def get_local_data():
tmp_list = []
out_list = []
global g_verbose
try:
import _winreg as reg
except ImportError:
print "[-] \'winreg.py\' not found... Is this a Windows system?"
sys.exit(1)
hReg = reg.ConnectRegistry(None, reg.HKEY_LOCAL_MACHINE)
hSystem = reg.OpenKey(hReg, r'SYSTEM')
for i in xrange(1024):
try:
control_name = reg.EnumKey(hSystem, i)
if 'controlset' in control_name.lower():
hSessionMan = reg.OpenKey(hReg,
'SYSTEM\\%s\\Control\\Session Manager' % control_name)
for i in xrange(1024):
try:
subkey_name = reg.EnumKey(hSessionMan, i)
if ('appcompatibility' in subkey_name.lower()
or 'appcompatcache' in subkey_name.lower()):
appcompat_key = reg.OpenKey(hSessionMan, subkey_name)
bin_data = reg.QueryValueEx(appcompat_key,
'AppCompatCache')[0]
tmp_list = read_cache(bin_data)
if tmp_list:
path_name = 'SYSTEM\\%s\\Control\\Session Manager\\%s' % (control_name, subkey_name)
for row in tmp_list:
if g_verbose:
row.append(path_name)
if row not in out_list:
out_list.append(row)
except EnvironmentError:
break
except EnvironmentError:
break
if len(out_list) == 0:
return None
else:
#Add the header and return the list.
if g_verbose:
out_list.insert(0, output_header + ['Key Path'])
return out_list
else:
#Only return unique entries.
out_list = unique_list(out_list)
out_list.insert(0, output_header)
return out_list
# Read a MIR XML zip archive.
ShimCacheParser_ACP.py 文件源码
python
阅读 36
收藏 0
点赞 0
评论 0
评论列表
文章目录
