Skip to content

Instantly share code, notes, and snippets.

@mooware
Created October 23, 2019 00:51
Show Gist options
  • Save mooware/3466bdb9e677c871f08165484a52f523 to your computer and use it in GitHub Desktop.
Save mooware/3466bdb9e677c871f08165484a52f523 to your computer and use it in GitHub Desktop.
Python script to monitor the Windows registry and ensure that Outlook email encryption by default stays off
import ctypes, ctypes.wintypes
advapi32 = ctypes.windll.advapi32
# LSTATUS RegOpenKeyExA(HKEY hKey, LPCSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
RegOpenKeyExA = advapi32.RegOpenKeyExA
RegOpenKeyExA.argtypes = (ctypes.wintypes.HKEY, ctypes.wintypes.LPCSTR, ctypes.wintypes.DWORD, ctypes.wintypes.DWORD, ctypes.wintypes.PHKEY)
# LSTATUS RegCloseKey(HKEY hKey)
RegCloseKey = advapi32.RegCloseKey
RegCloseKey.argtypes = (ctypes.wintypes.HKEY, )
# LSTATUS RegSetKeyValueA(HKEY hKey, LPCSTR lpSubKey, LPCSTR lpValueName, DWORD dwType, LPCVOID lpData, DWORD cbData)
RegSetKeyValueA = advapi32.RegSetKeyValueA
RegSetKeyValueA.argtypes = (ctypes.wintypes.HKEY, ctypes.wintypes.LPCSTR, ctypes.wintypes.LPCSTR, ctypes.wintypes.DWORD, ctypes.wintypes.LPCVOID, ctypes.wintypes.DWORD)
# LSTATUS RegNotifyChangeKeyValue(HKEY hKey, BOOL bWatchSubtree, DWORD dwNotifyFilter, HANDLE hEvent, BOOL fAsynchronous)
RegNotifyChangeKeyValue = advapi32.RegNotifyChangeKeyValue
RegNotifyChangeKeyValue.argtypes = (ctypes.wintypes.HKEY, ctypes.wintypes.BOOL, ctypes.wintypes.DWORD, ctypes.wintypes.HANDLE, ctypes.wintypes.BOOL)
HKEY_CURRENT_USER = ctypes.wintypes.HKEY(0x80000001)
KEY_NOTIFY = 0x0010
REG_NOTIFY_CHANGE_LAST_SET = 0x00000004
REG_DWORD = 4
def wait_for_change(hkey, subpath):
hdl = ctypes.wintypes.HKEY()
res = RegOpenKeyExA(hkey, subpath, 0, KEY_NOTIFY, hdl)
if res != 0:
raise RuntimeError('RegOpenKeyExA failed, error {}'.format(res))
res = RegNotifyChangeKeyValue(hdl, False, REG_NOTIFY_CHANGE_LAST_SET, None, False)
if res != 0:
raise RuntimeError('RegNotifyChangeKeyValue failed, error {}'.format(res))
RegCloseKey(hdl)
def set_key_value(hkey, subpath, valuename, value):
val = ctypes.wintypes.DWORD(value)
res = RegSetKeyValueA(hkey, subpath, valuename, REG_DWORD, ctypes.addressof(val), ctypes.sizeof(val))
if res != 0:
raise RuntimeError('RegSetKeyValueA failed, error {}'.format(res))
if __name__ == '__main__':
import sys
verbose = len(sys.argv) > 1 and sys.argv[1] == '-v'
if verbose:
print('note that the application cannot respond to Ctrl+C while waiting')
# [HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Security]
# "InitEncrypt"=dword:00000002
HKEY = HKEY_CURRENT_USER
SUBPATH = br'Software\Microsoft\Office\16.0\Outlook\Security'
VALUENAME = b'InitEncrypt'
VALUE = 2
while True:
if verbose:
print('waiting for change in {}'.format(SUBPATH))
wait_for_change(HKEY, SUBPATH)
if verbose:
print('{} changed'.format(SUBPATH))
set_key_value(HKEY, SUBPATH, VALUENAME, VALUE)
if verbose:
print("{} {} reset".format(SUBPATH, VALUENAME))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment