opengnsys
/
ogclone-engine
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refs #1309 fix ogGetRegistryValue

pull/1/head
Natalia Serrano 2024-12-18 14:42:29 +01:00
parent 32d5305dc2
commit d1b49362a4
1 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
client/lib/engine/bin/RegistryLib.py
View File

@ -184,6 +184,17 @@ def ogGetHivePath(mntpt, hive):
return None return None
## simulate 'grep --after-context 1'
def _grep_A1 (strings, search_term):
results = []
for i in range (len (strings)):
if search_term in strings[i]:
results.append (strings[i])
if i + 1 < len(strings):
results.append (strings[i + 1])
return results
#/** #/**
# ogGetRegistryValue path_mountpoint str_hive str_valuename # ogGetRegistryValue path_mountpoint str_hive str_valuename
#@brief Devuelve el dato de un valor del registro de Windows. #@brief Devuelve el dato de un valor del registro de Windows.
@ -212,11 +223,18 @@ def ogGetRegistryValue (mntpt, hive, k):
os.remove (f.name) os.remove (f.name)
lines = chntpw_out.splitlines() lines = chntpw_out.splitlines()
lines = _grep_A1 (lines, '> Value')
if 2 != len (lines): if 2 != len (lines):
return None return None
ret = None
if 'REG_BINARY' in lines[0]: if 'REG_BINARY' in lines[0]:
offset, content = lines[1].split (maxsplit=1) if re.search ('^:[0-9A-F]+ ', lines[1]):
return content print ('re.match')
ret = lines[1][8:56]
else:
ret = lines[1]
return ret
#/** #/**