Example #1
0
        private void ReferenceSecurityCell(int cellIndex)
        {
            SecurityCell sc = _hive.GetCell <SecurityCell>(cellIndex);

            sc.UsageCount++;
            _hive.UpdateCell(sc, false);
        }
Example #2
0
        /// <summary>
        /// Gets the Security Descriptor applied to the registry key.
        /// </summary>
        /// <returns>The security descriptor as a RegistrySecurity instance.</returns>
        public RegistrySecurity GetAccessControl()
        {
            if (_cell.SecurityIndex > 0)
            {
                SecurityCell secCell = _hive.GetCell <SecurityCell>(_cell.SecurityIndex);
                return(secCell.SecurityDescriptor);
            }

            return(null);
        }
Example #3
0
        private void DereferenceSecurityCell(int cellIndex)
        {
            SecurityCell sc = _hive.GetCell <SecurityCell>(cellIndex);

            sc.UsageCount--;
            if (sc.UsageCount == 0)
            {
                SecurityCell prev = _hive.GetCell <SecurityCell>(sc.PreviousIndex);
                prev.NextIndex = sc.NextIndex;
                _hive.UpdateCell(prev, false);

                SecurityCell next = _hive.GetCell <SecurityCell>(sc.NextIndex);
                next.PreviousIndex = sc.PreviousIndex;
                _hive.UpdateCell(next, false);

                _hive.FreeCell(cellIndex);
            }
            else
            {
                _hive.UpdateCell(sc, false);
            }
        }
Example #4
0
        /// <summary>
        /// Creates a new (empty) registry hive.
        /// </summary>
        /// <param name="stream">The stream to contain the new hive</param>
        /// <param name="ownership">Whether the returned object owns the stream</param>
        /// <returns>The new hive</returns>
        public static RegistryHive Create(Stream stream, Ownership ownership)
        {
            if (stream == null)
            {
                throw new ArgumentNullException("stream", "Attempt to create registry hive in null stream");
            }

            // Construct a file with minimal structure - hive header, plus one (empty) bin
            BinHeader binHeader = new BinHeader();

            binHeader.FileOffset = 0;
            binHeader.BinSize    = (int)(4 * Sizes.OneKiB);

            HiveHeader hiveHeader = new HiveHeader();

            hiveHeader.Length = binHeader.BinSize;

            stream.Position = 0;

            byte[] buffer = new byte[hiveHeader.Size];
            hiveHeader.WriteTo(buffer, 0);
            stream.Write(buffer, 0, buffer.Length);

            buffer = new byte[binHeader.Size];
            binHeader.WriteTo(buffer, 0);
            stream.Position = BinStart;
            stream.Write(buffer, 0, buffer.Length);

            buffer = new byte[4];
            Utilities.WriteBytesLittleEndian(binHeader.BinSize - binHeader.Size, buffer, 0);
            stream.Write(buffer, 0, buffer.Length);

            // Make sure the file is initialized out to the end of the firs bin
            stream.Position = BinStart + binHeader.BinSize - 1;
            stream.WriteByte(0);

            // Temporary hive to perform construction of higher-level structures
            RegistryHive newHive  = new RegistryHive(stream);
            KeyNodeCell  rootCell = new KeyNodeCell("root", -1);

            rootCell.Flags = RegistryKeyFlags.Normal | RegistryKeyFlags.Root;
            newHive.UpdateCell(rootCell, true);

            RegistrySecurity sd = new RegistrySecurity();

            sd.SetSecurityDescriptorSddlForm("O:BAG:BAD:PAI(A;;KA;;;SY)(A;CI;KA;;;BA)", AccessControlSections.All);
            SecurityCell secCell = new SecurityCell(sd);

            newHive.UpdateCell(secCell, true);
            secCell.NextIndex     = secCell.Index;
            secCell.PreviousIndex = secCell.Index;
            newHive.UpdateCell(secCell, false);

            rootCell.SecurityIndex = secCell.Index;
            newHive.UpdateCell(rootCell, false);

            // Ref the root cell from the hive header
            hiveHeader.RootCell = rootCell.Index;
            buffer = new byte[hiveHeader.Size];
            hiveHeader.WriteTo(buffer, 0);
            stream.Position = 0;
            stream.Write(buffer, 0, buffer.Length);

            // Finally, return the new hive
            return(new RegistryHive(stream, ownership));
        }