Jump to content
ufukkreis853

Autoit Get Users SID [HELP]

Recommended Posts

ufukkreis853

hello ,  I am sorry for my bad english.  I dont know english.I want to automatically put this reg record on someone else's computer.I do not want the user to interfere but I do not know how to find another computer's SID number. 

RegWrite("HKEY_USERS\" & $SID & "\Software\TunesKit\311","data4","REG_SZ","1")

Please help me , thanx :D

Share this post


Link to post
Share on other sites
Subz

Updated code:

#RequireAdmin
#include <Array.au3>

Global $g_bDebug = False
Global $g_aRemotePaths[1][2]

_UserSID("All", @ComputerName, 1)
_ArrayDisplay($g_aRemotePaths)
For $i = 1 To $g_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $g_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
        If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
        If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sProfileImagePath := " & $sProfileImagePath & @CRLF)
        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _ArrayDisplay($g_aRemotePaths)
        ElseIf StringLower($sProfileImagePath) == StringLower($sProfilesDir & "\" & $_sUserName) Then
            _ArrayAdd($g_aRemotePaths, $_sUserName & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
EndFunc

 

  • Like 1

Share this post


Link to post
Share on other sites
ufukkreis853

Subz you are man! Thank you. You are best coder. Thank you. I am happy thanxxxxxx :D:D:D:D 

Share this post


Link to post
Share on other sites
AdamUL

You can also use the Engine's Registry UDFs.  HKCUReg.au3 allows you to work with local and remote users registry hives.  An example is below.  

#include <HKCUReg.au3>

Global $sUserName = "username"
Global $sComputerName = "computername"

;Write the key for all user profiles on local computer.
_HKCU_Write("\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key for a specified user profile on local computer.
_HKCU_Write("\\" & $sUserName & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key on a remove computer for all users profiles.
_HKCU_Write("\\\" & $sComputerName & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key on a remote computer for a specified user profile.
_HKCU_Write("\\\" & $sComputerName & "\\" & $sUserName  & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

 

Adam

 

Share this post


Link to post
Share on other sites
ModemJunki
On 6/15/2018 at 6:03 AM, Subz said:

Updated code:

#RequireAdmin
#include <Array.au3>

Global $g_bDebug = False
Global $g_aRemotePaths[1][2]

_UserSID("All", @ComputerName, 1)
_ArrayDisplay($g_aRemotePaths)
For $i = 1 To $g_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $g_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
        If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
        If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sProfileImagePath := " & $sProfileImagePath & @CRLF)
        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _ArrayDisplay($g_aRemotePaths)
        ElseIf StringLower($sProfileImagePath) == StringLower($sProfilesDir & "\" & $_sUserName) Then
            _ArrayAdd($g_aRemotePaths, $_sUserName & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
EndFunc

 

Subz, I had some troubles with using this for a single user account.

So I made some modifications (and made the function return an array). For production you would not use _arraydisplay or _debugarraydisplay so you could remove the debug.au3 include.

Thanks - this could be useful!

#RequireAdmin
#include <Array.au3>
#include <Debug.au3>
Global $g_bDebug = False

$a_aRemotePaths = _UserSID("All", @ComputerName, 1)
_DebugArrayDisplay($a_aRemotePaths, "All")

$a_aRemotePaths = _UserSID(@UserName, @ComputerName, 1)
_DebugArrayDisplay($a_aRemotePaths, "One")

For $i = 1 To $a_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  ; RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $a_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    Local $g_aRemotePaths[1][2]
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
    If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
    If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
        If @error Then ExitLoop
        If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
        If @error Then ExitLoop
        If $g_bDebug Then ConsoleWrite("$sProfileImagePath : = " & $sProfileImagePath & @CRLF)

        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
            If $g_bDebug Then _DebugArrayDisplay($g_aRemotePaths)
        Else
            If StringInStr(StringLower($sProfileImagePath), StringLower($_sUserName)) Then
                _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _DebugArrayDisplay($g_aRemotePaths)
            EndIf
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
    Return $g_aRemotePaths
EndFunc   ;==>_UserSID

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×