> Winbuilder problems with UAC
booty#1
post Aug 27 2007, 01:44 PM
Post #1


Advanced Member
***

Group: .script developer
Posts: 182
Joined: 30-March 07
Member No.: 4,830


Germany


QUOTE(Nuno Brito @ Aug 27 2007, 02:51 PM) *
Can you load registry hives under user permissions? huh.gif

That is a good argument - the answer is no.

QUOTE(Nuno Brito @ Aug 27 2007, 02:51 PM) *
It is possible to bypass all security permissions on registry keys when you read them in raw mode - and I guess this is possible even under the guest account.

But not from within a running Windows.

QUOTE(Nuno Brito @ Aug 27 2007, 02:51 PM) *
btw: noticed your latest scripts - excellent work! thumbsup.gif

Thanks - they can only be good because WinBuilder allows them to be good wink.gif

booty#1

EDIT by jaclaz:
This thread was splitted from here:
http://www.boot-land.net/forums/index.php?...ic=2940&hl=


--------------------
WinBuilder scripts, tools & stuff by booty#1
Go to the top of the page
 
+Quote Post
Digg this topic Add to my del.icio.us  
Start new topic
Replies (1 - 4)
smiley
post Aug 27 2007, 01:50 PM
Post #2


Advanced Member
***

Group: .script developer
Posts: 1,011
Joined: 11-August 06
Member No.: 149


Greece


QUOTE
Can you load registry hives under user permissions? huh.gif

Well, the ansuer is yes!
When microsoft introduced UAC, they added a new api call named RegLoadAppKey which can load a key in the registry with UAC enabled. See here: http://msdn2.microsoft.com/en-us/library/ms724886.aspx
Warning: this function exists only in vista

I suggest you, to make winbuilder use RegLoadKey and if it is run under vista it should use RegLoadAppKey.


--------------------
www.ReactOS.org - ReactOS, the free Windows-compatible Operating System
Go to the top of the page
 
+Quote Post
Nuno Brito
post Aug 27 2007, 07:07 PM
Post #3


Advanced Member
***

Group: .script developer
Posts: 4,142
Joined: 13-July 06
From: Azores
Member No.: 1


Portugal


QUOTE(smiley @ Aug 27 2007, 01:50 PM) *
I agree with booty#1 that winbuilder's operations should be able to work with user privileges whenever posiible.
Well, the ansuer is yes!
When microsoft introduced UAC, they added a new api call named RegLoadAppKey which can load a key in the registry with UAC enabled. See here: http://msdn2.microsoft.com/en-us/library/ms724886.aspx
Warning: this function exists only in vista

I suggest you, to make winbuilder use RegLoadKey and if it is run under vista it should use RegLoadAppKey.


Thank you - this is something new and I'll look into it as soon as I get back home.

Will it load our traditional setupreg.hiv files? huh.gif

--------------------------

The registry hives are loaded to a specific kernel memory area - I'm not sure how restricted is the access to this specific memory section but I remember reading some notes from russinovich where he mentions some of his tests.

It seems that hive files are loaded to memory and written back every 2 seconds whenever some of his hive sectors are marked as "dirty".

These details are better provided on a systernals guide. You can find the link on the raw registry discussion topic at the windows sub-forum here on boot-land.

So, from this idea, you can *likely* scan the memory area to find where the registry is placed and from this location read the needed key values.

Since we're just reading data it should be a quite safe process but I can only confirm this method in action once I get back to work and have some time to test it properly.

------------------------------------------------

btw: Are we really going to have a wb that doesn't work on sundays? huh.gif

How about limiting the daily use of each project to around 10 minutes per day? (my wife would surely like this one.. wink.gif )

cheers.gif


--------------------
Use the search tool to find all posts made by other members and help you solve any doubts quickly by yourself.
Whenever possible - place your questions including as many details as you can to help us help you - Thanks!

nuno? --> pics
Go to the top of the page
 
+Quote Post
smiley
post Aug 27 2007, 07:52 PM
Post #4


Advanced Member
***

Group: .script developer
Posts: 1,011
Joined: 11-August 06
Member No.: 149


Greece


@Nuno:

Nuno, RegLoadAppKey works *almost* in the same way as RegLoadKey (the only difference is that RegLoadAppKey returns a root key handle, whereas RegLoadKey lets you mount the hive under an existing root key)
You don't need to try to write in kernel memory. Usual registry operations will work.


--------------------
www.ReactOS.org - ReactOS, the free Windows-compatible Operating System
Go to the top of the page
 
+Quote Post
smiley
post Aug 29 2007, 04:33 PM
Post #5


Advanced Member
***

Group: .script developer
Posts: 1,011
Joined: 11-August 06
Member No.: 149


Greece


Bump!


--------------------
www.ReactOS.org - ReactOS, the free Windows-compatible Operating System
Go to the top of the page
 
+Quote Post
« Next Oldest · Suggestions and Requests · Next Newest »
 

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

Collapse

> Similar Topics

  Topic Replies Topic Starter Views Last Action
No New Posts Goto last unread WinBuilder Caption
3 psc 50 Today, 11:20 AM
Last post by: Nuno Brito
No New Posts Winbuilder Licensing
8 rt10k 223 4th October 2007 - 07:50 AM
Last post by: Alexei
No New Posts Winbuilder and user account restrictions
13 psc 608 29th August 2007 - 05:11 PM
Last post by: smiley
No New Posts Problems to get VistaPE working :-(
5 Surfy 452 29th July 2007 - 02:50 PM
Last post by: Surfy
No New Posts WINBUILDER
WINBUILDER
1 LAURELADA 986 27th July 2007 - 11:26 PM
Last post by: Giloz


 

Display Mode: Switch to: Standard · Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

- Lo-Fi Version Time is now: 10th October 2007 - 06:09 PM

MKPortal ©2003-2006 mkportal.it