Exemple #1
0
        public static RegistryObject RegistryKeyToRegistryObject(RegistryKey registryKey)
        {
            RegistryObject regObj = null;

            if (registryKey == null)
            {
                return(regObj);
            }
            try
            {
                regObj = new RegistryObject()
                {
                    Key = registryKey.Name,
                };

                regObj.AddSubKeys(new List <string>(registryKey.GetSubKeyNames()));

                foreach (RegistryAccessRule rule in registryKey.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)))
                {
                    string name = GetName(rule);

                    if (regObj.Permissions.ContainsKey(name))
                    {
                        regObj.Permissions[name].Add(rule.RegistryRights.ToString());
                    }
                    else
                    {
                        regObj.Permissions.Add(name, new List <string>()
                        {
                            rule.RegistryRights.ToString()
                        });
                    }
                }

                foreach (string valueName in registryKey.GetValueNames())
                {
                    try
                    {
                        regObj.Values.Add(valueName, (registryKey.GetValue(valueName) == null) ? "" : (registryKey.GetValue(valueName).ToString()));
                    }
                    catch (Exception ex)
                    {
                        Log.Debug(ex, "Found an exception processing registry values.");
                    }
                }
            }
            catch (System.ArgumentException e)
            {
                Log.Debug(e, "Exception parsing {0}", registryKey.Name);
            }
            catch (Exception e)
            {
                Log.Debug(e, "Couldn't process reg key {0}", registryKey.Name);
            }

            return(regObj);
        }
Exemple #2
0
        public static RegistryObject?RegistryKeyToRegistryObject(RegistryKey registryKey, RegistryView registryView)
        {
            if (registryKey == null)
            {
                return(null);
            }

            RegistryObject regObj = new RegistryObject(registryKey.Name, registryView);

            try
            {
                regObj.AddSubKeys(registryKey.GetSubKeyNames());
            }
            catch (System.ArgumentException)
            {
                Log.Debug("Invalid Handle (ArgumentException) {0}", registryKey.Name);
            }
            catch (Exception e)
            {
                Log.Debug(e, "Couldn't process reg key {0}", registryKey.Name);
            }

            try
            {
                foreach (RegistryAccessRule?rule in registryKey.GetAccessControl().GetAccessRules(true, true, typeof(SecurityIdentifier)))
                {
                    if (rule != null)
                    {
                        string name = AsaHelpers.SidToName(rule.IdentityReference);

                        if (regObj.Permissions.ContainsKey(name))
                        {
                            regObj.Permissions[name].Add(rule.RegistryRights.ToString());
                        }
                        else
                        {
                            regObj.Permissions.Add(name, new List <string>()
                            {
                                rule.RegistryRights.ToString()
                            });
                        }
                    }
                }
            }
            catch (ArgumentException)
            {
                Log.Debug("Failed to get permissions (handle is invalid) for {0}", regObj.Key);
            }
            catch (Exception e)
            {
                Log.Debug(e, "Failed to get permissions for {0}", regObj.Key);
            }

            regObj.Values = RegistryObject.GetValues(registryKey);

            return(regObj);
        }
Exemple #3
0
        public static RegistryObject RegistryKeyToRegistryObject(RegistryKey registryKey)
        {
            RegistryObject regObj = null;

            if (registryKey == null)
            {
                return(regObj);
            }

            regObj = new RegistryObject()
            {
                Key = registryKey.Name,
            };
            try
            {
                regObj.AddSubKeys(registryKey.GetSubKeyNames());
            }
            catch (System.ArgumentException)
            {
                Log.Debug("Invalid Handle (ArgumentException) {0}", registryKey.Name);
            }
            catch (Exception e)
            {
                Log.Debug(e, "Couldn't process reg key {0}", registryKey.Name);
            }

            try
            {
                foreach (RegistryAccessRule rule in registryKey.GetAccessControl().GetAccessRules(true, true, typeof(System.Security.Principal.SecurityIdentifier)))
                {
                    string name = rule.IdentityReference.Value;

                    try
                    {
                        name = rule.IdentityReference.Translate(typeof(NTAccount)).Value;
                    }
                    catch (IdentityNotMappedException)
                    {
                        // This is fine. Some SIDs don't map to NT Accounts.
                    }

                    if (regObj.Permissions.ContainsKey(name))
                    {
                        regObj.Permissions[name].Add(rule.RegistryRights.ToString());
                    }
                    else
                    {
                        regObj.Permissions.Add(name, new List <string>()
                        {
                            rule.RegistryRights.ToString()
                        });
                    }
                }
            }
            catch (ArgumentException)
            {
                Log.Debug("Failed to get permissions (handle is invalid) for {0}", regObj.Key);
            }
            catch (Exception e)
            {
                Log.Debug(e, "Failed to get permissions for {0}", regObj.Key);
            }


            foreach (string valueName in registryKey.GetValueNames())
            {
                try
                {
                    regObj.Values.Add(valueName, (registryKey.GetValue(valueName) == null) ? "" : (registryKey.GetValue(valueName).ToString()));
                }
                catch (Exception ex)
                {
                    Log.Debug(ex, "Found an exception processing registry values of {0}.", registryKey.Name);
                }
            }


            return(regObj);
        }