private static void ChangeRegKeyOwner(RegistryKey registryKey, IdentityReference identity) { RegistrySecurity nSubKeySec = registryKey.GetAccessControl(AccessControlSections.Owner); nSubKeySec.SetOwner(identity); registryKey.SetAccessControl(nSubKeySec); }
public void AddRegistryKey(string keyPath, string value, string data) { RegistryKey registryKey = Registry.LocalMachine; using (RegistryKey myRegKey = registryKey.OpenSubKey(keyPath, true)) { //myRegKey.SetValue(value, data); //if (myRegKey.GetValueNames().Contains(value)) //{ // myRegKey.SetValue(value, data); //} //else //{ // Console.WriteLine((string)registryKey.GetValue("id", "ID not found.")); //} RegistryKey rk = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions | RegistryRights.ReadKey); RegistrySecurity sec = new RegistrySecurity(); sec.AddAccessRule(new RegistryAccessRule("Administrator", RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); rk.SetAccessControl(sec); rk = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.FullControl); sec.SetOwner(new NTAccount("Administrators")); rk.SetAccessControl(sec); rk.SetValue("AutoAdminLogon", "1"); rk.SetValue("DefaultUserName", "admin"); rk.SetValue("DefaultPassword", "1"); rk.SetValue("DefaultDomainName", "INTOWINDOWS"); } }
// It's up to the caller to obtain the needed privileges (TakeOwnership) for this operation public static void TakeOwnershipOnSubKey(this RegistryKey registryKey, string subkeyName) { using RegistryKey subKey = registryKey.OpenSubKeyOrThrowIfMissing(subkeyName, RegistryRights.TakeOwnership); RegistrySecurity accessRules = subKey.GetAccessControl(); accessRules.SetOwner(WindowsIdentity.GetCurrent().User); subKey.SetAccessControl(accessRules); }
// It's up to the caller to obtain the needed privileges (TakeOwnership) for this operation public static void TakeOwnershipOnSubKey(this RegistryKey registryKey, string subkeyName) { using RegistryKey subKey = registryKey.OpenSubKeyWritable(subkeyName, RegistryRights.TakeOwnership); RegistrySecurity accessRules = subKey.GetAccessControl(); accessRules.SetOwner(RetrieveCurrentUserIdentifier()); subKey.SetAccessControl(accessRules); }
public RegistryKey CreateRegKey(string regKeyName = "") { if (string.IsNullOrEmpty(regKeyName)) { regKeyName = _regKey; } else { regKeyName = $"{this._regKey}\\{regKeyName}"; } // creazione chiave _baseKey?.CreateSubKey(regKeyName ?? "", RegistryKeyPermissionCheck.ReadWriteSubTree)?.Close(); // apertura con permessi per modifica permesssi RegistryKey key = _baseKey?.OpenSubKey( regKeyName, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.ChangePermissions | RegistryRights.ReadKey | RegistryRights.WriteKey | RegistryRights.FullControl ); // permessi da applicare RegistryRights acl = RegistryRights.WriteKey | RegistryRights.ReadKey | RegistryRights.Delete; // attuale policy if (EnvironmentUtils.IsWin()) { try { RegistrySecurity regSec = key?.GetAccessControl(); // aggiunta policy all'attuale regSec?.AddAccessRule( new RegistryAccessRule( $"{Environment.UserDomainName}\\{Environment.UserName}", acl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow ) ); // definizione proprietario regSec?.SetOwner(new NTAccount($"{Environment.UserDomainName}\\{Environment.UserName}")); // applicazione della policy key?.SetAccessControl(regSec); } catch { // ignore } } return(key); }
private static void SetKeyOwner(RegistryKey key, string subKey, string owner) { using (RegistryKey registryKey = key.OpenSubKey(subKey, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership)) { RegistrySecurity registrySecurity = new RegistrySecurity(); registrySecurity.SetOwner(new NTAccount(owner)); registryKey.SetAccessControl(registrySecurity); } }
public void TakeOwnership(string regPath, RegistryHive registryHive) { var baseReg = RegistryKey.OpenBaseKey(registryHive, RegistryView.Registry64); try { /* Get the ID of the current user (aka Amin) */ WindowsIdentity id = WindowsIdentity.GetCurrent(); /* Add the TakeOwnership Privilege */ bool blRc = Natif.MySetPrivilege(Natif.TakeOwnership, true); if (!blRc) { throw new PrivilegeNotHeldException(Natif.TakeOwnership); } /* Add the Restore Privilege (must be done to change the owner) */ blRc = Natif.MySetPrivilege(Natif.Restore, true); if (!blRc) { throw new PrivilegeNotHeldException(Natif.Restore); } /* Open a registry which I don't own */ RegistryKey rkADSnapInsNodesTypes = baseReg.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); RegistrySecurity regSecTempo = rkADSnapInsNodesTypes.GetAccessControl(AccessControlSections.All); /* Get the real owner */ IdentityReference oldId = regSecTempo.GetOwner(typeof(SecurityIdentifier)); SecurityIdentifier siTrustedInstaller = new SecurityIdentifier(oldId.ToString()); /* process user become the owner */ regSecTempo.SetOwner(id.User); rkADSnapInsNodesTypes.SetAccessControl(regSecTempo); /* Add the full control */ RegistryAccessRule regARFullAccess = new RegistryAccessRule(id.User, RegistryRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); regSecTempo.AddAccessRule(regARFullAccess); rkADSnapInsNodesTypes.SetAccessControl(regSecTempo); /* Do something */ rkADSnapInsNodesTypes.CreateSubKey("dummy"); rkADSnapInsNodesTypes.DeleteSubKey("dummy"); } catch (Exception excpt) { throw excpt; } }
private static void ChangeRegKeyFullControl(RegistryKey registryKey, IdentityReference identity) { RegistrySecurity nSubKeySec = registryKey.GetAccessControl(AccessControlSections.Access); RegistryAccessRule nAccRule = new RegistryAccessRule(identity, RegistryRights.FullControl, AccessControlType.Allow); nSubKeySec.AddAccessRule(nAccRule); registryKey.SetAccessControl(nSubKeySec); nSubKeySec.SetOwner(identity); registryKey.SetAccessControl(nSubKeySec); }
private void disableButton_Click(object sender, EventArgs e) { int disable = 1; if (sender == enableButton) { disable = 0; } #if !DEBUG try #endif { var hklm = Environment.Is64BitOperatingSystem ? RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64) : Registry.LocalMachine; Privileges.EnablePrivilege(SecurityEntity.SE_TAKE_OWNERSHIP_NAME); using (RegistryKey regKey = hklm.OpenSubKey(@"SOFTWARE\Microsoft\Windows Defender\", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership)) { RegistrySecurity rs = regKey.GetAccessControl(AccessControlSections.None); //rs.SetGroup(new NTAccount("Administrators")); rs.SetOwner(WindowsIdentity.GetCurrent().User); rs.SetAccessRuleProtection(false, false); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.FullControl, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.WriteKey, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.ChangePermissions, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.CreateLink, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.CreateSubKey, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.Delete, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.EnumerateSubKeys, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.ExecuteKey, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.Notify, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.QueryValues, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.ReadKey, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.ReadPermissions, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.SetValue, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.TakeOwnership, AccessControlType.Allow)); rs.AddAccessRule(new RegistryAccessRule(WindowsIdentity.GetCurrent().User, RegistryRights.WriteKey, AccessControlType.Allow)); regKey.SetAccessControl(rs); } using (RegistryKey regKey = hklm.OpenSubKey(@"SOFTWARE\Microsoft\Windows Defender\", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.SetValue)) { regKey.SetValue("DisableAntiSpyware", disable); regKey.SetValue("DisableAntiVirus", disable); } if (MessageBox.Show(this, "Done! For changes to take effect, the system needs to be restarted.\n\nWould you like to restart now?", "Done.", MessageBoxButtons.YesNo, MessageBoxIcon.Information) == DialogResult.Yes) { Process.Start("shutdown", "/r /t 0"); } } #if !DEBUG catch (Exception ex) { MessageBox.Show(this, "Please post this to the XDA thread (link in the app):\n" + ex.Message + "\n" + ex.Source + "\n" + ex.HelpLink + "\n" + ex.StackTrace, "Operation Failed", MessageBoxButtons.OK, MessageBoxIcon.Error); } #endif }
// It's up to the caller to obtain the needed token privileges (TakeOwnership) for this operation public static void GrantFullControlOnSubKey(this RegistryKey registryKey, string subkeyName) { using RegistryKey subKey = registryKey.OpenSubKeyOrThrowIfMissing(subkeyName, RegistryRights.TakeOwnership | RegistryRights.ChangePermissions ); RegistrySecurity accessRules = subKey.GetAccessControl(); accessRules.SetOwner(WindowsIdentity.GetCurrent().User); accessRules.ResetAccessRule( new RegistryAccessRule( WindowsIdentity.GetCurrent().User, RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow ) ); subKey.SetAccessControl(accessRules); }
private bool Class_Root_Anahtar_Varmi(string ClassRoot_Anahtar) { RegistrySecurity registrySecurity = new RegistrySecurity(); registrySecurity.AddAccessRule(new RegistryAccessRule("Administrators", RegistryRights.WriteKey, AccessControlType.Allow)); registrySecurity.SetOwner(new NTAccount("Administrators")); try { using (RegistryKey key = Registry.ClassesRoot.OpenSubKey(ClassRoot_Anahtar, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.WriteKey)) { if ((key == null) && (Registry.ClassesRoot.CreateSubKey(ClassRoot_Anahtar, RegistryKeyPermissionCheck.ReadWriteSubTree, registrySecurity) != null)) { return(true); } } } catch (Exception exception) { } return(false); }
private bool anahtar_varmi(string CurrentUserAnahtar) { string name = CurrentUserAnahtar; RegistrySecurity registrySecurity = new RegistrySecurity(); registrySecurity.AddAccessRule(new RegistryAccessRule("Administrators", RegistryRights.FullControl, AccessControlType.Allow)); registrySecurity.SetOwner(new NTAccount("Administrators")); try { using (RegistryKey key = Registry.CurrentUser.OpenSubKey(name, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.FullControl)) { if ((key == null) && (Registry.CurrentUser.CreateSubKey(name, RegistryKeyPermissionCheck.ReadWriteSubTree, registrySecurity) != null)) { return(true); } } } catch { //MessageBox.Show("CurrentUser anahtar"); } return(false); }
static bool RegSetOwneship(RegistryKey nParentKey, string nkey, IdentityReference nuser) { RegistryKey nSubKey = null; try { nSubKey = nParentKey.OpenSubKey(nkey, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership | RegistryRights.ReadKey | RegistryRights.ReadPermissions); RegistrySecurity nSubKeySec = nSubKey.GetAccessControl(AccessControlSections.Owner); nSubKeySec.SetOwner(nuser); nSubKey.SetAccessControl(nSubKeySec); nSubKey.Close(); return(true); } catch { if (nSubKey != null) { nSubKey.Close(); } return(false); } }
private void fixRights() { // We have a private key inside the registry, therefore we should ensure only admins have access to it RegistryKey regKey = Registry.LocalMachine.OpenSubKey("SOFTWARE").OpenSubKey("WinCertes", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.FullControl); RegistrySecurity regSec = regKey.GetAccessControl(AccessControlSections.All); regSec.SetOwner(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null)); regSec.SetAccessRuleProtection(true, false); regKey.SetAccessControl(regSec); RegistryAccessRule adminFull = new RegistryAccessRule(new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null), RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); regSec.AddAccessRule(adminFull); adminFull = new RegistryAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null), RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); regSec.AddAccessRule(adminFull); string domain = System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainName; // If we're joined to a domain, we probably need to give access to domain admins as well if ((domain != null) && (domain.Length > 0)) { adminFull = new RegistryAccessRule(new SecurityIdentifier(WellKnownSidType.AccountDomainAdminsSid, null), RegistryRights.FullControl, InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); regSec.AddAccessRule(adminFull); } regKey.SetAccessControl(regSec); }
private bool setupRegKeyRights(string currentUser, RegistryKey baseKey) { try { var rights = RegistryRights.ChangePermissions | RegistryRights.ReadKey | RegistryRights.SetValue; var rk = baseKey.OpenSubKey( rootKey, RegistryKeyPermissionCheck.ReadWriteSubTree, rights); if (rk == null) { return(false); } RegistrySecurity rs = new RegistrySecurity(); // Create access rule gIVing full control to the current user. rs.AddAccessRule( new RegistryAccessRule(currentUser, RegistryRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); // Apply the new access rule to this Registry Key. rk.SetAccessControl(rs); rk = baseKey.OpenSubKey( rootKey, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.FullControl); // Opens the key again with full control. rs.SetOwner(new NTAccount(currentUser)); // Set the securits owner to be current user. rk.SetAccessControl(rs); // Set the key with the changed permission so current user is now owner. } catch //(Exception e) { return(false); } return(true); }
public static void ByPassTamper() { try { // Get the ID of the current user WindowsIdentity id = WindowsIdentity.GetCurrent(); // Add the TakeOwnership Privilege bool blRc = TokenManipulation.MySetPrivilege(TokenManipulation.TakeOwnership, true); if (!blRc) { throw new PrivilegeNotHeldException(TokenManipulation.TakeOwnership); } /* Add the Restore Privilege (must be done to change the owner) */ blRc = TokenManipulation.MySetPrivilege(TokenManipulation.Restore, true); if (!blRc) { throw new PrivilegeNotHeldException(TokenManipulation.Restore); } // Open a registry which I don't own RegistryKey OwnerShipByPass = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows Defender\Features", RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); RegistrySecurity regSecTempo = OwnerShipByPass.GetAccessControl(AccessControlSections.All); // Get the real owner IdentityReference oldId = regSecTempo.GetOwner(typeof(SecurityIdentifier)); SecurityIdentifier siTrustedInstaller = new SecurityIdentifier(oldId.ToString()); //Console.WriteLine(oldId.ToString()); // process user become the owner regSecTempo.SetOwner(id.User); OwnerShipByPass.SetAccessControl(regSecTempo); RegistryAccessRule regARFullAccess = new RegistryAccessRule(id.User, RegistryRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); regSecTempo.AddAccessRule(regARFullAccess); OwnerShipByPass.SetAccessControl(regSecTempo); #region Write to Registry (Disable Defender and Tamper) DisableFender(true, true); // disable tamper and defender #endregion // Put back the original owner regSecTempo.SetOwner(siTrustedInstaller); OwnerShipByPass.SetAccessControl(regSecTempo); // Put back the original Rights regSecTempo.RemoveAccessRule(regARFullAccess); OwnerShipByPass.SetAccessControl(regSecTempo); } catch (Exception) { //MessageBox.Show(ex.ToString()); } }
private bool CurrentUser_Register_Deger_Yaz(string CurrentUserYol, string anahtar, object deger, string tur) { RegistrySecurity security = new RegistrySecurity(); security.AddAccessRule(new RegistryAccessRule("Administrators", RegistryRights.FullControl, AccessControlType.Allow)); security.SetOwner(new NTAccount("Administrators")); try { using (RegistryKey key = Registry.CurrentUser.OpenSubKey(CurrentUserYol, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.FullControl)) { if (key != null) { if (key.GetValue(anahtar) != null) { key.DeleteValue(anahtar); } if (tur == "") { key.SetValue(anahtar, deger); } else if (tur == "str") { key.SetValue(anahtar, deger, RegistryValueKind.String); } else if (tur == "bin") { key.SetValue(anahtar, deger, RegistryValueKind.Binary); } else if (tur == "exp_str") { key.SetValue(anahtar, deger, RegistryValueKind.ExpandString); } else if (tur == "none") { key.SetValue(anahtar, deger, RegistryValueKind.None); } else if (tur == "multi_str") { key.SetValue(anahtar, deger, RegistryValueKind.MultiString); } else if (tur == "dword") { key.SetValue(anahtar, deger, RegistryValueKind.DWord); } else if (tur == "qword") { key.SetValue(anahtar, deger, RegistryValueKind.QWord); } else if (tur == "unknow") { key.SetValue(anahtar, deger, RegistryValueKind.Unknown); } return(true); } } } catch (Exception exception) { //MessageBox.Show("CurrentUser: " + exception.Message); } return(false); }
/// <summary>获取注册表项权限</summary> /// <remarks>将注册表项所有者改为当前管理员用户</remarks> /// <param name="regPath">要获取权限的注册表完整路径</param> public static void TakeRegKeyOwnerShip(string regPath) { if (regPath.IsNullOrWhiteSpace()) { return; } RegistryKey key = null; WindowsIdentity id = null; //利用试错判断是否有写入权限 try { key = RegistryEx.GetRegistryKey(regPath, true); } catch (Exception) { try { //获取当前用户的ID id = WindowsIdentity.GetCurrent(); //添加TakeOwnership特权 bool flag = NativeMethod.TrySetPrivilege(NativeMethod.TakeOwnership, true); if (!flag) { throw new PrivilegeNotHeldException(NativeMethod.TakeOwnership); } //添加恢复特权(必须这样做才能更改所有者) flag = NativeMethod.TrySetPrivilege(NativeMethod.Restore, true); if (!flag) { throw new PrivilegeNotHeldException(NativeMethod.Restore); } //打开没有权限的注册表路径 key = RegistryEx.GetRegistryKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); RegistrySecurity security = key.GetAccessControl(AccessControlSections.All); //得到真正所有者 //IdentityReference oldId = security.GetOwner(typeof(SecurityIdentifier)); //SecurityIdentifier siTrustedInstaller = new SecurityIdentifier(oldId.ToString()); //使进程用户成为所有者 security.SetOwner(id.User); key.SetAccessControl(security); //添加完全控制 RegistryAccessRule fullAccess = new RegistryAccessRule(id.User, RegistryRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); security.AddAccessRule(fullAccess); key.SetAccessControl(security); //注册表操作(写入、删除) //key.SetValue("temp", "");//示例 //恢复原有所有者 //security.SetOwner(siTrustedInstaller); //key.SetAccessControl(security); //收回原有权利 //security.RemoveAccessRule(fullAccess); //key.SetAccessControl(security); ///得到真正所有者、注册表操作、恢复原有所有者、收回原有权利,这四部分在原文中没有被注释掉 ///但是如果保留这四部分,会在恢复原有所有者这一步抛出异常,提示没有权限, ///不过我发现经过上面的操作,虽然无法还原所有者权限,但是已经获取了注册表权限 ///即已经将TrustedInstaller权限更改为当前管理员用户权限,我要的目的已经达到了 } catch (Exception) { } } finally { key?.Close(); id?.Dispose(); } }
public static bool WriteTrustedRegistry(int regType, string regPath, bool blAdd) { try { WindowsIdentity current = WindowsIdentity.GetCurrent(); if (!Trust.MySetPrivilege("SeTakeOwnershipPrivilege", true)) { Logger.Info("Failed to take ownership privilege"); return(false); } if (!Trust.MySetPrivilege("SeRestorePrivilege", true)) { Logger.Info("Failed to restore ownership privilege"); return(false); } RegistryKey registryKey = (RegistryKey)null; switch (regType) { case 0: registryKey = Registry.ClassesRoot.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); break; case 1: registryKey = Registry.CurrentUser.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); break; case 2: registryKey = Registry.LocalMachine.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); break; } if (registryKey == null) { return(true); } RegistrySecurity accessControl = registryKey.GetAccessControl(AccessControlSections.All); SecurityIdentifier securityIdentifier = new SecurityIdentifier(accessControl.GetOwner(typeof(SecurityIdentifier)).ToString()); accessControl.SetOwner((IdentityReference)current.User); registryKey.SetAccessControl(accessControl); RegistryAccessRule rule = new RegistryAccessRule((IdentityReference)current.User, RegistryRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); accessControl.AddAccessRule(rule); registryKey.SetAccessControl(accessControl); registryKey.Close(); switch (regType) { case 0: registryKey = Registry.ClassesRoot.OpenSubKey(regPath, true); break; case 1: registryKey = Registry.CurrentUser.OpenSubKey(regPath, true); break; case 2: registryKey = Registry.LocalMachine.OpenSubKey(regPath, true); break; } if (blAdd) { registryKey.SetValue((string)null, (object)FixUpOle.olePath); } else { registryKey.SetValue((string)null, (object)"oleaut32.dll"); } accessControl.SetOwner((IdentityReference)securityIdentifier); registryKey.SetAccessControl(accessControl); accessControl.RemoveAccessRule(rule); registryKey.SetAccessControl(accessControl); registryKey.Close(); return(true); } catch (Exception ex) { return(false); } }