访问被拒绝在Windows 7上读取SAM子项 [英] Access denied reading SAM subkeys on windows 7
本文介绍了访问被拒绝在Windows 7上读取SAM子项的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想在Windows 7上使用以下代码读取SAM子键
I wanna read SAM subkeys on Windows 7 using this code
int retVal = RegLoadKey(HKEY_LOCAL_MACHINE, "SAM_AUX", @"E:\Auxiliar Registry\SAM");
RegistryKey accountKeys = Registry.LocalMachine.OpenSubKey(@"SAM_AUX\SAM\Domains\Account\Users\Names", false);
但我总是收到Acces Denied,我无法使用regedit查看SAM子项。可能是什么问题?
谢谢
But I always receive Acces Denied, and I can't view SAM subkeys using regedit. What could be the problem?
Thanks
推荐答案
如果你需要添加Everyone到一个注册表项的权限您可以使用以下代码块(这是一个非常古老的代码。它是在我们必须支持Win95 / 98客户端以及Win2k / WinXP客户端的时代写回来的。您可能需要调整代码静态链接到下面的GetProcAddress使用的函数:
If you need to Add "Everyone" to a registry key's Permissions you can use the following chunk of code (this is a "very old code". It was written back in the ages where we had to support Win95/98 clients together with Win2k/WinXP clients. You may need to adjust the code to statically link to the functions that are used byGetProcAddressbelow):
typedef BOOL(WINAPI* AllocateAndInitializeSidType)(
PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, // authority
BYTE nSubAuthorityCount, // count of subauthorities
DWORD dwSubAuthority0, // subauthority 0
DWORD dwSubAuthority1, // subauthority 1
DWORD dwSubAuthority2, // subauthority 2
DWORD dwSubAuthority3, // subauthority 3
DWORD dwSubAuthority4, // subauthority 4
DWORD dwSubAuthority5, // subauthority 5
DWORD dwSubAuthority6, // subauthority 6
DWORD dwSubAuthority7, // subauthority 7
PSID *pSid // SID
);
typedef DWORD(WINAPI* SETENTRIESINACL)(
ULONG cCountOfExplicitEntries, // number of entries
PEXPLICIT_ACCESS pListOfExplicitEntries, // buffer
PACL OldAcl, // original ACL
PACL *NewAcl // new ACL
);
typedef BOOL(WINAPI* InitializeSecurityDescriptorType)(
PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
DWORD dwRevision // revision level
);
typedef LONG(WINAPI* REGSETKEYSECURITY)(
HKEY hKey, // handle to key
SECURITY_INFORMATION SecurityInformation, // request
PSECURITY_DESCRIPTOR pSecurityDescriptor // SD
);
typedef BOOL(WINAPI* SetSecurityDescriptorDaclType)(
PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
BOOL bDaclPresent, // DACL presence
PACL pDacl, // DACL
BOOL bDaclDefaulted // default DACL
);
typedef PVOID(WINAPI* FreeSidType)(
PSID pSid // SID to free
);
BOOL SetRegFullAccessPermission(HKEY hKey)
{
DWORD dwRes = ERROR_SUCCESS;
BOOL bRet = TRUE;
PSID pEveryoneSID = NULL;
PACL pACL = NULL;
PSECURITY_DESCRIPTOR pSD = NULL;
EXPLICIT_ACCESS ea[1];
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
TCHAR szErr[1024] = {0};
int i = 0;
TCHAR szSubKey[1024] = {0};
HMODULE hDll = NULL;
AllocateAndInitializeSidType AllocateAndInitializeSidFunc;
SETENTRIESINACL SetEntriesInAclFunc;
InitializeSecurityDescriptorType InitializeSecurityDescriptorFunc;
REGSETKEYSECURITY RegSetKeySecurityFunc;
SetSecurityDescriptorDaclType SetSecurityDescriptorDaclFunc;
FreeSidType FreeSidFunc;
OSVERSIONINFO versionInfo = {0};
versionInfo.dwOSVersionInfoSize = sizeof(versionInfo);
GetVersionEx(&versionInfo);
if(versionInfo.dwPlatformId != VER_PLATFORM_WIN32_NT)
{
bRet = FALSE;
goto SAFE_EXIT;
}
hDll = LoadLibrary(_T("advapi32.dll"));
if(hDll == NULL)
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(AllocateAndInitializeSidFunc =(AllocateAndInitializeSidType)GetProcAddress(hDll, _T("AllocateAndInitializeSid"))))
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(SetEntriesInAclFunc =(SETENTRIESINACL)GetProcAddress(hDll, _T("SetEntriesInAclA"))))
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(InitializeSecurityDescriptorFunc =(InitializeSecurityDescriptorType)GetProcAddress(hDll, _T("InitializeSecurityDescriptor"))))
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(SetSecurityDescriptorDaclFunc =(SetSecurityDescriptorDaclType)GetProcAddress(hDll, _T("SetSecurityDescriptorDacl"))))
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(RegSetKeySecurityFunc =(REGSETKEYSECURITY)GetProcAddress(hDll, _T("RegSetKeySecurity"))))
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(FreeSidFunc =(FreeSidType)GetProcAddress(hDll, _T("FreeSid"))))
{
bRet = FALSE;
goto SAFE_EXIT;
}
// Create a well-known SID for the Everyone group.
if(!(*AllocateAndInitializeSidFunc)(&SIDAuthWorld, 1, SECURITY_WORLD_RID,
0, 0, 0, 0, 0, 0, 0, &pEveryoneSID))
{
bRet = FALSE;
goto SAFE_EXIT;
}
// Initialize an EXPLICIT_ACCESS structure for an ACE.
// The ACE will allow Everyone read access to the key.
ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
ea[0].grfAccessPermissions = KEY_ALL_ACCESS;
ea[0].grfAccessMode = SET_ACCESS;
ea[0].grfInheritance= NO_INHERITANCE;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[0].Trustee.ptstrName =(LPTSTR) pEveryoneSID;
dwRes =(*SetEntriesInAclFunc)(1, ea, NULL, &pACL);
if(ERROR_SUCCESS != dwRes)
{
bRet = FALSE;
goto SAFE_EXIT;
}
// Initialize a security descriptor.
pSD =(PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
if(pSD == NULL)
{
bRet = FALSE;
goto SAFE_EXIT;
}
if(!(*InitializeSecurityDescriptorFunc)(pSD, SECURITY_DESCRIPTOR_REVISION))
{
bRet = FALSE;
goto SAFE_EXIT;
}
// Add the ACL to the security descriptor.
if(!(*SetSecurityDescriptorDaclFunc)(pSD, TRUE, pACL, FALSE))
{
bRet = FALSE;
goto SAFE_EXIT;
}
//Set the security descriptor
dwRes =(*RegSetKeySecurity)(hKey, DACL_SECURITY_INFORMATION, pSD);
if(dwRes == ERROR_SUCCESS)
bRet = TRUE;
else
{
ASSERT(FALSE);
bRet = FALSE;
}
SAFE_EXIT:
if(pEveryoneSID)
(*FreeSidFunc)(pEveryoneSID);
if(pACL)
LocalFree(pACL);
if(pSD)
LocalFree(pSD);
if(hDll)
FreeLibrary(hDll);
return bRet;
}
这篇关于访问被拒绝在Windows 7上读取SAM子项的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
