opengnsys
/
ogclone-engine
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refs #1307 fix calls to chntpw

pull/1/head
Natalia Serrano 2024-12-18 12:12:25 +01:00
parent f6ae950201
commit 93177def1f
1 changed files with 66 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
client/lib/engine/bin/RegistryLib.py
View File

@ -19,7 +19,9 @@ import FileLib
# Función ficticia para lanzar chntpw con timeout de 5 s., evitando cuelgues del programa. # Función ficticia para lanzar chntpw con timeout de 5 s., evitando cuelgues del programa.
chntpw_exe = shutil.which ('drbl-chntpw') or shutil.which ('chntpw') chntpw_exe = shutil.which ('drbl-chntpw') or shutil.which ('chntpw')
def chntpw (hivefile, input_file): def chntpw (hivefile, input_file):
return subprocess.run ([chntpw_exe, '-e', hivefile], timeout=5, input=open(input_file, 'r'), capture_output=True, text=True).stdout with open (input_file, 'r') as fd:
input_contents = fd.read()
return subprocess.run ([chntpw_exe, '-e', hivefile], timeout=5, input=input_contents, capture_output=True, text=True).stdout
## en el codigo bash aparecen "${3%\\*}" y "${3##*\\}" varias veces ## en el codigo bash aparecen "${3%\\*}" y "${3##*\\}" varias veces
## ${3%\\*} es el "dirname" de una key del registro ## ${3%\\*} es el "dirname" de una key del registro
@ -49,13 +51,13 @@ def ogAddRegistryKey (mntpt, hive, k):
k_dirname, k_basename = _split_k (k) k_dirname, k_basename = _split_k (k)
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open (tmpfile, 'w') as f:
f.write (f'cd {k_dirname}\n') f.write (f'cd {k_dirname}\n')
f.write (f'nk {k_basename}\n') f.write (f'nk {k_basename}\n')
f.write ('q\ny\n') f.write ('q\ny\n')
chntpw (hivefile, tmpfile) f.close()
os.remove (tmpfile) chntpw (hivefile, f.name)
os.remove (f.name)
#/** #/**
# ogAddRegistryValue path_mountpoint str_hive str_valuename [str_valuetype] # ogAddRegistryValue path_mountpoint str_hive str_valuename [str_valuetype]
@ -88,13 +90,13 @@ def ogAddRegistryValue (mntpt, hive, k, vtype='STRING'):
SystemLib.ogRaiseError ([], ogGlobals.OG_ERR_OUTOFLIMIT, vtype) SystemLib.ogRaiseError ([], ogGlobals.OG_ERR_OUTOFLIMIT, vtype)
return return
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open (tmpfile, 'w') as f:
f.write (f'cd {k_dirname}\n') f.write (f'cd {k_dirname}\n')
f.write (f'nv {TYPE} {k_basename}\n') f.write (f'nv {TYPE} {k_basename}\n')
f.write ('q\ny\n') f.write ('q\ny\n')
chntpw (hivefile, tmpfile) f.close()
os.remove (tmpfile) chntpw (hivefile, f.name)
os.remove (f.name)
#/** #/**
@ -117,13 +119,13 @@ def ogDeleteRegistryKey (mntpt, hive, k):
k_dirname, k_basename = _split_k (k) k_dirname, k_basename = _split_k (k)
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open (tmpfile, 'w') as f:
f.write (f'cd {k_dirname}\n') f.write (f'cd {k_dirname}\n')
f.write (f'dk {k_basename}\n') f.write (f'dk {k_basename}\n')
f.write ('q\ny\n') f.write ('q\ny\n')
chntpw (hivefile, tmpfile) f.close()
os.remove (tmpfile) chntpw (hivefile, f.name)
os.remove (f.name)
#/** #/**
@ -146,13 +148,13 @@ def ogDeleteRegistryValue (mntpt, hive, k):
k_dirname, k_basename = _split_k (k) k_dirname, k_basename = _split_k (k)
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open(tmpfile, 'w') as f:
f.write (f'cd {k_dirname}\n') f.write (f'cd {k_dirname}\n')
f.write (f'dv {k_basename}\n') f.write (f'dv {k_basename}\n')
f.write ('q\ny\n') f.write ('q\ny\n')
chntpw (hivefile, tmpfile) f.close()
os.remove(tmpfile) chntpw (hivefile, f.name)
os.remove(f.name)
#/** #/**
@ -167,6 +169,8 @@ def ogDeleteRegistryValue (mntpt, hive, k):
#@warning El sistema de archivos de Windows debe estar montada previamente. #@warning El sistema de archivos de Windows debe estar montada previamente.
#*/ ## #*/ ##
#ogGetHivePath ('/mnt/sda1', 'user1') => /mnt/sda1/Users/user1/NTUSER.DAT #ogGetHivePath ('/mnt/sda1', 'user1') => /mnt/sda1/Users/user1/NTUSER.DAT
#ogGetHivePath ('/mnt/sda1', 'SYSTEM') => //mnt/sda1/Windows/System32/config/SYSTEM
#ogGetHivePath ('/mnt/sda1', 'IEUser') => //mnt/sda1/Users/IEUser/NTUSER.DAT
def ogGetHivePath(mntpt, hive): def ogGetHivePath(mntpt, hive):
# Camino del fichero de registro de usuario o de sistema (de menor a mayor prioridad). # Camino del fichero de registro de usuario o de sistema (de menor a mayor prioridad).
FILE = FileLib.ogGetPath(file=f"/{mntpt}/Windows/System32/config/{hive}") FILE = FileLib.ogGetPath(file=f"/{mntpt}/Windows/System32/config/{hive}")
@ -176,11 +180,7 @@ def ogGetHivePath(mntpt, hive):
if FILE and os.path.isfile(FILE): if FILE and os.path.isfile(FILE):
return FILE return FILE
else: else:
SystemLib.ogRaiseError( SystemLib.ogRaiseError ([], ogGlobals.OG_ERR_NOTFOUND, f'{mntpt} {hive}')
[],
ogGlobals.OG_ERR_NOTFOUND,
f"{mntpt} {hive}"
)
return None return None
@ -198,19 +198,19 @@ def ogGetHivePath(mntpt, hive):
#@warning El sistema de archivos de Windows debe estar montado previamente. #@warning El sistema de archivos de Windows debe estar montado previamente.
#*/ ## #*/ ##
def ogGetRegistryValue (mntpt, hive, k): def ogGetRegistryValue (mntpt, hive, k):
FILE = ogGetHivePath(mntpt, hive) hivefile = ogGetHivePath(mntpt, hive)
if not FILE: return if not hivefile: return
k_dirname, k_basename = _split_k (k) k_dirname, k_basename = _split_k (k)
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open(tmpfile, 'w') as f:
f.write (f'cd {k_dirname}\n') f.write (f'cd {k_dirname}\n')
f.write (f'cat {k_basename}\n') f.write (f'cat {k_basename}\n')
f.write ('q\n') f.write ('q\n')
f.close()
chntpw_out = chntpw (hivefile, f.name)
os.remove (f.name)
chntpw_out = chntpw (hivefile, tmpfile)
os.remove (tmpfile)
lines = chntpw_out.splitlines() lines = chntpw_out.splitlines()
if 2 != len (lines): if 2 != len (lines):
return None return None
@ -234,17 +234,17 @@ def ogGetRegistryValue (mntpt, hive, k):
#*/ ## #*/ ##
#ogListRegistryKeys ('/mnt/sda1', 'SOFTWARE', '\Microsoft\Windows\CurrentVersion') #ogListRegistryKeys ('/mnt/sda1', 'SOFTWARE', '\Microsoft\Windows\CurrentVersion')
def ogListRegistryKeys (mntpt, hive, k): def ogListRegistryKeys (mntpt, hive, k):
FILE = ogGetHivePath(mntpt, hive) hivefile = ogGetHivePath(mntpt, hive)
if not FILE: return if not hivefile: return
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open(tmpfile, 'w') as f:
f.write (f'ls {k}\n') f.write (f'ls {k}\n')
f.write ('q\n') f.write ('q\n')
chntpw_out = chntpw (hivefile, tmpfile) f.close()
os.remove (tmpfile) chntpw_out = chntpw (hivefile, f.name)
lines = chntpw_out.splitlines() os.remove (f.name)
lines = chntpw_out.splitlines()
ret = [] ret = []
for l in lines: for l in lines:
elems = re.split ('[<>]', l) elems = re.split ('[<>]', l)
@ -269,17 +269,17 @@ def ogListRegistryKeys (mntpt, hive, k):
#*/ ## #*/ ##
#ogListRegistryValues ('/mnt/sda1', 'SOFTWARE', '\Microsoft\Windows\CurrentVersion') #ogListRegistryValues ('/mnt/sda1', 'SOFTWARE', '\Microsoft\Windows\CurrentVersion')
def ogListRegistryValues (mntpt, hive, k): def ogListRegistryValues (mntpt, hive, k):
FILE = ogGetHivePath(mntpt, hive) hivefile = ogGetHivePath(mntpt, hive)
if not FILE: return if not hivefile: return
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
with open(tmpfile, 'w') as f:
f.write (f'ls {k}\n') f.write (f'ls {k}\n')
f.write ('q\n') f.write ('q\n')
chntpw_out = chntpw (hivefile, tmpfile) f.close()
os.remove (tmpfile) chntpw_out = chntpw (hivefile, f.name)
lines = chntpw_out.splitlines() os.remove (f.name)
lines = chntpw_out.splitlines()
ret = [] ret = []
for l in lines: for l in lines:
elems = re.split ('[<>]', l) elems = re.split ('[<>]', l)
@ -331,13 +331,14 @@ def ogSetRegistryValue (mntpt, hive, k, v):
k_dirname, k_basename = _split_k (k) k_dirname, k_basename = _split_k (k)
tmpfile = tempfile.TemporaryFile (prefix='chntpw-', mode='w') with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
try: ## TODO: indentation here. This 'try' should be indented
with open(tmpfile, 'w') as f:
f.write (f"ls {k_dirname}\n") f.write (f"ls {k_dirname}\n")
f.write ('q\n') f.write ('q\n')
f.close()
chntpw_out = chntpw (hivefile, f.name)
os.remove(f.name)
chntpw_out = chntpw (hivefile, tmpfile)
if re.search (f"BINARY.*<{k_basename}>", chntpw_out): if re.search (f"BINARY.*<{k_basename}>", chntpw_out):
## the entry in the registry is binary. Our input should be a sequence of bytes ## the entry in the registry is binary. Our input should be a sequence of bytes
@ -351,13 +352,10 @@ def ogSetRegistryValue (mntpt, hive, k, v):
else: else:
formatted = v formatted = v
with open(tmpfile, 'w') as f: with tempfile.NamedTemporaryFile (delete_on_close=False, prefix='chntpw-', mode='w') as f:
f.write (f'cd {k_dirname}\n') f.write (f'cd {k_dirname}\n')
f.write (f'ed {k_basename}\n') f.write (f'ed {k_basename}\n')
f.write (f'{formatted}\n') f.write (f'{formatted}\n')
f.write ('q\ny\n') f.write ('q\ny\n')
chntpw (hivefile, f.name)
# Aplicar cambios. os.remove(f.name)
chntpw (hivefile, tmpfile)
finally:
os.remove(tmpfile)