New Topic/Question
Reply
I've read the rules, and I realize that I have to post some code so I can be returned with a "good version" of it concerning my problems. I truly agree with this rule.
I am developing a VB.NET application that is supposed to block the computer until the subject entered the correct password. It's not any malware or any kind of mean application, at least in my view, and it's only for me and a friend of mine whose youngest brother keeps changing things in his pc when he is not home.
My application works well, it is fullscreen and keeps the property TopMost true and blocks mouse input. But then there's a problem, where the subject could bring up the Windows Security Screen by pressing CTRL+ALT+DEL, open Task Manager and kill the process, so it would defeat the whole purpose of the application. So my application, changes some registry keys that disable the various options you can select in the Windows Security Screen.
Apart from that, everything works well, except that when I tested in my virtual machine that I use to test my applications, which gave me an error that I couldn't change registry key permissions. So I double-checked only to find out I was not the owner of the registry key, so I had to put myself owner manually and then it worked. The problem is that I need a way to do it programmatically, because applications cannot change the registry values if they don't have permission and they can't change the permissions if their owner is not the current user. I have researched for hours and haven't found anything about changing a registry key's owner, so I registered here to see if I could get some help.
Here's the code I am using:
Private Declare Sub AdjustTokenPrivileges Lib "advapi32.dll" (ByVal TokenHandle As System.IntPtr, ByVal DisableAllPrivileges As Boolean, ByRef NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Integer, ByVal PreviousState As System.IntPtr, ByVal ReturnLength As System.IntPtr)
Private Declare Sub LookupAccountNameA Lib "advapi32.dll" (ByVal lpSystemName As String, ByVal lpAccountName As String, ByVal Sid As System.IntPtr, ByRef cbSid As Integer, ByVal lpReferencedDomainName As String, ByRef cchReferencedDomainName As Integer, ByRef peUse As Integer)
Private Declare Sub SetNamedSecurityInfoA Lib "advapi32.dll" (ByVal pObjectName As String, ByVal ObjectType As Integer, ByVal SecurityInfo As Integer, ByVal psidOwner As System.IntPtr, ByVal psidGroup As System.IntPtr, ByVal pDacl As System.IntPtr, ByVal pSacl As System.IntPtr)
<System.Runtime.InteropServices.StructLayout(System.Runtime.InteropServices.LayoutKind.Sequential, Pack:=4)>
Private Structure LUID_AND_ATTRIBUTES
Dim luid As Integer
Dim attributes As Integer
End Structure
<System.Runtime.InteropServices.StructLayout(System.Runtime.InteropServices.LayoutKind.Sequential, Pack:=4)>
Private Structure TOKEN_PRIVILEGES
Dim privilegeCount As Integer
Dim privilege1 As LUID_AND_ATTRIBUTES
Dim privilege2 As LUID_AND_ATTRIBUTES
End Structure
Dim pNewOwner As System.IntPtr = System.Runtime.InteropServices.Marshal.AllocHGlobal(32)
Private Sub Apply_Registry_Fixes()
Dim tp As New TOKEN_PRIVILEGES
tp.privilegeCount = 2
tp.privilege1.luid = 9 'SE_RESTORE_PRIVILEGE
tp.privilege1.attributes = 2
tp.privilege2.luid = 18 'SE_TAKEOWNERSHIP_PRIVILEGE
tp.privilege2.attributes = 2
Dim hToken As System.IntPtr = System.Security.Principal.WindowsIdentity.GetCurrent(System.Security.Principal.TokenAccessLevels.AdjustPrivileges Or System.Security.Principal.TokenAccessLevels.Query).Token
AdjustTokenPrivileges(hToken, Nothing, tp, Nothing, Nothing, Nothing)
LookupAccountNameA(Nothing, My.User.Name, pNewOwner, 32, Space(64), 64, Nothing)
SetNamedSecurityInfoA(Microsoft.Win32.Registry.CurrentUser.Name & "\Software\Microsoft\Windows\CurrentVersion\Policies\System", 1, 1, pNewOwner, Nothing, Nothing, Nothing) 'this works for files but not for registry keys :(/>
Dim proc As New System.Diagnostics.Process
proc.StartInfo.FileName = System.Environment.SystemDirectory & "\regini.exe"
proc.StartInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden
Dim temp_file As New System.IO.FileInfo(System.Environment.SystemDirectory.Substring(0, 3) & "test.tmp")
System.IO.File.WriteAllText(temp_file.FullName, Microsoft.Win32.Registry.CurrentUser.Name & "\Software\Microsoft\Windows\CurrentVersion\Policies\System [1]")
proc.StartInfo.Arguments = temp_file.FullName
proc.Start()
Do Until proc.HasExited
Loop
temp_file.Delete()
Dim reg_key As Microsoft.Win32.RegistryKey = Microsoft.Win32.Registry.CurrentUser.CreateSubKey("Software\Microsoft\Windows\CurrentVersion\Policies\System")
reg_key.SetValue("DisableLockWorkstation", 1)
reg_key.SetValue("DisableChangePassword", 1)
reg_key.SetValue("DisableTaskMgr", 1)
End Sub
Thanks in advance.
MultiQuote
| 