public static RegistrySecurity GetAccessControl(this RegistryKey key, AccessControlSections includeSections)
        {
            if (key == null)
            {
                throw new ArgumentNullException(nameof(key));
            }

            return(key.GetAccessControl(includeSections));
        }
        public static RegistrySecurity GetAccessControl(this RegistryKey key)
        {
            if (key is null)
            {
                throw new ArgumentNullException(nameof(key));
            }

            return(key.GetAccessControl());
        }
        private static void SetUserAccess(RegistryKey registryKey, IdentityReference user, RegistryRights accessType)
        {
            RegistrySecurity registrySecurity = registryKey.GetAccessControl();

            RegistryAccessRule rule = new RegistryAccessRule(
                user,
                accessType,
                InheritanceFlags.ContainerInherit,
                PropagationFlags.None,
                AccessControlType.Allow
            );

            registrySecurity.AddAccessRule(rule);

            registryKey.SetAccessControl(registrySecurity);
        }
        public static bool DoesUserHaveAccess(RegistryKey registryKey, string userNameOrSID, RegistryRights accessType)
        {
            RegistrySecurity registrySecurity = registryKey.GetAccessControl();

            foreach (RegistryAccessRule registryAccessRule in registrySecurity.GetAccessRules(true, true, typeof(NTAccount)))
            {
                IdentityReference sidIdentityReference = registryAccessRule.IdentityReference.Translate(typeof(SecurityIdentifier));

                if (
                    (userNameOrSID.Equals(registryAccessRule.IdentityReference.Value, StringComparison.InvariantCultureIgnoreCase) == true
                        || userNameOrSID.Equals(sidIdentityReference.Value, StringComparison.InvariantCultureIgnoreCase) == true)
                    && (registryAccessRule.RegistryRights & accessType) == accessType)
                    return true;
            }

            return false;
        }
Example #5
0
        /// <summary>
        /// Checks whether any of the supplied SIDs has write access to the specified registry
        /// </summary>
        /// <param name="hive">Registry Hive</param>
        /// <param name="path">Registry Path</param>
        /// <param name="SIDs">List of SIDs to check</param>
        /// <returns>Boolean</returns>
        public static bool RegWritePermissions(string hive, string path, List <string> SIDs)
        {
            // TODO: TEST THIS
            Dictionary <string, bool> results = new Dictionary <string, bool>();

            Microsoft.Win32.RegistryKey myKey = null;
            if (hive == "HKLM")
            {
                myKey = Registry.LocalMachine.OpenSubKey(path);
            }
            else if (hive == "HKU")
            {
                myKey = Registry.Users.OpenSubKey(path);
            }
            else
            {
                myKey = Registry.CurrentUser.OpenSubKey(path);
            }
            var security    = myKey.GetAccessControl();
            var SddlString  = security.GetSecurityDescriptorSddlForm(AccessControlSections.All);
            var DecodedSDDL = Utils.PermissionsDecoder.DecodeSddlString <RegistryRights>(SddlString);

            return(DecodedSDDL.RegistryWriteAccess(SIDs));
        }
Example #6
0
        void copyregkey(RegistryKey src, RegistryKey dest)
        {
            if (src != null)
            {
                RegistrySecurity srcac = src.GetAccessControl();
                RegistrySecurity destac = new RegistrySecurity();
                string descriptor = srcac.GetSecurityDescriptorSddlForm(AccessControlSections.Access);
                destac.SetSecurityDescriptorSddlForm(descriptor);
                dest.SetAccessControl(destac);

                string[] valuenames = src.GetValueNames();
                foreach (string valuename in valuenames)
                {
                    Trace.WriteLine("Copy " + src.Name + " " + valuename + " : " + dest.Name);
                    dest.SetValue(valuename, src.GetValue(valuename));
                }
                string[] subkeynames = src.GetSubKeyNames();
                foreach (string subkeyname in subkeynames)
                {
                    Trace.WriteLine("DeepCopy " + src.Name + " " + subkeyname + " : " + dest.Name);
                    copyregkey(src.OpenSubKey(subkeyname), dest.CreateSubKey(subkeyname));
                }
            }
        }
 public static RegistrySecurity GetAccessControl(RegistryKey key)
 {
     return key.GetAccessControl();
 }
 public static RegistrySecurity GetAccessControl(RegistryKey key, AccessControlSections includeSections)
 {
     return key.GetAccessControl(includeSections);
 }
Example #9
0
 public static RegistrySecurity GetAccessControl(RegistryKey key)
 {
     return(key.GetAccessControl());
 }
Example #10
0
 public static RegistrySecurity GetAccessControl(RegistryKey key, AccessControlSections includeSections)
 {
     return(key.GetAccessControl(includeSections));
 }