Added token sample + Debugger.on_setup sample

hakril · hakril · commit 45ace331cb50 · 2018-12-21T15:27:04.000+01:00
diff --git a/samples/debug/debugger_on_setup.py b/samples/debug/debugger_on_setup.py
@@ -0,0 +1,29 @@
+import windows.debug
+
+class MySetupDebugger(windows.debug.Debugger):
+    def on_setup(self):
+        super(MySetupDebugger, self).on_setup()
+        print("Setup called: {0}".format(self.current_process))
+
+    def on_exception(self, exc):
+        print("Exception: {0}".format(exc.ExceptionRecord.ExceptionCode))
+
+    def on_exit_process(self, evt):
+        print("Process exit: {0}".format(self.current_process))
+
+class SimpleDebugger(windows.debug.Debugger):
+    def on_exception(self, exc):
+        print("Exception: {0}".format(exc.ExceptionRecord.ExceptionCode))
+
+    def on_exit_process(self, evt):
+        print("Process exit: {0}".format(self.current_process))
+
+
+
+print("== With on_setup ==")
+dbg = MySetupDebugger.debug(r"c:\windows\system32\whoami.exe")
+dbg.loop()
+
+print("\n== Without on_setup ==")
+dbg = SimpleDebugger.debug(r"c:\windows\system32\whoami.exe")
+dbg.loop()
diff --git a/samples/token/token_demo.py b/samples/token/token_demo.py
@@ -0,0 +1,33 @@
+import windows
+import windows.security
+import windows.generated_def as gdef
+
+tok = windows.current_process.token
+print("Our process token is {0}".format(tok))
+print("Retrieving some infos")
+print("Username: <{0}>".format(tok.username))
+print("User: {0!r}".format(tok.user))
+print("  - lookup : {0}".format(windows.security.lookup_sid(tok.user)))
+print("Primary group: {0!r}".format(tok.primary_group))
+print("  - lookup : {0}".format(windows.security.lookup_sid(tok.primary_group)))
+
+print("")
+groups = tok.groups
+print("Token Groups is {0}".format(groups))
+print("First group SID is {0!r}".format(groups.sids[0]))
+print("Some sid and attributes:")
+for i, group in zip(range(3), groups.sids_and_attributes):
+    print(" - {0}: {1}".format(group.Sid, group.Attributes))
+
+# Let's play with duplicate !
+print("")
+imp_tok = tok.duplicate(type=gdef.TokenImpersonation, impersonation_level=gdef.SecurityImpersonation)
+print("Duplicate token is {0}".format(imp_tok))
+print("Enabling <SeShutDownPrivilege>")
+imp_tok.enable_privilege("SeShutDownPrivilege")
+
+cur_thread = windows.current_thread
+print("Current thread token is <{0}>".format(cur_thread.token))
+print("Setting impersonation token !")
+cur_thread.token = imp_tok
+print("Current thread token is {0}".format(cur_thread.token))
