I'm trying to decrypt the Windows wireless password stored in the profile xml file using Python. I came across a blog post giving an example of how to do it calling Windows CryptUnprotectData using Python's win32crypt module. My problem is I get the Key not valid for use in specified state error and need to run it using LocalSystem.
You will get that error even if you run cmd.exe as an administrator. Here's where you need to know a bit about Windows that, as a Windows n00b, I didn't know: the LocalSystem account is different from the administrator privilege. In order to run cmd.exe with the LocalSystem account, you need to install a Microsoft package called PsTools. Inside PsTools a program called PsExec, which is a little bit like sudo on Un*x. Just download the zip linked at the bottom of the Microsoft TechNet page above and unzip it somewhere where you can find it.
To use PsExec, open cmd.exe as an administrator (open the start menu in the bottom-left of your screen, type cmd.exe into the search box, and press Ctrl+Shift+Enter to run it as an admin). Hit "continue" on the User Account Control dialog box that opens. In the command shell that opens, navigate to the directory where you unzipped PsTools. Now run "psexec.exe /s /i cmd.exe". After you agree to PsTools's EULA, PsTools should open a new cmd.exe shell window
running as LocalSystem.
Is there a way around this error without using psexec.exe as the blog post states? Perhaps using CryptoPy or PyCrypto?
For reference, the encrypted password I retrieve is the keyMaterial key from the Windows Vista profile xml file.
The code I'm using:
import win32crypt
mykey='01000000D08C9DDF.....' # 308 characters long
binout = []
for i in range(len(mykey)):
if i % 2 == 0:
binout.append(chr(int(mykey[i:i+2],16)))
pwdHash=''.join(binout)
output = win32crypt.CryptUnprotectData(pwdHash,None,None,None,0)
print "hex:", "".join(["%02X" % ord(char) for char in output[1]])
print "ascii:", output[1]
Thanks in advance.
Wht not ask your system administrator to give you LocalSystem privileges, if that is what you need?
BTW, don't bother with the complex conversion from hex to binary. Just do:
In [5]: '01000000D08C9DDF'.decode('hex')
Out[5]: '\x01\x00\x00\x00\xd0\x8c\x9d\xdf'
Related
I'm trying to write basic program with Python. I'm typing Windows commands with os library. Because of that, it doesn't work and wants to be admin. There was being superuser with a command in Linux(sudo). I couldn't find any way to run my program as administrator. I tried wmic and got an error named "Alias not found". Are there any way to run program as administrator?
If you are trying to make a program run in admin mode(the short handle we use for windows). If the object is an executable file or type of script and a few other file types I am not 100% certain of the extensive list. You would just right-click the file and select run as admin mode. If you are trying to run your program in admin mode I do believe that if you make python run as admin mode all the time your .py files should inherit the administrative privileges I would need someone to clarify that though. I am slightly confused as to your question though, as you say typing commands in os library are referring to the CMD(Command Prompt)?
Edit: In case you were referring to CMD open the start menu and type CMD and Right click and open as admin mode.
I remember that at some point I used to be able open up the python IDLE from the command line by simply typing "idle" return, which would pop up the python idle editor. I recently got a new machine and installed python, but have to open idle from the windows start menu.
When trying to run "idle" or "idle3" from the command line I get
C:\Users\SSims>idle3
'idle3' is not recognized as an internal or external command,
operable program or batch file.
Can anyone tell me how to get the command line "idle" command set up. Thanks for any help!
There are no step-by-step fixes that I have found online to answer this question, but many that answer specific portions of the question scattered around online. Hopefully, this will help others with the same question in the future, as I know there are many who could benefit from this answer.
If you have selected "Add Python X.x to Path Variables" upon installation then you should be able to run "python" from the command line to start the python editor. Similarly, this will allow you to do the same for IDLE.
First, hit your windows key and type "path" then enter to go to your system environment page in settings.
Next, click "Environment Variables then select "Path" under user variables
There should be a popup that contains a path that looks like this:
C:\Users\SSims\AppData\Local\Programs\Python\Python37-32\
Copy that address then click "new"
Paste that address, then at the end of it type "Lib\idlelib" so that your new variable now looks like:
C:\Users\SSims\AppData\Local\Programs\Python\Python37-32\Lib\idlelib
This should be the path to the folder in which the idle executable file resides.
Note: You can check that path to ensure it is right by pasting it into the windows start menu and it should redirect you to the folder. If it doesn't, you can paste the path to the python folder from earlier that was added automatically upon installation and search around in there until you find the idle executable, then add that folder to the Path variables to get it to work.
You should now be able to run the idle command from command prompt, hope this helps!!
Instead of IDLE use, python -m idlelib command
check the IDLE official document
Im trying to make a script where every time I press x, it prints y.
When I run the code:
import keyboard
if keyboard.is_pressed('x'):
print ("y")
The console outputs:
raise OSError("Error 13 - Must be run as administrator")
OSError: Error 13 - Must be run as administrator
Thanks!
You can't run a script with virtual keyboard inputs like you regular python file in the macOS terminal due to a security feature.
Let's assume your filename is script.py.
If you type
python3 script.py
macOS would view this as a security breach as recording keyboard inputs (like keyboard.is_pressed('x')) is a typical method for recording someone's password as they type it in on a website, application, etc.
To prevent that error, you'd need to run the file as an administrator.
To do so, type:
sudo python3 script.py
It will ask you for your user's password and then proceed to execute the code.
The keyboard module registers global key events (they trigger without application focus) and this requires administrator permissions under MacOS.
I'm learning Python by the book 'Think Python.'
My computer's OS is Windows 10.
I tried using os.popen ('14.8 Pipes' in http://www.greenteapress.com/thinkpython/html/thinkpython015.html) but the book provides an example on Unix.
I want to run Unix on Python script out of curiosity.
I already installed Git bash and Virtual box, but I don't know how to connect and to use Python.
The example provided by the book is:
14.8 Pipes
Most operating systems provide a command-line interface, also known as
a shell. Shells usually provide commands to navigate the file system
and launch applications. For example, in Unix you can change
directories with cd, display the contents of a directory with ls, and
launch a web browser by typing (for example) firefox.
Any program that you can launch from the shell can also be launched
from Python using a pipe. A pipe is an object that represents a
running program.
For example, the Unix command ls -l normally displays the contents of
the current directory (in long format). You can launch ls with
os.popen1:
>>> cmd = 'ls -l'
>>> fp = os.popen(cmd)
It appears you are getting tripped up converting the ls command which lists directory contents on *nix to a Windows command. If you search for "what is the windows version of ls" in a search engine, you will discover that Windows provides similar functionality through dir. For more useful conversions check out the conversion table on lemonda.net.
Changing the code to
>>> cmd = 'dir' and calling it via
>>> fp = os.popen(cmd)
Should enable the example to run on Windows.
if you have the latest update of windows 10 you can use Ubuntu, a version of Linux, from your command prompt by just typing the word 'bash' and waiting on it to download some files. if you see a $ at the end of your command line you got it. after that just type 'sudo apt-get install python' and enter your windows password when it asks for your password hit the 'Y' key when it asks if you are sure. then you should be able to go from the book from there.
EDIT: I believe you have to run cmd as administrator to install bash. You also may have to enable it by hitting the 'windows key + r' to open the run window then type 'appwiz.cpl to open the uninstall window and then click the button on the left of the screen that says 'Turn Windows features on or off', then wait for that to load and then go check the box by 'Windows Subsystems for Linux (Beta)' and then trying to type 'bash' in an elevated cmd prompt.
I'm trying to make my python script run upon startup but I get the error message windowserror access denied, but I should be able to make programs start upon boot because teamviewer ( a third-party program I downloaded ) runs every time I restart my computer so I know that I should be able to make my program run at startup (I might be doing something different though, so if you could shed some light on what teamviewer is doing differently to get its script to run at startup that would be helpful).
Here is my script
import _winreg, webbrowser
key = _winreg.OpenKey(_winreg.HKEY_CURRENT_USER,'Software\Microsoft\Windows\CurrentVersion\Run')
_winreg.SetValueEx(key,'pytest',0,_winreg.REG_BINARY,'C:\Users\"USERNAME"\Desktop\test.py')
key.Close()
webbrowser.open('www.youtube.com')
Any input is appreciated.
import webbrowser
webbrowser.open('www.youtube.com')
Get rid of all of that _winreg stuff. Instead, you (assuming double-clicking on a py file opens the console) should simply place it in your startup folder (C:\Users\yourusername\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup on Windows 7, and C:\Documents and Settings\yourusername\Start Menu\Programs\Startup in XP). This works because Windows tries to open all files in the startup folder, and if Python opens PYs by default, Windows will open the Python console. Try restarting, that should work.
Baboon:
I am a little late posting, but you seem to have left off the sam at the end of your code here.
When you open a key you need to add the user rights, if you do not _winreg defaults to "READ":
Here is a snippet from the python site
http://docs.python.org/2/library/_winreg.html#access-rights
sam is an integer that specifies an access mask that describes the desired security access for the key. Default is KEY_READ. See Access Rights for other allowed values.
Here is the code corrected:
import _winreg, webbrowser
key = _winreg.OpenKey(_winreg.HKEY_CURRENT_USER,'Software\Microsoft\Windows\CurrentVersion\Run',_winreg.KEY_SET_VALUE)
_winreg.SetValueEx(key,'pytest',0,_winreg.REG_BINARY,'C:\Users\"USERNAME"\Desktop\test.py')
key.Close()
webbrowser.open('www.youtube.com')