Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Package win32 :: Module wtsapi32
[hide private]
[frames] | no frames]

Source Code for Module winappdbg.win32.wtsapi32

  1  #!/usr/bin/env python 
  2  # -*- coding: utf-8 -*- 
  3   
  4  # Copyright (c) 2009-2014, Mario Vilas 
  5  # All rights reserved. 
  6  # 
  7  # Redistribution and use in source and binary forms, with or without 
  8  # modification, are permitted provided that the following conditions are met: 
  9  # 
 10  #     * Redistributions of source code must retain the above copyright notice, 
 11  #       this list of conditions and the following disclaimer. 
 12  #     * Redistributions in binary form must reproduce the above copyright 
 13  #       notice,this list of conditions and the following disclaimer in the 
 14  #       documentation and/or other materials provided with the distribution. 
 15  #     * Neither the name of the copyright holder nor the names of its 
 16  #       contributors may be used to endorse or promote products derived from 
 17  #       this software without specific prior written permission. 
 18  # 
 19  # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
 20  # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
 21  # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
 22  # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
 23  # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
 24  # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
 25  # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
 26  # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
 27  # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
 28  # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
 29  # POSSIBILITY OF SUCH DAMAGE. 
 30   
 31  """ 
 32  Wrapper for wtsapi32.dll in ctypes. 
 33  """ 
 34   
 35  __revision__ = "$Id: wtsapi32.py 1299 2013-12-20 09:30:55Z qvasimodo $" 
 36   
 37  from defines import * 
 38  from advapi32 import * 
 39   
 40  #============================================================================== 
 41  # This is used later on to calculate the list of exported symbols. 
 42  _all = None 
 43  _all = set(vars().keys()) 
 44  #============================================================================== 
 45   
 46  #--- Constants ---------------------------------------------------------------- 
 47   
 48  WTS_CURRENT_SERVER_HANDLE = 0 
 49  WTS_CURRENT_SESSION       = 1 
 50   
 51  #--- WTS_PROCESS_INFO structure ----------------------------------------------- 
 52   
 53  # typedef struct _WTS_PROCESS_INFO { 
 54  #   DWORD  SessionId; 
 55  #   DWORD  ProcessId; 
 56  #   LPTSTR pProcessName; 
 57  #   PSID   pUserSid; 
 58  # } WTS_PROCESS_INFO, *PWTS_PROCESS_INFO; 
 59   

 60 -class WTS_PROCESS_INFOA(Structure): 

 61      _fields_ = [ 
 62          ("SessionId",    DWORD), 
 63          ("ProcessId",    DWORD), 
 64          ("pProcessName", LPSTR), 
 65          ("pUserSid",     PSID), 
 66      ] 

 67  PWTS_PROCESS_INFOA = POINTER(WTS_PROCESS_INFOA) 
 68   

 69 -class WTS_PROCESS_INFOW(Structure): 

 70      _fields_ = [ 
 71          ("SessionId",    DWORD), 
 72          ("ProcessId",    DWORD), 
 73          ("pProcessName", LPWSTR), 
 74          ("pUserSid",     PSID), 
 75      ] 

 76  PWTS_PROCESS_INFOW = POINTER(WTS_PROCESS_INFOW) 
 77   
 78  #--- WTSQuerySessionInformation enums and structures -------------------------- 
 79   
 80  # typedef enum _WTS_INFO_CLASS { 
 81  #   WTSInitialProgram          = 0, 
 82  #   WTSApplicationName         = 1, 
 83  #   WTSWorkingDirectory        = 2, 
 84  #   WTSOEMId                   = 3, 
 85  #   WTSSessionId               = 4, 
 86  #   WTSUserName                = 5, 
 87  #   WTSWinStationName          = 6, 
 88  #   WTSDomainName              = 7, 
 89  #   WTSConnectState            = 8, 
 90  #   WTSClientBuildNumber       = 9, 
 91  #   WTSClientName              = 10, 
 92  #   WTSClientDirectory         = 11, 
 93  #   WTSClientProductId         = 12, 
 94  #   WTSClientHardwareId        = 13, 
 95  #   WTSClientAddress           = 14, 
 96  #   WTSClientDisplay           = 15, 
 97  #   WTSClientProtocolType      = 16, 
 98  #   WTSIdleTime                = 17, 
 99  #   WTSLogonTime               = 18, 
100  #   WTSIncomingBytes           = 19, 
101  #   WTSOutgoingBytes           = 20, 
102  #   WTSIncomingFrames          = 21, 
103  #   WTSOutgoingFrames          = 22, 
104  #   WTSClientInfo              = 23, 
105  #   WTSSessionInfo             = 24, 
106  #   WTSSessionInfoEx           = 25, 
107  #   WTSConfigInfo              = 26, 
108  #   WTSValidationInfo          = 27, 
109  #   WTSSessionAddressV4        = 28, 
110  #   WTSIsRemoteSession         = 29 
111  # } WTS_INFO_CLASS; 
112   
113  WTSInitialProgram          = 0 
114  WTSApplicationName         = 1 
115  WTSWorkingDirectory        = 2 
116  WTSOEMId                   = 3 
117  WTSSessionId               = 4 
118  WTSUserName                = 5 
119  WTSWinStationName          = 6 
120  WTSDomainName              = 7 
121  WTSConnectState            = 8 
122  WTSClientBuildNumber       = 9 
123  WTSClientName              = 10 
124  WTSClientDirectory         = 11 
125  WTSClientProductId         = 12 
126  WTSClientHardwareId        = 13 
127  WTSClientAddress           = 14 
128  WTSClientDisplay           = 15 
129  WTSClientProtocolType      = 16 
130  WTSIdleTime                = 17 
131  WTSLogonTime               = 18 
132  WTSIncomingBytes           = 19 
133  WTSOutgoingBytes           = 20 
134  WTSIncomingFrames          = 21 
135  WTSOutgoingFrames          = 22 
136  WTSClientInfo              = 23 
137  WTSSessionInfo             = 24 
138  WTSSessionInfoEx           = 25 
139  WTSConfigInfo              = 26 
140  WTSValidationInfo          = 27 
141  WTSSessionAddressV4        = 28 
142  WTSIsRemoteSession         = 29 
143   
144  WTS_INFO_CLASS = ctypes.c_int 
145   
146  # typedef enum _WTS_CONNECTSTATE_CLASS { 
147  #   WTSActive, 
148  #   WTSConnected, 
149  #   WTSConnectQuery, 
150  #   WTSShadow, 
151  #   WTSDisconnected, 
152  #   WTSIdle, 
153  #   WTSListen, 
154  #   WTSReset, 
155  #   WTSDown, 
156  #   WTSInit 
157  # } WTS_CONNECTSTATE_CLASS; 
158   
159  WTSActive       = 0 
160  WTSConnected    = 1 
161  WTSConnectQuery = 2 
162  WTSShadow       = 3 
163  WTSDisconnected = 4 
164  WTSIdle         = 5 
165  WTSListen       = 6 
166  WTSReset        = 7 
167  WTSDown         = 8 
168  WTSInit         = 9 
169   
170  WTS_CONNECTSTATE_CLASS = ctypes.c_int 
171   
172  # typedef struct _WTS_CLIENT_DISPLAY { 
173  #   DWORD HorizontalResolution; 
174  #   DWORD VerticalResolution; 
175  #   DWORD ColorDepth; 
176  # } WTS_CLIENT_DISPLAY, *PWTS_CLIENT_DISPLAY; 

177 -class WTS_CLIENT_DISPLAY(Structure): 

178      _fields_ = [ 
179          ("HorizontalResolution", DWORD), 
180          ("VerticalResolution",   DWORD), 
181          ("ColorDepth",           DWORD), 
182      ] 

183  PWTS_CLIENT_DISPLAY = POINTER(WTS_CLIENT_DISPLAY) 
184   
185  # typedef struct _WTS_CLIENT_ADDRESS { 
186  #   DWORD AddressFamily; 
187  #   BYTE  Address[20]; 
188  # } WTS_CLIENT_ADDRESS, *PWTS_CLIENT_ADDRESS; 
189   
190  # XXX TODO 
191   
192  # typedef struct _WTSCLIENT { 
193  #   WCHAR   ClientName[CLIENTNAME_LENGTH + 1]; 
194  #   WCHAR   Domain[DOMAIN_LENGTH + 1 ]; 
195  #   WCHAR   UserName[USERNAME_LENGTH + 1]; 
196  #   WCHAR   WorkDirectory[MAX_PATH + 1]; 
197  #   WCHAR   InitialProgram[MAX_PATH + 1]; 
198  #   BYTE    EncryptionLevel; 
199  #   ULONG   ClientAddressFamily; 
200  #   USHORT  ClientAddress[CLIENTADDRESS_LENGTH + 1]; 
201  #   USHORT  HRes; 
202  #   USHORT  VRes; 
203  #   USHORT  ColorDepth; 
204  #   WCHAR   ClientDirectory[MAX_PATH + 1]; 
205  #   ULONG   ClientBuildNumber; 
206  #   ULONG   ClientHardwareId; 
207  #   USHORT  ClientProductId; 
208  #   USHORT  OutBufCountHost; 
209  #   USHORT  OutBufCountClient; 
210  #   USHORT  OutBufLength; 
211  #   WCHAR     DeviceId[MAX_PATH + 1]; 
212  # } WTSCLIENT, *PWTSCLIENT; 
213   
214  # XXX TODO 
215   
216  # typedef struct _WTSINFO { 
217  #   WTS_CONNECTSTATE_CLASS State; 
218  #   DWORD                  SessionId; 
219  #   DWORD                  IncomingBytes; 
220  #   DWORD                  OutgoingBytes; 
221  #   DWORD                  IncomingCompressedBytes; 
222  #   DWORD                  OutgoingCompressedBytes; 
223  #   WCHAR                  WinStationName; 
224  #   WCHAR                  Domain; 
225  #   WCHAR                  UserName; 
226  #   LARGE_INTEGER          ConnectTime; 
227  #   LARGE_INTEGER          DisconnectTime; 
228  #   LARGE_INTEGER          LastInputTime; 
229  #   LARGE_INTEGER          LogonTime; 
230  #   LARGE_INTEGER          CurrentTime; 
231  # } WTSINFO, *PWTSINFO; 
232   
233  # XXX TODO 
234   
235  # typedef struct _WTSINFOEX { 
236  #   DWORD           Level; 
237  #   WTSINFOEX_LEVEL Data; 
238  # } WTSINFOEX, *PWTSINFOEX; 
239   
240  # XXX TODO 
241   
242  #--- wtsapi32.dll ------------------------------------------------------------- 
243   
244  # void WTSFreeMemory( 
245  #   __in  PVOID pMemory 
246  # ); 

247 -def WTSFreeMemory(pMemory): 

248      _WTSFreeMemory = windll.wtsapi32.WTSFreeMemory 
249      _WTSFreeMemory.argtypes = [PVOID] 
250      _WTSFreeMemory.restype  = None 
251      _WTSFreeMemory(pMemory) 

252   
253  # BOOL WTSEnumerateProcesses( 
254  #   __in   HANDLE hServer, 
255  #   __in   DWORD Reserved, 
256  #   __in   DWORD Version, 
257  #   __out  PWTS_PROCESS_INFO *ppProcessInfo, 
258  #   __out  DWORD *pCount 
259  # ); 

260 -def WTSEnumerateProcessesA(hServer = WTS_CURRENT_SERVER_HANDLE): 

261      _WTSEnumerateProcessesA = windll.wtsapi32.WTSEnumerateProcessesA 
262      _WTSEnumerateProcessesA.argtypes = [HANDLE, DWORD, DWORD, POINTER(PWTS_PROCESS_INFOA), PDWORD] 
263      _WTSEnumerateProcessesA.restype  = bool 
264      _WTSEnumerateProcessesA.errcheck = RaiseIfZero 
265   
266      pProcessInfo = PWTS_PROCESS_INFOA() 
267      Count = DWORD(0) 
268      _WTSEnumerateProcessesA(hServer, 0, 1, byref(pProcessInfo), byref(Count)) 
269      return pProcessInfo, Count.value 

270   

271 -def WTSEnumerateProcessesW(hServer = WTS_CURRENT_SERVER_HANDLE): 

272      _WTSEnumerateProcessesW = windll.wtsapi32.WTSEnumerateProcessesW 
273      _WTSEnumerateProcessesW.argtypes = [HANDLE, DWORD, DWORD, POINTER(PWTS_PROCESS_INFOW), PDWORD] 
274      _WTSEnumerateProcessesW.restype  = bool 
275      _WTSEnumerateProcessesW.errcheck = RaiseIfZero 
276   
277      pProcessInfo = PWTS_PROCESS_INFOW() 
278      Count = DWORD(0) 
279      _WTSEnumerateProcessesW(hServer, 0, 1, byref(pProcessInfo), byref(Count)) 
280      return pProcessInfo, Count.value 

281   
282  WTSEnumerateProcesses = DefaultStringType(WTSEnumerateProcessesA, WTSEnumerateProcessesW) 
283   
284  # BOOL WTSTerminateProcess( 
285  #   __in  HANDLE hServer, 
286  #   __in  DWORD ProcessId, 
287  #   __in  DWORD ExitCode 
288  # ); 

289 -def WTSTerminateProcess(hServer, ProcessId, ExitCode): 

290      _WTSTerminateProcess = windll.wtsapi32.WTSTerminateProcess 
291      _WTSTerminateProcess.argtypes = [HANDLE, DWORD, DWORD] 
292      _WTSTerminateProcess.restype  = bool 
293      _WTSTerminateProcess.errcheck = RaiseIfZero 
294      _WTSTerminateProcess(hServer, ProcessId, ExitCode) 

295   
296  # BOOL WTSQuerySessionInformation( 
297  #   __in   HANDLE hServer, 
298  #   __in   DWORD SessionId, 
299  #   __in   WTS_INFO_CLASS WTSInfoClass, 
300  #   __out  LPTSTR *ppBuffer, 
301  #   __out  DWORD *pBytesReturned 
302  # ); 
303   
304  # XXX TODO 
305   
306  #--- kernel32.dll ------------------------------------------------------------- 
307   
308  # I've no idea why these functions are in kernel32.dll instead of wtsapi32.dll 
309   
310  # BOOL ProcessIdToSessionId( 
311  #   __in   DWORD dwProcessId, 
312  #   __out  DWORD *pSessionId 
313  # ); 

314 -def ProcessIdToSessionId(dwProcessId): 

315      _ProcessIdToSessionId = windll.kernel32.ProcessIdToSessionId 
316      _ProcessIdToSessionId.argtypes = [DWORD, PDWORD] 
317      _ProcessIdToSessionId.restype  = bool 
318      _ProcessIdToSessionId.errcheck = RaiseIfZero 
319   
320      dwSessionId = DWORD(0) 
321      _ProcessIdToSessionId(dwProcessId, byref(dwSessionId)) 
322      return dwSessionId.value 

323   
324  # DWORD WTSGetActiveConsoleSessionId(void); 

325 -def WTSGetActiveConsoleSessionId(): 

326      _WTSGetActiveConsoleSessionId = windll.kernel32.WTSGetActiveConsoleSessionId 
327      _WTSGetActiveConsoleSessionId.argtypes = [] 
328      _WTSGetActiveConsoleSessionId.restype  = DWORD 
329      _WTSGetActiveConsoleSessionId.errcheck = RaiseIfZero 
330      return _WTSGetActiveConsoleSessionId() 

331   
332  #============================================================================== 
333  # This calculates the list of exported symbols. 
334  _all = set(vars().keys()).difference(_all) 
335  __all__ = [_x for _x in _all if not _x.startswith('_')] 
336  __all__.sort() 
337  #============================================================================== 
338

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:55:21 2013 http://epydoc.sourceforge.net