/// <summary>
        /// Method to create an object from a set of object attributes.
        /// </summary>
        /// <param name="obj_attributes">The object attributes to create/open from.</param>
        /// <returns>The newly created object.</returns>
        protected override object CreateObject(ObjectAttributes obj_attributes)
        {
            string key_path = Win32Path ? NtKeyUtils.Win32KeyNameToNt(KeyPath) : KeyPath;

            using (ObjectAttributes name = new ObjectAttributes(key_path, AttributeFlags.CaseInsensitive))
            {
                if ((LoadFlags & LoadKeyFlags.AppKey) == 0)
                {
                    using (NtToken token = NtToken.OpenProcessToken())
                    {
                        TokenPrivilege priv = token.GetPrivilege(TokenPrivilegeValue.SeRestorePrivilege);
                        if (priv == null || (priv.Attributes & PrivilegeAttributes.Enabled) == 0)
                        {
                            WriteWarning("Loading a non-app hive should require SeRestorePrivilege");
                        }
                    }
                }
                else
                {
                    if (!KeyPath.StartsWith(@"\Registry\A\", System.StringComparison.OrdinalIgnoreCase))
                    {
                        WriteWarning(@"Loading app hive outside of \Registry\A\ will fail on an up to date system.");
                    }
                }

                return(NtKey.LoadKey(name, obj_attributes, LoadFlags, Access));
            }
        }
예제 #2
0
 /// <summary>
 /// Method to create an object from a set of object attributes.
 /// </summary>
 /// <param name="obj_attributes">The object attributes to create/open from.</param>
 /// <returns>The newly created object.</returns>
 protected override object CreateObject(ObjectAttributes obj_attributes)
 {
     using (NtKey key = (NtKey)base.CreateObject(obj_attributes))
     {
         key.SetSymbolicLinkTarget(Win32Path ? NtKeyUtils.Win32KeyNameToNt(Target) : Target);
     }
     return(null);
 }
 /// <summary>
 /// Virtual method to resolve the value of the Path variable.
 /// </summary>
 /// <returns>The object path.</returns>
 protected override string ResolvePath()
 {
     if (Win32Path)
     {
         return(NtKeyUtils.Win32KeyNameToNt(Path));
     }
     else
     {
         return(Path);
     }
 }
예제 #4
0
 private ObjectAttributes GetObjectAttributes()
 {
     if (Win32Path)
     {
         return(new ObjectAttributes(NtKeyUtils.Win32KeyNameToNt(Path), AttributeFlags.CaseInsensitive));
     }
     else
     {
         return(new ObjectAttributes(Path, AttributeFlags.CaseInsensitive, Root));
     }
 }
 /// <summary>
 /// Method to create an object from a set of object attributes.
 /// </summary>
 /// <param name="obj_attributes">The object attributes to create/open from.</param>
 /// <returns>The newly created object.</returns>
 protected override object CreateObject(ObjectAttributes obj_attributes)
 {
     using (var key = NtKey.Create(obj_attributes, Access, Options | KeyCreateOptions.CreateLink, Transaction))
     {
         key.SetSymbolicLinkTarget(Win32Path ? NtKeyUtils.Win32KeyNameToNt(Target) : Target);
         if (PassThru)
         {
             return(key.Duplicate());
         }
         return(null);
     }
 }
예제 #6
0
        static NtKey OpenKey(string name)
        {
            if (!name.StartsWith(@"\"))
            {
                name = NtKeyUtils.Win32KeyNameToNt(name);
            }

            using (ObjectAttributes obja = new ObjectAttributes(name,
                                                                AttributeFlags.CaseInsensitive | AttributeFlags.OpenLink, null))
            {
                return(NtKey.Open(obja, KeyAccessRights.MaximumAllowed, 0));
            }
        }
예제 #7
0
        private ObjectAttributes GetObjectAttributes()
        {
            AttributeFlags flags = AttributeFlags.CaseInsensitive;

            if (OpenLink)
            {
                flags |= AttributeFlags.OpenLink;
            }
            if (Win32Path)
            {
                return(new ObjectAttributes(NtKeyUtils.Win32KeyNameToNt(Path), flags));
            }
            else
            {
                return(new ObjectAttributes(Path, flags, Root));
            }
        }
예제 #8
0
 /// <summary>
 /// Convert a Win32 Path to a Native NT path.
 /// </summary>
 /// <param name="win32_path">The win32 path to convert.</param>
 /// <returns>The native path.</returns>
 protected override string ConvertWin32Path(string win32_path)
 {
     return(NtKeyUtils.Win32KeyNameToNt(win32_path));
 }