def __init__(self, command, arguments=None, env=None, stdout=None,
stderr=None, redirect_output=True, working_dir=None):
self._cmdline = _get_cmd(command, arguments)
self._env = env
self._stdout = os.path.abspath(stdout) if stdout else None
self._stderr = os.path.abspath(stderr) if stderr else None
self._redirect_output = redirect_output
self._appName = None
self._bInheritHandles = 1
self._processAttributes = win32security.SECURITY_ATTRIBUTES()
# TODO: Is this needed?
# self._processAttributes.bInheritHandle = self._bInheritHandles
self._threadAttributes = win32security.SECURITY_ATTRIBUTES()
# TODO: Is this needed
# self._threadAttributes.bInheritHandle = self._bInheritHandles
self._dwCreationFlags = win32con.CREATE_NO_WINDOW
# TODO: Which one of these is best?
# self._dwCreationFlags=win32con.NORMAL_PRIORITY_CLASS
self._currentDirectory = working_dir
# This will be created during the start
self._startupinfo = None
self._hProcess = None
self._hThread = None
self._dwProcessId = None
self._dwThreadId = None
self._exit_code = None
self._pid = None
self._immutable = False
def _initialize_named_pipes_for_std(self):
"""Initialize the named pipes used for communication with the child
process.
"""
# used in generating the name for the pipe
pid = os.getpid()
# Security attributes for the named pipes, should not be inherited
# by the child process. Those are used by the parent process to
# communicate with the child process.
_saAttr_pipe = win32security.SECURITY_ATTRIBUTES()
_saAttr_pipe.bInheritHandle = 0
# Security attributes for the file handles, they should be inherited
# by the child process which will use them as stdin, stdout and stderr.
# The parent process will close those handles after the child process
# is created.
_saAttr_file = win32security.SECURITY_ATTRIBUTES()
_saAttr_file.bInheritHandle = 1
def create_namedpipe_and_file(prefix,
saAttr_pipe=_saAttr_pipe,
saAttr_file=_saAttr_file):
"""Create the named pipe and the file for it.
:param prefix: string representing the prefix which will be
appended to the start of the name for the pipe
:param saAttr_pipe: security attributes used to create
the named pipe
:param saAttr_file: security attributes used to create the file
"""
pipename = (
"%s_NamedPipe_%d_%d_%s" %
(prefix, pid, time.time(), str(random.random()).split(".")[1]))
# Create the named pipe
pipe = NamedPipe(pipe_name=pipename, sec_attributes=saAttr_pipe)
# Create the file for the previously created named pipe
pipe.create_file(sec_attributes=saAttr_file)
return pipe
# Create the named pipes and the files used for parent - child process
# communication.
_pipe_stdin = create_namedpipe_and_file("Stdin")
self._pipe_stdout = create_namedpipe_and_file("Stdout")
self._pipe_stderr = create_namedpipe_and_file("Stderr")
# Set the file handles from the named pipes as stdin, stdout and stderr
# in startupinfo structure for the child process.
self._si.hStdInput = _pipe_stdin.get_file_handle()
self._si.hStdOutput = self._pipe_stdout.get_file_handle()
self._si.hStdError = self._pipe_stderr.get_file_handle()
self._si.dwFlags |= win32con.STARTF_USESTDHANDLES
# Wrapping around stdin in order to be able to call self.stdin.close()
# to close the stdin.
self.stdin = ProcessWithNamedPipes.HandleClass(_pipe_stdin)
_pipe_stdin = None
def __init__(self, filename, mode='r', encoding=None):
if mode in ('r', 'r+'):
creationDisposition = win32file.OPEN_EXISTING
desiredAccess = win32con.GENERIC_READ
elif mode == 'w':
creationDisposition = win32con.CREATE_ALWAYS
desiredAccess = win32con.GENERIC_WRITE
elif mode in ('rw', 'wr', 'r+', 'w+', 'a+'):
creationDisposition = win32con.OPEN_ALWAYS
desiredAccess = win32con.GENERIC_READ | win32con.GENERIC_WRITE
elif mode == 'a':
creationDisposition = win32con.OPEN_ALWAYS
desiredAccess = win32con.GENERIC_WRITE
else:
raise ValueError('Invalid access mode')
self.filename = filename
# shareMode = (win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE |
# win32con.FILE_SHARE_DELETE)
shareMode = win32con.shareMode = (win32con.FILE_SHARE_READ
| win32con.FILE_SHARE_WRITE)
attributes = win32security.SECURITY_ATTRIBUTES()
# dwFlagsAndAttributes = win32con.FILE_ATTRIBUTE_NORMAL
dwFlagsAndAttributes = win32con.FILE_FLAG_WRITE_THROUGH
self.encoding = encoding or 'utf-8'
self.handle = win32file.CreateFile(filename, desiredAccess, shareMode,
attributes, creationDisposition,
dwFlagsAndAttributes, 0)
win32api.SetHandleInformation(self.handle,
win32con.HANDLE_FLAG_INHERIT, 0)
if mode in ('a', 'a+'):
self.seek(0, 2)
self.file_size = win32file.GetFileSize(self.handle)
self.is_closed = False
def start(self, cmd):
sAttr = win32security.SECURITY_ATTRIBUTES()
sAttr.bInheritHandle = True
stdout_r, stdout_w = win32pipe.CreatePipe(sAttr, 0)
stdin_r, stdin_w = win32pipe.CreatePipe(sAttr, 0)
self.read_handle = stdout_r
self.write_handle = stdout_w
self.stdin_write = stdin_w
si = win32process.STARTUPINFO()
si.dwFlags = win32process.STARTF_USESHOWWINDOW | win32process.STARTF_USESTDHANDLES
si.wShowWindow = win32con.SW_HIDE
si.hStdInput = stdin_r # file descriptor of origin stdin
si.hStdOutput = stdout_w
si.hStdError = stdout_w
hProcess, hThread, dwProcessID, dwThreadID = win32process.CreateProcess(
None, "cmd", None, None, True, win32process.CREATE_NEW_CONSOLE,
None, None, si)
self.dwProcessID = dwProcessID
self.hProcess = hProcess
sleep(0.5)
if self.hProcess == 0:
DebugOutput("Start Process Fail:{:d}".format(
win32api.GetLastError()))
DebugOutput('[*] pid: {:x}'.format(self.dwProcessID))
self.Console_hwnd = get_hwnds_for_pid(self.dwProcessID)
if len(self.Console_hwnd) == 0:
raise Exception("Fail to run,No Process!")
DebugOutput('[*] hwnd:{:x}'.format(self.Console_hwnd[0]))
def __init__(self, file):
self.file = file
self.type = {'LOCK_EX': 0, 'LOCK_NB': 0}
secur_att = win32security.SECURITY_ATTRIBUTES()
secur_att.Initialize()
self.highbits = 0xffff0000 # high-order 32 bits of byte range to lock
# make a handel with read/write and open or create if doesn't exist
self.hfile = win32file.CreateFile(self.file,
win32con.GENERIC_READ | win32con.GENERIC_WRITE,
win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE,
secur_att,
win32con.OPEN_ALWAYS,
win32con.FILE_ATTRIBUTE_NORMAL, 0)
def run_command_win32(cmd):
sa = win32security.SECURITY_ATTRIBUTES()
sa.bInheritHandle = True
stdout_r, stdout_w = win32pipe.CreatePipe(sa, 0)
si = win32process.STARTUPINFO()
si.dwFlags = (win32process.STARTF_USESTDHANDLES
| win32process.STARTF_USESHOWWINDOW)
si.wShowWindow = win32con.SW_HIDE
si.hStdOutput = stdout_w
process, thread, pid, tid = \
win32process.CreateProcess(None, cmd, None, None, True,
0, None, None, si)
if process == None:
return -1, ""
# Must close the write handle in this process, or ReadFile will hang.
stdout_w.Close()
# Read the pipe until we get an error (including ERROR_BROKEN_PIPE,
# which is okay because it happens when child process ends).
data = ""
error = 0
while 1:
try:
hr, buffer = win32file.ReadFile(stdout_r, 4096)
if hr != winerror.ERROR_IO_PENDING:
data = data + buffer
except pywintypes.error, e:
if e.args[0] != winerror.ERROR_BROKEN_PIPE:
error = 1
break
def _get_file_descriptor_for_new_secure_file_windows(path: str) -> int:
try:
file_access = win32file.GENERIC_READ | win32file.GENERIC_WRITE
# Enables other processes to open this file with read-only access.
# Attempts by other processes to open the file for writing while this
# process still holds it open will fail.
file_sharing = win32file.FILE_SHARE_READ
security_attributes = win32security.SECURITY_ATTRIBUTES()
security_attributes.SECURITY_DESCRIPTOR = (
windows_permissions.get_security_descriptor_for_owner_only_perms())
file_creation = win32file.CREATE_NEW # fails if file exists
file_attributes = win32file.FILE_FLAG_BACKUP_SEMANTICS
handle = win32file.CreateFile(
path,
file_access,
file_sharing,
security_attributes,
file_creation,
file_attributes,
_get_null_value_for_win32(),
)
detached_handle = handle.Detach()
return win32file._open_osfhandle(detached_handle, os.O_RDWR)
except Exception as ex:
logger.error(f'Could not create a file at "{path}": {str(ex)}')
raise ex
def _add_to_job_object(self):
global _global_process_job_handle
if _global_process_job_handle is not None:
#This means that we are creating another process family - we'll all be in the same job
return
already_in_job = win32job.IsProcessInJob(win32api.GetCurrentProcess(), None)
#Create a new job and put us in it before we create any children
logger.debug("Creating job object and adding parent process to it")
security_attrs = win32security.SECURITY_ATTRIBUTES()
security_attrs.bInheritHandle = 0
_global_process_job_handle = win32job.CreateJobObject(security_attrs, self.get_job_object_name())
extended_info = win32job.QueryInformationJobObject(_global_process_job_handle, win32job.JobObjectExtendedLimitInformation)
extended_info['BasicLimitInformation']['LimitFlags'] = win32job.JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE
win32job.SetInformationJobObject(_global_process_job_handle, win32job.JobObjectExtendedLimitInformation, extended_info)
try:
win32job.AssignProcessToJobObject(_global_process_job_handle, win32api.GetCurrentProcess())
except Exception as e:
winv = sys.getwindowsversion()
logger.error("Error raised during assignment of the current process to a new job object. " +\
"The process %s already in a job. " +\
"The windows version is %d.%d.\nError: %s",
"is" if already_in_job else "is not",
winv.major,
winv.minor,
_exception_str())
if already_in_job and not (winv.major >= 6 and winv.minor >= 2):
raise JobObjectAssignError("On Windows versions older than Windows 8 / Windows Server 2012, ProcessFamily relies on the parent process NOT being in a job already", e, already_in_job)
raise JobObjectAssignError("Error raised during assignment of the current process to a new job object.", e, already_in_job)
logger.debug("Added to job object")
def __init__(self, args):
super().__init__(args)
# Create an event which we will use to wait on. The "service stop"
# request will set this event.
# * We must make it inheritable so we can pass it to the child
# process via the cmd-line
# * Must be manual reset so each child process and our service
# all get woken from a single set of the event.
sa = win32security.SECURITY_ATTRIBUTES()
sa.bInheritHandle = True
self.hWaitStop = win32event.CreateEvent(sa, True, False, None)
self.args = args
self.dirs = None
self.runner_prefix = None
# Patch up the service messages file in a frozen exe.
# (We use the py2exe option that magically bundles the .pyd files
# into the .zip file - so servicemanager.pyd doesn't exist.)
if is_frozen and servicemanager.RunningAsService():
msg_file = os.path.join(os.path.dirname(sys.executable),
"buildbot.msg")
if os.path.isfile(msg_file):
servicemanager.Initialize("BuildBot", msg_file)
else:
self.warning("Strange - '%s' does not exist" % (msg_file, ))
def shell_as(th, enable_privs=0):
t = thread(th)
print t.as_text()
new_tokenh = win32security.DuplicateTokenEx(
th, 3, win32con.MAXIMUM_ALLOWED, win32security.TokenPrimary,
win32security.SECURITY_ATTRIBUTES())
print "new_tokenh: %s" % new_tokenh
print "Impersonating..."
if enable_privs:
get_all_privs(new_tokenh)
commandLine = "cmd"
si = win32process.STARTUPINFO()
print "pysecdump: Starting shell with required privileges..."
(hProcess, hThread, dwProcessId,
dwThreadId) = win32process.CreateProcessAsUser(
new_tokenh,
None, # AppName
commandLine, # Command line
None, # Process Security
None, # ThreadSecurity
1, # Inherit Handles?
win32process.NORMAL_PRIORITY_CLASS,
None, # New environment
None, # Current directory
si) # startup info.
win32event.WaitForSingleObject(hProcess, win32event.INFINITE)
print "pysecdump: Quitting"
def test_copy_ownership_windows(self):
system = win32security.ConvertStringSidToSid(SYSTEM_SID)
security = win32security.SECURITY_ATTRIBUTES().SECURITY_DESCRIPTOR
security.SetSecurityDescriptorOwner(system, False)
with mock.patch('win32security.GetFileSecurity') as mock_get:
with mock.patch('win32security.SetFileSecurity') as mock_set:
mock_get.return_value = security
filesystem.copy_ownership_and_apply_mode('dummy',
self.probe_path,
0o700,
copy_user=True,
copy_group=False)
self.assertEqual(mock_set.call_count, 2)
first_call = mock_set.call_args_list[0]
security = first_call[0][2]
self.assertEqual(system, security.GetSecurityDescriptorOwner())
second_call = mock_set.call_args_list[1]
security = second_call[0][2]
dacl = security.GetSecurityDescriptorDacl()
everybody = win32security.ConvertStringSidToSid(EVERYBODY_SID)
self.assertTrue(dacl.GetAceCount())
self.assertFalse([
dacl.GetAce(index) for index in range(0, dacl.GetAceCount())
if dacl.GetAce(index)[2] == everybody
])
def win32Spawn(sh, escape, cmd, args, spawnEnv):
for var in spawnEnv:
spawnEnv[var] = spawnEnv[var].encode("ascii", "replace")
#sAttrs = win32security.SECURITY_ATTRIBUTES()
#sAttrs.bInheritHandle = 1
#hStdinR, hStdinW = win32pipe.CreatePipe(sAttrs, 0)
#hStdoutR, hStdoutW = win32pipe.CreatePipe(sAttrs, 0)
#hStderrR, hStderrW = win32pipe.CreatePipe(sAttrs, 0)
#
#pid = win32api.GetCurrentProcess()
#
#def replaceHandle(handle) :
# tmp = win32api.DuplicateHandle(pid, handle, pid, 0, 0, win32con.DUPLICATE_SAME_ACCESS)
# win32file.CloseHandle(handle)
# return tmp
#
#hStdinW = replaceHandle(hStdinW)
#hStdoutR = replaceHandle(hStdoutR)
#hStderrR = replaceHandle(hStderrR)
sAttrs = win32security.SECURITY_ATTRIBUTES()
startupInfo = win32process.STARTUPINFO()
#startupInfo.hStdInput = hStdinR
#startupInfo.hStdOutput = hStdoutW
#startupInfo.hStdError = hStderrW
#startupInfo.dwFlags = win32process.STARTF_USESTDHANDLES
newArgs = " ".join(map(escape, args[1:]))
cmdLine = cmd + " " + newArgs
# check for any special operating system commands
if cmd == "del":
for arg in args[1:]:
win32file.DeleteFile(arg)
exitCode = 0
else:
# otherwise execute the command.
try:
hProcess, hThread, dwPid, dwTid = win32process.CreateProcess(
None, cmdLine, None, None, 1, 0, spawnEnv, None,
startupInfo)
except:
errorCode = win32api.GetLastError()
raise RuntimeError("Could not execute the following " +
"command line (error code {}): {}".format(
errorCode, cmdLine))
win32event.WaitForSingleObject(hProcess, win32event.INFINITE)
exitCode = win32process.GetExitCodeProcess(hProcess)
#win32file.CloseHandle(hStdinR)
#win32file.CloseHandle(hStdoutW)
#win32file.CloseHandle(hStderrW)
#with os.fdopen(msvcrt.open_osfhandle(hStdoutR, 0), "rb") as f: stdout = f.read()
#with os.fdopen(msvcrt.open_osfhandle(hStderrR, 0), "rb") as f: stderr = f.read()
#sys.stdout.write(stdout)
#sys.stderr.write(stderr)
win32file.CloseHandle(hProcess)
win32file.CloseHandle(hThread)
return exitCode
def quiet_mkdir(path):
# dropping to win32 for Windows
# python modifies the permissions on Windows folders being created to be too permissive so we manually specify security info
if sys.platform == "win32":
import pywintypes
import win32file
import win32security
try:
"""
Owner :
Group :
DiscretionaryAcl : {NT AUTHORITY\SYSTEM: AccessAllowed (GenericAll), BUILTIN\Administrators: AccessAllowed (GenericAll)}
SystemAcl : {}
RawDescriptor : System.Security.AccessControl.CommonSecurityDescriptor
"""
sddl = "D:PAI(A;OICI;GA;;;SY)(A;OICI;GA;;;BA)"
sec_descriptor = win32security.ConvertStringSecurityDescriptorToSecurityDescriptor(
sddl, win32security.SDDL_REVISION_1)
sec_attributes = win32security.SECURITY_ATTRIBUTES()
sec_attributes.SECURITY_DESCRIPTOR = sec_descriptor
win32file.CreateDirectory(path, sec_attributes)
except pywintypes.error:
if not os.path.isdir(path):
raise
else:
try:
os.mkdir(path)
except OSError:
if not os.path.isdir(path):
raise
def mkdir(file_path: str, mode: int = 0o777) -> None:
"""
Rewrite of original os.mkdir function, that will ensure on Windows that given mode
is correctly applied.
:param str file_path: The file path to open
:param int mode: POSIX mode to apply on directory when created, Python defaults
will be applied if ``None``
"""
if POSIX_MODE:
return os.mkdir(file_path, mode)
attributes = win32security.SECURITY_ATTRIBUTES()
security = attributes.SECURITY_DESCRIPTOR
user = _get_current_user()
dacl = _generate_dacl(user, mode, _WINDOWS_UMASK.mask)
security.SetSecurityDescriptorOwner(user, False)
security.SetSecurityDescriptorDacl(1, dacl, 0)
try:
win32file.CreateDirectory(file_path, attributes)
except pywintypes.error as err:
# Handle native windows error into python error to be consistent with the API
# of os.mkdir in the situation of a directory already existing.
if err.winerror == winerror.ERROR_ALREADY_EXISTS:
raise OSError(errno.EEXIST, err.strerror, file_path, err.winerror)
raise err
return None
def SvcDoRun(self):
if hasattr(sys, "frozen"):
this_dir = os.path.dirname(win32api.GetModuleFileName(None))
else:
this_dir = os.path.dirname(os.path.abspath(__file__))
# TODO: maybe it is better to run this in a job object too
with open(os.path.join(this_dir, 'npm.log'), 'w') as npm_log:
subprocess.check_call('npm install',
cwd=this_dir,
shell=True,
stdin=None,
stdout=npm_log,
stderr=subprocess.STDOUT)
security_attributes = win32security.SECURITY_ATTRIBUTES()
security_attributes.bInheritHandle = True
startup = win32process.STARTUPINFO()
startup.dwFlags |= win32process.STARTF_USESTDHANDLES
startup.hStdInput = None
startup.hStdOutput = win32file.CreateFile(
os.path.join(this_dir, "service_stderr.log"),
win32file.GENERIC_WRITE, win32file.FILE_SHARE_READ,
security_attributes, win32file.CREATE_ALWAYS, 0, None)
startup.hStdError = win32file.CreateFile(
os.path.join(this_dir, "service_stdout.log"),
win32file.GENERIC_WRITE, win32file.FILE_SHARE_READ,
security_attributes, win32file.CREATE_ALWAYS, 0, None)
(hProcess, hThread, processId, threadId) = win32process.CreateProcess(
None, r'"C:\Program Files\nodejs\node.exe" node_worker.js', None,
None, True, win32process.CREATE_SUSPENDED
| win32process.CREATE_BREAKAWAY_FROM_JOB, None, this_dir, startup)
assert not win32job.IsProcessInJob(hProcess, None)
self.hJob = win32job.CreateJobObject(None, "")
extended_info = win32job.QueryInformationJobObject(
self.hJob, win32job.JobObjectExtendedLimitInformation)
extended_info['BasicLimitInformation'][
'LimitFlags'] = win32job.JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE | win32job.JOB_OBJECT_LIMIT_BREAKAWAY_OK
win32job.SetInformationJobObject(
self.hJob, win32job.JobObjectExtendedLimitInformation,
extended_info)
win32job.AssignProcessToJobObject(self.hJob, hProcess)
win32process.ResumeThread(hThread)
win32api.CloseHandle(hThread)
signalled = win32event.WaitForMultipleObjects(
[self.hWaitStop, hProcess], False, win32event.INFINITE)
if signalled == win32event.WAIT_OBJECT_0 + 1 and win32process.GetExitCodeProcess(
hProcess) != 0:
servicemanager.LogErrorMsg(
self._svc_name_ + " process exited with non-zero status " +
str(win32process.GetExitCodeProcess(hProcess)))
win32api.CloseHandle(hProcess)
win32api.CloseHandle(self.hJob)
win32api.CloseHandle(self.hWaitStop)
win32api.CloseHandle(startup.hStdOutput)
win32api.CloseHandle(startup.hStdError)
def __init__(self, cmd, shell=False):
self.queue = Queue.Queue()
self.is_terminated = False
self.wake_up_event = win32event.CreateEvent(None, 0, 0, None)
exec_dir = os.getcwd()
comspec = os.environ.get("COMSPEC", "cmd.exe")
cmd = comspec + ' /c ' + cmd
win32event.ResetEvent(self.wake_up_event)
currproc = win32api.GetCurrentProcess()
sa = win32security.SECURITY_ATTRIBUTES()
sa.bInheritHandle = 1
child_stdout_rd, child_stdout_wr = win32pipe.CreatePipe(sa, 0)
child_stdout_rd_dup = win32api.DuplicateHandle(
currproc, child_stdout_rd, currproc, 0, 0,
win32con.DUPLICATE_SAME_ACCESS)
win32file.CloseHandle(child_stdout_rd)
child_stderr_rd, child_stderr_wr = win32pipe.CreatePipe(sa, 0)
child_stderr_rd_dup = win32api.DuplicateHandle(
currproc, child_stderr_rd, currproc, 0, 0,
win32con.DUPLICATE_SAME_ACCESS)
win32file.CloseHandle(child_stderr_rd)
child_stdin_rd, child_stdin_wr = win32pipe.CreatePipe(sa, 0)
child_stdin_wr_dup = win32api.DuplicateHandle(
currproc, child_stdin_wr, currproc, 0, 0,
win32con.DUPLICATE_SAME_ACCESS)
win32file.CloseHandle(child_stdin_wr)
startup_info = win32process.STARTUPINFO()
startup_info.hStdInput = child_stdin_rd
startup_info.hStdOutput = child_stdout_wr
startup_info.hStdError = child_stderr_wr
startup_info.dwFlags = win32process.STARTF_USESTDHANDLES
cr_flags = 0
cr_flags = win32process.CREATE_NEW_PROCESS_GROUP
env = os.environ.copy()
self.h_process, h_thread, dw_pid, dw_tid = win32process.CreateProcess(
None, cmd, None, None, 1, cr_flags, env, os.path.abspath(exec_dir),
startup_info)
win32api.CloseHandle(h_thread)
win32file.CloseHandle(child_stdin_rd)
win32file.CloseHandle(child_stdout_wr)
win32file.CloseHandle(child_stderr_wr)
self.__child_stdout = child_stdout_rd_dup
self.__child_stderr = child_stderr_rd_dup
self.__child_stdin = child_stdin_wr_dup
self.exit_code = -1
def startBackgroundProcess(self):
"""Method to start a process running in the background.
"""
with process_lock:
# security attributes for pipes
sAttrs = win32security.SECURITY_ATTRIBUTES()
sAttrs.bInheritHandle = 1
# create pipes for the process to write to
hStdin_r, hStdin = win32pipe.CreatePipe(sAttrs, 0)
hStdout = win32file.CreateFile(
_stringToUnicode(self.stdout),
win32file.GENERIC_WRITE | win32file.GENERIC_READ,
win32file.FILE_SHARE_DELETE | win32file.FILE_SHARE_READ
| win32file.FILE_SHARE_WRITE, sAttrs, win32file.CREATE_ALWAYS,
win32file.FILE_ATTRIBUTE_NORMAL, None)
hStderr = win32file.CreateFile(
_stringToUnicode(self.stderr),
win32file.GENERIC_WRITE | win32file.GENERIC_READ,
win32file.FILE_SHARE_DELETE | win32file.FILE_SHARE_READ
| win32file.FILE_SHARE_WRITE, sAttrs, win32file.CREATE_ALWAYS,
win32file.FILE_ATTRIBUTE_NORMAL, None)
# set the info structure for the new process.
StartupInfo = win32process.STARTUPINFO()
StartupInfo.hStdInput = hStdin_r
StartupInfo.hStdOutput = hStdout
StartupInfo.hStdError = hStderr
StartupInfo.dwFlags = win32process.STARTF_USESTDHANDLES
# Create new handles for the thread ends of the pipes. The duplicated handles will
# have their inheritence properties set to false so that any children inheriting these
# handles will not have non-closeable handles to the pipes
pid = win32api.GetCurrentProcess()
tmp = win32api.DuplicateHandle(pid, hStdin, pid, 0, 0,
win32con.DUPLICATE_SAME_ACCESS)
win32file.CloseHandle(hStdin)
hStdin = tmp
# start the process, and close down the copies of the process handles
# we have open after the process creation (no longer needed here)
old_command = command = self.__quotePath(self.command)
for arg in self.arguments:
command = '%s %s' % (command, self.__quotePath(arg))
try:
self.__hProcess, self.__hThread, self.pid, self.__tid = win32process.CreateProcess(
None, command, None, None, 1, 0, self.environs,
os.path.normpath(self.workingDir), StartupInfo)
except pywintypes.error as e:
raise ProcessError("Error creating process %s: %s" %
(old_command, e))
win32file.CloseHandle(hStdin_r)
win32file.CloseHandle(hStdout)
win32file.CloseHandle(hStderr)
# set the handle to the stdin of the process
self.__stdin = hStdin
def _open_port(self, name):
self._hfile = win32file.CreateFile(
name,
win32con.GENERIC_READ | win32con.GENERIC_WRITE,
win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE,
win32security.SECURITY_ATTRIBUTES(),
win32con.OPEN_EXISTING,
win32con.FILE_FLAG_OVERLAPPED,
0)
def run(self):
dirName = self.dirPath
hdir = win32file.CreateFile(
dirName, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
win32security.SECURITY_ATTRIBUTES(), OPEN_EXISTING,
FILE_FLAG_BACKUP_SEMANTICS, 0)
filter = FILE_NOTIFY_CHANGE_FILE_NAME | \
FILE_NOTIFY_CHANGE_DIR_NAME \
| FILE_NOTIFY_CHANGE_ATTRIBUTES | \
FILE_NOTIFY_CHANGE_LAST_WRITE | \
FILE_NOTIFY_CHANGE_SIZE
win32Handle = win32file.FindFirstChangeNotification(
dirName, True, filter)
while UtilFunc.programIsRunning():
results = win32file.ReadDirectoryChangesW(
hdir,
819600,
True,
FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_DIR_NAME | \
FILE_NOTIFY_CHANGE_SIZE | FILE_NOTIFY_CHANGE_LAST_WRITE | \
FILE_NOTIFY_CHANGE_CREATION,
# FILE_NOTIFY_CHANGE_ATTRIBUTES | FILE_NOTIFY_CHANGE_LAST_ACCESS |FILE_NOTIFY_CHANGE_SECURITY
None,
None
)
for action, file in results:
path = file
if path == 'Thumbs.db':
continue
path = os.path.join(dirName, path)
path = path.replace('\\', '/')
if '/.popoCloud/' in path or os.path.basename(
path) == '.popoCloud':
continue
# print str(action) + " " + path
if action == 1 or action == 5:
if os.path.isdir(path):
ProfileFunc.addToLibrary(path)
else:
ProfileFunc.addFileCache(path)
elif action == 2 or action == 4:
ProfileFunc.delFileCache(path)
elif action == 3:
if not os.path.isdir(path):
ProfileFunc.delFileCache(path)
ProfileFunc.addFileCache(path)
win32file.FindNextChangeNotification(win32Handle)
def _create_secure_directory_windows(path: str):
try:
security_attributes = win32security.SECURITY_ATTRIBUTES()
security_attributes.SECURITY_DESCRIPTOR = (
windows_permissions.get_security_descriptor_for_owner_only_perms())
win32file.CreateDirectory(path, security_attributes)
except Exception as ex:
logger.error(f'Could not create a directory at "{path}": {str(ex)}')
raise ex
def test_check_owner_windows(self):
self.assertTrue(filesystem.check_owner(self.probe_path))
system = win32security.ConvertStringSidToSid(SYSTEM_SID)
security = win32security.SECURITY_ATTRIBUTES().SECURITY_DESCRIPTOR
security.SetSecurityDescriptorOwner(system, False)
with mock.patch('win32security.GetFileSecurity') as mock_get:
mock_get.return_value = security
self.assertFalse(filesystem.check_owner(self.probe_path))
def create_directory(path, sddl):
# Create security attributes
security_attributes = win32security.SECURITY_ATTRIBUTES()
security_attributes.bInheritHandle = 0
if sddl:
security_attributes.SECURITY_DESCRIPTOR = win32security.ConvertStringSecurityDescriptorToSecurityDescriptor(
sddl, win32security.SDDL_REVISION_1,
)
# Windows API call
win32file.CreateDirectory(path, security_attributes)
def _GetSecurityAttributes(handle) -> win32security.SECURITY_ATTRIBUTES:
"""Returns the security attributes for a handle.
Args:
handle: A handle to an object.
"""
security_descriptor = win32security.GetSecurityInfo(
handle, win32security.SE_WINDOW_OBJECT,
win32security.DACL_SECURITY_INFORMATION)
result = win32security.SECURITY_ATTRIBUTES()
result.SECURITY_DESCRIPTOR = security_descriptor
return result
def __init__(self, filename):
self._hfile = win32file.CreateFile(
filename, win32con.GENERIC_READ | win32con.GENERIC_WRITE,
win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE,
win32security.SECURITY_ATTRIBUTES(), win32con.OPEN_EXISTING,
win32con.FILE_FLAG_OVERLAPPED, 0)
self._read_ovrlpd = pywintypes.OVERLAPPED()
self._read_ovrlpd.hEvent = win32event.CreateEvent(
None, True, False, None)
self._write_ovrlpd = pywintypes.OVERLAPPED()
self._write_ovrlpd.hEvent = win32event.CreateEvent(
None, True, False, None)
def __init__(self, inherit_handle=True):
"""Create a pipe for Windows
Create a new pipe
Args:
inherit_handle (bool): Whether the child can inherit this handle
Returns:
WinPipe: ``WinPipe`` instance.
"""
attr = win32security.SECURITY_ATTRIBUTES()
attr.bInheritHandle = inherit_handle
self.rp, self.wp = win32pipe.CreatePipe(attr, 0)
def _createParentJob(self):
# Create a new job that this process will be assigned to.
job_name = '' # must be anonymous otherwise we'd get conflicts
security_attrs = win32security.SECURITY_ATTRIBUTES()
security_attrs.bInheritHandle = 1
job = win32job.CreateJobObject(security_attrs, job_name)
extended_limits = win32job.QueryInformationJobObject(
job, win32job.JobObjectExtendedLimitInformation)
extended_limits['BasicLimitInformation'][
'LimitFlags'] = win32job.JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE
win32job.SetInformationJobObject(
job, win32job.JobObjectExtendedLimitInformation, extended_limits)
return job
def dup_token(th):
'''
duplicate the access token
'''
# TODO: is `duplicate_token` the same?
sec_attr = win32security.SECURITY_ATTRIBUTES()
sec_attr.bInheritHandle = True
return win32security.DuplicateTokenEx(
th,
win32security.SecurityImpersonation,
win32con.MAXIMUM_ALLOWED,
win32security.TokenPrimary,
sec_attr,
)
def windows_create_pipe(sAttrs=-1, nSize=None):
# Default values if parameters are not passed
if sAttrs == -1:
sAttrs = win32security.SECURITY_ATTRIBUTES()
sAttrs.bInheritHandle = 1
if nSize is None:
# If this parameter is zero, the system uses the default buffer size.
nSize = 0
try:
(read_pipe, write_pipe) = win32pipe.CreatePipe(sAttrs, nSize)
except pywintypes.error:
raise
return (read_pipe, write_pipe)
def run_command_win32(cmd):
sa = win32security.SECURITY_ATTRIBUTES()
sa.bInheritHandle = True
stdout_r, stdout_w = win32pipe.CreatePipe(sa, 0)
si = win32process.STARTUPINFO()
si.dwFlags = (win32process.STARTF_USESTDHANDLES
| win32process.STARTF_USESHOWWINDOW)
si.wShowWindow = win32con.SW_HIDE
si.hStdOutput = stdout_w
process, thread, pid, tid = \
win32process.CreateProcess(None, cmd, None, None, True,
0, None, None, si)
if process == None:
return -1, ""
# Must close the write handle in this process, or ReadFile will hang.
stdout_w.Close()
# Read the pipe until we get an error (including ERROR_BROKEN_PIPE,
# which is okay because it happens when child process ends).
data = ""
error = 0
while 1:
try:
hr, buffer = win32file.ReadFile(stdout_r, 4096)
if hr != winerror.ERROR_IO_PENDING:
data = data + buffer
except pywintypes.error as e:
if e.args[0] != winerror.ERROR_BROKEN_PIPE:
error = 1
break
if error:
return -2, ""
# Everything is okay --- the called process has closed the pipe.
# For safety, check that the process ended, then pick up its exit code.
win32event.WaitForSingleObject(process, win32event.INFINITE)
if win32process.GetExitCodeProcess(process):
return -3, ""
global debug
if debug:
sys.stdout.write(data)
return 0, data
def __init__(self):
# Pipes to stream outputs.
security_attributes = win32security.SECURITY_ATTRIBUTES()
security_attributes.bInheritHandle = 1
stdout_r, stdout_w = win32pipe.CreatePipe(security_attributes, 0)
stderr_r, stderr_w = win32pipe.CreatePipe(security_attributes, 0)
self.stdout_r = stdout_r.Detach()
self.stdout_w = self._MakeInheritable(stdout_w)
self.stderr_r = stderr_r.Detach()
self.stderr_w = self._MakeInheritable(stderr_w)
# Threads to read pipes and the actual contents returned.
self.stdout_read_thread = None
self.stdout = None
self.stderr_read_thread = None
self.stderr = None
