-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathlaunch_admin.py
More file actions
121 lines (106 loc) · 4.25 KB
/
launch_admin.py
File metadata and controls
121 lines (106 loc) · 4.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
import sys, os, pathlib, traceback, sqlite3, tempfile
LOG = r'C:\Users\ajibi\AppData\Local\Temp\ar_admin_crash.log'
def _reset_path_acls(path_str):
import subprocess as _sp
try:
_sp.run(['takeown', '/F', path_str, '/R', '/D', 'Y'],
capture_output=True, timeout=30)
_sp.run(['icacls', path_str, '/grant:r', 'Administrators:F',
'/T', '/C', '/Q'], capture_output=True, timeout=30)
_sp.run(['icacls', path_str, '/remove:d', 'Everyone',
'/T', '/C', '/Q'], capture_output=True, timeout=30)
_sp.run(['icacls', path_str, '/reset', '/T', '/C', '/Q'],
capture_output=True, timeout=30)
_sp.run(['attrib', '-H', '-S', path_str, '/S', '/D'],
capture_output=True, timeout=30)
except Exception:
pass
def main():
os.environ['PYTHONUTF8'] = '1'
os.environ['PYTHONIOENCODING'] = 'utf-8'
# Reconfigure stdout/stderr to UTF-8 so unicode chars don't crash on Windows consoles
import sys as _sys
for _stream in (_sys.stdout, _sys.stderr):
try:
if hasattr(_stream, 'reconfigure'):
_stream.reconfigure(encoding='utf-8', errors='replace')
except Exception:
pass
def sqlite_works(d):
p = d / 'protection.db'
try:
d.mkdir(parents=True, exist_ok=True)
c = sqlite3.connect(str(p))
c.execute('CREATE TABLE IF NOT EXISTS t (id INTEGER)')
c.close()
return True
except Exception:
try: p.unlink()
except: pass
return False
appdata = pathlib.Path(os.environ.get('LOCALAPPDATA', '')) / 'AntiRansomware'
tmpdir = pathlib.Path(tempfile.gettempdir()) / 'AntiRansomware'
for _candidate in [appdata, tmpdir]:
_reset_path_acls(str(_candidate))
# Also explicitly reset known config files that may retain DENY ACEs from a previous protection session
_known_config_files = [
'email_config.json', 'protected_paths.json',
'siem_config.json', 'signed_events.jsonl',
'protection.db', 'ar_config.json',
]
for _fname in _known_config_files:
_reset_path_acls(str(appdata / _fname))
_db_path = appdata / 'protection.db'
try:
if os.path.exists(str(_db_path)):
_conn = sqlite3.connect(str(_db_path))
try:
_rows = _conn.execute(
"SELECT DISTINCT details FROM activity_log WHERE event_type='FOLDER_PROTECTED'"
).fetchall()
for (_detail,) in _rows:
if _detail and len(_detail) < 300:
_reset_path_acls(_detail)
except Exception:
pass
try:
_rows = _conn.execute(
'SELECT DISTINCT folder_path FROM protected_folders'
).fetchall()
for (_p,) in _rows:
if _p and len(_p) < 300:
_reset_path_acls(_p)
except Exception:
pass
_conn.close()
except Exception:
pass
if sqlite_works(appdata):
data_dir = appdata
else:
tmpdir.mkdir(parents=True, exist_ok=True)
data_dir = tmpdir
os.environ['AR_DATA_DIR'] = str(data_dir)
print(f'[launcher] data dir: {data_dir}')
base = r'c:\Users\ajibi\Music\Anti-Ransomeware'
sys.path.insert(0, os.path.join(base, 'src', 'python', 'core'))
sys.path.insert(0, os.path.join(base, 'src', 'python', 'enterprise'))
sys.path.insert(0, os.path.join(base, 'src', 'python', 'monitoring'))
sys.path.insert(0, os.path.join(base, 'src', 'python', 'utils'))
sys.path.insert(0, os.path.join(base, 'src', 'python', 'auth'))
sys.path.insert(0, os.path.join(base, 'src', 'python'))
_orig = pathlib.Path.exists
def _safe(self, **kw):
try: return _orig(self, **kw)
except PermissionError: return False
pathlib.Path.exists = _safe
os.chdir(base)
import runpy
runpy.run_path(os.path.join(base, 'src', 'python', 'gui', 'desktop_app.py'), run_name='__main__')
try:
main()
except Exception:
with open(LOG, 'w') as f:
traceback.print_exc(file=f)
import subprocess
subprocess.run(['notepad.exe', LOG])