当前位置: 首页>>代码示例>>Python>>正文


Python win32security.LookupAccountSid方法代码示例

本文整理汇总了Python中win32security.LookupAccountSid方法的典型用法代码示例。如果您正苦于以下问题:Python win32security.LookupAccountSid方法的具体用法?Python win32security.LookupAccountSid怎么用?Python win32security.LookupAccountSid使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在win32security的用法示例。


在下文中一共展示了win32security.LookupAccountSid方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: LookupUserGroupFromRid

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def LookupUserGroupFromRid(TargetComputer, Rid):
    # get the account domain Sid on the target machine
    # note: if you were looking up multiple sids based on the same
    # account domain, only need to call this once.
    umi2 = NetUserModalsGet(TargetComputer, 2)
    domain_sid = umi2['domain_id']
    
    SubAuthorityCount = domain_sid.GetSubAuthorityCount()
    
    # create and init new sid with acct domain Sid + acct Rid
    sid = pywintypes.SID()
    sid.Initialize(domain_sid.GetSidIdentifierAuthority(),
                   SubAuthorityCount+1)

    # copy existing subauthorities from account domain Sid into
    # new Sid
    for i in range(SubAuthorityCount):
        sid.SetSubAuthority(i, domain_sid.GetSubAuthority(i))

    # append Rid to new Sid
    sid.SetSubAuthority(SubAuthorityCount, Rid)

    name, domain, typ = LookupAccountSid(TargetComputer, sid)
    return name 
开发者ID:IronLanguages,项目名称:ironpython2,代码行数:26,代码来源:localized_names.py

示例2: LocalGroupEnum

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def LocalGroupEnum():
    "Enumerates all the local groups"
    resume = 0
    nmembers = 0
    while 1:
        data, total, resume = win32net.NetLocalGroupEnum(server, 1, resume)
        for group in data:
            verbose("Found group %(name)s:%(comment)s " % group)
            memberresume = 0
            while 1:
                memberdata, total, memberresume = win32net.NetLocalGroupGetMembers(server, group['name'], 2, resume)
                for member in memberdata:
                    # Just for the sake of it, we convert the SID to a username
                    username, domain, type = win32security.LookupAccountSid(server, member['sid'])
                    nmembers = nmembers + 1
                    verbose(" Member %s (%s)" % (username, member['domainandname']))
                if memberresume==0:
                    break
        if not resume:
            break
    assert nmembers, "Couldnt find a single member in a single group!"
    print "Enumerated all the local groups" 
开发者ID:IronLanguages,项目名称:ironpython2,代码行数:24,代码来源:win32netdemo.py

示例3: get_owner

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def get_owner(self):
        r""" Return the name of the owner of this file or directory.

        This follows symbolic links.

        On Windows, this returns a name of the form ur'DOMAIN\User Name'.
        On Windows, a group can own a file or directory.
        """
        if os.name == 'nt':
            if win32security is None:
                raise Exception("path.owner requires win32all to be installed")
            desc = win32security.GetFileSecurity(
                self, win32security.OWNER_SECURITY_INFORMATION)
            sid = desc.GetSecurityDescriptorOwner()
            account, domain, typecode = win32security.LookupAccountSid(None, sid)
            return domain + u'\\' + account
        else:
            if pwd is None:
                raise NotImplementedError("path.owner is not implemented on this platform.")
            st = self.stat()
            return pwd.getpwuid(st.st_uid).pw_name 
开发者ID:ktraunmueller,项目名称:Computable,代码行数:23,代码来源:_path.py

示例4: check_user_paths

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def check_user_paths():
	for user_path in get_user_paths():
		user_sid_s = user_path[0]
		try:
			user_sid  = win32security.ConvertStringSidToSid(user_sid_s)
			principle, domain, type = win32security.LookupAccountSid(remote_server, user_sid)
			user_fq = domain + "\\" + principle
		except:
			print "WARNING: Can't convert sid %s to name.  Skipping." % user_sid_s
			continue
	
		path = user_path[1]
		vprint("Checking path of %s" % user_fq)
		global tmp_trusted_principles_fq
		tmp_trusted_principles_fq = (user_fq)
		check_path(path, "WPC015")
		tmp_trusted_principles_fq = () 
开发者ID:51x,项目名称:WHP,代码行数:19,代码来源:windows-privesc-check.py

示例5: get_file_owner

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def get_file_owner(self, file_path):
        """Returns the user name of the owner of the specified file.

        @param file_path: The path of the file.
        @type file_path: str

        @return: The user name of the owner.
        @rtype: str
        """
        sd = win32security.GetFileSecurity(
            file_path, win32security.OWNER_SECURITY_INFORMATION
        )
        owner_sid = sd.GetSecurityDescriptorOwner()
        name, domain, account_type = win32security.LookupAccountSid(None, owner_sid)
        if name == "Administrators":
            return self.__local_administrators
        else:
            return "%s\\%s" % (domain, name) 
开发者ID:scalyr,项目名称:scalyr-agent-2,代码行数:20,代码来源:platform_windows.py

示例6: get_pid_owner

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def get_pid_owner(self, fd, pid):
        try:
            proc = win32api.OpenProcess(win32con.PROCESS_QUERY_INFORMATION, False, pid)
            token = win32security.OpenProcessToken(proc, win32con.TOKEN_QUERY)
            user_sid, user_attr = win32security.GetTokenInformation(token,
                        win32security.TokenUser)
            user = win32security.LookupAccountSid(None, user_sid)
            return user_sid, user[0], user[1]
        except win32api.error as e:
            self.logEx("error",
                "%s failed" % funcname,
                ("exception",   e),
                ("function",    e.funcname),
                ("error",       "[%(winerror)d] %(strerror)s" % e),
                None,
                ("process",     pid),)
            raise 
开发者ID:grawity,项目名称:code,代码行数:19,代码来源:win32-identd.py

示例7: LookupAliasFromRid

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def LookupAliasFromRid(TargetComputer, Rid):
    # Sid is the same regardless of machine, since the well-known
    # BUILTIN domain is referenced.
    sid = pywintypes.SID()
    sid.Initialize(SECURITY_NT_AUTHORITY, 2)

    for i, r in enumerate((SECURITY_BUILTIN_DOMAIN_RID, Rid)):
        sid.SetSubAuthority(i, r)

    name, domain, typ = LookupAccountSid(TargetComputer, sid)
    return name 
开发者ID:IronLanguages,项目名称:ironpython2,代码行数:13,代码来源:localized_names.py

示例8: dump_sd

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def dump_sd(object_name, object_type_s, sd, options={}):
	perms = all_perms
	if not sd:
		return 
	dacl = sd.GetSecurityDescriptorDacl()
	if dacl == None:
		print "No Discretionary ACL"
		return []

	owner_sid = sd.GetSecurityDescriptorOwner()

	try:
		owner_name, owner_domain, type = win32security.LookupAccountSid(remote_server, owner_sid)
		owner_fq = owner_domain + "\\" + owner_name
	except:
		try:
			owner_fq = owner_name = win32security.ConvertSidToStringSid(owner_sid)
			owner_domain = ""
		except:
			owner_domain = ""
			owner_fq = owner_name = None

	group_sid = sd.GetSecurityDescriptorGroup()
	try:
		group_name, group_domain, type = win32security.LookupAccountSid(remote_server, group_sid)
		group_fq = group_domain + "\\" + group_name
	except:
		try:
			group_fq = group_name = win32security.ConvertSidToStringSid(group_sid)
			group_domain = ""
		except:
			group_domain = ""
			group_fq = group_name = "[none]"

	if owner_info:
		print "\tOwner: " + str(owner_fq)
		print "\tGroup: " + str(group_fq)
		
	weak_perms = []
	dump_acl(object_name, object_type_s, dacl, options)
	return 
开发者ID:51x,项目名称:WHP,代码行数:43,代码来源:windows-privesc-check.py

示例9: __get_owner_windows

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def __get_owner_windows(self):
        """
        Return the name of the owner of this file or directory. Follow
        symbolic links.

        Return a name of the form ``r'DOMAIN\\User Name'``; may be a group.

        .. seealso:: :attr:`owner`
        """
        desc = win32security.GetFileSecurity(
            self, win32security.OWNER_SECURITY_INFORMATION)
        sid = desc.GetSecurityDescriptorOwner()
        account, domain, typecode = win32security.LookupAccountSid(None, sid)
        return domain + '\\' + account 
开发者ID:click-contrib,项目名称:click-configfile,代码行数:16,代码来源:path.py

示例10: sid2username

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def sid2username(sid):
    """Convert an object sid to a string account name"""
    account = win32security.LookupAccountSid(None, sid)
    return account[0] 
开发者ID:SekoiaLab,项目名称:Fastir_Collector,代码行数:6,代码来源:utils.py

示例11: check_permissions

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def check_permissions(path, logger):
    logger.info("I am", win32api.GetUserNameEx(win32con.NameSamCompatible))
    logger.info(path)
    sd = win32security.GetFileSecurity(path, win32security.OWNER_SECURITY_INFORMATION)
    owner_sid = sd.GetSecurityDescriptorOwner()
    name, domain, _ = win32security.LookupAccountSid(None, owner_sid)
    logger.info("File owned by %s\\%s" % (domain, name)) 
开发者ID:SekoiaLab,项目名称:Fastir_Collector,代码行数:9,代码来源:utils.py

示例12: dump_sd

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def dump_sd(object_name, object_type_s, sd, options={}):
	perms = all_perms
	if not sd:
		return 
	dacl = sd.GetSecurityDescriptorDacl()
	if dacl is None:
		print "No Discretionary ACL"
		return []

	owner_sid = sd.GetSecurityDescriptorOwner()

	try:
		owner_name, owner_domain, type = win32security.LookupAccountSid(remote_server, owner_sid)
		owner_fq = owner_domain + "\\" + owner_name
	except:
		try:
			owner_fq = owner_name = win32security.ConvertSidToStringSid(owner_sid)
			owner_domain = ""
		except:
			owner_domain = ""
			owner_fq = owner_name = None

	group_sid = sd.GetSecurityDescriptorGroup()
	try:
		group_name, group_domain, type = win32security.LookupAccountSid(remote_server, group_sid)
		group_fq = group_domain + "\\" + group_name
	except:
		try:
			group_fq = group_name = win32security.ConvertSidToStringSid(group_sid)
			group_domain = ""
		except:
			group_domain = ""
			group_fq = group_name = "[none]"

	if owner_info:
		print "\tOwner: " + str(owner_fq)
		print "\tGroup: " + str(group_fq)
		
	weak_perms = []
	dump_acl(object_name, object_type_s, dacl, options)
	return 
开发者ID:blindfuzzy,项目名称:LHF,代码行数:43,代码来源:windowsprivcheck.py

示例13: dump_token

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def dump_token(th):
    token_type=win32security.GetTokenInformation(th, win32security.TokenType)
    print 'TokenType:', token_type, TOKEN_TYPE.lookup_name(token_type)
    if token_type==win32security.TokenImpersonation:
        imp_lvl=win32security.GetTokenInformation(th, win32security.TokenImpersonationLevel)
        print 'TokenImpersonationLevel:', imp_lvl, SECURITY_IMPERSONATION_LEVEL.lookup_name(imp_lvl)

    print 'TokenSessionId:', win32security.GetTokenInformation(th, win32security.TokenSessionId)

    privs=win32security.GetTokenInformation(th,win32security.TokenPrivileges)
    print 'TokenPrivileges:'
    for priv_luid, priv_flags in privs:
        flag_names, unk=TOKEN_PRIVILEGE_ATTRIBUTES.lookup_flags(priv_flags)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'

        priv_name=win32security.LookupPrivilegeName('',priv_luid)
        priv_desc=win32security.LookupPrivilegeDisplayName('',priv_name)
        print '\t', priv_name, priv_desc, priv_flags, flag_desc

    print 'TokenGroups:'
    groups=win32security.GetTokenInformation(th,win32security.TokenGroups)
    for group_sid, group_attr in groups:
        flag_names, unk=TOKEN_GROUP_ATTRIBUTES.lookup_flags(group_attr)
        flag_desc = ' '.join(flag_names)
        if (unk):
            flag_desc += '(' + str(unk) + ')'
        if group_attr & TOKEN_GROUP_ATTRIBUTES.SE_GROUP_LOGON_ID:
            sid_desc = 'Logon sid'
        else:
            sid_desc=win32security.LookupAccountSid('',group_sid)
        print '\t',group_sid, sid_desc, group_attr, flag_desc

    ## Vista token information types, will throw (87, 'GetTokenInformation', 'The parameter is incorrect.') on earier OS
    try:
        is_elevated=win32security.GetTokenInformation(th, win32security.TokenElevation)
        print 'TokenElevation:', is_elevated
    except pywintypes.error, details:
        if details.winerror != winerror.ERROR_INVALID_PARAMETER:
            raise
        return None 
开发者ID:IronLanguages,项目名称:ironpython2,代码行数:44,代码来源:GetTokenInformation.py

示例14: check_weak_perms_sd

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def check_weak_perms_sd(object_name, object_type_s, sd, perms):
	dacl= sd.GetSecurityDescriptorDacl()
	if dacl == None:
		print "No Discretionary ACL"
		return []

	owner_sid = sd.GetSecurityDescriptorOwner()
	try:
		owner_name, owner_domain, type = win32security.LookupAccountSid(remote_server, owner_sid)
		owner_fq = owner_domain + "\\" + owner_name
	except:
		try:
			owner_fq = owner_name = win32security.ConvertSidToStringSid(owner_sid)
			owner_domain = ""
		except:
			owner_domain = ""
			owner_fq = owner_name = "INVALIDSID!"

	weak_perms = []
	for ace_no in range(0, dacl.GetAceCount()):
		#print "[D] ACE #%d" % ace_no
		ace = dacl.GetAce(ace_no)
		flags = ace[0][1]
		
		try:
			principle, domain, type = win32security.LookupAccountSid(remote_server, ace[2])
		except:
			principle = win32security.ConvertSidToStringSid(ace[2])
			domain = ""
		
		#print "[D] ACE is for %s\\%s" % (principle, domain)
		#print "[D] ACE Perm mask: " + int2bin(ace[1])
		#print "[D] ace_type: " + str(ace[0][0])
		#print "[D] DACL: " + win32security.ConvertSecurityDescriptorToStringSecurityDescriptor(sd, win32security.SDDL_REVISION_1, win32security.DACL_SECURITY_INFORMATION)
		if principle_is_trusted(principle, domain):
			#print "[D] Ignoring trusted principle %s\\%s" % (principle, domain)
			continue
		
		if principle == "CREATOR OWNER":
			if principle_is_trusted(owner_name, owner_domain):
				continue
			else:
				principle = "CREATOR OWNER [%s]" % owner_fq
		
		for i in ("ACCESS_ALLOWED_ACE_TYPE", "ACCESS_DENIED_ACE_TYPE", "SYSTEM_AUDIT_ACE_TYPE", "SYSTEM_ALARM_ACE_TYPE"):
			if getattr(ntsecuritycon, i) == ace[0][0]:
				ace_type_s = i
		
		if not ace_type_s == "ACCESS_ALLOWED_ACE_TYPE":
			vprint("WARNING: Unimplmented ACE type encountered: " + ace_type_s + ".  skipping.")
			continue

		for mod, perms_tuple in perms[object_type_s].iteritems():
			for perm in perms_tuple:
				if getattr(mod, perm) & ace[1] == getattr(mod, perm):
					weak_perms.append([object_name, domain, principle, perm])
	return weak_perms 
开发者ID:51x,项目名称:WHP,代码行数:59,代码来源:windows-privesc-check.py

示例15: dump_acl

# 需要导入模块: import win32security [as 别名]
# 或者: from win32security import LookupAccountSid [as 别名]
def dump_acl(object_name, object_type_s, sd, options={}):
	dacl = sd
	if dacl == None:
		print "No Discretionary ACL"
		return []

	weak_perms = []
	for ace_no in range(0, dacl.GetAceCount()):
		# print "[D] ACE #%d" % ace_no
		ace = dacl.GetAce(ace_no)
		flags = ace[0][1]
		
		try:
			principle, domain, type = win32security.LookupAccountSid(remote_server, ace[2])
		except:
			principle = win32security.ConvertSidToStringSid(ace[2])
			domain = ""
		
		mask = ace[1]
		if ace[1] < 0:
			mask = ace[1] + 2**32

		if ignore_trusted and principle_is_trusted(principle, domain):
			# print "[D] Ignoring trusted principle %s\\%s" % (principle, domain)
			continue
		
		if principle == "CREATOR OWNER":
			if ignore_trusted and principle_is_trusted(owner_name, owner_domain):
				#print "[D] Ignoring trusted principle (creator owner) %s\\%s" % (principle, domain)
				continue
			else:
				principle = "CREATOR OWNER [%s\%s]" % (domain, principle)
		
		for i in ("ACCESS_ALLOWED_ACE_TYPE", "ACCESS_DENIED_ACE_TYPE", "SYSTEM_AUDIT_ACE_TYPE", "SYSTEM_ALARM_ACE_TYPE"):
			if getattr(ntsecuritycon, i) == ace[0][0]:
				ace_type_s = i
		
		ace_type_short = ace_type_s
		
		if ace_type_s == "ACCESS_DENIED_ACE_TYPE":
			ace_type_short = "DENY"
		
		if ace_type_s == "ACCESS_ALLOWED_ACE_TYPE":
			ace_type_short = "ALLOW"

		if weak_perms_only:
			perms = dangerous_perms_write
		else:
			perms = all_perms
			
		for mod, perms_tuple in perms[object_type_s].iteritems():
			for perm in perms_tuple:
				#print "Checking for perm %s in ACE %s" % (perm, mask)
				if getattr(mod, perm) & mask == getattr(mod, perm):
					weak_perms.append([object_name, domain, principle, perm, ace_type_short])
	print_weak_perms(object_type_s, weak_perms, options) 
开发者ID:51x,项目名称:WHP,代码行数:58,代码来源:windows-privesc-check.py


注:本文中的win32security.LookupAccountSid方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。