Category : registry

When I try to log on as a new local user I get the following; The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITYLOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable ..

Read more

void * hFile = CreateFileW ( L"\.OurFile", // name of the write GENERIC_WRITE, // open for writing 0, // do not share NULL, // default security CREATE_NEW, // create new file only FILE_ATTRIBUTE_NORMAL, // normal file NULL ); if (!hFile || hFile == INVALID_HANDLE_VALUE) { std::cout << "hFile GetLastError(): 0x" << std::hex << GetLastError() << ..

Read more

I ran this piece of code, which returned the Product Id reg key like it should: from winreg import * def regstuff(): for i in range(1024): try: RawKey = OpenKey(ConnectRegistry(None, HKEY_LOCAL_MACHINE), "SOFTWAREMicrosoftWindows NTCurrentVersion") asubkey_name = EnumKey(RawKey, i) asubkey = OpenKey(RawKey, asubkey_name) val = QueryValueEx(asubkey, "ProductId") print(f"[Product ID] {val}") except: pass but then I changed "ProductId" ..

Read more

I am trying to update one of the parameters of Windows Service (kubelet) by using this link 1. $regkey = "HKLMSYSTEMCurrentControlSetServiceskubelet" 2. $name = "ImagePath" 3. $(reg query ${regkey} /v ${name} | Out-String) -match "(?s)${name}.*(C:.*kubelet.exe.*)" 4. $kubelet_cmd = $Matches[1] -replace "–image-pull-progress-deadline=.* ","" -replace "rn"," " 5. reg add ${regkey} /f /v ${name} /t REG_EXPAND_SZ /d ..

Read more

I am trying to import below Echo off for /F "tokens=2" %%i in (‘whoami /user /fo table /nh’) do set usersid=%%i echo %usersid% #reg add HKU%usersid%SOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableChangePassword /t REG_DWORD /d 0 /f but failing as it needs admin right, but when we use rights it changes MY userSID registry not the one who logged ..

Read more

I have this code shown below to read installed software on a specific device from the registry: private static List<string> ReadRemoteRegistryusingWMI(string machineName= "192.168.x.x") { List<string> programs = new List<string>(); ConnectionOptions connectionOptions = new ConnectionOptions(); connectionOptions.Username = @"****"; connectionOptions.Password = @"****"; //connectionOptions.Impersonation = ImpersonationLevel.Impersonate; ManagementScope scope = new ManagementScope("\" + machineName + "rootCIMV2", connectionOptions); scope.Connect(); string ..

Read more

We have 2 ways to open a file with an application: Double-click on a file in the explorer. Windows explorer will search for its extension in the registry, find the default application command line (CLI) format string, substitute the "%1" argument with the file’s path, and finally run the CLI. Directly call the application in ..

Read more