#include <Windows.h>
#include <..\ndk\ntndk.h>
#include "global.h"
NTSTATUS openKeyAllAccess(PHANDLE pKeyHandle, PUNICODE_STRING pFullKeyPath) {
OBJECT_ATTRIBUTES keyAttr;
ULONG privsToEnable[] = { SE_BACKUP_PRIVILEGE, SE_RESTORE_PRIVILEGE };
BOOLEAN oldPrivState[sizeof(privsToEnable) / sizeof(ULONG)] = { 0 };
NTSTATUS status = STATUS_NOT_ALLOWED_ON_SYSTEM_FILE;
if (!pKeyHandle || !pFullKeyPath)
return STATUS_INVALID_PARAMETER;
for (ULONG i = 0; i < sizeof(privsToEnable) / sizeof(ULONG); i++) {
status = RtlAdjustPrivilege(privsToEnable[i], TRUE, FALSE, &oldPrivState[i]);
if (status) {
for (i = 0; i < sizeof(privsToEnable) / sizeof(ULONG); i++)
RtlAdjustPrivilege(privsToEnable[i], oldPrivState[i], FALSE, &oldPrivState[i]);
*pKeyHandle = NULL;
return status;
}
}
InitializeObjectAttributes(&keyAttr, pFullKeyPath, OBJ_CASE_INSENSITIVE, NULL, NULL);
status = NtOpenKeyEx(pKeyHandle, KEY_ALL_ACCESS, &keyAttr, REG_OPTION_BACKUP_RESTORE);
if (status)
*pKeyHandle = NULL;
for (ULONG i = 0; i < sizeof(privsToEnable) / sizeof(ULONG); i++)
RtlAdjustPrivilege(privsToEnable[i], oldPrivState[i], FALSE, &oldPrivState[i]);
return status;
}
void mymain(void){
UNICODE_STRING uKeyFullName;
NTSTATUS status = STATUS_NOT_ALLOWED_ON_SYSTEM_FILE;
HANDLE hTestKey = INVALID_HANDLE_VALUE;
RtlInitUnicodeString(&uKeyFullName, L"\\Registry\\Machine\\SECURITY\\Policy");
status = openKeyAllAccess(&hTestKey, &uKeyFullName);
NtRaiseHardError(status, 0, 0, NULL, 0, (PULONG)&status);
}
NTSTATUS openKeyAllAccess(PHANDLE pKeyHandle, PUNICODE_STRING pFullKeyPath) {
OBJECT_ATTRIBUTES keyAttr;
ULONG privsToEnable[] = { SE_BACKUP_PRIVILEGE, SE_RESTORE_PRIVILEGE };
BOOLEAN oldPrivState[sizeof(privsToEnable) / sizeof(ULONG)] = { 0 };
NTSTATUS status = STATUS_NOT_ALLOWED_ON_SYSTEM_FILE;
if (!pKeyHandle || !pFullKeyPath)
return STATUS_INVALID_PARAMETER;
for (ULONG i = 0; i < sizeof(privsToEnable) / sizeof(ULONG); i++) {
status = RtlAdjustPrivilege(privsToEnable[i], TRUE, FALSE, &oldPrivState[i]);
if (status) {
for (i = 0; i < sizeof(privsToEnable) / sizeof(ULONG); i++)
RtlAdjustPrivilege(privsToEnable[i], oldPrivState[i], FALSE, &oldPrivState[i]);
*pKeyHandle = NULL;
return status;
}
}
InitializeObjectAttributes(&keyAttr, pFullKeyPath, OBJ_CASE_INSENSITIVE, NULL, NULL);
status = NtOpenKeyEx(pKeyHandle, KEY_ALL_ACCESS, &keyAttr, REG_OPTION_BACKUP_RESTORE);
if (status)
*pKeyHandle = NULL;
for (ULONG i = 0; i < sizeof(privsToEnable) / sizeof(ULONG); i++)
RtlAdjustPrivilege(privsToEnable[i], oldPrivState[i], FALSE, &oldPrivState[i]);
return status;
}
void mymain(void){
UNICODE_STRING uKeyFullName;
NTSTATUS status = STATUS_NOT_ALLOWED_ON_SYSTEM_FILE;
HANDLE hTestKey = INVALID_HANDLE_VALUE;
RtlInitUnicodeString(&uKeyFullName, L"\\Registry\\Machine\\SECURITY\\Policy");
status = openKeyAllAccess(&hTestKey, &uKeyFullName);
NtRaiseHardError(status, 0, 0, NULL, 0, (PULONG)&status);
}