[solved] take full ownership of a reg key and all sub keys to allow deletion?

You need to login to view this posts content.

 

You need to login to view this posts content.

 

Add just permission to admin with cmd run as TI
saving time and erorr

 

@specialex very good tool dude, but is very dangerous need caution a lot still Mr. Mark is genius realy genius thanks for share

 

Thanks, i managed to get there in the end

came across this ps script; (you just put the registry location at the bottom)

Code:

$global:user="Administrators"
$global:rights = "FullControl"
$global:propagationFlag="none"
$global:inheritanceFlag = "ContainerInherit"
$global:rule="Allow"
$global:disableInheritance=$true
$global:preserverInheritanceIfDisabled=$true
$global:prefix="Registry::"

Function Enable-Privilege {
  param($Privilege)
  
  #this hack is working and called from the function TakeOwnership-Object
  
  $Definition = @'
using System;
using System.Runtime.InteropServices;
public class AdjPriv {
  [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
  internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
    ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
  [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
  internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
  [DllImport("advapi32.dll", SetLastError = true)]
  internal static extern bool LookupPrivilegeValue(string host, string name,
    ref long pluid);
  [StructLayout(LayoutKind.Sequential, Pack = 1)]
  internal struct TokPriv1Luid {
    public int Count;
    public long Luid;
    public int Attr;
  }
  internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
  internal const int TOKEN_QUERY = 0x00000008;
  internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
  public static bool EnablePrivilege(long processHandle, string privilege) {
    bool retVal;
    TokPriv1Luid tp;
    IntPtr hproc = new IntPtr(processHandle);
    IntPtr htok = IntPtr.Zero;
    retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
      ref htok);
    tp.Count = 1;
    tp.Luid = 0;
    tp.Attr = SE_PRIVILEGE_ENABLED;
    retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
    retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero,
      IntPtr.Zero);
    return retVal;
  }
}
'@
  $ProcessHandle = (Get-Process -id $pid).Handle
  $type = Add-Type $definition -PassThru
  $type[0]::EnablePrivilege($processHandle, $Privilege)
}

Function TakeOwnership-Object($keyPath, $owner) {

#This function is working and take the ownership

($keyHive,$keyPath) = $keyPath.split('\',2)

do {} until (Enable-Privilege SeTakeOwnershipPrivilege)
If ($keyHive -eq "HKEY_CLASSES_ROOT") {
    $objKey2 = [Microsoft.Win32.Registry]::ClassesRoot.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership')
} elseIf ($keyHive -eq "HKEY_USERS") {
    $objKey2 = [Microsoft.Win32.Registry]::Users.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership')
} elseIf ($keyHive -eq "HKEY_LOCAL_MACHINE") {
    $objKey2 = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership')
} elseIf ($keyHive -eq "HKEY_CURRENT_CONFIG") {
    $objKey2 = [Microsoft.Win32.Registry]::CurrentConfig.OpenSubKey("$keyPath",'ReadWriteSubTree', 'TakeOwnership')
}
$objOwner2 = New-Object System.Security.Principal.NTAccount("$owner")

$objAcl2 = $objKey2.GetAccessControl()
$objAcl2.SetOwner($objOwner2)
$objKey2.SetAccessControl($objAcl2)
$objKey2.Close()
}

Function Add-RuleItem($keyPath, $user, $rights, $propagationFlag, $inheritanceFlag, $rule) {

#This function is working and change permissions

($keyHive,$keyPath) = $keyPath.split('\',2)

do {} until (Enable-Privilege SeTakeOwnershipPrivilege)
If ($keyHive -eq "HKEY_CLASSES_ROOT") {
    $objKey2 = [Microsoft.Win32.Registry]::ClassesRoot.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions')
} elseIf ($keyHive -eq "HKEY_USERS") {
    $objKey2 = [Microsoft.Win32.Registry]::Users.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions')
} elseIf ($keyHive -eq "HKEY_LOCAL_MACHINE") {
    $objKey2 = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions')
} elseIf ($keyHive -eq "HKEY_CURRENT_CONFIG") {
    $objKey2 = [Microsoft.Win32.Registry]::CurrentConfig.OpenSubKey("$keyPath",'ReadWriteSubTree', 'ChangePermissions')
}
$objRule = New-Object System.Security.AccessControl.RegistryAccessRule ($user,$rights,$inheritanceFlag,$propagationFlag,$rule)

$objAcl2 = $objKey2.GetAccessControl()
$objAcl2.SetAccessRule($objRule)
$objKey2.SetAccessControl($objAcl2)
$objKey2.Close()
}

Function ChangeInheritance-Object($keyPath, $disableInheritance, $preserverInheritanceIfDisabled) {

#This function changes inheritance settings --- can bug ---

$keyPath = $global:prefix+$keyPath
#Value is Registry::HKEY_CLASSES_ROOT\DesktopBackground\Shell\Personalize

$objACL = Get-ACL $keyPath
$objACL.SetAccessRuleProtection($disableInheritance, $preserverInheritanceIfDisabled)
Set-ACL $keyPath $objACL
#Get the ACL and add the inheritance changes. Save modified ACL
}

Function Act-Object($key) {
    Write-Host "Changing permissions on $($key)..." -ForegroundColor Green
#Combine all actions on the current key
    TakeOwnership-Object $key $global:user
    Add-RuleItem $key $global:user $global:rights $global:propagationFlag $global:inheritanceFlag $global:rule
    ChangeInheritance-Object $key $global:disableInheritance $global:preserverInheritanceIfDisabled
}

Function GlobalAct-Object($keyPath) {
cls
foreach ($key in $(Get-ChildItem -Path $($global:prefix+$keyPath) -recurse)) {
#Browse each subkey and act on it
    Act-Object $key.Name $global:user
}
Act-Object $keyPath $global:user #Act on the parent key
}

GlobalAct-Object("HKEY_CLASSES_ROOT\somekey")

 

RegOwnershipEx

RegOwnershipEx

Allows you to take ownership and access of registry keys and/or jump to them direc

winaero.com/request.php?57

 

i already tried that, it doesn't take FULL ownership of a key and all subkeys, you still get access denied on many keys, the ps script does the job perfectly.

 

@RanCorX2 hi dude why you don't try NSudo maybe help what you desire

 

did you not see the script i posted? the matter is resolved, i search countless sites and tried various apps but nothing did what i wanted it to do.

 

You need to login to view this posts content.

 

You need to login to view this posts content.

 

@OP
Try to add 'solved' to your thread title for people visiting to know it has been resolved.

 

Same here, if you ever find a solution, how to do it via batch, please post it here, I could use it.

 

try the ps script i posted, you can also batch execute multiple scripts if you google that.

 

I can not use PS, I have it removed.

 

lol
And why did you removed it?
If you did for security reasons then there are third party solutions like anti-executables or AppGuard to protect that.
lol

 

You need to login to view this posts content.

 

@slave77 wow very good website and with usefull tools thanks for share I never see nothing about it before

 

I collect them in the last part of the Sysprep/Silent Installs... [REPO] (see sig).

 

You need to login to view this posts content.