问题描述

我想在Windows 7上使用以下代码读取SAM子键

I wanna read SAM subkeys on Windows 7 using this code

int retVal = RegLoadKey(HKEY_LOCAL_MACHINE, "SAM_AUX", @"E:\Auxiliar Registry\SAM");
    RegistryKey accountKeys = Registry.LocalMachine.OpenSubKey(@"SAM_AUX\SAM\Domains\Account\Users\Names", false);

但我总是收到Acces Denied，我无法使用regedit查看SAM子项。可能是什么问题？



谢谢

But I always receive Acces Denied, and I can't view SAM subkeys using regedit. What could be the problem?

Thanks

推荐答案

typedef BOOL(WINAPI* AllocateAndInitializeSidType)(
  PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, // authority
  BYTE nSubAuthorityCount,                        // count of subauthorities
  DWORD dwSubAuthority0,                          // subauthority 0
  DWORD dwSubAuthority1,                          // subauthority 1
  DWORD dwSubAuthority2,                          // subauthority 2
  DWORD dwSubAuthority3,                          // subauthority 3
  DWORD dwSubAuthority4,                          // subauthority 4
  DWORD dwSubAuthority5,                          // subauthority 5
  DWORD dwSubAuthority6,                          // subauthority 6
  DWORD dwSubAuthority7,                          // subauthority 7
  PSID *pSid                                      // SID
);

typedef DWORD(WINAPI* SETENTRIESINACL)(
  ULONG cCountOfExplicitEntries,           // number of entries
  PEXPLICIT_ACCESS pListOfExplicitEntries, // buffer
  PACL OldAcl,                             // original ACL
  PACL *NewAcl                             // new ACL
);

typedef BOOL(WINAPI* InitializeSecurityDescriptorType)(
  PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
  DWORD dwRevision                          // revision level
);

typedef LONG(WINAPI* REGSETKEYSECURITY)(
  HKEY hKey,                                // handle to key
  SECURITY_INFORMATION SecurityInformation, // request
  PSECURITY_DESCRIPTOR pSecurityDescriptor  // SD
);

typedef BOOL(WINAPI* SetSecurityDescriptorDaclType)(
  PSECURITY_DESCRIPTOR pSecurityDescriptor, // SD
  BOOL bDaclPresent,                        // DACL presence
  PACL pDacl,                               // DACL
  BOOL bDaclDefaulted                       // default DACL
);

typedef PVOID(WINAPI* FreeSidType)(
  PSID pSid   // SID to free
);

BOOL SetRegFullAccessPermission(HKEY hKey)
{
  DWORD dwRes = ERROR_SUCCESS;
  BOOL bRet = TRUE;
  PSID pEveryoneSID = NULL;
  PACL pACL = NULL;
  PSECURITY_DESCRIPTOR pSD = NULL;
  EXPLICIT_ACCESS ea[1];
  SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
  TCHAR szErr[1024] = {0};
  int i = 0;
  TCHAR szSubKey[1024] = {0};
  HMODULE hDll = NULL;
  AllocateAndInitializeSidType AllocateAndInitializeSidFunc;
  SETENTRIESINACL SetEntriesInAclFunc;
  InitializeSecurityDescriptorType InitializeSecurityDescriptorFunc;
  REGSETKEYSECURITY RegSetKeySecurityFunc;
  SetSecurityDescriptorDaclType SetSecurityDescriptorDaclFunc;
  FreeSidType FreeSidFunc;

  OSVERSIONINFO versionInfo = {0};
  versionInfo.dwOSVersionInfoSize = sizeof(versionInfo);

  GetVersionEx(&versionInfo);

  if(versionInfo.dwPlatformId != VER_PLATFORM_WIN32_NT)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  hDll = LoadLibrary(_T("advapi32.dll"));

  if(hDll == NULL)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(AllocateAndInitializeSidFunc =(AllocateAndInitializeSidType)GetProcAddress(hDll, _T("AllocateAndInitializeSid"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(SetEntriesInAclFunc =(SETENTRIESINACL)GetProcAddress(hDll, _T("SetEntriesInAclA"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(InitializeSecurityDescriptorFunc =(InitializeSecurityDescriptorType)GetProcAddress(hDll, _T("InitializeSecurityDescriptor"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(SetSecurityDescriptorDaclFunc =(SetSecurityDescriptorDaclType)GetProcAddress(hDll, _T("SetSecurityDescriptorDacl"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(RegSetKeySecurityFunc =(REGSETKEYSECURITY)GetProcAddress(hDll, _T("RegSetKeySecurity"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(FreeSidFunc =(FreeSidType)GetProcAddress(hDll, _T("FreeSid"))))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Create a well-known SID for the Everyone group.
  if(!(*AllocateAndInitializeSidFunc)(&SIDAuthWorld, 1, SECURITY_WORLD_RID,
                  0, 0, 0, 0, 0, 0, 0, &pEveryoneSID))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Initialize an EXPLICIT_ACCESS structure for an ACE.
  // The ACE will allow Everyone read access to the key.
  ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
  ea[0].grfAccessPermissions = KEY_ALL_ACCESS;
  ea[0].grfAccessMode = SET_ACCESS;
  ea[0].grfInheritance= NO_INHERITANCE;
  ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
  ea[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
  ea[0].Trustee.ptstrName  =(LPTSTR) pEveryoneSID;

  dwRes =(*SetEntriesInAclFunc)(1, ea, NULL, &pACL);
  if(ERROR_SUCCESS != dwRes)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Initialize a security descriptor.
  pSD =(PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
  if(pSD == NULL)
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  if(!(*InitializeSecurityDescriptorFunc)(pSD, SECURITY_DESCRIPTOR_REVISION))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  // Add the ACL to the security descriptor.
  if(!(*SetSecurityDescriptorDaclFunc)(pSD, TRUE, pACL,  FALSE))
  {
    bRet = FALSE;
    goto SAFE_EXIT;
  }

  //Set the security descriptor
  dwRes =(*RegSetKeySecurity)(hKey, DACL_SECURITY_INFORMATION, pSD);
  if(dwRes == ERROR_SUCCESS)
    bRet = TRUE;
  else
  {
    ASSERT(FALSE);
    bRet = FALSE;
  }

SAFE_EXIT:
  if(pEveryoneSID)
    (*FreeSidFunc)(pEveryoneSID);
  if(pACL)
    LocalFree(pACL);
  if(pSD)
    LocalFree(pSD);
  if(hDll)
    FreeLibrary(hDll);

  return bRet;
}

这篇关于访问被拒绝在Windows 7上读取SAM子项的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！