Skip to content
Snippets Groups Projects
Commit 3f3e83b5 authored by Nikos Skalkotos's avatar Nikos Skalkotos
Browse files

Add REG_{SZ,DWORD,BINARY} helper funcs in Registry

Those lambda functions are used to set a value of type REG_SZ,
REG_DWORD and REG_BINARY in a registry node
parent fcc4df5d
No related branches found
No related tags found
No related merge requests found
...@@ -33,6 +33,10 @@ WINDOWS_SETUP_STATES = ( ...@@ -33,6 +33,10 @@ WINDOWS_SETUP_STATES = (
"IMAGE_STATE_SPECIALIZE_RESEAL_TO_OOBE", "IMAGE_STATE_SPECIALIZE_RESEAL_TO_OOBE",
"IMAGE_STATE_SPECIALIZE_RESEAL_TO_AUDIT") "IMAGE_STATE_SPECIALIZE_RESEAL_TO_AUDIT")
REG_SZ = lambda k, v: {'key': k, 't': 1L,
'value': (v + '\x00').encode('utf-16le')}
REG_BINARY = lambda k, v: {'key': k, 't': 3L, 'value': v}
REG_DWORD = lambda k, v: {'key': k, 't': 4L, 'value': struct.pack('<I', v)}
class Registry(object): class Registry(object):
"""Windows Registry manipulation methods""" """Windows Registry manipulation methods"""
...@@ -148,12 +152,11 @@ class Registry(object): ...@@ -148,12 +152,11 @@ class Registry(object):
for desc, cmd in commands.items(): for desc, cmd in commands.items():
assert type(desc) is str and type(cmd) is str assert type(desc) is str and type(cmd) is str
value = {'key': desc, 't': 1, 'value': cmd.encode('utf-16le')} hive.node_set_value(runonce, REG_SZ(desc, cmd))
hive.node_set_value(runonce, value)
hive.commit(None) hive.commit(None)
def enable_autologon(self, username, password="", autoadminlogon=True): def enable_autologon(self, username, password=""):
"""Enable automatic logon for a specific user""" """Enable automatic logon for a specific user"""
assert type(username) is str and type(password) is str assert type(username) is str and type(password) is str
...@@ -165,16 +168,9 @@ class Registry(object): ...@@ -165,16 +168,9 @@ class Registry(object):
'Winlogon'): 'Winlogon'):
winlogon = hive.node_get_child(winlogon, child) winlogon = hive.node_get_child(winlogon, child)
hive.node_set_value(winlogon, hive.node_set_value(winlogon, REG_SZ('DefaultUserName', username))
{'key': 'DefaultUserName', 't': 1, hive.node_set_value(winlogon, REG_SZ('DefaultPassword', password))
'value': username.encode('utf-16le')}) hive.node_set_value(winlogon, REG_SZ('AutoAdminLogon', "1"))
hive.node_set_value(winlogon,
{'key': 'DefaultPassword', 't': 1,
'value': password.encode('utf-16le')})
hive.node_set_value(
winlogon,
{'key': 'AutoAdminLogon', 't': 1,
'value': ("%d" % int(autoadminlogon)).encode('utf-16le')})
hive.commit(None) hive.commit(None)
...@@ -212,9 +208,8 @@ class Registry(object): ...@@ -212,9 +208,8 @@ class Registry(object):
assert hive.value_type(old_value)[1] == 4 assert hive.value_type(old_value)[1] == 4
old_values.append(hive.value_dword(old_value)) old_values.append(hive.value_dword(old_value))
hive.node_set_value( hive.node_set_value(node, REG_DWORD('EnableFirewall',
node, {'key': 'EnableFirewall', 't': 4L, new_values.pop(0)))
'value': struct.pack("<I", new_values.pop(0))})
hive.commit(None) hive.commit(None)
return old_values return old_values
...@@ -255,10 +250,8 @@ class Registry(object): ...@@ -255,10 +250,8 @@ class Registry(object):
elif value == 0: elif value == 0:
return False return False
new_value = {'key': "LocalAccountTokenFilterPolicy", 't': 4L, hive.node_set_value(
'value': struct.pack("<I", value)} key, REG_DWORD("LocalAccountTokenFilterPolicy", value))
hive.node_set_value(key, new_value)
hive.commit(None) hive.commit(None)
return True return True
...@@ -326,7 +319,7 @@ class Registry(object): ...@@ -326,7 +319,7 @@ class Registry(object):
fmt = '%ds4x8s4x%ds' % (0xa0, len(v_val) - 0xb0) fmt = '%ds4x8s4x%ds' % (0xa0, len(v_val) - 0xb0)
new = ("\x00" * 4).join(struct.unpack(fmt, v_val)) new = ("\x00" * 4).join(struct.unpack(fmt, v_val))
hive.node_set_value(rid_node, {'key': "V", 't': 3L, 'value': new}) hive.node_set_value(rid_node, REG_BINARY('V', new))
hive.commit(None) hive.commit(None)
parent['old'] = v_val parent['old'] = v_val
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment