@specialex very good tool dude, but is very dangerous need caution a lot still Mr. Mark is genius realy genius thanks for share
Thanks, i managed to get there in the end came across this ps script; (you just put the registry location at the bottom) Code: $global:user="Administrators" $global:rights = "FullControl" $global:propagationFlag="none" $global:inheritanceFlag = "ContainerInherit" $global:rule="Allow" $global:disableInheritance=$true $global:preserverInheritanceIfDisabled=$true $global:prefix="Registry::" Function Enable-Privilege { param($Privilege) #this hack is working and called from the function TakeOwnership-Object $Definition = @' using System; using System.Runtime.InteropServices; public class AdjPriv { [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); [DllImport("advapi32.dll", SetLastError = true)] internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); [StructLayout(LayoutKind.Sequential, Pack = 1)] internal struct TokPriv1Luid { public int Count; public long Luid; public int Attr; } internal const int SE_PRIVILEGE_ENABLED = 0x00000002; internal const int TOKEN_QUERY = 0x00000008; internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; public static bool EnablePrivilege(long processHandle, string privilege) { bool retVal; TokPriv1Luid tp; IntPtr hproc = new IntPtr(processHandle); IntPtr htok = IntPtr.Zero; retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); tp.Count = 1; tp.Luid = 0; tp.Attr = SE_PRIVILEGE_ENABLED; retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); return retVal; } } '@ $ProcessHandle = (Get-Process -id $pid).Handle $type = Add-Type $definition -PassThru $type[0]::EnablePrivilege($processHandle, $Privilege) } Function TakeOwnership-Object($keyPath, $owner) { #This function is working and take the ownership ($keyHive,$keyPath) = $keyPath.split('\',2) do {} until (Enable-Privilege SeTakeOwnershipPrivilege) If ($keyHive -eq "HKEY_CLASSES_ROOT") { $objKey2 = [Microsoft.Win32.Registry]::ClassesRoot.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership') } elseIf ($keyHive -eq "HKEY_USERS") { $objKey2 = [Microsoft.Win32.Registry]::Users.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership') } elseIf ($keyHive -eq "HKEY_LOCAL_MACHINE") { $objKey2 = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership') } elseIf ($keyHive -eq "HKEY_CURRENT_CONFIG") { $objKey2 = [Microsoft.Win32.Registry]::CurrentConfig.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership') } $objOwner2 = New-Object System.Security.Principal.NTAccount("$owner") $objAcl2 = $objKey2.GetAccessControl() $objAcl2.SetOwner($objOwner2) $objKey2.SetAccessControl($objAcl2) $objKey2.Close() } Function Add-RuleItem($keyPath, $user, $rights, $propagationFlag, $inheritanceFlag, $rule) { #This function is working and change permissions ($keyHive,$keyPath) = $keyPath.split('\',2) do {} until (Enable-Privilege SeTakeOwnershipPrivilege) If ($keyHive -eq "HKEY_CLASSES_ROOT") { $objKey2 = [Microsoft.Win32.Registry]::ClassesRoot.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions') } elseIf ($keyHive -eq "HKEY_USERS") { $objKey2 = [Microsoft.Win32.Registry]::Users.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions') } elseIf ($keyHive -eq "HKEY_LOCAL_MACHINE") { $objKey2 = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions') } elseIf ($keyHive -eq "HKEY_CURRENT_CONFIG") { $objKey2 = [Microsoft.Win32.Registry]::CurrentConfig.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions') } $objRule = New-Object System.Security.AccessControl.RegistryAccessRule ($user,$rights,$inheritanceFlag,$propagationFlag,$rule) $objAcl2 = $objKey2.GetAccessControl() $objAcl2.SetAccessRule($objRule) $objKey2.SetAccessControl($objAcl2) $objKey2.Close() } Function ChangeInheritance-Object($keyPath, $disableInheritance, $preserverInheritanceIfDisabled) { #This function changes inheritance settings --- can bug --- $keyPath = $global:prefix+$keyPath #Value is Registry::HKEY_CLASSES_ROOT\DesktopBackground\Shell\Personalize $objACL = Get-ACL $keyPath $objACL.SetAccessRuleProtection($disableInheritance, $preserverInheritanceIfDisabled) Set-ACL $keyPath $objACL #Get the ACL and add the inheritance changes. Save modified ACL } Function Act-Object($key) { Write-Host "Changing permissions on $($key)..." -ForegroundColor Green #Combine all actions on the current key TakeOwnership-Object $key $global:user Add-RuleItem $key $global:user $global:rights $global:propagationFlag $global:inheritanceFlag $global:rule ChangeInheritance-Object $key $global:disableInheritance $global:preserverInheritanceIfDisabled } Function GlobalAct-Object($keyPath) { cls foreach ($key in $(Get-ChildItem -Path $($global:prefix+$keyPath) -recurse)) { #Browse each subkey and act on it Act-Object $key.Name $global:user } Act-Object $keyPath $global:user #Act on the parent key } GlobalAct-Object("HKEY_CLASSES_ROOT\somekey")
RegOwnershipEx RegOwnershipEx Allows you to take ownership and access of registry keys and/or jump to them direc winaero.com/request.php?57
i already tried that, it doesn't take FULL ownership of a key and all subkeys, you still get access denied on many keys, the ps script does the job perfectly.
did you not see the script i posted? the matter is resolved, i search countless sites and tried various apps but nothing did what i wanted it to do.
lol And why did you removed it? If you did for security reasons then there are third party solutions like anti-executables or AppGuard to protect that. lol
@slave77 wow very good website and with usefull tools thanks for share I never see nothing about it before