标题: [注册表类] 跪求大神指点注册表权限的代码解释一下 [打印本页]
作者: 2000lg 时间: 2019-7-29 21:43 标题: 跪求大神指点注册表权限的代码解释一下
下面这个批处理是处理注册表权限的,功能是防止写入和删除。但是代码就完全看不懂了。
后面看着向一堆乱码的,求大神逐句详细解释一下,万分感谢- @echo off
- setlocal EnableDelayedExpansion
- set "SPPk=SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform"
- call :reg_takeownership "HKLM\%SPPk%\55c92734-d682-4d71-983e-d6ec3f16059f" S-1-5-32-544 "SetValue, Delete" Deny recursive
- pause
-
- :reg_takeownership 1:key[ex:"HKCU\Console"] 2:sid[def:S-1-5-32-544] 3:perm[def:FullControl] 4:allow[def:Allow] 4:rcsv[def:""]
- set "s10=$ErrorActionPreference='silentlycontinue'; $rcsv=($recursive -ne ''); $rk=$regkey -split '\\\\',2; $key=$rk[1];"
- set "s11=switch -regex ($rk[0]) { '[mM]'{$HK='LocalMachine'};'[uU]'{$HK='CurrentUser'}; default {$HK='ClassesRoot'}; }; $HK; $key;"
- set "s12=if($sid -eq ''){$sid='S-1-5-32-544'}; [System.Security.Principal.SecurityIdentifier]$own=$sid;"
- set "s13=$dll0='[DllImport(''ntdll.dll'')]public static extern int RtlAdjustPrivilege(ulong a,bool b,bool c,ref bool d);'; $ntdll="
- set "s14=Add-Type -Member $dll0 -Name NtDll -PassThru; foreach($i in @(9,17,18)){$null=$ntdll::RtlAdjustPrivilege($i,1,0,[ref]0)};"
- set "s15=function Reg_TakeOwnership { param($hive, $key, $own, $perm='FullControl', $allow='Allow', $rcsv=$false);"
- set "s16= $reg=[Microsoft.Win32.Registry]::$hive.OpenSubKey($key,'ReadWriteSubTree','TakeOwnership');$acl=$reg.GetAccessControl();"
- set "s17= $acl.SetOwner($own); $acl.SetAccessRuleProtection($false,$false); $reg.SetAccessControl($acl);"
- set "s18= $reg=$reg.OpenSubKey('','ReadWriteSubTree','ChangePermissions'); $rule=0,0; $x='Deny',$allow; for($i=0;$i -le 2;$i++){"
- set "s19= $rule[$i]=New-Object System.Security.AccessControl.RegistryAccessRule($own,$perm,'ContainerInherit','None',$x[$i])};"
- set "s20= $acl.RemoveAccessRuleSpecific($rule[0]);$acl.ResetAccessRule($rule[1]);$reg.SetAccessControl($acl);$acl|fl;"
- set "s21=} Reg_TakeOwnership $HK $key $own $perm $allow $true; if($rcsv){ $r=[Microsoft.Win32.Registry]::$HK.OpenSubKey($key);"
- set "s22= foreach($sk in $r.GetSubKeyNames()){$sk; try{ Reg_TakeOwnership $HK $($key+'\\'+$sk) $own $perm $allow }catch{} }}"
- setlocal & for /l %%# in (10,1,22) do call set "ps_RegTakeOwnership=%%ps_RegTakeOwnership%%%%s%%#:'=\"%%"
- powershell.exe -c " $regkey='%~1';$sid='%~2';$perm='%~3';$allow='%~4';$recursive='%~5'; %ps_RegTakeOwnership%;"
- endlocal & exit/b
复制代码
作者: Batcher 时间: 2019-7-29 22:12
要看懂后面的内容,你需要先学习一下 PowerShell
作者: 2000lg 时间: 2019-7-29 23:03
本帖最后由 2000lg 于 2019-7-29 23:13 编辑
要看懂后面的内容,你需要先学习一下 PowerShell
Batcher 发表于 2019-7-29 22:12
多谢前辈回复。
请问看懂这一段代码,需要学powershell哪些内容吗。能否给个参考,谢谢。现在一头雾水
或者大神能否翻译成批处理的代码。
作者: Batcher 时间: 2019-7-30 08:30
回复 3# 2000lg
挑一本你能看进去的学习一下吧
http://bbs.bathome.net/thread-26220-1-1.html
作者: 2000lg 时间: 2019-7-30 23:43
回复 4# Batcher
多谢
欢迎光临 批处理之家 (http://bbs.bathome.net/) |
Powered by Discuz! 7.2 |