Python code to read and print the folder permissions on regkeys

Posted on 2014-08-29
Last Modified: 2014-09-04

Can someone please help to write python code that fetches values from registry keys and also prints what permissions different users of system have on those keys?


Question by:searchsanjaysharma
    1 Comment
    LVL 25

    Accepted Solution

    Accidentally posted in your perl question on the same topic (  I follow both categories and wasn't paying a whole lot of attention.  Here's a python example.
    import win32api
    import win32security
    import _winreg
    class Ace(object):
        ace_flags = {win32security.CONTAINER_INHERIT_ACE: 'Container Inherit',
                     win32security.FAILED_ACCESS_ACE_FLAG: 'Failed Access',
                     win32security.INHERIT_ONLY_ACE: 'Inherit only',
                     win32security.INHERITED_ACE: 'Inherited ACE',
                     win32security.NO_PROPAGATE_INHERIT_ACE: 'No propagate',
                     win32security.OBJECT_INHERIT_ACE: 'Object inherit',
                     win32security.SUCCESSFUL_ACCESS_ACE_FLAG: 'Successful access'}
        def __init__(self, ace):
            self.ace = ace
            ( (self.access_type, self.flags), self.mask, self.pysid) = ace
        def getType(self):
            if self.access_type == win32security.ACCESS_ALLOWED_ACE_TYPE:
                return "Allow"
            if self.access_type == win32security.ACCESS_DENIED_ACE_TYPE:
                return "Deny"
        def getFlags(self):
            readable_flags = list()
            for (f, v) in self.ace_flags.items():
                if f & self.flags == f:
            return readable_flags
    class RegKey(object):
        registry_rights = {_winreg.KEY_ALL_ACCESS: 'All Access',
                          _winreg.KEY_WRITE: 'Write',
                          _winreg.KEY_READ: 'Read',
                          _winreg.KEY_EXECUTE: 'Read',
                          _winreg.KEY_QUERY_VALUE: 'Query value',
                          _winreg.KEY_SET_VALUE: 'Set value',
                          _winreg.KEY_CREATE_SUB_KEY: 'Create subkey',
                          _winreg.KEY_ENUMERATE_SUB_KEYS: 'Enum subkeys',
                          _winreg.KEY_NOTIFY: 'Request notification',
                          _winreg.KEY_CREATE_LINK: 'Link (reserved)' }
        def __init__(self, key_path, machine=None, root=_winreg.HKEY_LOCAL_MACHINE):
            self.registry = _winreg.ConnectRegistry(None, root)
            self.key_path = key_path
            self.key = _winreg.OpenKey(self.registry, key_path)
   = win32api.RegGetKeySecurity(self.key.handle, win32security.DACL_SECURITY_INFORMATION)
            self.dacl =
            self.aces = list()
            for i in range(self.dacl.GetAceCount()):
        def dump_values(self):
            (subkey_count, value_count, last_modified) = _winreg.QueryInfoKey(self.key)
            print "Values:"
            for i in range(value_count):
                (name, data, value_type) = _winreg.EnumValue(self.key, i)
                print "\t{0}: {1}".format(name, data)
        def dump_subkeys(self):
            (subkey_count, value_count, last_modified) = _winreg.QueryInfoKey(self.key)
            print "Subkeys:"
            for i in range(subkey_count):
               print "\t{0}".format(_winreg.EnumKey(self.key, i))
        def dump_ace(self, ace):
            print "Ace: {0}".format(ace.ace)
            print " Type: {0}".format(ace.getType())
            print " Flags: {0}".format(", ".join(ace.getFlags()))  
            account = win32security.LookupAccountSid(None, ace.pysid);
            print " Account: {0}\{1}".format(account[1], account[0])
            print " Access:"
            if ace.mask & _winreg.KEY_ALL_ACCESS == _winreg.KEY_ALL_ACCESS:
                print "\t{0}".format(self.registry_rights[_winreg.KEY_ALL_ACCESS])
                for (p, v) in self.registry_rights.items():
                    if p & ace.mask == p:
                       print "\t{0}".format(v)
        def dump_dacl(self):
            for ace in self.aces:
    if __name__ == '__main__':
        r = RegKey(r"Software\Microsoft\Windows\CurrentVersion\Internet Settings",

    Open in new window


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Strings in Python are the set of characters that, once defined, cannot be changed by any other method like replace. Even if we use the replace method it still does not modify the original string that we use, but just copies the string and then modif…
    Flask is a microframework for Python based on Werkzeug and Jinja 2. This requires you to have a good understanding of Python 2.7. Lets install Flask! To install Flask you can use a python repository for libraries tool called pip. Download this f…
    Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
    Learn the basics of if, else, and elif statements in Python 2.7. Use "if" statements to test a specified condition.: The structure of an if statement is as follows: (CODE) Use "else" statements to allow the execution of an alternative, if the …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now