如何解码 REG_BINARY 值 HKLM\Software\Microsoft\Ole\DefaultLaunchPermission 以查看哪些用户拥有权限？

发布于 2024-07-18 04:49:00 字数 1195 浏览 6 评论 0原文

我正在尝试找到一种方法来解码“HKLM\Software\Microsoft\Ole\DefaultLaunchPermission”的 REG_BINARY 值，以查看默认情况下哪些用户具有权限，如果可能的话，我可以找到一种方法还可以通过用户名附加其他用户。

在工作中，我们使用 DCOM，在大多数情况下，我们总是授予相同的用户权限，但在某些情况下，我们被迫适应我们的客户并添加自定义用户/组以满足他们的需求。不幸的是，我们需要添加的自定义用户是随机用户名，因此我无法像我对 95% 的时间使用的默认用户所做的那样，仅添加所有用户并从密钥复制值。

我目前正在开发一个命令行可执行应用程序，其中有一个命令可以为预定义用户设置权限，但我还希望能够添加一个选项来附加自定义用户以添加到默认权限以及我们预定义的默认用户列表。

目前，要使用我的应用程序设置默认用户列表，我只需键入：

MyTool.exe Policies

但我希望能够使其更详细一点，更接近 NET 命令的使用方式Windows 用户，类似于：

MyTool.exe Policies /ADD:"MyCustomUsername"

问题是存储在 REG_BINARY 值中的数据似乎不容易解码。我能够在 python 中解码十六进制部分，但我留下了某种二进制数据，我不知道该怎么处理，因为我什至不知道首先使用了哪种编码知道用什么来解码它。：P

我已经做了相当多的谷歌搜索，但我认为我缺乏对这个主题的术语的理解可能导致我忽略了答案，而没有认识到它是什么。

我想我的第一个真正的问题必须是上面的密钥在从十六进制解码后使用哪种编码？

或者更好的是，是否可以以编程方式获取/修改键的值，以便我可以获得当前设置的用户列表，并在必要时附加其他用户/组？

如果可能的话，我更愿意严格使用 Python（或 WMI/WMIC）编写此应用程序，但如果有必要，我可以尝试在我的 python 应用程序中实现其他类型的代码（如果这意味着最终完成工作）！我想值得一提的是，该应用程序主要用于 Windows XP Professional 和大多数 Windows Server 版本，因此我不担心是否有任何可能的解决方案与早期 Windows 操作系统版本不兼容。

任何帮助、代码或一些简单的帮助来熟悉这个主题，我们将非常感激！

预先感谢您提供的任何帮助！：D

原文

I am trying to find a way to decode the REG_BINARY value for "HKLM\Software\Microsoft\Ole\DefaultLaunchPermission" to see which users have permissions by default, and if possible, a method in which I can also append other users by their username.

At work we make use of DCOM and for the most part we always give the same users permission but in some cases we are forced to accommodate our clients and add custom users/groups to suit their needs. Unfortunately the custom users we need to add are random usernames so I am unable to just add all the users and copy the value from the key like I have done with the default users we use 95% of the time.

I am currently working on a command-line executable application where I have a command to set permissions for pre-defined users but I would also like to be able to add an option to append a custom user(s) to add to the default permission along with our predefined default users list.

Currently, to set the default users list with my application I would just type:

MyTool.exe Policies

But I would like to be able to make it a bit more verbose, closer to how NET command is used for windows users, something like:

MyTool.exe Policies /ADD:"MyCustomUsername"

The problem is that the data stored in the REG_BINARY value doesn't seem to be easily decoded. I was able to decode the hex portion in python but I am left with some sort of binary data which I don't have a clue what to do with as I don't even know what kind of encoding was used in the first place to know what to use to decode it. :P

I have done quite a bit of googling but I think my lack of understanding the terminology around this topic has probably caused me to overlook the answer without recognizing it for what it is.

I guess my first real question would have to be what kind of encoding is used for the above key after it has been decoded from hex?

Or better yet, is it even possible to obtain/modify the key's value programmatically so that I can obtain a list of the users that are currently set, and if necessary, append additional users/groups?

I would prefer to keep this application written strictly in Python if possible (or WMI/WMIC), but if necessary I can attempt to implement other types of code into my python application if it means getting the job finally done! I guess it would also be useful to mention that this application is primarily used on Windows XP Professional and most Windows Server versions so I am not worried if any possible solution will not be compatible with earlier Windows OS version(s).

Any assistance, code or just some simple help with getting familiar with this topic, would be GREATLY appreciated!

Thanks in advance for any help you can provide!! :D

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

傲世九天 2024-07-25 04:49:00

在安装由 .NET 服务托管的 COM 服务器时，我们遇到了类似的问题，即我们希望以编程方式更改安装逻辑中的 COM ACL。我想您会发现它只是一个二进制 ACL 格式，您可以使用以下类在 .NET 中进行操作：

System.Security.AccessControl.CommonSecurityDescriptor

很抱歉，我无法帮助您获得 Python 解决方案，但如果您背水一战，您可以管理 . NET，一些示例代码如下所示：

int launchMask = (int) (COM_RIGHTS.EXECUTE | COM_RIGHTS.EXECUTE_LOCAL | COM_RIGHTS.ACTIVATE_LOCAL);

SecurityIdentifier sidAdmins = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
SecurityIdentifier sidInteractive = new SecurityIdentifier(WellKnownSidType.InteractiveSid, null);

DiscretionaryAcl launchAcl = new DiscretionaryAcl(false, false, 3);
launchAcl.AddAccess(AccessControlType.Allow, sidAdmins, launchMask, InheritanceFlags.None, PropagationFlags.None);
launchAcl.AddAccess(AccessControlType.Allow, sidInteractive, launchMask, InheritanceFlags.None, PropagationFlags.None);

CommonSecurityDescriptor launchSD = new CommonSecurityDescriptor(false,
                                                                    false,
                                                                    ControlFlags.DiscretionaryAclPresent | ControlFlags.SelfRelative,
                                                                    sidAdmins,
                                                                    sidAdmins,
                                                                    null,
                                                                    launchAcl);


byte[] launchPermission = new byte[launchSD.BinaryLength];
launchSD.GetBinaryForm(launchPermission, 0);

然后，您获取启动权限字节数组并将其写入注册表。如果 .NET 不熟悉，您至少可以看看 .NET 类如何工作并了解它们使用哪些 win32 函数。您可以使用 reflector 工具查看相关程序集，或者使用 MSFT 实际上发布.NET 源。

We came across similar issues when installing a COM server that was hosted by our .NET service, i.e. we wanted to programmatically alter the the COM ACLs in our install logic. I think you'll find that it's just a binary ACL format that you can manipulate in .NET using the class:

System.Security.AccessControl.CommonSecurityDescriptor

So sorry I can't help you in getting a Python solution, but if your back is to the wall and you can manage .NET, some sample code would look like:

int launchMask = (int) (COM_RIGHTS.EXECUTE | COM_RIGHTS.EXECUTE_LOCAL | COM_RIGHTS.ACTIVATE_LOCAL);

SecurityIdentifier sidAdmins = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
SecurityIdentifier sidInteractive = new SecurityIdentifier(WellKnownSidType.InteractiveSid, null);

DiscretionaryAcl launchAcl = new DiscretionaryAcl(false, false, 3);
launchAcl.AddAccess(AccessControlType.Allow, sidAdmins, launchMask, InheritanceFlags.None, PropagationFlags.None);
launchAcl.AddAccess(AccessControlType.Allow, sidInteractive, launchMask, InheritanceFlags.None, PropagationFlags.None);

CommonSecurityDescriptor launchSD = new CommonSecurityDescriptor(false,
                                                                    false,
                                                                    ControlFlags.DiscretionaryAclPresent | ControlFlags.SelfRelative,
                                                                    sidAdmins,
                                                                    sidAdmins,
                                                                    null,
                                                                    launchAcl);


byte[] launchPermission = new byte[launchSD.BinaryLength];
launchSD.GetBinaryForm(launchPermission, 0);

You then take the launch permission byte array and write it to the registry. If .NET is a non-starter you can at least have a look at how the .NET classes work and see what win32 functions they use. You can either use the reflector tool to look at the relevant assembly, or MSFT actually publish the .NET source.

回复收藏 0 原文