API tools faq
paste
Guest User

registry.py

a guest
Mar 11th, 2015
68
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.65 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2.  
  3. """
  4. Copyright (c) 2006-2015 sqlmap developers (http://sqlmap.org/)
  5. See the file 'doc/COPYING' for copying permission
  6. """
  7.  
  8. import os
  9.  
  10. from lib.core.common import randomStr
  11. from lib.core.data import conf
  12. from lib.core.data import logger
  13. from lib.core.enums import REGISTRY_OPERATION
  14.  
  15. class Registry:
  16.     """
  17.    This class defines methods to read and write Windows registry keys
  18.    """
  19.  
  20.     def _initVars(self, regKey, regValue, regType=None, regData=None, parse=False):
  21.         self._regKey = regKey
  22.         self._regValue = regValue
  23.         self._regType = regType
  24.         self._regData = regData
  25.  
  26.         self._randStr = randomStr(lowercase=True)
  27.         self._batPathRemote = "%s/tmpr%s.bat" % (conf.tmpPath, self._randStr)
  28.         self._batPathLocal = os.path.join(conf.outputPath, "tmpr%s.bat" % self._randStr)
  29.  
  30.         if parse:
  31.             readParse = "FOR /F \"tokens=*\" %%A IN ('REG QUERY \"" + self._regKey + "\" /v \"" + self._regValue + "\"') DO SET value=%%A\r\nECHO %value%\r\n"
  32.         else:
  33.             readParse = "REG QUERY \"" + self._regKey + "\" /v \"" + self._regValue + "\""
  34.  
  35.         self._batRead = (
  36.                            "@ECHO OFF\r\n",
  37.                            readParse,
  38.                         )
  39.  
  40.         self._batAdd = (
  41.                            "@ECHO OFF\r\n",
  42.                            "REG ADD \"%s\" /v \"%s\" /t %s /d %s /f" % (self._regKey, self._regValue, self._regType, self._regData),
  43.                        )
  44.  
  45.         self._batDel = (
  46.                            "@ECHO OFF\r\n",
  47.                            "REG DELETE \"%s\" /v \"%s\" /f" % (self._regKey, self._regValue),
  48.                        )
  49.  
  50.     def _createLocalBatchFile(self):
  51.         self._batPathFp = open(self._batPathLocal, "w")
  52.  
  53.         if self._operation == REGISTRY_OPERATION.READ:
  54.             lines = self._batRead
  55.         elif self._operation == REGISTRY_OPERATION.ADD:
  56.             lines = self._batAdd
  57.         elif self._operation == REGISTRY_OPERATION.DELETE:
  58.             lines = self._batDel
  59.  
  60.         for line in lines:
  61.             self._batPathFp.write(line)
  62.  
  63.         self._batPathFp.close()
  64.  
  65.     def _createRemoteBatchFile(self):
  66.         logger.debug("creating batch file '%s'" % self._batPathRemote)
  67.  
  68.         self._createLocalBatchFile()
  69.         self.writeFile(self._batPathLocal, self._batPathRemote, "text", forceCheck=True)
  70.  
  71.         os.unlink(self._batPathLocal)
  72.  
  73.     def readRegKey(self, regKey, regValue, parse=False):
  74.         self._operation = REGISTRY_OPERATION.READ
  75.  
  76.         Registry._initVars(self, regKey, regValue, parse=parse)
  77.         self._createRemoteBatchFile()
  78.  
  79.         logger.debug("reading registry key '%s' value '%s'" % (regKey, regValue))
  80.  
  81.         data = self.evalCmd('"' + self._batPathRemote + '"')              # Quoting the remote path let's us handle spaces in the path /Program Files/ for example....
  82.  
  83.         if data and not parse:
  84.             pattern = '    '
  85.             index = data.find(pattern)
  86.             if index != -1:
  87.                 data = data[index + len(pattern):]
  88.  
  89.         self.delRemoteFile('"' + self._batPathRemote + '"')               # Quoting the remote path let's us handle spaces in the path /Program Files/ for example....
  90.  
  91.         return data
  92.  
  93.     def addRegKey(self, regKey, regValue, regType, regData):
  94.         self._operation = REGISTRY_OPERATION.ADD
  95.  
  96.         Registry._initVars(self, regKey, regValue, regType, regData)
  97.         self._createRemoteBatchFile()
  98.  
  99.         debugMsg = "adding registry key value '%s' " % self._regValue
  100.         debugMsg += "to registry key '%s'" % self._regKey
  101.         logger.debug(debugMsg)
  102.  
  103.         self.execCmd(cmd='"' + self._batPathRemote + '"')                 # Quoting the remote path let's us handle spaces in the path /Program Files/ for example....
  104.         self.delRemoteFile('"' + self._batPathRemote + '"')               # Quoting the remote path let's us handle spaces in the path /Program Files/ for example....
  105.  
  106.     def delRegKey(self, regKey, regValue):
  107.         self._operation = REGISTRY_OPERATION.DELETE
  108.  
  109.         Registry._initVars(self, regKey, regValue)
  110.         self._createRemoteBatchFile()
  111.  
  112.         debugMsg = "deleting registry key value '%s' " % self._regValue
  113.         debugMsg += "from registry key '%s'" % self._regKey
  114.         logger.debug(debugMsg)
  115.  
  116.         self.execCmd(cmd='"' + self._batPathRemote + '"')                 # Quoting the remote path let's us handle spaces in the path /Program Files/ for example....
  117.         self.delRemoteFile('"' + self._batPathRemote + '"')               # Quoting the remote path let's us handle spaces in the path /Program Files/ for example....
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!