My dream is to query the network card setting on WIN using python. What I need is to query if the NIC is set to full duplex and if it is set to 1000Mb full. WMI class named Win32_NetworkAdapterConfiguration doesn't provide these info.Alternatively a cmd command line sulution can be insteresting as well (via calling from python).
Thnx
As #ironfroggy said, this is not specific to Python, but a general Windows question.
When we wanted to programmatically find the speed and duplex settings on network cards, it was very difficult. In the end we resorted to wandering through the registry, which has a different structure depending on the vendor of your NIC.
It goes something like this; apologies for any errors:
Find HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network and look for GUIDs that have the data "Network Adapters". Call this <GUID1>.
Underneath the <GUID1> key is another GUID for each NIC. Call one of them <GUID2>.
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\<GUID1>.
Iterate through its keys (they look like 0000, 0001, 0002, etc.) until you find one that has the value NetCfgInstanceId equal to <GUID2>.
Underneath here, look for a subkey dependent on NIC vendor. Some we have defined are:
Ndi\Params
Ndi\savedParams
BRCMndi\params
Under there, iterate through the keys until you find one with a value called ParamDesc whose data contains the words "speed" and "duplex". Remember the key name and called it <SpeedDuplexParamName>.
Underneath <SpeedDuplexParamName> there is an enum key, which matches numbers to descriptions like "Auto-detect" and "100 Mb Full".
Go back up a few levels to where you found NetCfgInstanceId. Near there you can see the current value as an enumeration. For one example here the value name was RequestedMediaType and the value was 6.
Look up the enumeration value to find the speed and duplex setting.
I see #DrFalk3n has linked to a Microsoft article that might say the same, but I'll leave this here in case it is helpful.
This really isn't a python question. Anything you can do with the win32api, You can do through Python, so the question here is just about the windows API and it doesn't make any difference that you happen to be invoking them from Python. Asking without the Python tag might get better response, actually, because people will look who know how to do it in another language, which would be using the same API.
Yes! This really isn't a python question. Anyway take a look at:
List Network Adapter Configuration Properties
and brows down into the python#microsoft scripts repository maybe helpfull for your problem.
You can also find usefull in python:
>>> import os
>>> f= os.popen('<type your dos command>')
>>> s = f.read()
>>> print s
Related
How does one find the exact verbs to be used with the Windows API function FolderItem.InvokeVerb? The documentation says, "It must be one of the values returned by the item's FolderItemVerb.Name property." However, this does not seem to be true.
Using a folder as an example, if you run this on Windows 10 (using PowerShell):
$Shell = New-Object -ComObject 'Shell.Application'
$Shell.NameSpace('C:\Windows').Self.Verbs()
you will get a list that looks like this:
Application Parent Name
----------- ------ ----
&Open
Pin to Quick access
Scan with Microsoft Defender...
... and so on.
Those Names are what you get in an Explorer context menu, but they do not work with InvokeVerb. For some of them, such as &Open, all you have to do is remove the &. For others, such as Pin to Quick access, the actual verb that works is altogether different (pintohome). How can one reliably find these "actual" verbs for an arbitrary item?
I have found that the verbs that do work with InvokeVerb correspond to the sub-keys that you can find in the Registry under HKCR\<class name>\shell. However, even knowing that does not make things simple. I have found some verbs before by searching HKCR for the string returned by FolderItemVerb.Name, but that doesn't work if the string is localized. If you happen to know the name of the class, you could look there directly. (Using the folder example, pintohome is one of the keys under HKCR\Folder\shell.) However, when it is localized, there is nothing there that directly indicates this is the verb you are looking for, so you have to try it to find out. And, if you are inside some special shell folder or namespace extension, you might not know what class name(s) to even go looking for.
i found this nice log-creating command line:
typeperf "\Processor(_Total)\% Processor Time"
so far it worked for me well on an English language version of Windows 7 (or similar).
when trying out the very same thing on a German language Windows 7 it simply did not work.
how can the same functionality be triggered with that tool on a German (or other language) Windows 7?
the best line so far for German windows is this:
Get-Counter '\Prozessor(_Total)\Prozessorzeit (%)'
It has multi-line outputs with the value in question typically printed with a comma as decimal separator (in contrast to the English dot). for 100% there is no dot given. parsing the results down to the value looks a bit difficult.
having a more generic solution would still be more nice. the web page linked below helped me a bit in understanding what the key problem is.
https://social.technet.microsoft.com/Forums/de-DE/25bc6907-cf2c-4dc8-8687-974b799ba754/powershell-ausgabesprache-umstellen?forum=powershell_de
that far i am not sure if it's possible to make it truly generic using such helpers e.g. the keyword listing - but i am not that deep in what PS offers, rather i am skilled in cmd.exe.
Maybe this helps somehow further: you can find out the corresponding counter name in your language by comparing these registry keys.
English:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009\Counter
Current language:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage\Counter
Here you have the list of names and IDs as value, so you can match them and find out the right one.
The VERSIONINFO resource has an InternalName property. Why is this needed and what is its meaning? Is it a required property for every dll? How is this property used?
Fairly subjective, but VERSIONINFO certainly looks like it was designed by a committee instead of a programmer. They didn't know when to stop adding features and everybody got something in that they thought was important. The exact reasoning is lost in the fog of time and MSDN isn't specific enough to guess at the intention.
At least part of the schizophrenia is that the resource is intended both to be read by a human, it fills the Details property sheet that you see in Explorer, as well as machine readable through GetFileVersionInfo() and friends. A particularly painful winapi to use. This does for example somewhat explain the oddity of having two ways to specify the file and product version numbers. Both as a binary number and as a string. With the intention that the string can be localized, perhaps.
InternalName fits the machine-readable usage, note how it does not show up in the Details property sheet. Which makes it "internal", perhaps. And note that the OriginalFilename property does show up, thus intended for a human.
There is very little guidance on why it matters since there is no fixed usage of the property. It doesn't show up on the property sheet and afaik it doesn't get used by Windows itself at all. It is therefore completely up to you want you enter here, do note that it is required property. Maybe you'll have a use for it some day, I personally never found one. Just enter the name of the module as you originally specified it in your spec, simply set OriginalFilename to the same string with, say, .dll appended.
I am working on reverse engineering and i wanted to give my own file path without using open dialog box like writing a fixed file path and read a file from that every time the software start.i tried to give the file name in a .data section of the software but it retrieve only the hex number not the string.
Is there any way hooking windows API for file open?or any way to write in memory and to read it every time the software starts?Any advice or direction would be greatly appreciated.
I think that what you may be looking for is "intercepting system call", quick google search came up with this link:
http://jbremer.org/intercepting-system-calls-on-x86_64-windows/ so it should be possible and not too difficult.
Basically if you manage to intercept a call to GetOpenFileName and replace it with custom implementation you should be able to do what you want (that is put hardcoded file path to appropriate buffer in LPOPENFILENAME structure)
As for your attempt to modify compiled code (I assume that what you are referring as reverse engineering is disassembling and modifying binaries) it should be possible to do, but it will require deep knowledge of windows binary architecture and assembly language.
I suspect this may apply to multiple programming languages, but in this context I am referring to .NET.
When I use System.Diagnostics.Process.Start, I can include, as an argument, a System.Diagnostics.ProcessStartInfo object. One of the properties of ProcessStartInfo class is Verb (type of string). There is also a string[] property of Verbs which seems to contain the list of permitted values for Verb.
I notice that within the Verbs array there is a value for "Print" and a value for "PrintTo". What's the difference between the two? I tested both and they both seem to cause the file to print to my default printer.
According to this MSDN article, PrintTo is basically present to support drag-and-drop operations for printing (dragging a document over a printer icon, for example). It sounds like it's probably not meant to be used by your code.
The printto verb is normally used when the user drags a file and drops it on a printer shortcut. You need to supply at least two arguments, the first one is the file you want to get printed, the second one is the printer name. Registry entries on my machine use additional arguments but it is quite unclear to me what they may be.