本文整理汇总了Python中win32security.DACL_SECURITY_INFORMATION属性的典型用法代码示例。如果您正苦于以下问题:Python win32security.DACL_SECURITY_INFORMATION属性的具体用法?Python win32security.DACL_SECURITY_INFORMATION怎么用?Python win32security.DACL_SECURITY_INFORMATION使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类win32security
的用法示例。
在下文中一共展示了win32security.DACL_SECURITY_INFORMATION属性的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: check_registry
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def check_registry():
for key_string in reg_paths:
parts = key_string.split("\\")
hive = parts[0]
key_string = "\\".join(parts[1:])
try:
keyh = win32api.RegOpenKeyEx(getattr(win32con, hive), key_string, 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
#print "Can't open: " + hive + "\\" + key_string
continue
sd = win32api.RegGetKeySecurity(keyh, win32security.DACL_SECURITY_INFORMATION | win32security.OWNER_SECURITY_INFORMATION)
weak_perms = check_weak_write_perms_by_sd(hive + "\\" + key_string, 'reg', sd)
if weak_perms:
vprint(hive + "\\" + key_string)
#print weak_perms
if verbose == 0:
sys.stdout.write(".")
save_issue("WPC003", "writable_reg_paths", weak_perms)
# print_weak_perms("x", weak_perms)
print
# TODO save_issue("WPC009", "writable_eventlog_key", weak_perms) # weak perms on event log reg key
示例2: check_weak_perms
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def check_weak_perms(object_name, object_type_s, perms):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type == None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return check_weak_perms_sd(object_name, object_type_s, sd, perms)
示例3: dump_perms
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def dump_perms(object_name, object_type_s, options={}):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type == None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return dump_sd(object_name, object_type_s, sd, options)
示例4: change_acl_for_delete
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def change_acl_for_delete(path):
"""Zaps the SECURITY_DESCRIPTOR's DACL on a directory entry that is tedious
to delete.
This function is a heavy hammer. It discards the SECURITY_DESCRIPTOR and
creates a new one with only one DACL set to user:FILE_ALL_ACCESS.
Used as last resort.
"""
STANDARD_RIGHTS_REQUIRED = 0xf0000
SYNCHRONIZE = 0x100000
FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3ff
import win32security
user, _domain, _type = win32security.LookupAccountName(
'', getpass.getuser())
sd = win32security.SECURITY_DESCRIPTOR()
sd.Initialize()
sd.SetSecurityDescriptorOwner(user, False)
dacl = win32security.ACL()
dacl.Initialize()
dacl.AddAccessAllowedAce(
win32security.ACL_REVISION_DS, FILE_ALL_ACCESS, user)
sd.SetSecurityDescriptorDacl(1, dacl, 0)
# Note that this assumes the object is either owned by the current user or
# its group or that the current ACL permits this. Otherwise it will silently
# fail.
win32security.SetFileSecurity(
fs.extend(path), win32security.DACL_SECURITY_INFORMATION, sd)
# It's important to also look for the read only bit after, as it's possible
# the set_read_only() call to remove the read only bit had silently failed
# because there was no DACL for the user.
if not (os.stat(path).st_mode & stat.S_IWUSR):
os.chmod(path, 0o777)
示例5: check_weak_perms
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def check_weak_perms(object_name, object_type_s, perms):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type is None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return check_weak_perms_sd(object_name, object_type_s, sd, perms)
示例6: dump_perms
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def dump_perms(object_name, object_type_s, options={}):
object_type = None
if object_type_s == 'file':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'directory':
object_type = win32security.SE_FILE_OBJECT
if object_type_s == 'service':
object_type = win32security.SE_SERVICE
if object_type == win32security.SE_FILE_OBJECT:
# if not os.path.exists(object_name):
# print "WARNING: %s doesn't exist" % object_name
if os.path.isfile(object_name):
object_type_s = 'file'
else:
object_type_s = 'directory'
if object_type is None:
print "ERROR: Unknown object type %s" % object_type_s
exit(1)
try:
sd = win32security.GetNamedSecurityInfo (
object_name,
object_type,
win32security.OWNER_SECURITY_INFORMATION | win32security.DACL_SECURITY_INFORMATION
)
except:
# print "WARNING: Can't get security descriptor for " + object_name + ". skipping. (" + details[2] + ")"
return []
return dump_sd(object_name, object_type_s, sd, options)
示例7: check_weak_perms_sd
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def check_weak_perms_sd(object_name, object_type_s, sd, perms):
dacl= sd.GetSecurityDescriptorDacl()
if dacl == None:
print "No Discretionary ACL"
return []
owner_sid = sd.GetSecurityDescriptorOwner()
try:
owner_name, owner_domain, type = win32security.LookupAccountSid(remote_server, owner_sid)
owner_fq = owner_domain + "\\" + owner_name
except:
try:
owner_fq = owner_name = win32security.ConvertSidToStringSid(owner_sid)
owner_domain = ""
except:
owner_domain = ""
owner_fq = owner_name = "INVALIDSID!"
weak_perms = []
for ace_no in range(0, dacl.GetAceCount()):
#print "[D] ACE #%d" % ace_no
ace = dacl.GetAce(ace_no)
flags = ace[0][1]
try:
principle, domain, type = win32security.LookupAccountSid(remote_server, ace[2])
except:
principle = win32security.ConvertSidToStringSid(ace[2])
domain = ""
#print "[D] ACE is for %s\\%s" % (principle, domain)
#print "[D] ACE Perm mask: " + int2bin(ace[1])
#print "[D] ace_type: " + str(ace[0][0])
#print "[D] DACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)
if principle_is_trusted(principle, domain):
#print "[D] Ignoring trusted principle %s\\%s" % (principle, domain)
continue
if principle == "CREATOR OWNER":
if principle_is_trusted(owner_name, owner_domain):
continue
else:
principle = "CREATOR OWNER [%s]" % owner_fq
for i in ("ACCESS_ALLOWED_ACE_TYPE", "ACCESS_DENIED_ACE_TYPE", "SYSTEM_AUDIT_ACE_TYPE", "SYSTEM_ALARM_ACE_TYPE"):
if getattr(ntsecuritycon, i) == ace[0][0]:
ace_type_s = i
if not ace_type_s == "ACCESS_ALLOWED_ACE_TYPE":
vprint("WARNING: Unimplmented ACE type encountered: " + ace_type_s + ". skipping.")
continue
for mod, perms_tuple in perms[object_type_s].iteritems():
for perm in perms_tuple:
if getattr(mod, perm) & ace[1] == getattr(mod, perm):
weak_perms.append([object_name, domain, principle, perm])
return weak_perms
示例8: check_event_logs
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def check_event_logs():
key_string = "HKEY_LOCAL_MACHINE\\" + eventlog_key_hklm
try:
keyh = win32api.RegOpenKeyEx(win32con.HKEY_LOCAL_MACHINE, eventlog_key_hklm , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
print "Can't open: " + key_string
return 0
subkeys = win32api.RegEnumKeyEx(keyh)
for subkey in subkeys:
# print key_string + "\\" + subkey[0]
sys.stdout.write(".")
try:
subkeyh = win32api.RegOpenKeyEx(keyh, subkey[0] , 0, win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE | win32con.KEY_READ)
except:
print "Can't open: " + key_string
else:
subkey_count, value_count, mod_time = win32api.RegQueryInfoKey(subkeyh)
# print "\tChild Nodes: %s subkeys, %s values" % (subkey_count, value_count)
try:
filename, type = win32api.RegQueryValueEx(subkeyh, "DisplayNameFile")
except:
pass
else:
weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
if weak_perms:
# print "------------------------------------------------"
# print "Weak permissions found on event log display DLL:"
# print_weak_perms("File", weak_perms)
sys.stdout.write("!")
save_issue("WPC008", "writable_eventlog_dll", weak_perms)
try:
filename, type = win32api.RegQueryValueEx(subkeyh, "File")
except:
pass
else:
weak_perms = check_weak_write_perms(os.path.expandvars(filename), 'file')
if weak_perms:
# print "------------------------------------------------"
# print "Weak permissions found on event log file:"
# print_weak_perms("File", weak_perms)
sys.stdout.write("!")
save_issue("WPC007", "writable_eventlog_file", weak_perms)
print
#sd = win32api.RegGetKeySecurity(subkeyh, win32security.DACL_SECURITY_INFORMATION) # TODO: get owner too?
#print "\tDACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)
示例9: check_weak_perms_sd
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def check_weak_perms_sd(object_name, object_type_s, sd, perms):
dacl= sd.GetSecurityDescriptorDacl()
if dacl is None:
print "No Discretionary ACL"
return []
owner_sid = sd.GetSecurityDescriptorOwner()
try:
owner_name, owner_domain, type = win32security.LookupAccountSid(remote_server, owner_sid)
owner_fq = owner_domain + "\\" + owner_name
except:
try:
owner_fq = owner_name = win32security.ConvertSidToStringSid(owner_sid)
owner_domain = ""
except:
owner_domain = ""
owner_fq = owner_name = "INVALIDSID!"
weak_perms = []
for ace_no in range(0, dacl.GetAceCount()):
#print "[D] ACE #%d" % ace_no
ace = dacl.GetAce(ace_no)
flags = ace[0][1]
try:
principle, domain, type = win32security.LookupAccountSid(remote_server, ace[2])
except:
principle = win32security.ConvertSidToStringSid(ace[2])
domain = ""
#print "[D] ACE is for %s\\%s" % (principle, domain)
#print "[D] ACE Perm mask: " + int2bin(ace[1])
#print "[D] ace_type: " + str(ace[0][0])
#print "[D] DACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)
if principle_is_trusted(principle, domain):
#print "[D] Ignoring trusted principle %s\\%s" % (principle, domain)
continue
if principle == "CREATOR OWNER":
if principle_is_trusted(owner_name, owner_domain):
continue
else:
principle = "CREATOR OWNER [%s]" % owner_fq
for i in ("ACCESS_ALLOWED_ACE_TYPE", "ACCESS_DENIED_ACE_TYPE", "SYSTEM_AUDIT_ACE_TYPE", "SYSTEM_ALARM_ACE_TYPE"):
if getattr(ntsecuritycon, i) == ace[0][0]:
ace_type_s = i
if not ace_type_s == "ACCESS_ALLOWED_ACE_TYPE":
vprint("WARNING: Unimplmented ACE type encountered: " + ace_type_s + ". skipping.")
continue
for mod, perms_tuple in perms[object_type_s].iteritems():
for perm in perms_tuple:
if getattr(mod, perm) & ace[1] == getattr(mod, perm):
weak_perms.append([object_name, domain, principle, perm])
return weak_perms
示例10: PrintWnfRuntimeStatus
# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import DACL_SECURITY_INFORMATION [as 别名]
def PrintWnfRuntimeStatus(StateName, CheckSd, DumpSd, MaxSize, DumpData):
exists = 2
read, changeStamp, dataBuffer, bufferSize = ReadWnfData(StateName)
write = CheckWriteAccess(StateName)
if write:
# see if anyone is listening for notifications on this state name.
exists = QueryWnfInfoClass(StateName, 'WnfInfoSubscribersPresent')
internalName = WNF_STATE_NAME_INTERNAL()
internalName.value = StateName ^ WNF_STATE_KEY
if not CheckInternalName(internalName):
return False
if internalName.b.NameLifetime == WNF_STATE_NAME_LIFETIME['WnfWellKnownStateName'].value:
name = GetWnfName(StateName)
if name == "":
char3 = format(internalName.b.Unique >> 37 & 0xff, 'c')
char4 = format(internalName.b.Unique >> 45 & 0xff, 'c')
char3 = char3 if char3.isprintable() else " "
char4 = char4 if char4.isprintable() else " "
name ="{:c}{:c}{}{}.{:0>3} 0x{:x}".format(
internalName.b.Unique >> 21 & 0xff,
internalName.b.Unique >> 29 & 0xff,
char3,
char4,
internalName.b.Unique & 0xFFFFF,
StateName)
else:
name = "0x{:x}".format(StateName)
print("| {:<64}| {} | {} | {} | {} | {} | {:^7} | {:^7} | {:^7} |".format(
name,
WnfDataScopeStrings[internalName.b.DataScope][0],
WnfLifetimeStrings[internalName.b.NameLifetime][0],
'Y' if internalName.b.PermanentData else 'N',
("RW" if write else "RO") if read else ("WO" if write else "NA"),
'A' if exists == 1 else 'U' if exists == 2 else 'I',
bufferSize,
MaxSize,
changeStamp
))
if DumpSd != False and CheckSd != None:
strSd = win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(
CheckSd, win32security.SDDL_REVISION_1,
win32security.DACL_SECURITY_INFORMATION |
win32security.SACL_SECURITY_INFORMATION |
win32security.LABEL_SECURITY_INFORMATION)
print("\n\t{}".format(strSd))
if DumpData != False and read != False and bufferSize != 0:
print("\n")
hexdump(dataBuffer.raw[0:bufferSize])
print("\n")
return True