Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 690
  • Last Modified:

Python code to read and print the folder permissions on regkeys

Hi,

Can someone please help to write python code that fetches values from registry keys and also prints what permissions different users of system have on those keys?

Cheers,

Dev
0
searchsanjaysharma
Asked:
searchsanjaysharma
1 Solution
 
clockwatcherCommented:
Accidentally posted in your perl question on the same topic (http://www.experts-exchange.com/Programming/Languages/Scripting/Perl/Q_28508128.html).  I follow both categories and wasn't paying a whole lot of attention.  Here's a python example.
import win32api
import win32security
import _winreg

class Ace(object):
    ace_flags = {win32security.CONTAINER_INHERIT_ACE: 'Container Inherit',
                 win32security.FAILED_ACCESS_ACE_FLAG: 'Failed Access',
                 win32security.INHERIT_ONLY_ACE: 'Inherit only',
                 win32security.INHERITED_ACE: 'Inherited ACE',
                 win32security.NO_PROPAGATE_INHERIT_ACE: 'No propagate',
                 win32security.OBJECT_INHERIT_ACE: 'Object inherit',
                 win32security.SUCCESSFUL_ACCESS_ACE_FLAG: 'Successful access'}
                     
    def __init__(self, ace):
        self.ace = ace
        ( (self.access_type, self.flags), self.mask, self.pysid) = ace

    def getType(self):
        if self.access_type == win32security.ACCESS_ALLOWED_ACE_TYPE:
            return "Allow"
        if self.access_type == win32security.ACCESS_DENIED_ACE_TYPE:
            return "Deny"

    def getFlags(self):
        readable_flags = list()
        for (f, v) in self.ace_flags.items():
            if f & self.flags == f:
                readable_flags.append(v)
        return readable_flags
    
class RegKey(object):

    registry_rights = {_winreg.KEY_ALL_ACCESS: 'All Access',
                      _winreg.KEY_WRITE: 'Write',
                      _winreg.KEY_READ: 'Read',
                      _winreg.KEY_EXECUTE: 'Read',
                      _winreg.KEY_QUERY_VALUE: 'Query value',
                      _winreg.KEY_SET_VALUE: 'Set value',
                      _winreg.KEY_CREATE_SUB_KEY: 'Create subkey',
                      _winreg.KEY_ENUMERATE_SUB_KEYS: 'Enum subkeys',
                      _winreg.KEY_NOTIFY: 'Request notification',
                      _winreg.KEY_CREATE_LINK: 'Link (reserved)' }
    
    def __init__(self, key_path, machine=None, root=_winreg.HKEY_LOCAL_MACHINE):
        self.registry = _winreg.ConnectRegistry(None, root)
        self.key_path = key_path
        self.key = _winreg.OpenKey(self.registry, key_path)
        self.security = win32api.RegGetKeySecurity(self.key.handle, win32security.DACL_SECURITY_INFORMATION)
        self.dacl = self.security.GetSecurityDescriptorDacl()
        self.aces = list()
        for i in range(self.dacl.GetAceCount()):
            self.aces.append(Ace(self.dacl.GetAce(i)))

    def dump_values(self):
        (subkey_count, value_count, last_modified) = _winreg.QueryInfoKey(self.key)
        print "Values:"
        for i in range(value_count):
            (name, data, value_type) = _winreg.EnumValue(self.key, i)
            print "\t{0}: {1}".format(name, data)

    def dump_subkeys(self):
        (subkey_count, value_count, last_modified) = _winreg.QueryInfoKey(self.key)
        print "Subkeys:"
        for i in range(subkey_count):
           print "\t{0}".format(_winreg.EnumKey(self.key, i))

    def dump_ace(self, ace):
        print "Ace: {0}".format(ace.ace)
        print " Type: {0}".format(ace.getType())
        print " Flags: {0}".format(", ".join(ace.getFlags()))  
        account = win32security.LookupAccountSid(None, ace.pysid);
        print " Account: {0}\{1}".format(account[1], account[0])
        print " Access:"
        if ace.mask & _winreg.KEY_ALL_ACCESS == _winreg.KEY_ALL_ACCESS:
            print "\t{0}".format(self.registry_rights[_winreg.KEY_ALL_ACCESS])
        else:
            for (p, v) in self.registry_rights.items():
                if p & ace.mask == p:
                   print "\t{0}".format(v)
        
    def dump_dacl(self):
        for ace in self.aces:
            self.dump_ace(ace)
            print
            
    
if __name__ == '__main__':
    r = RegKey(r"Software\Microsoft\Windows\CurrentVersion\Internet Settings",
               root=_winreg.HKEY_CURRENT_USER)
    r.dump_subkeys()
    r.dump_values()
    r.dump_dacl()

Open in new window

0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now