def getDesktopWindow():
console_id = win32ts.WTSGetActiveConsoleSessionId()
if console_id == 0xffffffff:
# User not logged in right now?
logging.info("No console user")
return None
hwnd = None
# Get processes running on this console
svr = win32ts.WTSOpenServer(".")
ps_list = win32ts.WTSEnumerateProcesses(svr, 1, 0)
for ps in ps_list:
logging.info("PS " + str(ps))
win32ts.WTSCloseServer(svr)
# sessions = win32ts.WTSEnumerateSessions(None, 1, 0)
# for session in win32ts.WTSEnumerateSessions(win32ts.WTS_CURRENT_SERVER_HANDLE, 1, 0):
# print "SessionId: %s" % session['SessionId']
# print "\tWinStationName: %s" % session['WinStationName']
# print "\tState: %s" % session['State']
# print
# if session["WinStationName"] == "Console":
# cs = session
#if cs is not None:
# # Get process list for this session
return hwnd
def reListSessions(outFh):
protocols = {
ts.WTS_PROTOCOL_TYPE_CONSOLE: "console",
ts.WTS_PROTOCOL_TYPE_ICA: "citrix",
ts.WTS_PROTOCOL_TYPE_RDP: "rdp",
}
#hostname = api.GetComputerName()
hserver = ts.WTS_CURRENT_SERVER_HANDLE
currentSessId = ts.WTSGetActiveConsoleSessionId()
format = "%(user)-16s %(active)1s%(session)-7s %(id)-7s %(protocol)-8s"
print >> outFh, format % dict(
user="******",
active="",
session="SESSION",
id="ID",
protocol="PROTOCOL",
)
for session in ts.WTSEnumerateSessions(hserver):
sessionId = session["SessionId"]
session["User"] = ts.WTSQuerySessionInformation(
hserver, sessionId, ts.WTSUserName)
#session["Address"] = ts.WTSQuerySessionInformation(hserver, sessionId, ts.WTSClientAddress)
session["Protocol"] = ts.WTSQuerySessionInformation(
hserver, sessionId, ts.WTSClientProtocolType)
print >> outFh, format % dict(
user=session["User"] or "(none)",
session=session["WinStationName"],
id="(%d)" % session["SessionId"],
active="*" if sessionId == currentSessId else "",
protocol=protocols[session["Protocol"]],
)
def wts_msgbox(msg, title="提示", style=0, timeout=0, wait=False): # 这个函数支持在服务程序里弹出对话框 import win32ts sid = win32ts.WTSGetActiveConsoleSessionId() if sid != 0xffffffff: ret = win32ts.WTSSendMessage(win32ts.WTS_CURRENT_SERVER_HANDLE, sid, title, msg, style, timeout, wait) return ret
def create_print_process(self):
session_id = win32ts.WTSGetActiveConsoleSessionId()
user_token = win32ts.WTSQueryUserToken(session_id)
startup_info = win32process.STARTUPINFO()
cmdline = "E:\\python_project\\happyWorkAutoPrint\\dist\\autoPrint\\autoPrint.exe"
win32process.CreateProcessAsUser(user_token, None, cmdline, None, None,
False, win32con.NORMAL_PRIORITY_CLASS,
None, None, startup_info)
def runProcessInteractWithUser(self):
hToken = win32security.OpenProcessToken(
win32api.GetCurrentProcess(),
win32con.TOKEN_DUPLICATE | win32con.TOKEN_ADJUST_DEFAULT
| win32con.TOKEN_QUERY | win32con.TOKEN_ASSIGN_PRIMARY)
hNewToken = win32security.DuplicateTokenEx(
hToken, win32security.SecurityImpersonation,
win32security.TOKEN_ALL_ACCESS, win32security.TokenPrimary)
# Create sid level
sessionId = win32ts.WTSGetActiveConsoleSessionId()
win32security.SetTokenInformation(hNewToken,
win32security.TokenSessionId,
sessionId)
priority = win32con.NORMAL_PRIORITY_CLASS | win32con.CREATE_NEW_CONSOLE
startup = win32process.STARTUPINFO()
handle, thread_id, pid, tid = win32process.CreateProcessAsUser(
hNewToken, self.filePath, None, None, None, False, priority, None,
None, startup)
def runScreenShotApp2_old(self):
console_id = win32ts.WTSGetActiveConsoleSessionId()
if console_id == 0xffffffff:
# User not logged in right now?
logging.info("No console user")
return None
dc = None
logging.info("Got console: " + str(console_id))
# Get processes running on this console
svr = win32ts.WTSOpenServer(".")
user_token = win32ts.WTSQueryUserToken(console_id)
logging.info("User Token " + str(user_token))
# hwnd = win32gui.GetDC(win32con.HWND_DESKTOP) # win32gui.GetDesktopWindow()
# dc = ctypes.windll.user32.GetDC(win32con.HWND_DESKTOP)
# logging.info("DC before impersonation " + str(dc))
# win32gui.ReleaseDC(win32con.HWND_DESKTOP, dc)
# Switch to the user
win32security.ImpersonateLoggedOnUser(user_token)
logging.info("Impersonating " + win32api.GetUserName())
app_path = os.path.dirname(
os.path.dirname(
os.path.dirname(os.path.dirname(os.path.realpath(__file__)))))
cmd = os.path.join(app_path, "sshot\\dist\\sshot.exe")
logging.info("Running sshot app " + cmd)
logging.info(os.system(cmd))
# hwnd = ctypes.windll.user32.GetDC(win32con.HWND_DESKTOP)
# logging.info("HWND after impersonation " + str(hwnd))
# ps_list = win32ts.WTSEnumerateProcesses(svr, 1, 0)
# for ps in ps_list:
# logging.info("PS " + str(ps))
win32ts.WTSCloseServer(svr)
# Revert back to normal user
win32security.RevertToSelf()
user_token.close()
return
def runScreenShotApp3_old(self):
# Get the current security token
token = win32security.OpenProcessToken(
win32process.GetCurrentProcess(), win32security.TOKEN_ALL_ACCESS)
# Make a copy
#token2 = win32security.DuplicateToken(token)
token2 = win32security.DuplicateTokenEx(
token, win32security.SecurityImpersonation,
win32security.TOKEN_ALL_ACCESS, win32security.TokenPrimary)
# Find the session id - we will grab the console/keyboard
#proc_id = win32process.GetCurrentProcessId()
#session_id = win32ts.ProcessIdToSessionId(proc_id)
session_id = win32ts.WTSGetActiveConsoleSessionId()
# Make this token target our session
win32security.SetTokenInformation(token2, win32security.TokenSessionId,
session_id)
def Connect(id):
current = Ts.WTSGetActiveConsoleSessionId()
if current == id:
print "Already connected to session %d." % id
return True # because we *are* connected to the requested session
domain, user = GetUsername(id)
target = "%s\\%s" % (domain, user)
target, passwd, persist = GetPassword(target)
domain, user = Cred.CredUIParseUserName(target)
print ` domain `, ` user `, ` passwd `
try:
Wts.winstation.Connect(None, id, None, passwd, True)
except Wts.Win32Error as e:
print "[%s] %s" % (e.err, e.message)
if e.args[0] == 1326:
Cred.CredUIConfirmCredentials(target, False)
return False
else:
Cred.CredUIConfirmCredentials(target, True)
return True
def get_student_login_sessions():
# Get a list of students that are logged in
ret = []
# Get the current user name
curr_user = win32api.GetUserName()
if UserAccounts.is_user_in_group(curr_user, "OPEStudents"):
ret.append(curr_user)
# Get the list of users from WTS
wts_sessions = []
sessions = win32ts.WTSEnumerateSessions(None, 1, 0)
for session in sessions:
# Ignore listen status(no user for that), all others query
if session['State'] == UserAccounts.WTSActive or \
session['State'] == UserAccounts.WTSDisconnected or \
session['State'] == UserAccounts.WTSConnected:
# Found the active session
#active_session = session['SessionId']
#station_name = session["WinStationName"]
wts_sessions.append(session['SessionId'])
# Get the console session (duplicate?)
active_session = win32ts.WTSGetActiveConsoleSessionId()
if active_session is not None and active_session != UserAccounts.WTS_INVALID_SESSION_ID:
wts_sessions.append(active_session)
# Convert sessions to users and check their group membership
for session in wts_sessions:
user_name = win32ts.WTSQuerySessionInformation(
None, session, win32ts.WTSUserName)
if user_name is not None and user_name != "":
if UserAccounts.is_user_in_group(user_name, "OPEStudents"):
ret.append(user_name)
return ret
def runScreenShotApp(self):
global DISABLE_SSHOT
if DISABLE_SSHOT is True:
return
# Get the session id for the console
session_id = win32ts.WTSGetActiveConsoleSessionId()
if session_id == 0xffffffff:
# User not logged in right now?
logging.info("No console user")
return None
# logging.info("Got Console: " + str(session_id))
# Login to the terminal service to get the user token for the console id
svr = win32ts.WTSOpenServer(".")
user_token = win32ts.WTSQueryUserToken(session_id)
# logging.info("User Token " + str(user_token))
# Copy the token
user_token_copy = win32security.DuplicateTokenEx(
user_token, win32security.SecurityImpersonation,
win32security.TOKEN_ALL_ACCESS, win32security.TokenPrimary)
# Put this token in the logged in session
win32security.SetTokenInformation(user_token_copy,
win32security.TokenSessionId,
session_id)
# Switch to the user
# win32security.ImpersonateLoggedOnUser(user_token)
# logging.info("Impersonating " + win32api.GetUserName())
# Run the screen shot app
# app_path = os.path.dirname(os.path.dirname(os.path.dirname(os.path.dirname(os.path.realpath(__file__)))))
# cmd = os.path.join(app_path, "sshot\\dist\\sshot.exe")
cmd = os.path.join(ROOT_FOLDER, "ope_laptop_binaries\\sshot\\sshot.exe"
) # "c:\\programdata\\ope\\bin\\sshot.exe"
# cmd = "cmd.exe"
logging.info("Running sshot app " + cmd)
# Use win create process function
si = win32process.STARTUPINFO()
si.dwFlags = win32process.STARTF_USESHOWWINDOW
si.wShowWindow = win32con.SW_NORMAL
# si.lpDesktop = "WinSta0\Default"
si.lpDesktop = ""
# Setup envinroment for the user
environment = win32profile.CreateEnvironmentBlock(user_token, False)
try:
(
hProcess, hThread, dwProcessId, dwThreadId
) = win32process.CreateProcessAsUser(
user_token_copy,
None, # AppName (really command line, blank if cmd line supplied)
"\"" + cmd + "\"", # Command Line (blank if app supplied)
None, # Process Attributes
None, # Thread Attributes
0, # Inherits Handles
win32con.
NORMAL_PRIORITY_CLASS, # or win32con.CREATE_NEW_CONSOLE,
environment, # Environment
os.path.dirname(cmd), # Curr directory
si) # Startup info
# logging.info("Process Started: " + str(dwProcessId))
# logging.info(hProcess)
except Exception as e:
logging.info("Error launching process: " + str(e))
# logging.info(os.system(cmd))
# Return us to normal security
# win32security.RevertToSelf()
# Cleanup
win32ts.WTSCloseServer(svr)
user_token.close()
user_token_copy.close()
return
def GetActiveSessionId():
for session in win32ts.WTSEnumerateSessions():
if session['State'] == win32ts.WTSActive:
return session['SessionId']
return win32ts.WTSGetActiveConsoleSessionId()
def get_active_user_token():
# Figure out the active user token we need to use to run the app as
ret = None
# Get the current user name
user_name = win32api.GetUserName()
if user_name != "SYSTEM":
# Running as a logged in user, get the current users token
current_process = win32process.GetCurrentProcess()
token = win32security.OpenProcessToken(current_process,
win32con.MAXIMUM_ALLOWED)
# win32con.TOKEN_ADJUST_PRIVILEGES | win32con.TOKEN_QUERY) #
ret = token
return ret
#if user_name == "SYSTEM":
# p("}}gnStarted by SYSTEM user (OPEService) - trying to switch user identity}}xx")
# Get a list of Terminal Service sessions and see which one is active
active_session = UserAccounts.WTS_INVALID_SESSION_ID
station_name = ""
sessions = win32ts.WTSEnumerateSessions(None, 1, 0)
for session in sessions:
if session['State'] == UserAccounts.WTSActive:
# Found the active session
active_session = session['SessionId']
station_name = session["WinStationName"]
# If we didn't find one, try this way
if active_session == UserAccounts.WTS_INVALID_SESSION_ID:
active_session = win32ts.WTSGetActiveConsoleSessionId()
if active_session == UserAccounts.WTS_INVALID_SESSION_ID:
# User not logged in right now? or lock screen up?
p("}}gnNo console user or desktop locked}}xx", log_level=1)
return ret
# Get the current console session
#p("Got Console: " + str(active_session), debug_level=5)
# Login to the terminal service to get the user token for the console id so we can impersonate it
try:
#svr = win32ts.WTSOpenServer(".")
#win32ts.WTSCloseServer(svr)
user_token = win32ts.WTSQueryUserToken(active_session)
# Copy the token so we can modify it
user_token_copy = win32security.DuplicateTokenEx(
user_token, win32security.SecurityImpersonation,
win32security.TOKEN_ALL_ACCESS, win32security.TokenPrimary)
ret = user_token_copy
user_token.close()
except Exception as ex:
p("}}rnUnknown Error - trying to get WTS UserToken\n" + str(ex) +
"}}xx",
debug_level=1)
return ret
#p("User Token Found " + str(user_token_copy), debug_level=5)
return ret
