Jump to content
musicstashall

Access to the registry

Recommended Posts

musicstashall

I can not get write access to the registry. I'm trying to write here: HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell
This is the section of the shortcut menu for the Computer icon. The owner is the SYSTEM. I try to do as follows:

Func __RegWrite($akey)
    Local $aAdjust, $aPrivileges[2] = [$SE_BACKUP_NAME, $SE_RESTORE_NAME]
    Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY))
    _WinAPI_AdjustTokenPrivileges($hToken, $aPrivileges, $SE_PRIVILEGE_ENABLED, $aAdjust)
    If @error Or @extended Then
        Return 0
    EndIf
    Local $hRoot = StringLeft($akey, StringInStr($akey, "\") - 1)
    Switch $hRoot
        Case "HKEY_LOCAL_MACHINE", "HKLM", "HKEY_LOCAL_MACHINE32", "HKLM32", "HKEY_LOCAL_MACHINE64", "HKLM64"
            $hRoot = $HKEY_LOCAL_MACHINE
        Case "HKEY_USERS", "HKU", "HKEY_USERS32", "HKU32", "HKEY_USERS64", "HKU64"
            $hRoot = $HKEY_USERS
        Case "HKEY_CURRENT_USER", "HKCU", "HKEY_CURRENT_USER32", "HKCU32", "HKEY_CURRENT_USER64", "HKCU64"
            $hRoot = $HKEY_CURRENT_USER
        Case "HKEY_CLASSES_ROOT", "HKEY_CLASSES_ROOT64", "HKCR"
            $hRoot = $HKEY_CLASSES_ROOT
        Case Else
            Return SetError(1, 0, 0)
    EndSwitch
    Local $Subkey = StringTrimLeft($akey, StringInStr($akey, "\"))
    Local $hKey = _WinAPI_RegOpenKey($hRoot, $Subkey, $KEY_CREATE_SUB_KEY)
    Local $newKey = _WinAPI_RegCreateKey($hKey, $Subkey, $KEY_CREATE_SUB_KEY)
    _WinAPI_RegCloseKey($newKey)
    _WinAPI_RegCloseKey($hKey)
    _WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust)
    _WinAPI_CloseHandle($hToken)
EndFunc

What am I doing wrong?

Edited by musicstashall

Share this post


Link to post
Share on other sites
water

You check @error and @extended after each call to a _WinAPI* function.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-06-01 - Version 1.4.9.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-01-27 - Version 1.3.3.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites
musicstashall

Checked:

Local $hKey = _WinAPI_RegOpenKey($hRoot, $Subkey, $KEY_CREATE_SUB_KEY)
ConsoleWrite(@error & ' ' & @extended & ' ' & _WinAPI_GetLastErrorMessage() & @CR)

  — 10 2 Operation completed successfully

$newKey = _WinAPI_RegCreateKey($hKey, $Subkey, $KEY_CREATE_SUB_KEY)
ConsoleWrite(@error & ' ' & @extended & ' ' & _WinAPI_GetLastErrorMessage() & @CR)

  — 10 6 Operation completed successfully

Share this post


Link to post
Share on other sites
water

If this means that @error is returned as value 10 then the first function returning @error <> 0 is the cause of your problem.


My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2018-06-01 - Version 1.4.9.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX (2018-01-27 - Version 1.3.3.1) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2015-04-01 - Version 0.4.0.0) - Download - General Help & Support - Example Scripts
Excel - Example Scripts - Wiki
Word - Wiki
PowerPoint (2015-06-06 - Version 0.0.5.0) - Download - General Help & Support

Tutorials:
ADO - Wiki

 

Share this post


Link to post
Share on other sites
musicstashall

I already see that there are problems. What do i'm need to do this for ??

Edited by musicstashall

Share this post


Link to post
Share on other sites
Factfinder

I don't know which Windows version you have but on Windows 7 and above the owner of key is Trustedinstaller and even the SYSTEM doesn't' have write permission. So I think without changing the owner/permissions for administrators you don't get write permission.

Share this post


Link to post
Share on other sites
musicstashall

In this case, these are windows 10 of versions 1709. The owner is SYSTEM. Is it possible to get the right to record without changing the owner? Or change ownership of AutoIt?

Edited by musicstashall

Share this post


Link to post
Share on other sites
Factfinder

Indeed the owner of main key ( HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}) is  trustedinstaller and the owner of the sub-key (HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell) is system.

ttRunning autoit as a SYSYEM local service doesn't require changing the ownership of the key but it requires to run the compiled autoit as a local service.   That is more complicated than changing the ownership on the key.

Share this post


Link to post
Share on other sites
musicstashall

The task was solved only with the help of the third-party utility SetACL.exe

Func _RegSetAccess($a_key)
    RunWait(@ScriptDir & '\SetACL.exe -on ' & $a_key & ' -ot reg -actn setowner -ownr "n:S-1-5-32-544"', '', @SW_HIDE)
    RunWait(@ScriptDir & '\SetACL.exe -on ' & $a_key & ' -ot reg -actn ace -ace "n:S-1-5-32-544;p:full"', '', @SW_HIDE)
EndFunc

Func _RegGetAccess($a_key)
    Local $a_file = _TempFile()
    RunWait(@ScriptDir & '\SetACL.exe -on ' & $a_key & ' -ot reg -actn list -lst "w:o;s:y" -bckp ' & $a_file, '', @SW_HIDE)
    If StringInStr(FileRead($a_file), 'Owner:S-1-5-32-544') Then Return True
    Return False
EndFunc

 

Edited by musicstashall

Share this post


Link to post
Share on other sites
kaisies

You probably needed to use hklm64, not hklm likely - that has bit me in the butt a few times 

Share this post


Link to post
Share on other sites
musicstashall

Did you mean this?

Global $_HKEY_LOCAL_MACHINE, $_HKEY_CLASSES_ROOT, $_HKEY_CURRENT_USER

Func DetectInfrastructure()
    If @OSTYPE = "WIN32_WINDOWS" Then
    Else
        If Not @AutoItX64 And @OSArch = "X86" Or (@OSArch = "X64" And @AutoItX64) Then
            $_HKEY_LOCAL_MACHINE = "HKEY_LOCAL_MACHINE"
            $_HKEY_CLASSES_ROOT = 'HKEY_CLASSES_ROOT'
            $_HKEY_CURRENT_USER = 'HKEY_CURRENT_USER'
        Else
            $_HKEY_LOCAL_MACHINE = "HKEY_LOCAL_MACHINE64"
            $_HKEY_CLASSES_ROOT = "HKEY_CLASSES_ROOT64"
            $_HKEY_CURRENT_USER = "HKEY_CURRENT_USER64"
        EndIf
    EndIf
    Return @OSArch
EndFunc   ;==>DetectInfrastructure

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×