def processSoftware(keys, buffer, hostOSH, OSHVResults, softNameToInstSoftOSH = None): ''' list(str), str, osh, oshVector, map(str, osh) = None -> bool ''' swList = [] for key in keys: softwareName = None softwarePath = None softwareVer = None softwareInstallDate = None softwareProductId = None softwareProductCode = None softwareVendor = None m = re.search('\n\s*DisplayName\s+REG_SZ\s+?([^\n]+)', key) if(m): softwareName = m.group(1).strip() else: continue m = re.search('\n\s*InstallLocation\s+REG_SZ\s+?([^\n]+)', key) if(m): softwarePath = m.group(1).strip() m = re.search('\n\s*DisplayVersion\s+REG_SZ\s+?([^\n]+)', key) if(m): softwareVer = m.group(1).strip() m = re.search('\n\s*InstallDate\s+REG_SZ\s+?([^\n]+)', key) if (m): softwareInstallDate = m.group(1).strip() m = re.search('\n\s*ProductID\s+REG_SZ\s+?([^\n]+)', key) if (m) and m.group(1).strip(): softwareProductId = m.group(1).strip() #in case the has a format of HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{297857BF-4011-449B-BD74-DB64D182821C} #we report 90120000-0011-0000-0000-0000000FF1CE which is a product code of parent software m = re.match(r"\\Uninstall\\?[\w\{\[\( ]*([\dabcdefABCDEF]{8}(\-[\dabcdefABCDEF]{4}){3}-[\dabcdefABCDEF]{12}).*\n", key) if (m): softwareProductCode= m.group(1).strip() m = re.search('\n\s*Publisher\s+REG_SZ\s+?([^\n]+)', key) if (m): softwareVendor = m.group(1).strip() if softwareName: if ((softwareName in swList) == 0) : swList.append(softwareName) softwareOSH = hostresource.makeSoftwareOSH(softwareName, softwarePath, softwareVer, hostOSH, softwareInstallDate, softwareProductId, softwareProductCode, softwareVendor) if softNameToInstSoftOSH != None: softNameToInstSoftOSH[softwareName] = softwareOSH OSHVResults.add(softwareOSH) if logger.isDebugEnabled(): logger.debug('found ', str(OSHVResults.size()), ' software CIs') if OSHVResults.size() == 0: logger.debug('buffer: ', buffer) return 1
def discoverSoftwareByWmic(shell, hostOSH, OSHVResults, softNameToInstSoftOSH=None): """ Discover installed software and report in passed OSH vector Shell, osh, oshVector, map(str, OSH) -> bool @command: wmic path Win32_Product get identifyingNumber, installDate, installLocation, name, vendor, version """ queryBuilder = wmiutils.WmicQueryBuilder("Win32_Product") queryBuilder.usePathCommand(1) queryBuilder.addWmiObjectProperties( "name", "installLocation", "version", "vendor", "identifyingNumber", "installDate" ) wmicAgent = wmiutils.WmicAgent(shell) softwareItems = [] try: softwareItems = wmicAgent.getWmiData(queryBuilder, shell.getDefaultCommandTimeout() * 4) except: logger.debugException("Failed getting software information via wmic") return 0 for softwareItem in softwareItems: softwareName = softwareItem.name if not softwareName: logger.warn("Ignoring software with empty software name") continue softwarePath = softwareItem.installLocation softwareVersion = softwareItem.version softwareVendor = softwareItem.vendor softwareIdentifyingNumber = softwareItem.identifyingNumber softwareInstallDate = softwareItem.installDate if softwareName: softwareOSH = hostresource.makeSoftwareOSH( softwareName, softwarePath, softwareVersion, hostOSH, softwareInstallDate, None, softwareIdentifyingNumber, softwareVendor, ) if softNameToInstSoftOSH != None: softNameToInstSoftOSH[softwareName] = softwareOSH OSHVResults.add(softwareOSH) return 1
def discoverSoftwareByWmic(shell, hostOSH, OSHVResults, softNameToInstSoftOSH=None): ''' Discover installed software and report in passed OSH vector Shell, osh, oshVector, map(str, OSH) -> bool @command: wmic path Win32_Product get identifyingNumber, installDate, installLocation, name, vendor, version ''' queryBuilder = wmiutils.WmicQueryBuilder('Win32_Product') queryBuilder.usePathCommand(1) queryBuilder.addWmiObjectProperties('name', 'installLocation', 'version', 'vendor', 'identifyingNumber', 'installDate') wmicAgent = wmiutils.WmicAgent(shell) softwareItems = [] try: softwareItems = wmicAgent.getWmiData( queryBuilder, shell.getDefaultCommandTimeout() * 4) except: logger.debugException('Failed getting software information via wmic') return 0 for softwareItem in softwareItems: softwareName = softwareItem.name if not softwareName: logger.warn("Ignoring software with empty software name") continue softwarePath = softwareItem.installLocation softwareVersion = softwareItem.version softwareVendor = softwareItem.vendor softwareIdentifyingNumber = softwareItem.identifyingNumber softwareInstallDate = softwareItem.installDate if softwareName: softwareOSH = hostresource.makeSoftwareOSH( softwareName, softwarePath, softwareVersion, hostOSH, softwareInstallDate, None, softwareIdentifyingNumber, softwareVendor) if softNameToInstSoftOSH != None: softNameToInstSoftOSH[softwareName] = softwareOSH OSHVResults.add(softwareOSH) return 1
def processSoftware(keys, buffer, hostOSH, OSHVResults, softNameToInstSoftOSH=None): ''' list(str), str, osh, oshVector, map(str, osh) = None -> bool ''' swList = [] for key in keys: softwareName = None softwarePath = None softwareVer = None softwareInstallDate = None softwareProductId = None softwareProductCode = None softwareVendor = None m = re.search('\n\s*DisplayName\s+REG_SZ\s+?([^\n]+)', key) if (m): softwareName = m.group(1).strip() else: continue m = re.search('\n\s*InstallLocation\s+REG_SZ\s+?([^\n]+)', key) if (m): softwarePath = m.group(1).strip() m = re.search('\n\s*DisplayVersion\s+REG_SZ\s+?([^\n]+)', key) if (m): softwareVer = m.group(1).strip() m = re.search('\n\s*InstallDate\s+REG_SZ\s+?([^\n]+)', key) if (m): softwareInstallDate = m.group(1).strip() m = re.search('\n\s*ProductID\s+REG_SZ\s+?([^\n]+)', key) if (m) and m.group(1).strip(): softwareProductId = m.group(1).strip() #in case the has a format of HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{297857BF-4011-449B-BD74-DB64D182821C} #we report 90120000-0011-0000-0000-0000000FF1CE which is a product code of parent software m = re.match( r"\\Uninstall\\?[\w\{\[\( ]*([\dabcdefABCDEF]{8}(\-[\dabcdefABCDEF]{4}){3}-[\dabcdefABCDEF]{12}).*\n", key) if (m): softwareProductCode = m.group(1).strip() m = re.search('\n\s*Publisher\s+REG_SZ\s+?([^\n]+)', key) if (m): softwareVendor = m.group(1).strip() if softwareName: if ((softwareName in swList) == 0): swList.append(softwareName) softwareOSH = hostresource.makeSoftwareOSH( softwareName, softwarePath, softwareVer, hostOSH, softwareInstallDate, softwareProductId, softwareProductCode, softwareVendor) if softNameToInstSoftOSH != None: softNameToInstSoftOSH[softwareName] = softwareOSH OSHVResults.add(softwareOSH) if logger.isDebugEnabled(): logger.debug('found ', str(OSHVResults.size()), ' software CIs') if OSHVResults.size() == 0: logger.debug('buffer: ', buffer) return 1