public static bool MySetPrivilege(string sPrivilege, bool enablePrivilege) { Trust.TOKEN_PRIVILEGES newState = new Trust.TOKEN_PRIVILEGES(); Trust.TOKEN_PRIVILEGES previousState = new Trust.TOKEN_PRIVILEGES(); Trust.LUID luid = new Trust.LUID(); int returnLength = 0; IntPtr zero = IntPtr.Zero; if (!Trust.OpenProcessToken(Trust.GetCurrentProcess(), Trust.TokenAccessRights.AllAccess, ref zero) || !Trust.LookupPrivilegeValue((string)null, sPrivilege, ref luid)) { return(false); } newState.PrivilegeCount = 1; newState.Privileges = new Trust.LUID_AND_ATTRIBUTES[64]; newState.Privileges[0].Luid = luid; newState.Privileges[0].Attributes = !enablePrivilege ? 0 : 2; previousState.PrivilegeCount = 64; previousState.Privileges = new Trust.LUID_AND_ATTRIBUTES[64]; if (Trust.AdjustTokenPrivileges(zero, false, ref newState, 16, ref previousState, ref returnLength)) { return(true); } Trust.GetLastError(); return(false); }
public static bool WriteTrustedRegistry(int regType, string regPath, bool blAdd) { try { WindowsIdentity current = WindowsIdentity.GetCurrent(); if (!Trust.MySetPrivilege("SeTakeOwnershipPrivilege", true)) { Logger.Info("Failed to take ownership privilege"); return(false); } if (!Trust.MySetPrivilege("SeRestorePrivilege", true)) { Logger.Info("Failed to restore ownership privilege"); return(false); } RegistryKey registryKey = (RegistryKey)null; switch (regType) { case 0: registryKey = Registry.ClassesRoot.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); break; case 1: registryKey = Registry.CurrentUser.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); break; case 2: registryKey = Registry.LocalMachine.OpenSubKey(regPath, RegistryKeyPermissionCheck.ReadWriteSubTree, RegistryRights.TakeOwnership); break; } if (registryKey == null) { return(true); } RegistrySecurity accessControl = registryKey.GetAccessControl(AccessControlSections.All); SecurityIdentifier securityIdentifier = new SecurityIdentifier(accessControl.GetOwner(typeof(SecurityIdentifier)).ToString()); accessControl.SetOwner((IdentityReference)current.User); registryKey.SetAccessControl(accessControl); RegistryAccessRule rule = new RegistryAccessRule((IdentityReference)current.User, RegistryRights.FullControl, InheritanceFlags.ContainerInherit, PropagationFlags.None, AccessControlType.Allow); accessControl.AddAccessRule(rule); registryKey.SetAccessControl(accessControl); registryKey.Close(); switch (regType) { case 0: registryKey = Registry.ClassesRoot.OpenSubKey(regPath, true); break; case 1: registryKey = Registry.CurrentUser.OpenSubKey(regPath, true); break; case 2: registryKey = Registry.LocalMachine.OpenSubKey(regPath, true); break; } if (blAdd) { registryKey.SetValue((string)null, (object)FixUpOle.olePath); } else { registryKey.SetValue((string)null, (object)"oleaut32.dll"); } accessControl.SetOwner((IdentityReference)securityIdentifier); registryKey.SetAccessControl(accessControl); accessControl.RemoveAccessRule(rule); registryKey.SetAccessControl(accessControl); registryKey.Close(); return(true); } catch (Exception ex) { return(false); } }