转载:给注册表加权限的程序,用着效果还挺不错的,至少现在好多病毒在RING3下修改注册表都还没有考虑权限问题。
源地址: http://xue23.blog.163.com/blog/static/97934420068383532200/
http://download.csdn.net/source/1565196
- // RegSafe.cpp : Defines the entry point for the console application.
- //
- #include "stdafx.h"
- #include "conio.h"
- #include "RegSafe.h"
- #include <stdio.h>
- #include <Windows.h>
- #include <Aclapi.h>
- #ifdef _DEBUG
- #define new DEBUG_NEW
- #undef THIS_FILE
- static char THIS_FILE[] = __FILE__;
- #endif
- /
- // The one and only application object
- CWinApp theApp;
- using namespace std;
- int _tmain(int argc, TCHAR* argv[], TCHAR* envp[])
- {
- //程序起点
- printf("/t================================================/n");
- printf("/t= =/n");
- printf("/t= 设置注册表权限禁止病毒修改随机启动项 =/n");
- printf("/t= =/n");
- printf("/t================================================/n");
- printf("/t /n");
- start:
- printf("/t1 需要防止病毒修改注册表/n");
- printf("/t2 需要解除防止病毒修改注册表/n");
- printf("/t3 需要查看修改配置文件/n");
- printf("/t4 退出本程序/n");
- printf("/t /n");
- printf("请输入:");
- int nflag;
- scanf("%d",&nflag);
- system("cls");
- if(nflag==1)
- {
- ZhiDu();
- }
- else if(nflag==2)
- {
- WanQuan();
- }
- else if(nflag==3)
- {
- Reg();
- }
- else if(nflag==4)
- {
- return 0;
- }
- else
- {
- AfxMessageBox("错误的参数,按任意键程序退出!/n");
- return -1;
- }
- getchar();
- return 0;
- }
- void ZhiDu()
- {
- int nCount=GetPrivateProfileInt("nCount","nCount",-1,".//regedit.ini");
- if(nCount==-1)
- {
- AfxMessageBox("读取配置文件失败!/n请检查配置文件是否存在和按指定格式编写!!!");
- return ;
- }
- for(int i=0;i<nCount;i++)
- {
- char cCPath[255],cPath[300];
- CString strTmp;
- strTmp.Format("%d",i);
- GetPrivateProfileString(strTmp,"Value","",cPath,299,".//regedit.ini");
- if(cPath=="")
- {
- AfxMessageBox("读取配置文件失败!/n请检查配置文件是否存在和按指定格式编写!!!");
- return ;
- }
- if(strstr(cPath,(LPSTR)"HKEY_LOCAL_MACHINE"))
- {
- char cMain[25]="HKEY_LOCAL_MACHINE";
- for(int j=19,k=0;cPath[j]!='/0';j++)
- cCPath[k++]=cPath[j];
- cCPath[k]='/0';
- CString strTemp1,strTemp2;
- CString str1,str2,str3;
- strTemp1.Format("%s",cCPath);
- strTemp2="MACHINE//"+strTemp1;
- str1=strTemp1;
- str2=strTemp2;
- str3.Format("%s",cPath);
- SetZhiDu_M(str1,str2,str3);
- }
- else if(strstr(cPath,(LPSTR)"HKEY_CURRENT_USER"))
- {
- char cMain[25]="HKEY_CURRENT_USER";
- for(int j=18,k=0;cPath[j]!='/0';j++)
- cCPath[k++]=cPath[j];
- cCPath[k]='/0';
- CString strTemp1,strTemp2;
- CString str1,str2,str3;
- strTemp1.Format("%s",cCPath);
- strTemp2="CURRENT_USER//"+strTemp1;
- str1=strTemp1;
- str2=strTemp2;
- str3.Format("%s",cPath);
- SetZhiDu_U(str1,str2,str3);
- }
- }
- getchar();
- }
- void WanQuan()
- {
- int nCount=GetPrivateProfileInt("nCount","nCount",-1,".//regedit.ini");
- if(nCount==-1)
- {
- AfxMessageBox("读取配置文件失败!/n请检查配置文件是否存在和按指定格式编写!!!");
- return ;
- }
- for(int i=0;i<nCount;i++)
- {
- char cCPath[255],cPath[300];
- CString strTmp;
- strTmp.Format("%d",i);
- GetPrivateProfileString(strTmp,"Value","",cPath,299,".//regedit.ini");
- if(cPath=="")
- {
- AfxMessageBox("读取配置文件失败!/n请检查配置文件是否存在和按指定格式编写!!!");
- return ;
- }
- if(strstr(cPath,(LPSTR)"HKEY_LOCAL_MACHINE"))
- {
- char cMain[25]="HKEY_LOCAL_MACHINE";
- for(int j=19,k=0;cPath[j]!='/0';j++)
- cCPath[k++]=cPath[j];
- cCPath[k]='/0';
- CString strTemp1,strTemp2;
- CString str1,str2,str3;
- strTemp1.Format("%s",cCPath);
- strTemp2="MACHINE//"+strTemp1;
- str1=strTemp1;
- str2=strTemp2;
- str3.Format("%s",cPath);
- SetWanQuan_M(str1,str2,str3);
- }
- else if(strstr(cPath,(LPSTR)"HKEY_CURRENT_USER"))
- {
- char cMain[25]="HKEY_CURRENT_USER";
- for(int j=18,k=0;cPath[j]!='/0';j++)
- cCPath[k++]=cPath[j];
- cCPath[k]='/0';
- CString strTemp1,strTemp2;
- CString str1,str2,str3;
- strTemp1.Format("%s",cCPath);
- strTemp2="CURRENT_USER//"+strTemp1;
- str1=strTemp1;
- str2=strTemp2;
- str3.Format("%s",cPath);
- SetWanQuan_U(str1,str2,str3);
- }
- }
- getchar();
- }
- void SetZhiDu_M(CString str1,CString str2,CString str3)
- {
- DWORD dwRet;
- LPSTR SamName=(LPSTR)(LPCSTR)str2;
- //strcpy(SamName,str2);
- PSECURITY_DESCRIPTOR pSD=NULL;
- PACL pNewDacl=NULL;
- EXPLICIT_ACCESS ea;
- HKEY hKey=NULL;
- BOOL bflag=FALSE;
- dwRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE,str1,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- dwRet=RegCreateKey(HKEY_LOCAL_MACHINE,str1,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- }
- 创建一个ACE,允许Everyone完全控制对象,并允许子对象继承此权限
- ZeroMemory(&ea,sizeof(EXPLICIT_ACCESS));
- BuildExplicitAccessWithName(&ea,"everyone",KEY_ALL_ACCESS,SET_ACCESS,
- SUB_CONTAINERS_AND_OBJECTS_INHERIT);
- 将新的ACE加入DACL
- dwRet=SetEntriesInAcl(0,&ea,NULL,&pNewDacl);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 更新SAM主键的DACL
- dwRet=SetNamedSecurityInfo(SamName,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,
- NULL,NULL,pNewDacl,NULL);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 创建一个ACE,允许Everyone完全控制对象,并允许子对象继承此权限
- ZeroMemory(&ea,sizeof(EXPLICIT_ACCESS));
- BuildExplicitAccessWithName(&ea,"everyone",KEY_READ,SET_ACCESS,
- SUB_CONTAINERS_AND_OBJECTS_INHERIT);
- 将新的ACE加入DACL
- dwRet=SetEntriesInAcl(1,&ea,NULL,&pNewDacl);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 更新SAM主键的DACL
- dwRet=SetNamedSecurityInfo(SamName,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,
- NULL,NULL,pNewDacl,NULL);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- else
- {
- bflag=TRUE;
- }
- 打开SAM的子键
- dwRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE,str2,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- FreeAndExit:
- if(hKey) RegCloseKey(hKey);
- if(pNewDacl) LocalFree(pNewDacl);
- if(pSD) LocalFree(pSD);
- if(bflag==TRUE)
- printf("/tOK........%s/n",str3);
- else
- printf("/tERROR.....%s/n",str3);
- }
- void SetWanQuan_M(CString str1,CString str2,CString str3)
- {
- DWORD dwRet;
- LPSTR SamName=(LPSTR)(LPCSTR)str2;
- //strcpy(SamName,str2);
- PSECURITY_DESCRIPTOR pSD=NULL;
- PACL pNewDacl=NULL;
- EXPLICIT_ACCESS ea;
- HKEY hKey=NULL;
- BOOL bflag=FALSE;
- dwRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE,str1,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- dwRet=RegCreateKey(HKEY_LOCAL_MACHINE,str1,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- }
- 创建一个ACE,允许Everyone完全控制对象,并允许子对象继承此权限
- ZeroMemory(&ea,sizeof(EXPLICIT_ACCESS));
- BuildExplicitAccessWithName(&ea,"everyone",KEY_ALL_ACCESS,SET_ACCESS,
- SUB_CONTAINERS_AND_OBJECTS_INHERIT);
- 将新的ACE加入DACL
- dwRet=SetEntriesInAcl(1,&ea,NULL,&pNewDacl);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 更新SAM主键的DACL
- dwRet=SetNamedSecurityInfo(SamName,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,
- NULL,NULL,pNewDacl,NULL);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- else
- {
- bflag=TRUE;
- }
- 打开SAM的子键
- dwRet=RegOpenKeyEx(HKEY_LOCAL_MACHINE,str2,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- FreeAndExit:
- if(hKey) RegCloseKey(hKey);
- if(pNewDacl) LocalFree(pNewDacl);
- if(pSD) LocalFree(pSD);
- if(bflag==TRUE)
- printf("/tOK........%s/n",str3);
- else
- printf("/tERROR.....%s/n",str3);
- }
- void SetZhiDu_U(CString str1,CString str2,CString str3)
- {
- DWORD dwRet;
- LPSTR SamName=(LPSTR)(LPCSTR)str2;
- //strcpy(SamName,str2);
- PSECURITY_DESCRIPTOR pSD=NULL;
- PACL pNewDacl=NULL;
- EXPLICIT_ACCESS ea;
- HKEY hKey=NULL;
- BOOL bflag=FALSE;
- dwRet=RegOpenKeyEx(HKEY_CURRENT_USER,str1,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- dwRet=RegCreateKey(HKEY_CURRENT_USER,str1,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- }
- 创建一个ACE,允许Everyone完全控制对象,并允许子对象继承此权限
- ZeroMemory(&ea,sizeof(EXPLICIT_ACCESS));
- BuildExplicitAccessWithName(&ea,"everyone",KEY_ALL_ACCESS,SET_ACCESS,
- SUB_CONTAINERS_AND_OBJECTS_INHERIT);
- 将新的ACE加入DACL
- dwRet=SetEntriesInAcl(0,&ea,NULL,&pNewDacl);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 更新SAM主键的DACL
- dwRet=SetNamedSecurityInfo(SamName,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,
- NULL,NULL,pNewDacl,NULL);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 创建一个ACE,允许Everyone完全控制对象,并允许子对象继承此权限
- ZeroMemory(&ea,sizeof(EXPLICIT_ACCESS));
- BuildExplicitAccessWithName(&ea,"everyone",KEY_READ,SET_ACCESS,
- SUB_CONTAINERS_AND_OBJECTS_INHERIT);
- 将新的ACE加入DACL
- dwRet=SetEntriesInAcl(1,&ea,NULL,&pNewDacl);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 更新SAM主键的DACL
- dwRet=SetNamedSecurityInfo(SamName,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,
- NULL,NULL,pNewDacl,NULL);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- else
- {
- bflag=TRUE;
- }
- 打开SAM的子键
- dwRet=RegOpenKeyEx(HKEY_CURRENT_USER,str2,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- FreeAndExit:
- if(hKey) RegCloseKey(hKey);
- if(pNewDacl) LocalFree(pNewDacl);
- if(pSD) LocalFree(pSD);
- if(bflag==TRUE)
- printf("/tOK........%s/n",str3);
- else
- printf("/tERROR.....%s/n",str3);
- }
- void SetWanQuan_U(CString str1,CString str2,CString str3)
- {
- DWORD dwRet;
- LPSTR SamName=(LPSTR)(LPCSTR)str2;
- //strcpy(SamName,str2);
- PSECURITY_DESCRIPTOR pSD=NULL;
- PACL pNewDacl=NULL;
- EXPLICIT_ACCESS ea;
- HKEY hKey=NULL;
- BOOL bflag=FALSE;
- dwRet=RegOpenKeyEx(HKEY_CURRENT_USER,str1,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- dwRet=RegCreateKey(HKEY_CURRENT_USER,str1,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- }
- 创建一个ACE,允许Everyone完全控制对象,并允许子对象继承此权限
- ZeroMemory(&ea,sizeof(EXPLICIT_ACCESS));
- BuildExplicitAccessWithName(&ea,"everyone",KEY_ALL_ACCESS,SET_ACCESS,
- SUB_CONTAINERS_AND_OBJECTS_INHERIT);
- 将新的ACE加入DACL
- dwRet=SetEntriesInAcl(1,&ea,NULL,&pNewDacl);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- 更新SAM主键的DACL
- dwRet=SetNamedSecurityInfo(SamName,SE_REGISTRY_KEY,DACL_SECURITY_INFORMATION,
- NULL,NULL,pNewDacl,NULL);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- else
- {
- bflag=TRUE;
- }
- 打开SAM的子键
- dwRet=RegOpenKeyEx(HKEY_CURRENT_USER,str2,
- 0,KEY_READ,&hKey);
- if(dwRet!=ERROR_SUCCESS)
- {
- goto FreeAndExit;
- }
- FreeAndExit:
- if(hKey) RegCloseKey(hKey);
- if(pNewDacl) LocalFree(pNewDacl);
- if(pSD) LocalFree(pSD);
- if(bflag==TRUE)
- printf("/tOK........%s/n",str3);
- else
- printf("/tERROR.....%s/n",str3);
- }
- void Reg()
- {
- printf("/n/t1 列出配置文件/n");
- printf("/t2 添加配置单元/n");
- printf("/t3 删除配置单元/n");
- printf("/t4 退出编辑/n");
- printf("请输入:");
- int n=0;
- scanf("%d",&n);
- if(n==1)
- {
- ListAll();
- Reg();
- }
- else if(n==2)
- {
- Add();
- Reg();
- }
- else if(n==3)
- {
- int nCount,nIndex=-1;
- nCount=GetPrivateProfileInt("nCount","nCount",-1,".//regedit.ini");
- printf("/n请输入你要删除的选项:");
- scanf("%d",&nIndex);
- if(nIndex<nCount&&nIndex>-1)
- Del(nIndex);
- else
- {
- printf("输入错误/n");
- }
- Reg();
- }
- else if(n==4)
- {
- return ;
- }
- else
- {
- AfxMessageBox("错误的参数,按任意键返回!/n");
- return ;
- }
- }
- void ListAll()
- {
- int nCount=0;
- nCount=GetPrivateProfileInt("nCount","nCount",0,".//regedit.ini");
- printf("/n");
- for(int i=0;i<nCount;i++)
- {
- CString strTemp;
- char strValue[256];
- strTemp.Format("%d",i);
- GetPrivateProfileString(strTemp,"Value","",strValue,255,".//regedit.ini");
- printf("%d/t%s/n",i,strValue);
- }
- }
- void Add()
- {
- CString strTemp1,strTemp2,strValue;
- int nCount=0;
- printf("请输入你要添加的注册表全路径:");
- scanf("%s",strValue);
- nCount=GetPrivateProfileInt("nCount","nCount",0,".//regedit.ini");
- strTemp1.Format("%d",nCount);
- strTemp2.Format("%d",nCount+1);
- WritePrivateProfileString("nCount","nCount",strTemp2,".//regedit.ini");
- WritePrivateProfileString(strTemp1,"Value",(LPCSTR)strValue,".//regedit.ini");
- ListAll();
- }
- void Del(int nIndex)
- {
- int nCount=0;
- nCount=GetPrivateProfileInt("nCount","nCount",0,".//regedit.ini");
- if(0==nCount)
- return;
- CString strTemp;
- strTemp.Format("%d",nCount-1);
- WritePrivateProfileString("nCount","nCount",strTemp,".//regedit.ini");
- for(int i=nIndex;i<nCount;i++)
- {
- CString strTemp1,strTemp2;
- char strValue[256];
- strTemp1.Format("%d",i);
- strTemp2.Format("%d",i+1);
- GetPrivateProfileString(strTemp2,"Value","",strValue,255,".//regedit.ini");
- WritePrivateProfileString(strTemp1,"Value",strValue,".//regedit.ini");
- }
- ListAll();
- }
配置文件regedit.ini格式
- [nCount]
- nCount=9
- [0]
- Value=HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run
- [1]
- Value=HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run
- [2]
- Value=HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/Explorer/Run
- [3]
- Value=HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/Explorer/Run
- [4]
- Value=HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/RunOnce
- [5]
- Value=HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/RunOnce
- [6]
- Value=HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/RunServices
- [7]
- Value=HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/ShellExecuteHooks
- [8]
- Value=HKEY_LOCAL_MACHINE/Software/Microsoft/Windows NT/CurrentVersion/Windows