import win32security, ntsecuritycon, winnt
class Enum:
def __init__(self, *const_names):
"""Accepts variable number of constant names that can be found in either
win32security, ntsecuritycon, or winnt."""
for const_name in const_names:
try:
const_val=getattr(win32security,const_name)
except AttributeError:
try:
const_val=getattr(ntsecuritycon, const_name)
except AttributeError:
try:
const_val=getattr(winnt, const_name)
except AttributeError:
raise AttributeError('Constant "%s" not found in win32security, ntsecuritycon, or winnt.' %const_name)
setattr(self, const_name, const_val)
def lookup_name(self, const_val):
"""Looks up the name of a particular value."""
for k,v in self.__dict__.items():
if v==const_val:
return k
raise AttributeError('Value %s not found in enum' %const_val)
def lookup_flags(self, flags):
"""Returns the names of all recognized flags in input, and any flags not found in the enum."""
flag_names=[]
unknown_flags=flags
for k,v in self.__dict__.items():
if flags & v == v:
flag_names.append(k)
unknown_flags = unknown_flags & ~v
return flag_names, unknown_flags
TOKEN_INFORMATION_CLASS = Enum(
'TokenUser',
'TokenGroups',
'TokenPrivileges',
'TokenOwner',
'TokenPrimaryGroup',
'TokenDefaultDacl',
'TokenSource',
'TokenType',
'TokenImpersonationLevel',
'TokenStatistics',
'TokenRestrictedSids',
'TokenSessionId',
'TokenGroupsAndPrivileges',
'TokenSessionReference',
'TokenSandBoxInert',
'TokenAuditPolicy',
'TokenOrigin',
'TokenElevationType',
'TokenLinkedToken',
'TokenElevation',
'TokenHasRestrictions',
'TokenAccessInformation',
'TokenVirtualizationAllowed',
'TokenVirtualizationEnabled',
'TokenIntegrityLevel',
'TokenUIAccess',
'TokenMandatoryPolicy',
'TokenLogonSid')
TOKEN_TYPE = Enum(
'TokenPrimary',
'TokenImpersonation')
TOKEN_ELEVATION_TYPE = Enum(
'TokenElevationTypeDefault',
'TokenElevationTypeFull',
'TokenElevationTypeLimited')
POLICY_AUDIT_EVENT_TYPE = Enum(
'AuditCategorySystem',
'AuditCategoryLogon',
'AuditCategoryObjectAccess',
'AuditCategoryPrivilegeUse',
'AuditCategoryDetailedTracking',
'AuditCategoryPolicyChange',
'AuditCategoryAccountManagement',
'AuditCategoryDirectoryServiceAccess',
'AuditCategoryAccountLogon')
POLICY_INFORMATION_CLASS = Enum(
'PolicyAuditLogInformation',
'PolicyAuditEventsInformation',
'PolicyPrimaryDomainInformation',
'PolicyPdAccountInformation',
'PolicyAccountDomainInformation',
'PolicyLsaServerRoleInformation',
'PolicyReplicaSourceInformation',
'PolicyDefaultQuotaInformation',
'PolicyModificationInformation',
'PolicyAuditFullSetInformation',
'PolicyAuditFullQueryInformation',
'PolicyDnsDomainInformation')
POLICY_LSA_SERVER_ROLE = Enum(
'PolicyServerRoleBackup',
'PolicyServerRolePrimary')
## access modes for opening a policy handle - this is not a real enum
POLICY_ACCESS_MODES = Enum(
'POLICY_VIEW_LOCAL_INFORMATION',
'POLICY_VIEW_AUDIT_INFORMATION',
'POLICY_GET_PRIVATE_INFORMATION',
'POLICY_TRUST_ADMIN',
'POLICY_CREATE_ACCOUNT',
'POLICY_CREATE_SECRET',
'POLICY_CREATE_PRIVILEGE',
'POLICY_SET_DEFAULT_QUOTA_LIMITS',
'POLICY_SET_AUDIT_REQUIREMENTS',
'POLICY_AUDIT_LOG_ADMIN',
'POLICY_SERVER_ADMIN',
'POLICY_LOOKUP_NAMES',
'POLICY_NOTIFICATION',
'POLICY_ALL_ACCESS',
'POLICY_READ',
'POLICY_WRITE',
'POLICY_EXECUTE')
## EventAuditingOptions flags - not a real enum
POLICY_AUDIT_EVENT_OPTIONS_FLAGS = Enum(
'POLICY_AUDIT_EVENT_UNCHANGED',
'POLICY_AUDIT_EVENT_SUCCESS',
'POLICY_AUDIT_EVENT_FAILURE',
'POLICY_AUDIT_EVENT_NONE')
# AceType in ACE_HEADER - not a real enum
ACE_TYPE = Enum(
'ACCESS_MIN_MS_ACE_TYPE',
'ACCESS_ALLOWED_ACE_TYPE',
'ACCESS_DENIED_ACE_TYPE',
'SYSTEM_AUDIT_ACE_TYPE',
'SYSTEM_ALARM_ACE_TYPE',
'ACCESS_MAX_MS_V2_ACE_TYPE',
'ACCESS_ALLOWED_COMPOUND_ACE_TYPE',
'ACCESS_MAX_MS_V3_ACE_TYPE',
'ACCESS_MIN_MS_OBJECT_ACE_TYPE',
'ACCESS_ALLOWED_OBJECT_ACE_TYPE',
'ACCESS_DENIED_OBJECT_ACE_TYPE',
'SYSTEM_AUDIT_OBJECT_ACE_TYPE',
'SYSTEM_ALARM_OBJECT_ACE_TYPE',
'ACCESS_MAX_MS_OBJECT_ACE_TYPE',
'ACCESS_MAX_MS_V4_ACE_TYPE',
'ACCESS_MAX_MS_ACE_TYPE',
'ACCESS_ALLOWED_CALLBACK_ACE_TYPE',
'ACCESS_DENIED_CALLBACK_ACE_TYPE',
'ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE',
'ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE',
'SYSTEM_AUDIT_CALLBACK_ACE_TYPE',
'SYSTEM_ALARM_CALLBACK_ACE_TYPE',
'SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE',
'SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE',
'SYSTEM_MANDATORY_LABEL_ACE_TYPE',
'ACCESS_MAX_MS_V5_ACE_TYPE')
#bit flags for AceFlags - not a real enum
ACE_FLAGS = Enum(
'CONTAINER_INHERIT_ACE',
'FAILED_ACCESS_ACE_FLAG',
'INHERIT_ONLY_ACE',
'INHERITED_ACE',
'NO_PROPAGATE_INHERIT_ACE',
'OBJECT_INHERIT_ACE',
'SUCCESSFUL_ACCESS_ACE_FLAG',
'NO_INHERITANCE',
'SUB_CONTAINERS_AND_OBJECTS_INHERIT',
'SUB_CONTAINERS_ONLY_INHERIT',
'SUB_OBJECTS_ONLY_INHERIT')
# used in SetEntriesInAcl - very similar to ACE_TYPE
ACCESS_MODE = Enum(
'NOT_USED_ACCESS',
'GRANT_ACCESS',
'SET_ACCESS',
'DENY_ACCESS',
'REVOKE_ACCESS',
'SET_AUDIT_SUCCESS',
'SET_AUDIT_FAILURE')
# Bit flags in PSECURITY_DESCRIPTOR->Control - not a real enum
SECURITY_DESCRIPTOR_CONTROL_FLAGS = Enum(
'SE_DACL_AUTO_INHERITED', ## win2k and up
'SE_SACL_AUTO_INHERITED', ## win2k and up
'SE_DACL_PROTECTED', ## win2k and up
'SE_SACL_PROTECTED', ## win2k and up
'SE_DACL_DEFAULTED',
'SE_DACL_PRESENT',
'SE_GROUP_DEFAULTED',
'SE_OWNER_DEFAULTED',
'SE_SACL_PRESENT',
'SE_SELF_RELATIVE',
'SE_SACL_DEFAULTED')
# types of SID
SID_NAME_USE = Enum(
'SidTypeUser',
'SidTypeGroup',
'SidTypeDomain',
'SidTypeAlias',
'SidTypeWellKnownGroup',
'SidTypeDeletedAccount',
'SidTypeInvalid',
'SidTypeUnknown',
'SidTypeComputer',
'SidTypeLabel')
## bit flags, not a real enum
TOKEN_ACCESS_PRIVILEGES = Enum(
'TOKEN_ADJUST_DEFAULT',
'TOKEN_ADJUST_GROUPS',
'TOKEN_ADJUST_PRIVILEGES',
'TOKEN_ALL_ACCESS',
'TOKEN_ASSIGN_PRIMARY',
'TOKEN_DUPLICATE',
'TOKEN_EXECUTE',
'TOKEN_IMPERSONATE',
'TOKEN_QUERY',
'TOKEN_QUERY_SOURCE',
'TOKEN_READ',
'TOKEN_WRITE')
SECURITY_IMPERSONATION_LEVEL = Enum(
'SecurityAnonymous',
'SecurityIdentification',
'SecurityImpersonation',
'SecurityDelegation')
POLICY_SERVER_ENABLE_STATE = Enum(
'PolicyServerEnabled',
'PolicyServerDisabled')
POLICY_NOTIFICATION_INFORMATION_CLASS = Enum(
'PolicyNotifyAuditEventsInformation',
'PolicyNotifyAccountDomainInformation',
'PolicyNotifyServerRoleInformation',
'PolicyNotifyDnsDomainInformation',
'PolicyNotifyDomainEfsInformation',
'PolicyNotifyDomainKerberosTicketInformation',
'PolicyNotifyMachineAccountPasswordInformation')
TRUSTED_INFORMATION_CLASS = Enum(
'TrustedDomainNameInformation',
'TrustedControllersInformation',
'TrustedPosixOffsetInformation',
'TrustedPasswordInformation',
'TrustedDomainInformationBasic',
'TrustedDomainInformationEx',
'TrustedDomainAuthInformation',
'TrustedDomainFullInformation',
'TrustedDomainAuthInformationInternal',
'TrustedDomainFullInformationInternal',
'TrustedDomainInformationEx2Internal',
'TrustedDomainFullInformation2Internal')
TRUSTEE_FORM = Enum(
'TRUSTEE_IS_SID',
'TRUSTEE_IS_NAME',
'TRUSTEE_BAD_FORM',
'TRUSTEE_IS_OBJECTS_AND_SID',
'TRUSTEE_IS_OBJECTS_AND_NAME')
TRUSTEE_TYPE = Enum(
'TRUSTEE_IS_UNKNOWN',
'TRUSTEE_IS_USER',
'TRUSTEE_IS_GROUP',
'TRUSTEE_IS_DOMAIN',
'TRUSTEE_IS_ALIAS',
'TRUSTEE_IS_WELL_KNOWN_GROUP',
'TRUSTEE_IS_DELETED',
'TRUSTEE_IS_INVALID',
'TRUSTEE_IS_COMPUTER')
## SE_OBJECT_TYPE - securable objects
SE_OBJECT_TYPE = Enum(
'SE_UNKNOWN_OBJECT_TYPE',
'SE_FILE_OBJECT',
'SE_SERVICE',
'SE_PRINTER',
'SE_REGISTRY_KEY',
'SE_LMSHARE',
'SE_KERNEL_OBJECT',
'SE_WINDOW_OBJECT',
'SE_DS_OBJECT',
'SE_DS_OBJECT_ALL',
'SE_PROVIDER_DEFINED_OBJECT',
'SE_WMIGUID_OBJECT',
'SE_REGISTRY_WOW64_32KEY')
PRIVILEGE_FLAGS = Enum(
'SE_PRIVILEGE_ENABLED_BY_DEFAULT',
'SE_PRIVILEGE_ENABLED',
'SE_PRIVILEGE_USED_FOR_ACCESS')
# Group flags used with TokenGroups
TOKEN_GROUP_ATTRIBUTES = Enum(
'SE_GROUP_MANDATORY',
'SE_GROUP_ENABLED_BY_DEFAULT',
'SE_GROUP_ENABLED',
'SE_GROUP_OWNER',
'SE_GROUP_USE_FOR_DENY_ONLY',
'SE_GROUP_INTEGRITY',
'SE_GROUP_INTEGRITY_ENABLED',
'SE_GROUP_LOGON_ID',
'SE_GROUP_RESOURCE')
# Privilege flags returned by TokenPrivileges
TOKEN_PRIVILEGE_ATTRIBUTES = Enum(
'SE_PRIVILEGE_ENABLED_BY_DEFAULT',
'SE_PRIVILEGE_ENABLED',
'SE_PRIVILEGE_REMOVED',
'SE_PRIVILEGE_USED_FOR_ACCESS')