Jump to content

Autoit Get Users SID [HELP]

ufukkreis853
 Share

Recommended Posts

ufukkreis853 Seeker

ufukkreis853

Posted
Posted

hello ,  I am sorry for my bad english.  I dont know english.I want to automatically put this reg record on someone else's computer.I do not want the user to interfere but I do not know how to find another computer's SID number.  

RegWrite("HKEY_USERS\" & $SID & "\Software\TunesKit\311","data4","REG_SZ","1")

Please help me , thanx :D

Subz Universalist

Subz

Posted
Posted

Updated code: 

#RequireAdmin
#include <Array.au3>

Global $g_bDebug = False
Global $g_aRemotePaths[1][2]

_UserSID("All", @ComputerName, 1)
_ArrayDisplay($g_aRemotePaths)
For $i = 1 To $g_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $g_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
        If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
        If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sProfileImagePath := " & $sProfileImagePath & @CRLF)
        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _ArrayDisplay($g_aRemotePaths)
        ElseIf StringLower($sProfileImagePath) == StringLower($sProfilesDir & "\" & $_sUserName) Then
            _ArrayAdd($g_aRemotePaths, $_sUserName & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
EndFunc

 

AdamUL Universalist

AdamUL

Posted
Posted

You can also use the Engine's Registry UDFs.  HKCUReg.au3 allows you to work with local and remote users registry hives.  An example is below.   

#include <HKCUReg.au3>

Global $sUserName = "username"
Global $sComputerName = "computername"

;Write the key for all user profiles on local computer.
_HKCU_Write("\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key for a specified user profile on local computer.
_HKCU_Write("\\" & $sUserName & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key on a remove computer for all users profiles.
_HKCU_Write("\\\" & $sComputerName & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key on a remote computer for a specified user profile.
_HKCU_Write("\\\" & $sComputerName & "\\" & $sUserName  & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

 

Adam

 

  • 4 weeks later...
ModemJunki Polymath

ModemJunki

Posted
Posted
On 6/15/2018 at 6:03 AM, Subz said:

Updated code: 

#RequireAdmin
#include <Array.au3>

Global $g_bDebug = False
Global $g_aRemotePaths[1][2]

_UserSID("All", @ComputerName, 1)
_ArrayDisplay($g_aRemotePaths)
For $i = 1 To $g_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $g_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
        If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
        If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sProfileImagePath := " & $sProfileImagePath & @CRLF)
        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _ArrayDisplay($g_aRemotePaths)
        ElseIf StringLower($sProfileImagePath) == StringLower($sProfilesDir & "\" & $_sUserName) Then
            _ArrayAdd($g_aRemotePaths, $_sUserName & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
EndFunc

 

Subz, I had some troubles with using this for a single user account.

So I made some modifications (and made the function return an array). For production you would not use _arraydisplay or _debugarraydisplay so you could remove the debug.au3 include.

Thanks - this could be useful! 

#RequireAdmin
#include <Array.au3>
#include <Debug.au3>
Global $g_bDebug = False

$a_aRemotePaths = _UserSID("All", @ComputerName, 1)
_DebugArrayDisplay($a_aRemotePaths, "All")

$a_aRemotePaths = _UserSID(@UserName, @ComputerName, 1)
_DebugArrayDisplay($a_aRemotePaths, "One")

For $i = 1 To $a_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  ; RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $a_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    Local $g_aRemotePaths[1][2]
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
    If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
    If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
        If @error Then ExitLoop
        If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
        If @error Then ExitLoop
        If $g_bDebug Then ConsoleWrite("$sProfileImagePath : = " & $sProfileImagePath & @CRLF)

        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
            If $g_bDebug Then _DebugArrayDisplay($g_aRemotePaths)
        Else
            If StringInStr(StringLower($sProfileImagePath), StringLower($_sUserName)) Then
                _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _DebugArrayDisplay($g_aRemotePaths)
            EndIf
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
    Return $g_aRemotePaths
EndFunc   ;==>_UserSID

 

Always carry a towel.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...