gpt4 book ai didi

c - 使用 NtCreateKey/NtOpenKey 获取 key 句柄

转载 作者:行者123 更新时间:2023-12-02 20:39:47 26 4
gpt4 key购买 nike

目的

我正在尝试创建一个函数,该函数将在 HKCU 注册表配置单元中创建给定的子项,或者打开该子项(如果它已存在),然后返回 TRUE。

注释

RegSidPath表示完全限定的HKCU注册表路径,并附加一个用户SID,例如\\Registry\\User\\S-1- 5-20-xxxxxx-xxxxxx-xxxxxxxx-1050

KeyToCreate代表特定的注册表路径,例如\\Software\\MyCompany\\MySoftware\\MySubKey

代码

我有以下功能:

BOOL CreateHKCUKey(PWCHAR RegSidPath, PWCHAR KeyToCreate) {

UNICODE_STRING uString;
RtlInitUnicodeString(&uString, RegSidPath);

OBJECT_ATTRIBUTES ObjAttributes;
InitializeObjectAttributes(&ObjAttributes, &uString, OBJ_CASE_INSENSITIVE, 0, 0);

HANDLE BaseKeyHandle = NULL;
NTSTATUS Status = NtOpenKey(&BaseKeyHandle, KEY_CREATE_SUB_KEY, &ObjAttributes);
if (NT_SUCCESS(Status) && Status != STATUS_OBJECT_NAME_NOT_FOUND) {

UNICODE_STRING KeyString = { 0 };
do {
PWCHAR NextSubKey = StrStrW((KeyString.Length == 0 ? KeyToCreate : KeyString.Buffer) + 1, L"\\");
DWORD CurrentKeyLength = lstrlenW(KeyToCreate) - lstrlenW(NextSubKey);
PWCHAR CurrentSubKey = PWCHAR(GlobalAlloc(GPTR, CurrentKeyLength + sizeof(WCHAR)));
if (CurrentSubKey != ERROR) {
memcpy(CurrentSubKey, KeyToCreate, CurrentKeyLength * sizeof(WCHAR));
CurrentSubKey[CurrentKeyLength] = UNICODE_NULL;

RtlInitUnicodeString(&KeyString, CurrentSubKey);

OBJECT_ATTRIBUTES KeyAttributes;
InitializeObjectAttributes(&KeyAttributes, &KeyString, OBJ_CASE_INSENSITIVE, &BaseKeyHandle, 0);

HANDLE CurrentHiveEntry = NULL;
Status = NtOpenKey(&CurrentHiveEntry, KEY_CREATE_SUB_KEY, &KeyAttributes);
if (RtlNtStatusToDosError(Status) == ERROR_BAD_PATHNAME) {
InitializeObjectAttributes(&KeyAttributes, &KeyString, OBJ_CASE_INSENSITIVE, &CurrentHiveEntry, 0);

DWORD DefaultDisposition;
Status = NtCreateKey(&CurrentHiveEntry, KEY_CREATE_SUB_KEY, &KeyAttributes, 0, NULL, REG_OPTION_NON_VOLATILE, &DefaultDisposition);
if (NT_SUCCESS(Status)) {
if (StrCmpNW(KeyString.Buffer + uString.Length, KeyString.Buffer, lstrlenW(KeyToCreate) == 0))
return TRUE;
else continue;
} else break;
} else break;
BaseKeyHandle = CurrentHiveEntry;
}
} while (TRUE);
}
NtClose(BaseKeyHandle);
return FALSE;
}

问题

每当代码到达函数的这一部分时

Status = NtOpenKey(&CurrentHiveEntry, KEY_CREATE_SUB_KEY, &KeyAttributes);
if (RtlNtStatusToDosError(Status) == ERROR_BAD_PATHNAME) {

即使当前子项已存在,返回值也始终为ERROR_BAD_PATHNAME (161)

问题

这是什么原因,我做错了什么?我所做的事情是否有任何不正确的地方,如何解决?

最佳答案

NTSTATUS CreateKey(PHANDLE KeyHandle, ACCESS_MASK DesiredAccess, PWCHAR RegSidPath, PWCHAR KeyToCreate, PULONG Disposition) 
{
UNICODE_STRING ObjectName;
RtlInitUnicodeString(&ObjectName, RegSidPath);

OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, &ObjectName ,OBJ_CASE_INSENSITIVE };

NTSTATUS status = ZwOpenKey(&oa.RootDirectory, KEY_CREATE_SUB_KEY, &oa);

if (0 <= status)
{
ObjectName.Buffer = KeyToCreate;

do
{
ACCESS_MASK Access;

if (KeyToCreate = wcschr(++ObjectName.Buffer, '\\'))
{
ObjectName.Length = (USHORT)RtlPointerToOffset(ObjectName.Buffer, KeyToCreate);
Access = KEY_CREATE_SUB_KEY;
}
else
{
ObjectName.Length = (USHORT)wcslen(ObjectName.Buffer) * sizeof(WCHAR);
Access = DesiredAccess;
}

ObjectName.MaximumLength = ObjectName.Length;

status = ZwCreateKey(KeyHandle, Access, &oa, 0, 0, 0, Disposition);

NtClose(oa.RootDirectory);

oa.RootDirectory = *KeyHandle;

} while (0 <= status && (ObjectName.Buffer = KeyToCreate));
}

return status;
}

并用作

  HANDLE hKey;
NTSTATUS status = CreateKey(&hKey, KEY_ALL_ACCESS,
L"\\REGISTRY\\USER\\S-***",
L"\\Software\\MyCompany\\MySoftware\\MySubKey", 0);

关于c - 使用 NtCreateKey/NtOpenKey 获取 key 句柄,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46229461/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com