Jump to content

Autoit Get Users SID [HELP]


Recommended Posts

hello ,  I am sorry for my bad english.  I dont know english.I want to automatically put this reg record on someone else's computer.I do not want the user to interfere but I do not know how to find another computer's SID number. 

RegWrite("HKEY_USERS\" & $SID & "\Software\TunesKit\311","data4","REG_SZ","1")

Please help me , thanx :D

Link to comment
Share on other sites

Updated code:

#RequireAdmin
#include <Array.au3>

Global $g_bDebug = False
Global $g_aRemotePaths[1][2]

_UserSID("All", @ComputerName, 1)
_ArrayDisplay($g_aRemotePaths)
For $i = 1 To $g_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $g_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
        If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
        If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sProfileImagePath := " & $sProfileImagePath & @CRLF)
        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _ArrayDisplay($g_aRemotePaths)
        ElseIf StringLower($sProfileImagePath) == StringLower($sProfilesDir & "\" & $_sUserName) Then
            _ArrayAdd($g_aRemotePaths, $_sUserName & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
EndFunc

 

Link to comment
Share on other sites

You can also use the Engine's Registry UDFs.  HKCUReg.au3 allows you to work with local and remote users registry hives.  An example is below.  

#include <HKCUReg.au3>

Global $sUserName = "username"
Global $sComputerName = "computername"

;Write the key for all user profiles on local computer.
_HKCU_Write("\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key for a specified user profile on local computer.
_HKCU_Write("\\" & $sUserName & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key on a remove computer for all users profiles.
_HKCU_Write("\\\" & $sComputerName & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

;Write the key on a remote computer for a specified user profile.
_HKCU_Write("\\\" & $sComputerName & "\\" & $sUserName  & "\Software\TunesKit\311", "data4", "REG_SZ", "1")

 

Adam

 

Link to comment
Share on other sites

  • 4 weeks later...
On 6/15/2018 at 6:03 AM, Subz said:

Updated code:

#RequireAdmin
#include <Array.au3>

Global $g_bDebug = False
Global $g_aRemotePaths[1][2]

_UserSID("All", @ComputerName, 1)
_ArrayDisplay($g_aRemotePaths)
For $i = 1 To $g_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $g_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
        If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
        If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
            If @error Then ExitLoop
            If $g_bDebug Then ConsoleWrite("$sProfileImagePath := " & $sProfileImagePath & @CRLF)
        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _ArrayDisplay($g_aRemotePaths)
        ElseIf StringLower($sProfileImagePath) == StringLower($sProfilesDir & "\" & $_sUserName) Then
            _ArrayAdd($g_aRemotePaths, $_sUserName & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
EndFunc

 

Subz, I had some troubles with using this for a single user account.

So I made some modifications (and made the function return an array). For production you would not use _arraydisplay or _debugarraydisplay so you could remove the debug.au3 include.

Thanks - this could be useful!

#RequireAdmin
#include <Array.au3>
#include <Debug.au3>
Global $g_bDebug = False

$a_aRemotePaths = _UserSID("All", @ComputerName, 1)
_DebugArrayDisplay($a_aRemotePaths, "All")

$a_aRemotePaths = _UserSID(@UserName, @ComputerName, 1)
_DebugArrayDisplay($a_aRemotePaths, "One")

For $i = 1 To $a_aRemotePaths[0][0]
;~  Uncomment line below to write to remote registry
;~  ; RegWrite($g_aRemotePaths[$i][1] & "\Software\TunesKit\311", "data4", "REG_SZ", "1")
    ConsoleWrite('RegWrite("' & $a_aRemotePaths[$i][1] & '\Software\TunesKit\311", "data4", "REG_SZ", "1")' & @CRLF)
Next

Func _UserSID($_sUserName = "All", $_sRemoteComputer = @ComputerName, $_iFlag = 0)
    Local $sSidRegKey, $sProfileImagePath
    Local $g_aRemotePaths[1][2]
    $_sRemoteComputer = $_sRemoteComputer <> "" ? StringReplace($_sRemoteComputer, "\", "") : @ComputerName
    Local Const $sRemoteRegHive = @OSArch = "x64" ? "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" : "\\" & $_sRemoteComputer & "\HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
    If $g_bDebug Then ConsoleWrite("$sRemoteRegHive := " & $sRemoteRegHive & @CRLF)
    Local Const $sProfilesDir = RegRead($sRemoteRegHive, "ProfilesDirectory")
    If $g_bDebug Then ConsoleWrite("$_sRemoteComputer $sProfilesDir := " & $sRemoteRegHive & @CRLF)
    Local $i = 1
    While 1
        $sSidRegKey = RegEnumKey($sRemoteRegHive, $i)
        If @error Then ExitLoop
        If $g_bDebug Then ConsoleWrite("$sSidRegKey := " & $sSidRegKey & @CRLF)
        If $_iFlag And StringLen($sSidRegKey) <= 8 Then ;~ If $_iFlag is set then check if the Sid is Built-in account e.g. SystemProfile, LocalService, NetworkService and skip these accounts
            $i += 1
            ContinueLoop
        EndIf
        $sProfileImagePath = RegRead($sRemoteRegHive & $sSidRegKey, "ProfileImagePath")
        If @error Then ExitLoop
        If $g_bDebug Then ConsoleWrite("$sProfileImagePath : = " & $sProfileImagePath & @CRLF)

        If $_sUserName = "All" Then
            _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
            If $g_bDebug Then _DebugArrayDisplay($g_aRemotePaths)
        Else
            If StringInStr(StringLower($sProfileImagePath), StringLower($_sUserName)) Then
                _ArrayAdd($g_aRemotePaths, StringTrimLeft($sProfileImagePath, StringInStr($sProfileImagePath, "\", 0, -1)) & "|\\" & $_sRemoteComputer & "\HKEY_USERS\" & $sSidRegKey)
                If $g_bDebug Then _DebugArrayDisplay($g_aRemotePaths)
            EndIf
        EndIf
        $i += 1
    WEnd
    $g_aRemotePaths[0][0] = UBound($g_aRemotePaths) - 1
    Return $g_aRemotePaths
EndFunc   ;==>_UserSID

 

Always carry a towel.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...