecks = WTD_REVOKE_NONE
        self.dwUnionChoice = WTD_CHOICE_FILE
        self.dwStateAction = WTD_STATEACTION_VERIFY
        self.hWVTStateData = None
        self.pwszURLReference = None
        self.dwUIContext = 0
        self.pvInfo = addressof(self._pFile)
Esempio n. 2
0
    def world_writable_pipe(self):
        sd = create_string_buffer(SECURITY_DESCRIPTOR_MIN_LENGTH)
        InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION)
        SetSecurityDescriptorDacl(sd, True, None, False)

        sa = SECURITY_ATTRIBUTES()
        sa.nLength = sizeof(sa)
        sa.lpSecurityDescriptor = addressof(sd)
        sa.bInheritHandle = False

        self.hPipe = CreateNamedPipe(
            self.pipename,
            PIPE_ACCESS_DUPLEX,
            PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT,
            PIPE_UNLIMITED_INSTANCES,
            1024,
            1024,
            1000,
            sa
        )

        if self.hPipe == INVALID_HANDLE_VALUE:
            raise WinError(get_last_error())
Esempio n. 3
0
def getfilecert(filepath, throw=False):
    dwEncoding = DWORD()
    dwContentType = DWORD()
    dwFormatType = DWORD()
    hStore = LPVOID()
    hMsg = LPVOID()

    bResult = CryptQueryObject(CERT_QUERY_OBJECT_FILE, filepath,
                               CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED,
                               CERT_QUERY_FORMAT_FLAG_BINARY, 0,
                               byref(dwEncoding), byref(dwContentType),
                               byref(dwFormatType), byref(hStore), byref(hMsg),
                               None)

    if not bResult:
        if throw:
            raise WinError(get_last_error())

        return {}

    try:
        dwCertsCount = DWORD(-1)
        dwArgSize = DWORD(sizeof(dwCertsCount))

        bResult = CryptMsgGetParam(hMsg, CMSG_ATTR_CERT_COUNT_PARAM, 0,
                                   byref(dwCertsCount), byref(dwArgSize))

        if not bResult:
            if throw:
                raise WinError(get_last_error())

            return {}

        certificates = []

        for idx in xrange(dwCertsCount.value):
            dwArgSize = DWORD(-1)
            CryptMsgGetParam(hMsg, CMSG_ATTR_CERT_PARAM, idx, None,
                             byref(dwArgSize))

            if dwArgSize == DWORD(-1):
                if throw:
                    raise WinError(get_last_error())
                break

            pBuffer = create_string_buffer(dwArgSize.value)

            bResult = CryptMsgGetParam(hMsg, CMSG_ATTR_CERT_PARAM, idx,
                                       byref(pBuffer), byref(dwArgSize))

            if not bResult:
                if throw:
                    raise WinError(get_last_error())

                continue

            certificates.append(pBuffer.raw)

        return {'Certificates': certificates}

    finally:
        if hStore:
            CertCloseStore(hStore, 0)

        if hMsg:
            CryptMsgClose(hMsg)
Esempio n. 4
0
def getfilever(filepath, flags=FILE_VER_GET_NEUTRAL, throw=False):
    if not ver_lib:
        return {}

    result = {}

    dwReserved = DWORD(0)
    dwVersionSize = GetFileVersionInfoSizeExW(flags, filepath,
                                              byref(dwReserved))
    if dwVersionSize == 0:
        if throw:
            raise WinError(get_last_error())

        return result

    pBuffer = create_string_buffer(dwVersionSize)
    bResult = GetFileVersionInfoExW(flags, filepath, 0, dwVersionSize,
                                    byref(pBuffer))
    if not bResult:
        if throw:
            raise WinError(get_last_error())

        return result

    info = FIXEDFILEINFO()
    dwSize = DWORD(0)
    pvData = LPVOID()

    bResult = VerQueryValueW(pBuffer, u'\\', byref(pvData), byref(dwSize))
    if bResult:
        info = cast(pvData, POINTER(FIXEDFILEINFO)).contents

        result['FileVersion'] = '{1}.{0}.{3}.{2}'.format(*unpack(
            '<HHHH', pack('<II', info.dwFileVersionMS, info.dwFileVersionLS)))

        result['ProductVersion'] = '{1}.{0}.{3}.{2}'.format(*unpack(
            '<HHHH',
            pack('<II', info.dwProductVersionMS, info.dwProductVersionLS)))

        flags = []
        valid_flags = info.dwFileFlags & info.dwFileFlagsMask
        if valid_flags:
            for flag, value in VS_FF_STR.iteritems():
                if _bit(flag, valid_flags):
                    flags.append(value)

        result['Flags'] = flags

        for flag, value in VFT_STR.iteritems():
            if _bit(flag, info.dwFileType):
                if flag == VFT_UNKNOWN:
                    break

                elif flag == VFT_DRV:
                    for subflag, subvalue in VFT2_DRV_STR.iteritems():
                        if _bit(subflag, info.dwFileSubtype):
                            value += '(' + subvalue + ')'
                            break
                elif flag == VFT_FONT:
                    for subflag, subvalue in VFT2_FONT_STR.iteritems():
                        if _bit(subflag, info.dwFileSubtype):
                            value += '(' + subvalue + ')'
                            break

                elif flag == VFT_VXD:
                    value += '(VxD={:08x})'.format(info.dwFileSubtype)

                result['Type'] = value
                break

        timestamp = info.dwFileDateMS << 32 | info.dwFileDateLS
        result['Timestamp'] = timestamp

    bResult = VerQueryValueW(pBuffer, u'\\VarFileInfo\\Translation',
                             byref(pvData), byref(dwSize))

    if bResult:
        nRecords = dwSize.value / sizeof(LANGANDCODEPAGE)

        records = cast(pvData, POINTER(LANGANDCODEPAGE * nRecords)).contents
        translations = {}

        for translation in records:
            strings = {}

            for string in LOCALIZED_STRINGS:
                varpath = u'\\\\StringFileInfo\\{:04x}{:04x}\\{}'.format(
                    translation.wLanguage, translation.wCodePage, string)

                bResult = VerQueryValueW(pBuffer, varpath, byref(pvData),
                                         byref(dwSize))
                if not bResult:
                    continue

                strings[string] = unicode(cast(pvData,
                                               LPCWSTR).value).encode('utf-8')

            if strings:
                translations[translation.wLanguage] = strings

        if translations:
            found = False
            for preferred_translation in (0, 2057):
                if preferred_translation in translations:
                    result.update(translations[preferred_translation])
                    found = True
                    break

            if not found:
                # Just pick any
                result.update(next(iter(translations.itervalues())))

    return result
Esempio n. 5
0
 def __init__(self, filename):
     self.cbStruct = sizeof(self)
     self.pcwszFilePath = filename
     self.hFile = None
     self.pgKnownSubject = None