????
Your IP : 216.73.216.227
import ntsecuritycon
import win32security
import winnt
class Enum:
def __init__(self, *const_names):
"""Accepts variable number of constant names that can be found in either
win32security, ntsecuritycon, or winnt."""
for const_name in const_names:
try:
const_val = getattr(win32security, const_name)
except AttributeError:
try:
const_val = getattr(ntsecuritycon, const_name)
except AttributeError:
try:
const_val = getattr(winnt, const_name)
except AttributeError:
raise AttributeError(
'Constant "%s" not found in win32security, ntsecuritycon, or winnt.'
% const_name
)
setattr(self, const_name, const_val)
def lookup_name(self, const_val):
"""Looks up the name of a particular value."""
for k, v in self.__dict__.items():
if v == const_val:
return k
raise AttributeError("Value %s not found in enum" % const_val)
def lookup_flags(self, flags):
"""Returns the names of all recognized flags in input, and any flags not found in the enum."""
flag_names = []
unknown_flags = flags
for k, v in self.__dict__.items():
if flags & v == v:
flag_names.append(k)
unknown_flags = unknown_flags & ~v
return flag_names, unknown_flags
TOKEN_INFORMATION_CLASS = Enum(
"TokenUser",
"TokenGroups",
"TokenPrivileges",
"TokenOwner",
"TokenPrimaryGroup",
"TokenDefaultDacl",
"TokenSource",
"TokenType",
"TokenImpersonationLevel",
"TokenStatistics",
"TokenRestrictedSids",
"TokenSessionId",
"TokenGroupsAndPrivileges",
"TokenSessionReference",
"TokenSandBoxInert",
"TokenAuditPolicy",
"TokenOrigin",
"TokenElevationType",
"TokenLinkedToken",
"TokenElevation",
"TokenHasRestrictions",
"TokenAccessInformation",
"TokenVirtualizationAllowed",
"TokenVirtualizationEnabled",
"TokenIntegrityLevel",
"TokenUIAccess",
"TokenMandatoryPolicy",
"TokenLogonSid",
)
TOKEN_TYPE = Enum("TokenPrimary", "TokenImpersonation")
TOKEN_ELEVATION_TYPE = Enum(
"TokenElevationTypeDefault", "TokenElevationTypeFull", "TokenElevationTypeLimited"
)
POLICY_AUDIT_EVENT_TYPE = Enum(
"AuditCategorySystem",
"AuditCategoryLogon",
"AuditCategoryObjectAccess",
"AuditCategoryPrivilegeUse",
"AuditCategoryDetailedTracking",
"AuditCategoryPolicyChange",
"AuditCategoryAccountManagement",
"AuditCategoryDirectoryServiceAccess",
"AuditCategoryAccountLogon",
)
POLICY_INFORMATION_CLASS = Enum(
"PolicyAuditLogInformation",
"PolicyAuditEventsInformation",
"PolicyPrimaryDomainInformation",
"PolicyPdAccountInformation",
"PolicyAccountDomainInformation",
"PolicyLsaServerRoleInformation",
"PolicyReplicaSourceInformation",
"PolicyDefaultQuotaInformation",
"PolicyModificationInformation",
"PolicyAuditFullSetInformation",
"PolicyAuditFullQueryInformation",
"PolicyDnsDomainInformation",
)
POLICY_LSA_SERVER_ROLE = Enum("PolicyServerRoleBackup", "PolicyServerRolePrimary")
## access modes for opening a policy handle - this is not a real enum
POLICY_ACCESS_MODES = Enum(
"POLICY_VIEW_LOCAL_INFORMATION",
"POLICY_VIEW_AUDIT_INFORMATION",
"POLICY_GET_PRIVATE_INFORMATION",
"POLICY_TRUST_ADMIN",
"POLICY_CREATE_ACCOUNT",
"POLICY_CREATE_SECRET",
"POLICY_CREATE_PRIVILEGE",
"POLICY_SET_DEFAULT_QUOTA_LIMITS",
"POLICY_SET_AUDIT_REQUIREMENTS",
"POLICY_AUDIT_LOG_ADMIN",
"POLICY_SERVER_ADMIN",
"POLICY_LOOKUP_NAMES",
"POLICY_NOTIFICATION",
"POLICY_ALL_ACCESS",
"POLICY_READ",
"POLICY_WRITE",
"POLICY_EXECUTE",
)
## EventAuditingOptions flags - not a real enum
POLICY_AUDIT_EVENT_OPTIONS_FLAGS = Enum(
"POLICY_AUDIT_EVENT_UNCHANGED",
"POLICY_AUDIT_EVENT_SUCCESS",
"POLICY_AUDIT_EVENT_FAILURE",
"POLICY_AUDIT_EVENT_NONE",
)
# AceType in ACE_HEADER - not a real enum
ACE_TYPE = Enum(
"ACCESS_MIN_MS_ACE_TYPE",
"ACCESS_ALLOWED_ACE_TYPE",
"ACCESS_DENIED_ACE_TYPE",
"SYSTEM_AUDIT_ACE_TYPE",
"SYSTEM_ALARM_ACE_TYPE",
"ACCESS_MAX_MS_V2_ACE_TYPE",
"ACCESS_ALLOWED_COMPOUND_ACE_TYPE",
"ACCESS_MAX_MS_V3_ACE_TYPE",
"ACCESS_MIN_MS_OBJECT_ACE_TYPE",
"ACCESS_ALLOWED_OBJECT_ACE_TYPE",
"ACCESS_DENIED_OBJECT_ACE_TYPE",
"SYSTEM_AUDIT_OBJECT_ACE_TYPE",
"SYSTEM_ALARM_OBJECT_ACE_TYPE",
"ACCESS_MAX_MS_OBJECT_ACE_TYPE",
"ACCESS_MAX_MS_V4_ACE_TYPE",
"ACCESS_MAX_MS_ACE_TYPE",
"ACCESS_ALLOWED_CALLBACK_ACE_TYPE",
"ACCESS_DENIED_CALLBACK_ACE_TYPE",
"ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE",
"ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE",
"SYSTEM_AUDIT_CALLBACK_ACE_TYPE",
"SYSTEM_ALARM_CALLBACK_ACE_TYPE",
"SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE",
"SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE",
"SYSTEM_MANDATORY_LABEL_ACE_TYPE",
"ACCESS_MAX_MS_V5_ACE_TYPE",
)
# bit flags for AceFlags - not a real enum
ACE_FLAGS = Enum(
"CONTAINER_INHERIT_ACE",
"FAILED_ACCESS_ACE_FLAG",
"INHERIT_ONLY_ACE",
"INHERITED_ACE",
"NO_PROPAGATE_INHERIT_ACE",
"OBJECT_INHERIT_ACE",
"SUCCESSFUL_ACCESS_ACE_FLAG",
"NO_INHERITANCE",
"SUB_CONTAINERS_AND_OBJECTS_INHERIT",
"SUB_CONTAINERS_ONLY_INHERIT",
"SUB_OBJECTS_ONLY_INHERIT",
)
# used in SetEntriesInAcl - very similar to ACE_TYPE
ACCESS_MODE = Enum(
"NOT_USED_ACCESS",
"GRANT_ACCESS",
"SET_ACCESS",
"DENY_ACCESS",
"REVOKE_ACCESS",
"SET_AUDIT_SUCCESS",
"SET_AUDIT_FAILURE",
)
# Bit flags in PSECURITY_DESCRIPTOR->Control - not a real enum
SECURITY_DESCRIPTOR_CONTROL_FLAGS = Enum(
"SE_DACL_AUTO_INHERITED", ## win2k and up
"SE_SACL_AUTO_INHERITED", ## win2k and up
"SE_DACL_PROTECTED", ## win2k and up
"SE_SACL_PROTECTED", ## win2k and up
"SE_DACL_DEFAULTED",
"SE_DACL_PRESENT",
"SE_GROUP_DEFAULTED",
"SE_OWNER_DEFAULTED",
"SE_SACL_PRESENT",
"SE_SELF_RELATIVE",
"SE_SACL_DEFAULTED",
)
# types of SID
SID_NAME_USE = Enum(
"SidTypeUser",
"SidTypeGroup",
"SidTypeDomain",
"SidTypeAlias",
"SidTypeWellKnownGroup",
"SidTypeDeletedAccount",
"SidTypeInvalid",
"SidTypeUnknown",
"SidTypeComputer",
"SidTypeLabel",
)
## bit flags, not a real enum
TOKEN_ACCESS_PRIVILEGES = Enum(
"TOKEN_ADJUST_DEFAULT",
"TOKEN_ADJUST_GROUPS",
"TOKEN_ADJUST_PRIVILEGES",
"TOKEN_ALL_ACCESS",
"TOKEN_ASSIGN_PRIMARY",
"TOKEN_DUPLICATE",
"TOKEN_EXECUTE",
"TOKEN_IMPERSONATE",
"TOKEN_QUERY",
"TOKEN_QUERY_SOURCE",
"TOKEN_READ",
"TOKEN_WRITE",
)
SECURITY_IMPERSONATION_LEVEL = Enum(
"SecurityAnonymous",
"SecurityIdentification",
"SecurityImpersonation",
"SecurityDelegation",
)
POLICY_SERVER_ENABLE_STATE = Enum("PolicyServerEnabled", "PolicyServerDisabled")
POLICY_NOTIFICATION_INFORMATION_CLASS = Enum(
"PolicyNotifyAuditEventsInformation",
"PolicyNotifyAccountDomainInformation",
"PolicyNotifyServerRoleInformation",
"PolicyNotifyDnsDomainInformation",
"PolicyNotifyDomainEfsInformation",
"PolicyNotifyDomainKerberosTicketInformation",
"PolicyNotifyMachineAccountPasswordInformation",
)
TRUSTED_INFORMATION_CLASS = Enum(
"TrustedDomainNameInformation",
"TrustedControllersInformation",
"TrustedPosixOffsetInformation",
"TrustedPasswordInformation",
"TrustedDomainInformationBasic",
"TrustedDomainInformationEx",
"TrustedDomainAuthInformation",
"TrustedDomainFullInformation",
"TrustedDomainAuthInformationInternal",
"TrustedDomainFullInformationInternal",
"TrustedDomainInformationEx2Internal",
"TrustedDomainFullInformation2Internal",
)
TRUSTEE_FORM = Enum(
"TRUSTEE_IS_SID",
"TRUSTEE_IS_NAME",
"TRUSTEE_BAD_FORM",
"TRUSTEE_IS_OBJECTS_AND_SID",
"TRUSTEE_IS_OBJECTS_AND_NAME",
)
TRUSTEE_TYPE = Enum(
"TRUSTEE_IS_UNKNOWN",
"TRUSTEE_IS_USER",
"TRUSTEE_IS_GROUP",
"TRUSTEE_IS_DOMAIN",
"TRUSTEE_IS_ALIAS",
"TRUSTEE_IS_WELL_KNOWN_GROUP",
"TRUSTEE_IS_DELETED",
"TRUSTEE_IS_INVALID",
"TRUSTEE_IS_COMPUTER",
)
## SE_OBJECT_TYPE - securable objects
SE_OBJECT_TYPE = Enum(
"SE_UNKNOWN_OBJECT_TYPE",
"SE_FILE_OBJECT",
"SE_SERVICE",
"SE_PRINTER",
"SE_REGISTRY_KEY",
"SE_LMSHARE",
"SE_KERNEL_OBJECT",
"SE_WINDOW_OBJECT",
"SE_DS_OBJECT",
"SE_DS_OBJECT_ALL",
"SE_PROVIDER_DEFINED_OBJECT",
"SE_WMIGUID_OBJECT",
"SE_REGISTRY_WOW64_32KEY",
)
PRIVILEGE_FLAGS = Enum(
"SE_PRIVILEGE_ENABLED_BY_DEFAULT",
"SE_PRIVILEGE_ENABLED",
"SE_PRIVILEGE_USED_FOR_ACCESS",
)
# Group flags used with TokenGroups
TOKEN_GROUP_ATTRIBUTES = Enum(
"SE_GROUP_MANDATORY",
"SE_GROUP_ENABLED_BY_DEFAULT",
"SE_GROUP_ENABLED",
"SE_GROUP_OWNER",
"SE_GROUP_USE_FOR_DENY_ONLY",
"SE_GROUP_INTEGRITY",
"SE_GROUP_INTEGRITY_ENABLED",
"SE_GROUP_LOGON_ID",
"SE_GROUP_RESOURCE",
)
# Privilege flags returned by TokenPrivileges
TOKEN_PRIVILEGE_ATTRIBUTES = Enum(
"SE_PRIVILEGE_ENABLED_BY_DEFAULT",
"SE_PRIVILEGE_ENABLED",
"SE_PRIVILEGE_REMOVED",
"SE_PRIVILEGE_USED_FOR_ACCESS",
)