1
|
|
2
|
import os, sys
|
3
|
import win32security, ntsecuritycon
|
4
|
import collections
|
5
|
|
6
|
|
7
|
|
8
|
|
9
|
name=sys.argv[1]
|
10
|
|
11
|
if not os.path.exists(name):
|
12
|
print name, "does not exist!"
|
13
|
sys.exit()
|
14
|
|
15
|
print "On file " , name, "\n"
|
16
|
|
17
|
description = collections.OrderedDict()
|
18
|
description2 = collections.OrderedDict()
|
19
|
|
20
|
|
21
|
print "OWNER"
|
22
|
sd= win32security.GetFileSecurity(name, win32security.OWNER_SECURITY_INFORMATION)
|
23
|
sid= sd.GetSecurityDescriptorOwner()
|
24
|
print " ", win32security.LookupAccountSid(None, sid)
|
25
|
|
26
|
sid2 = win32security.LookupAccountSid(None, sid)
|
27
|
description['owner'] = sid2[0] + '\\' + sid2[1]
|
28
|
description2['owner'] = sid2[0] + '\\' + sid2[1]
|
29
|
description2['owner_sid'] = str(sid).replace('PySID:', '')
|
30
|
|
31
|
|
32
|
print "GROUP"
|
33
|
sd= win32security.GetFileSecurity(name, win32security.GROUP_SECURITY_INFORMATION)
|
34
|
sid= sd.GetSecurityDescriptorGroup()
|
35
|
print " ", win32security.LookupAccountSid(None, sid)
|
36
|
|
37
|
sid2 = win32security.LookupAccountSid(None, sid)
|
38
|
description['group'] = sid2[0] + '\\' + sid2[1]
|
39
|
description2['group'] = sid2[0] + '\\' + sid2[1]
|
40
|
description2['group_sid'] = str(sid).replace('PySID:', '')
|
41
|
|
42
|
|
43
|
sd= win32security.GetFileSecurity(name, win32security.DACL_SECURITY_INFORMATION)
|
44
|
dacl= sd.GetSecurityDescriptorDacl()
|
45
|
|
46
|
|
47
|
|
48
|
|
49
|
|
50
|
if dacl == None:
|
51
|
print "No Discretionary ACL"
|
52
|
else:
|
53
|
for ace_no in range(0, dacl.GetAceCount()):
|
54
|
ace= dacl.GetAce(ace_no)
|
55
|
|
56
|
|
57
|
entry = []
|
58
|
ace_type = []
|
59
|
|
60
|
for i in ("ACCESS_ALLOWED_ACE_TYPE", "ACCESS_DENIED_ACE_TYPE", "SYSTEM_AUDIT_ACE_TYPE", "SYSTEM_ALARM_ACE_TYPE"):
|
61
|
if getattr(ntsecuritycon, i) == ace[0][0]:
|
62
|
entry.append(i)
|
63
|
ace_type.append(i)
|
64
|
|
65
|
print " -Flags", hex(ace[0][1])
|
66
|
for i in ("OBJECT_INHERIT_ACE", "CONTAINER_INHERIT_ACE", "NO_PROPAGATE_INHERIT_ACE", "INHERIT_ONLY_ACE", "SUCCESSFUL_ACCESS_ACE_FLAG", "FAILED_ACCESS_ACE_FLAG"):
|
67
|
if getattr(ntsecuritycon, i) & ace[0][1] == getattr(ntsecuritycon, i):
|
68
|
entry.append(i)
|
69
|
|
70
|
print " -mask", hex(ace[1])
|
71
|
|
72
|
|
73
|
permissions_file= ("DELETE", "READ_CONTROL", "WRITE_DAC", "WRITE_OWNER", "SYNCHRONIZE", "FILE_GENERIC_READ", "FILE_GENERIC_WRITE", "FILE_GENERIC_EXECUTE", "FILE_DELETE_CHILD")
|
74
|
permissions_dir= ("DELETE", "READ_CONTROL", "WRITE_DAC", "WRITE_OWNER", "SYNCHRONIZE", "FILE_ADD_SUBDIRECTORY", "FILE_ADD_FILE", "FILE_DELETE_CHILD", "FILE_LIST_DIRECTORY", "FILE_TRAVERSE", "FILE_READ_ATTRIBUTES", "FILE_WRITE_ATTRIBUTES", "FILE_READ_EA", "FILE_WRITE_EA")
|
75
|
permissions_dir_inherit= ("DELETE", "READ_CONTROL", "WRITE_DAC", "WRITE_OWNER", "SYNCHRONIZE", "GENERIC_READ", "GENERIC_WRITE", "GENERIC_EXECUTE", "GENERIC_ALL")
|
76
|
if os.path.isfile(name):
|
77
|
permissions= permissions_file
|
78
|
else:
|
79
|
permissions= permissions_dir
|
80
|
|
81
|
if ace[0][1] & ntsecuritycon.OBJECT_INHERIT_ACE == ntsecuritycon.OBJECT_INHERIT_ACE and ace[0][1] & ntsecuritycon.INHERIT_ONLY_ACE == ntsecuritycon.INHERIT_ONLY_ACE:
|
82
|
permissions= permissions_dir_inherit
|
83
|
|
84
|
calc_mask= 0
|
85
|
|
86
|
ace_permissions = []
|
87
|
|
88
|
for i in permissions:
|
89
|
if getattr(ntsecuritycon, i) & ace[1] == getattr(ntsecuritycon, i):
|
90
|
calc_mask= calc_mask | getattr(ntsecuritycon, i)
|
91
|
print " ", i
|
92
|
entry.append(i)
|
93
|
ace_permissions.append(i)
|
94
|
|
95
|
print " ", "Calculated Check Mask=", hex(calc_mask)
|
96
|
print " -SID\n ", win32security.LookupAccountSid(None, ace[2])
|
97
|
|
98
|
sid = win32security.LookupAccountSid(None, ace[2])
|
99
|
description[sid[0] + '\\' + sid[1]] = entry
|
100
|
|
101
|
|
102
|
description2['ace_' + str(ace_no) + "_type"] = ace_type
|
103
|
description2['ace_' + str(ace_no) + "_permissions"] = ace_permissions
|
104
|
description2['ace_' + str(ace_no) + "_sid"] = str(ace[2]).replace('PySID:', '')
|
105
|
description2['ace_' + str(ace_no) + "_account"] = sid[0] + '\\' + sid[1]
|
106
|
|
107
|
|
108
|
print "_________________________________________________"
|
109
|
print "Description 1"
|
110
|
for k,v in description.items():
|
111
|
print k, ":", v
|
112
|
print
|
113
|
|
114
|
|
115
|
print "_________________________________________________"
|
116
|
print "Description 2"
|
117
|
for k,v in description2.items():
|
118
|
if isinstance(v, basestring):
|
119
|
print k, ":", v
|
120
|
else:
|
121
|
print k, ":", ",".join(v)
|