Checho Checho - 1 month ago 10
C Question

Any example to use RegLoadKey()

I got this code:

int wmain(int argc, WCHAR *argv[])
{
HKEY hKey = HKEY_LOCAL_MACHINE;
LPCWSTR subKey = L"Example";
LPCWSTR pFile = L"C:\\Users\\Default\\NTUSER.DAT";

LONG loadKey = RegLoadKey(hKey, subKey, pFile);

if (loadKey != ERROR_SUCCESS) {
wprintf(L"Code: %li\n", loadKey);
} else {
wprintf(L"Mounted!\n");
}

return 0;
}


I know I need to enable
SE_RESTORE_NAME
and
SE_BACKUP_NAME
for my calling process and there is an example on MSDN, but can't understand it. No idea where to put the privileges I need.

Can anyone show me an example on how to merge all of this and get the
RegLoadKey()
function works?

There are a lot of variables that the MSDN documentation does not explain, like
hToken
, etc. That is why I need help.

Answer

Thanks a lot for your time. Going to share the code that I used; It may help someone else:

#include <windows.h>
#include <stdio.h>


BOOL SetPrivilege(

    HANDLE hToken,              // access token handle
    LPCWSTR nameOfPrivilege,   // name of privilege to enable/disable
    BOOL bEnablePrivilege     // to enable or disable privilege
)
{
    TOKEN_PRIVILEGES tp;
    LUID luid;

    if (!LookupPrivilegeValue(
        NULL,               // lookup privilege on local system
        nameOfPrivilege,   // privilege to lookup 
        &luid))           // receives LUID of privilege
    {
        printf("LookupPrivilegeValue error: %u\n", GetLastError());
        return FALSE;
    }

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    if (bEnablePrivilege)
        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    else
        tp.Privileges[0].Attributes = 0;

    // Enable the privilege or disable all privileges.

    if (!AdjustTokenPrivileges(
        hToken,
        FALSE,
        &tp,
        sizeof(TOKEN_PRIVILEGES),
        (PTOKEN_PRIVILEGES)NULL,
        (PDWORD)NULL))
    {
        printf("AdjustTokenPrivileges error: %u\n", GetLastError());
        return FALSE;
    }

    if (GetLastError() == ERROR_NOT_ALL_ASSIGNED)

    {
        printf("The token does not have the specified privilege. \n");
        return FALSE;
    }

    return TRUE;
}


int wmain(int argc, WCHAR *argv[])
{
    HANDLE proccessHandle = GetCurrentProcess();     // get the handle to the current proccess
    DWORD typeOfAccess = TOKEN_ADJUST_PRIVILEGES;   //  requiered to enable or disable the privilege
    HANDLE tokenHandle;                             //  handle to the opened access token

    HKEY hKey = HKEY_LOCAL_MACHINE;
    LPCWSTR subKeyName = L"Debu";
    LPCWSTR pHive = L"C:\\Users\\Default\\NTUSER.DAT";

    if (OpenProcessToken(proccessHandle, typeOfAccess, &tokenHandle))
    {
        // Enabling RESTORE and BACKUP privileges
        SetPrivilege(tokenHandle, SE_RESTORE_NAME, TRUE);
        SetPrivilege(tokenHandle, SE_BACKUP_NAME, TRUE);

    }
    else
    {
        wprintf(L"Error getting the access token.\n");
    }

    // Loading the HIVE into HKLM\Debu subkey

    LONG loadKey = RegLoadKeyW(hKey, subKeyName, pHive);

    if (loadKey != ERROR_SUCCESS)
    {
        wprintf(L"Error loading the key. Code: %li\n", loadKey);
    }
    else
    {
        wprintf(L"Hive file has been loaded.\n");

    }



    return 0;
}