Application Programming Interfaces (APIs) available in Python Scripts

GFI LanGuard embeds most of the default Python implementation (also known as CPython, available from http://go.gfi.com/?pageid=pythorg). Currently we use Python version 2.5. Therefore, most existing Python scripts work with minor modifications in GFI LanGuard. The most important modification is that scripts must have a main() function which returns 1 or 0.

All of the Python scripts used by security scanner modules (vulnerability checks and security applications information) have access to the following global variables:

  • ComputerIP
  • ComputerName
  • LNSSDir
  • localProgramFilesPath
  • localWindowsPath
  • localSystem32Path
  • User
  • Password
Example

ComputerIP = '127.0.0.1'

ComputerName = 'WXPSandbox"

LNSSDir = 'C:\\Program Files\\GFI\\LanGuard\\'

localProgramFilesPath = 'C:\\Program Files'

localWindowsPath = 'C:\\WINDOWS'

localSystem32Path = 'C:\\WINDOWS\\system32'

User = ''

Password = ''

Use these global variables in order to get access to the name or IP address of the scanned machine, to credentials needed to connect to the scanned machine.

The GFI LanGuard global functions are available to Python scripts as methods of the GlobalFunctions object. I.E:

# Using global functions.

def main():

"""Return values:

* 0 - false, failed

* 1 - true, success"""

result = 0

# Display text.

GlobalFunctions.echo("Hello!")

# Adds given text to the log file.

GlobalFunctions.writetolog("Python script started.")

# Adds given text to the status bar.

GlobalFunctions.statusbar("Hello StatusBar!")

# Adds a subnode named like the second parameter to the current vulnerability.

GlobalFunctions.addlistitem("", "Vulnerability description.")

# Changes the description of the current vulnerability.

GlobalFunctions.setdescription("List of modems installed")

GlobalFunctions.writetolog("Python script finished.")

result = 1

return(result)

GFI LanGuard also provides a COM client API for Python scripts in the form of pywin32.

NOTE

All GFI LanGuard COM scripting libraries are available via win32com.client to Python scripts. For more information refer to Scripting Objects.

Example

# DNSA database used by TCP/IP networks that enables the translation of hostnames into IP numbers and to provide other domain related information. lookup using LanGuard COM object GlbObj.Socket.

def main():

"""Return values:

* 0 - false, failed

* 1 - true, success"""

result = 0

import win32com.client

socket = win32com.client.Dispatch("GlbObj.Socket.1")

print(socket.DnsLookup('gfi.com'))

result = 1

return(result)

Pywin32

# Hello world for pywin32.

def main():

"""Return values:

* 0 - false, failed

* 1 - true, success"""

result = 0

import win32com.client

strComputer = "."

objWMIService = win32com.client.Dispatch("WbemScripting.SWbemLocator")

objSWbemServices = objWMIService.ConnectServer(strComputer,"root\cimv2")

colItems = objSWbemServices.ExecQuery("Select * from Win32_PhysicalMemory")

for objItem in colItems:

print("Capacity: %s\n" % objItem.Capacity)

result = 1

return(result)

NOTE

For additional Pywin32 documentation, refer to: