windows 在 Python 中从注册表中读取 HKEY CURRENT USER，指定用户

Question

提问by gdm

In my application I run subprocesses under several different user accounts. I need to be able to read some of the information written to the registry by these subprocesses. Each one is writing to HKEY_CURRENT_USER, and I know the user account name that they are running under.

在我的应用程序中，我在几个不同的用户帐户下运行子进程。我需要能够读取这些子进程写入注册表的一些信息。每个人都在写 HKEY_CURRENT_USER，我知道他们正在运行的用户帐户名。

In Python, how can I read values from HKEY_CURRENT_USER for a specific user? I assume I need to somehow load the registry values under the user's name, and then read them from there, but how?

在 Python 中，如何从 HKEY_CURRENT_USER 读取特定用户的值？我假设我需要以某种方式加载用户名下的注册表值，然后从那里读取它们，但是如何？

edit: Just to make sure it's clear, my Python program is running as Administrator, and I have accounts "user1", "user2", and "user3", which each have information in their own HKEY_CURRENT_USER. As Administrator, how do I read user1's HKEY_CURRENT_USER data?

编辑：为了确保清楚，我的 Python 程序以管理员身份运行，我有帐户“user1”、“user2”和“user3”，每个帐户在自己的 HKEY_CURRENT_USER 中都有信息。作为管理员，我如何读取 user1 的 HKEY_CURRENT_USER 数据？

Answer 1

回答by Luká? Lalinsky

According to MSDN, HKEY_CURRENT_USERis a pointer to HKEY_USERS/SID of the current user. You can use pywin32to look up the SID for an account name. Once you have this, you can use open and use the registry key with the _winregmodule.

根据MSDN，HKEY_CURRENT_USER是一个指向HKEY_USERS/SID of the current user. 您可以使用pywin32查找帐户名称的 SID。一旦你有了这个，你就可以使用 open 并将注册表项与_winreg模块一起使用。

import win32security
import _winreg as winreg

sid = win32security.LookupAccountName(None, user_name)[0]
sidstr = win32security.ConvertSidToStringSid(sid)
key = winreg.OpenKey(winreg.HKEY_USERS, sidstr)
# do something with the key

Answer 2

回答by KarlW

HKEY_CURRENT_USER maps to a HKEY_USERS\{id} key.

HKEY_CURRENT_USER 映射到 HKEY_USERS\{id} 键。

Try finding the id by matching the HKEY_USERS{id}\Volatile Environment\USERNAME key to the username of the user (by enumerating/iterating over the {id}s that are present on the system). When you find the match just use HKEY_USERS{id} as if it was HKEY_CURRENT_USER

尝试通过将 HKEY_USERS{id}\Volatile Environment\USERNAME 键与用户的用户名匹配来查找 id（通过枚举/迭代系统上存在的 {id}）。当您找到匹配项时，只需将 HKEY_USERS{id} 用作 HKEY_CURRENT_USER

Answer 3

回答by PolyMesh

If you don't want to install win32 stuff for Python and since you are already using subprocess, you can run built in Windows commands to get at the registry data you are looking for.

如果你不想为 Python 安装 win32 的东西，并且因为你已经在使用子进程，你可以运行内置的 Windows 命令来获取你正在寻找的注册表数据。

To query the SID of a particular user:

要查询特定用户的 SID：

wmic useraccount where name='John' get sid

Then you can use that SID to query other registry entries for that particular user:

然后您可以使用该 SID 查询该特定用户的其他注册表项：

reg query HKEY_USERS\[SID]

For example, if you want to know the mounted network drives for a particular user:

例如，如果您想知道特定用户已安装的网络驱动器：

reg query HKEY_USERS\S-1-5-21-4205028929-649740040-1951280400-500\Network /s /v RemotePath

The output will look something like this:

输出将如下所示：

HKEY_USERS\S-1-5-21-4205028929-649740040-1951280400-500\Network\R
    RemotePath    REG_SZ    \MACHINENAME1\shared

HKEY_USERS\S-1-5-21-4205028929-649740040-1951280400-500\Network\T
    RemotePath    REG_SZ    \MACHINENAME2\testing

HKEY_USERS\S-1-5-21-4205028929-649740040-1951280400-500\Network\V
    RemotePath    REG_SZ    \MACHINENAME3\videos

End of search: 3 match(es) found.

which should be relatively simple to parse in Python.

在 Python 中解析应该相对简单。

References:

参考：

http://www.windows-commandline.com/get-sid-of-user/

https://superuser.com/questions/135752/list-mapped-network-drives-from-the-command-line-to-text-file

windows 在 Python 中从注册表中读取 HKEY CURRENT USER，指定用户

提问by gdm

回答by Luká? Lalinsky

回答by KarlW

回答by PolyMesh

相关推荐

最近更新

标签

windows 在 Python 中从注册表中读取 HKEY CURRENT USER，指定用户

提问by gdm

回答by Luká? Lalinsky

回答by KarlW

回答by PolyMesh

相关推荐

Windows 上的 PHP 获取文本

windows 你能推荐一个好的 SSH 同步工具吗？

windows 创建批处理文件以备份指定文件夹

windows 如何在批处理脚本中获取所有子文件夹的名称？

相关推荐

最近更新

标签