/// <summary> /// Method to create an object from a set of object attributes. /// </summary> /// <param name="obj_attributes">The object attributes to create/open from.</param> /// <returns>The newly created object.</returns> protected override object CreateObject(ObjectAttributes obj_attributes) { string key_path = Win32Path ? NtKeyUtils.Win32KeyNameToNt(KeyPath) : KeyPath; using (ObjectAttributes name = new ObjectAttributes(key_path, AttributeFlags.CaseInsensitive)) { if ((LoadFlags & LoadKeyFlags.AppKey) == 0) { using (NtToken token = NtToken.OpenProcessToken()) { TokenPrivilege priv = token.GetPrivilege(TokenPrivilegeValue.SeRestorePrivilege); if (priv == null || (priv.Attributes & PrivilegeAttributes.Enabled) == 0) { WriteWarning("Loading a non-app hive should require SeRestorePrivilege"); } } } else { if (!KeyPath.StartsWith(@"\Registry\A\", System.StringComparison.OrdinalIgnoreCase)) { WriteWarning(@"Loading app hive outside of \Registry\A\ will fail on an up to date system."); } } return(NtKey.LoadKey(name, obj_attributes, LoadFlags, Access)); } }
/// <summary> /// Method to create an object from a set of object attributes. /// </summary> /// <param name="obj_attributes">The object attributes to create/open from.</param> /// <returns>The newly created object.</returns> protected override object CreateObject(ObjectAttributes obj_attributes) { using (NtKey key = (NtKey)base.CreateObject(obj_attributes)) { key.SetSymbolicLinkTarget(Win32Path ? NtKeyUtils.Win32KeyNameToNt(Target) : Target); } return(null); }
/// <summary> /// Virtual method to resolve the value of the Path variable. /// </summary> /// <returns>The object path.</returns> protected override string ResolvePath() { if (Win32Path) { return(NtKeyUtils.Win32KeyNameToNt(Path)); } else { return(Path); } }
private ObjectAttributes GetObjectAttributes() { if (Win32Path) { return(new ObjectAttributes(NtKeyUtils.Win32KeyNameToNt(Path), AttributeFlags.CaseInsensitive)); } else { return(new ObjectAttributes(Path, AttributeFlags.CaseInsensitive, Root)); } }
/// <summary> /// Method to create an object from a set of object attributes. /// </summary> /// <param name="obj_attributes">The object attributes to create/open from.</param> /// <returns>The newly created object.</returns> protected override object CreateObject(ObjectAttributes obj_attributes) { using (var key = NtKey.Create(obj_attributes, Access, Options | KeyCreateOptions.CreateLink, Transaction)) { key.SetSymbolicLinkTarget(Win32Path ? NtKeyUtils.Win32KeyNameToNt(Target) : Target); if (PassThru) { return(key.Duplicate()); } return(null); } }
static NtKey OpenKey(string name) { if (!name.StartsWith(@"\")) { name = NtKeyUtils.Win32KeyNameToNt(name); } using (ObjectAttributes obja = new ObjectAttributes(name, AttributeFlags.CaseInsensitive | AttributeFlags.OpenLink, null)) { return(NtKey.Open(obja, KeyAccessRights.MaximumAllowed, 0)); } }
private ObjectAttributes GetObjectAttributes() { AttributeFlags flags = AttributeFlags.CaseInsensitive; if (OpenLink) { flags |= AttributeFlags.OpenLink; } if (Win32Path) { return(new ObjectAttributes(NtKeyUtils.Win32KeyNameToNt(Path), flags)); } else { return(new ObjectAttributes(Path, flags, Root)); } }
/// <summary> /// Convert a Win32 Path to a Native NT path. /// </summary> /// <param name="win32_path">The win32 path to convert.</param> /// <returns>The native path.</returns> protected override string ConvertWin32Path(string win32_path) { return(NtKeyUtils.Win32KeyNameToNt(win32_path)); }