1.获取版本号
import pythoncom import logging import psutil from win32com.client import Dispatch def get_file_version(ip_user): # 获取版本号 for i in range(10000000000000): try: for i in psutil.pids(): p = psutil.Process(i) if "boom.exe" == p.name(): pythoncom.CoInitialize() parser = Dispatch("Scripting.FileSystemObject") version = parser.GetFileVersion(p.exe()) logging.info("version user_ip:{} version:{} path:{} name:{}".format(ip_user, version, p.exe(), p.name())) break except Exception as e: logging.error("get_file_version:{}".format(e))
2.获取数值签名(需要安装32位系统python, 然后注册capicom.dll) # https://zhidao.baidu.com/question/2204427980464242908.html
import win32com.client catpath = r'C:\Program Files (x86)\Common Files\BattlEye\BEService.exe' signedCode = win32com.client.Dispatch('capicom.signedcode') signedCode.FileName = catpath signedCode.Verify() certs = signedCode.Certificates for cert in certs: print(cert.Archived) print(cert.IssuerName) print(cert.SerialNumber) print(cert.SubjectName) print(cert.Thumbprint) print(cert.ValidFromDate) print(cert.ValidToDate) print(cert.Version)