def steam_path(self, _path):
if _path is None:
try:
hkey = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE,
r"SOFTWARE\WOW6432Node\Valve\Steam"
) # <PyHKEY:0x0000000000000094>
_path = winreg.QueryValueEx(hkey, "InstallPath")
winreg.CloseKey(hkey)
_path = _path[0]
except OSError:
messagebox.showerror(
"error",
"Can't find steam Install directory, select steam install dir"
)
_path = filedialog.askdirectory()
self._steam_path = _path
self.dump('steam_path', _path)
def _r_home_from_registry():
"""Return the R home directory from the Windows Registry."""
try:
import winreg
except ImportError:
import _winreg as winreg
try:
hkey = winreg.OpenKeyEx(winreg.HKEY_LOCAL_MACHINE,
"Software\\R-core\\R",
0, winreg.KEY_QUERY_VALUE)
r_home = winreg.QueryValueEx(hkey, "InstallPath")[0]
winreg.CloseKey(hkey)
except Exception as exc: # FileNotFoundError, WindowsError, etc
return
if sys.version_info[0] == 2:
r_home = r_home.encode(sys.getfilesystemencoding())
return r_home
def r_home_from_registry() -> Optional[str]:
"""Return the R home directory from the Windows Registry."""
try:
import winreg # type: ignore
except ImportError:
import _winreg as winreg # type: ignore
try:
hkey = winreg.OpenKeyEx(winreg.HKEY_LOCAL_MACHINE,
'Software\\R-core\\R',
0, winreg.KEY_QUERY_VALUE)
r_home = winreg.QueryValueEx(hkey, 'InstallPath')[0]
winreg.CloseKey(hkey)
except Exception: # FileNotFoundError, WindowsError, etc
return None
if sys.version_info[0] == 2:
r_home = r_home.encode(sys.getfilesystemencoding())
return r_home
def unblocker(name):
disallow_key = winreg.OpenKey(
winreg.HKEY_CURRENT_USER,
'Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun',
0, winreg.KEY_ALL_ACCESS)
db = sqlite3.connect('blocked_proc.db')
cur = db.cursor()
del_id = cur.execute('SELECT id FROM blocked WHERE application = (?)',
(name, )).fetchone()[0]
del_id = str(del_id)
# print('Deleting id {}\n Unblocking application {}'.format(del_id, name))
winreg.DeleteValue(disallow_key, del_id)
winreg.CloseKey(disallow_key)
cur.execute('DELETE FROM blocked WHERE id = (?)', (del_id))
# print('Done')
db.commit()
db.close()
def set_serv_parms(service, args):
""" Set the service command line parameters in Registry """
import winreg
serv = []
for arg in args:
serv.append(arg[0])
if arg[1]:
serv.append(arg[1])
try:
key = winreg.CreateKey(winreg.HKEY_LOCAL_MACHINE, _SERVICE_KEY + service)
winreg.SetValueEx(key, _SERVICE_PARM, None, winreg.REG_MULTI_SZ, serv)
winreg.CloseKey(key)
except OSError:
return False
return True
def enableVbomExcel():
# Enable writing in macro (VBOM)
# First fetch the application version
# IT is necessary to exit office or value wont be saved
objExcel = win32com.client.Dispatch("Excel.Application")
objExcel.Visible = False # do the operation in background
version = objExcel.Application.Version
objExcel.Application.Quit()
del objExcel
# Next change/set AccessVBOM registry value to 1
keyval = "Software\\Microsoft\Office\\" + version + "\\Excel\\Security"
print("\033[1;77m[-] Set %s to 1...\033[0m" % keyval)
Registrykey = winreg.CreateKey(winreg.HKEY_CURRENT_USER, keyval)
winreg.SetValueEx(Registrykey, "AccessVBOM", 0, winreg.REG_DWORD,
1) # "REG_DWORD"
winreg.CloseKey(Registrykey)
def computerdefaults(payload):
print("Payload: {}".format(payload))
print("Attempting to create registry key")
try:
key = winreg.CreateKey(
winreg.HKEY_CURRENT_USER,
os.path.join("Software\Classes\ms-settings\shell\open\command"))
winreg.SetValueEx(key, None, 0, winreg.REG_SZ, payload)
winreg.SetValueEx(key, "DelegateExecute", 0, winreg.REG_SZ, None)
winreg.CloseKey(key)
except Exception as error:
print("Unable to create key")
return False
else:
print("Registry key created")
print("Pausing for 5 seconds before executing")
time.sleep(5)
print("Attempting to create process")
try:
result = wmi.Win32_Process.Create(
CommandLine="cmd.exe /c start computerdefaults.exe",
ProcessStartupInformation=wmi.Win32_ProcessStartup.new(
ShowWindow=1))
if (result[1] == 0):
print("Process started successfully")
else:
print("Problem creating process")
except Exception as error:
print("Problem creating process")
return False
print("Pausing for 5 seconds before cleaning")
time.sleep(5)
print("Attempting to remove registry key")
try:
winreg.DeleteKey(
winreg.HKEY_CURRENT_USER,
os.path.join("Software\Classes\ms-settings\shell\open\command"))
except Exception as error:
print("Unable to delete key")
return False
else:
print("Registry key was deleted")
def deleteRegKey(errorHandler, key):
hKey = None
try:
mainKey, subKey = splitKeyName(key)
preKey , lastKey = splitLastKey(subKey)
hKey = winreg.OpenKey(getKeyHandle(mainKey), preKey, 0, winreg.KEY_ALL_ACCESS)
winreg.DeleteKey(hKey, lastKey)
except Exception:
errorInfo={Global.ERROR_CALLSTACK:traceback, Global.ERROR_MESSAGE:traceback.format_exc()}
errorHandler.handler(errorInfo);
finally:
if hKey != None :
winreg.CloseKey(hKey)
return True
def append_value_in_PATH(v):
'''
把v添加到系统变量PATH中去
:param v:
:return:
'''
root_key = winreg.HKEY_CURRENT_USER
sub_key_name = r'Environment'
value_name = r'PATH'
key = _open_key(root_key, sub_key_name)
val, tpe = _read_key_value(key,value_name)
#检测是否包含
tmp = val.split(';')
if v not in tmp:
_save_key_value(key, value_name, tpe,val+';'+v)
winreg.CloseKey(key)
def set_regkey_value(value_entry):
logging.info(
f"Установка {repr(value_entry).replace('Параметр', 'параметра')}.")
try:
opened_regkey = winreg.CreateKeyEx(
value_entry.root_key, value_entry.subkey, 0,
winreg.KEY_WOW64_64KEY + winreg.KEY_WRITE)
winreg.SetValueEx(opened_regkey, value_entry.name, 0,
value_entry.data_type, value_entry.data)
winreg.CloseKey(opened_regkey)
logging.info("[УСПЕХ] Параметр установлен.")
# HTML_con.html_in(str(value_entry), 2)
return str(value_entry)
except Exception as registry_exception:
logging.info(
f"[НЕУДАЧА] Параметр не установлен: {registry_exception}.")
raise
def find_vnetlib_registry(regkey):
import winreg
try:
# default path not used, let's look in the registry
hkey = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, regkey)
install_path, _ = winreg.QueryValueEx(hkey, "InstallPath")
winreg.CloseKey(hkey)
vnetlib_path = os.path.join(install_path, "vnetlib64.exe")
if os.path.exists(vnetlib_path):
return vnetlib_path
vnetlib_path = os.path.join(install_path, "vnetlib.exe")
if os.path.exists(vnetlib_path):
return vnetlib_path
except OSError:
pass
return None
def get_winos_fullname():
key = reg.HKEY_LOCAL_MACHINE
key_value = "Software\Microsoft\Windows NT\CurrentVersion"
open = reg.OpenKey(key,key_value,0,reg.KEY_ALL_ACCESS)
try:
value, type = reg.QueryValueEx(open,"ProductName")
#print(value,"Type:",type)
except FileNotFoundError:
print("AutoConfigURL not found")
reg.CloseKey(open)
return value
def read_reg():
"""Reads from registry values"""
email = None
pkey_path = None
reg = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER)
key = winreg.OpenKey(reg, r'SOFTWARE\Anylink')
try:
email = winreg.QueryValueEx(key, 'user')[0]
pkey_path = winreg.QueryValueEx(key, 'key_path')[0]
except EnvironmentError as e:
print(e)
finally:
winreg.CloseKey(key)
return email, pkey_path
def _get_install_path():
"""
Returns installation path from registry.
Available only on Windows
"""
if is_portable():
return os.environ["XDG_CONFIG_HOME"]
try:
key = winreg.OpenKey(winreg.HKEY_CURRENT_USER,
"Software\\SyncthingGTK")
path, keytype = winreg.QueryValueEx(key, "InstallPath")
path = str(path)
winreg.CloseKey(key)
return path
except WindowsError:
# This is really shouldn't happen. Use executable path.
os.path.dirname(sys.executable)
def getenv_system(varname, default=''):
import winreg
v = default
try:
rkey = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
'SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment'
)
try:
v = str(winreg.QueryValueEx(rkey, varname)[0])
v = winreg.ExpandEnvironmentStrings(v)
except:
pass
finally:
winreg.CloseKey(rkey)
return v
def check_key(key_path=os.path.dirname(os.getenv('APPDATA')) +
"\\Local\\{}".format(SERVICE_NAME)):
key = winreg.OpenKey(
winreg.HKEY_CURRENT_USER,
"Software\\Microsoft\\Windows\\CurrentVersion\\Run",
access=winreg.KEY_READ)
try:
count = 0
while (True):
val, path, data_type = winreg.EnumValue(key, count)
if val == SERVICE_NAME:
return True
count += 1
except:
return False
finally:
winreg.CloseKey(key)
def del_reg(self, mode, reg_path_settings, name=None):
if mode == 0: # delete only value
try:
registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER,
reg_path_settings, 0,
winreg.KEY_WRITE)
winreg.DeleteValue(registry_key, name)
winreg.CloseKey(registry_key)
return True
except WindowsError:
return False
else: #delete the whole key (use with caution)
try:
winreg.DeleteKey(winreg.HKEY_CURRENT_USER, reg_path_settings)
return True
except:
return False
def getOs():
if "win32" in OS_TYPE:
try:
registry_key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
"SOFTWARE\Microsoft\Windows NT\CurrentVersion", 0,
winreg.KEY_READ)
productName, regtype = winreg.QueryValueEx(registry_key,
"ProductName")
return str(productName)
winreg.CloseKey(registry_key)
except WindowsError:
return platform.system()
elif "linux" in OS_TYPE:
return distro.name()
elif "darwin" in OS_TYPE:
return "macOS"
def get_winxp_sdk():
global cached_winxpsdk
if cached_winxpsdk is None:
try:
key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
r"SOFTWARE\Microsoft\Microsoft SDKs\Windows\v7.1A")
try:
(install_dir, _) = winreg.QueryValueEx(key,
"InstallationFolder")
(version, _) = winreg.QueryValueEx(key, "ProductVersion")
cached_winxpsdk = (install_dir.rstrip("\\"), version)
finally:
winreg.CloseKey(key)
except Exception as e:
raise MissingDependencyError("Windows XP SDK is not installed")
return cached_winxpsdk
def printNets():
net = 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\\NetworkList\Signatures\\Unmanaged'
print(net)
key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, net)
print('\n[*] Networks You have Joined.')
for i in range(100):
try:
guid = winreg.EnumKey(key, i)
netKey = winreg.OpenKey(key, str(guid))
(n, addr, t) = winreg.EnumValue(netKey, 5)
(n, name, t) = winreg.EnumValue(netKey, 4)
macAddr = val2addr(addr)
netName = str(name)
print('[+] ' + netName + ' ' + macAddr)
winreg.CloseKey(netKey)
except:
break
def addActionToShell(self, name, descr, cmd):
"""
add action in windows explorer on top of file & dir
"""
if descr == "":
descr = name
import winreg as winreg
for item in ["*", "Directory"]:
key = winreg.CreateKey(winreg.HKEY_CLASSES_ROOT, r'%s\shell\%s' % (item, name))
key2 = winreg.CreateKey(winreg.HKEY_CLASSES_ROOT, r'%s\shell\%s\Command' % (item, name))
winreg.SetValueEx(key, "", None, winreg.REG_SZ, "%s " % descr)
winreg.SetValueEx(key, "Icon", None, winreg.REG_SZ, "")
winreg.SetValueEx(key, "Position", None, winreg.REG_SZ, "Top")
winreg.SetValueEx(key, "", None, winreg.REG_SZ, "%s " % descr)
#winreg.SetValueEx(key2,"",None,winreg.REG_SZ,r'cmd.exe /s /k pushd "%V"')
winreg.SetValueEx(key2, "", None, winreg.REG_SZ, cmd)
winreg.CloseKey(key)
def get_reg_item(type_str):
reg = wr.ConnectRegistry(None, wr.HKEY_CURRENT_USER)
key = None
try:
key = wr.CreateKey(reg, r"Software\tf\sts")
except WindowsError:
print("cannot find keys in register")
return
if key is None:
return
ret = "0"
try:
ret = wr.QueryValueEx(key, type_str)[0]
except WindowsError:
wr.SetValueEx(key, type_str, 0, wr.REG_SZ, "0")
wr.CloseKey(key)
return ret
def __set_reg(reg_path, name, value):
"""
Функция устанавки значения в реестре
:param reg_path: Раздел
:param name: Имя параметра
:param value: Значение
"""
try:
winreg.CreateKey(winreg.HKEY_LOCAL_MACHINE, reg_path)
registry_key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, reg_path, 0,
winreg.KEY_WRITE)
winreg.SetValueEx(registry_key, name, 0, winreg.REG_DWORD, value)
winreg.CloseKey(registry_key)
return True
except WindowsError:
return False
def write_windows_registry(target_path, value_value,
value_type): # pragma: no cover
import winreg
main_key, the_rest = target_path.split("\\", 1)
subkey_str, value_name = the_rest.rsplit("\\", 1)
main_key = getattr(winreg, main_key)
try:
key = winreg.OpenKey(main_key, subkey_str, 0, winreg.KEY_WRITE)
except EnvironmentError as e:
if e.errno != errno.ENOENT:
raise
key = winreg.CreateKey(main_key, subkey_str)
try:
winreg.SetValueEx(key, value_name, 0, value_type, value_value)
finally:
winreg.CloseKey(key)
def deleteRegistry():
regKey = r"Software\Microsoft\Windows\CurrentVersion\Run"
regValue = "File"
hKey = winreg.OpenKey(winreg.HKEY_CURRENT_USER, regKey, 0, winreg.KEY_ALL_ACCESS)
i = 0
while True:
try:
if regValue == winreg.EnumValue(hKey, i)[0]:
print("Found Malware registry value")
winreg.DeleteValue(hKey, regValue)
print("Deleted Malware registry value")
break
i += 1
except:
break
winreg.CloseKey(hKey)
def deleteRegistry(regKey, regSubkey, malFile):
hKey = winreg.OpenKey(regKey, regSubkey, 0, winreg.KEY_ALL_ACCESS)
i = 0
while True:
try:
x = winreg.EnumValue(hKey, i)
value = str(x[0])
data = str(x[1])
if malFile in data:
print("Found Malware registry value")
winreg.DeleteValue(hKey, value)
print("Deleted Malware registry value")
break
i += 1
except:
break
winreg.CloseKey(hKey)
def get_registry_key(name):
"""Gets the value of the registry key in HKEY_CURRENT_USER\REG_PATH
Args:
name (string): The name of the registry key to get.
Returns:
string: Returns the value of the registry key.
"""
try:
registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, REG_PATH,
0, winreg.KEY_READ)
value, regtype = winreg.QueryValueEx(registry_key, name)
winreg.CloseKey(registry_key)
return value
except WindowsError:
return None
def is_uri_handler_installed(protocol):
key = None
try:
key = winreg.OpenKey(winreg.HKEY_CLASSES_ROOT,
r"{}\shell\open\command".format(protocol))
executable_template = winreg.QueryValue(key, None)
splitted_exec = shlex.split(executable_template)
if not splitted_exec:
return False
return os.path.exists(splitted_exec[0])
except OSError:
return False
except ValueError:
return False
finally:
if key:
winreg.CloseKey(key)
def get_processor_name():
# type: () -> str
if plf.system() == "Windows":
try:
import winreg
key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
r"Hardware\Description\System\CentralProcessor\0",
) # NOQA
processor_brand = winreg.QueryValueEx(key,
"ProcessorNameString")[0]
winreg.CloseKey(key)
return processor_brand
except Exception:
return plf.processor()
elif plf.system() == "Darwin":
command = ["sysctl", "-n", "machdep.cpu.brand_string"]
return subprocess.check_output(command).strip().decode()
elif plf.system() == "Linux":
with open("/proc/cpuinfo") as f:
for line in f:
if "model name" in line:
return re.sub(".*model name.*:", "", line, 1)
elif "bsd" in plf.system().lower():
def parse_openbsd_cpu(line):
m = re.match("^cpu[0-9]+:", line, re.IGNORECASE)
if m is None:
return m
return line.replace(m.group(), "").strip().split(",")[0]
assert (parse_openbsd_cpu(OPENBSD_CPU_SAMPLE_LINE) ==
OPENBSD_CPU_SAMPLE_MODEL)
try:
with open("/var/run/dmesg.boot") as f:
for line in f:
r = parse_openbsd_cpu(line)
if r:
return r
except Exception as e:
print("Cannot get *BSD CPU %s", e)
return "" or plf.machine()
def register_context_menu(uninstall: bool = False):
import distutils.sysconfig, winreg
pre = distutils.sysconfig.get_config_var("prefix")
bindir = os.path.join(pre, "Scripts", "fluss-organizer.exe")
REG_PATH = "SOFTWARE\\Classes\\Directory\\shell\\Fluss"
if uninstall:
winreg.DeleteKey(winreg.HKEY_CURRENT_USER, REG_PATH + "\\command")
winreg.DeleteKey(winreg.HKEY_CURRENT_USER, REG_PATH)
else:
rkey = winreg.CreateKey(winreg.HKEY_CURRENT_USER, REG_PATH)
winreg.SetValueEx(rkey, "", 0, winreg.REG_EXPAND_SZ,
f'Organize with Fluss')
command_key = winreg.CreateKey(rkey, "command")
winreg.SetValueEx(command_key, "", 0, winreg.REG_EXPAND_SZ,
f'"{bindir}" -d "%V"')
winreg.CloseKey(rkey)
