Updating HKEY_CURRENT_USER hive from a service

半世苍凉 提交于 2019-12-20 07:27:23

问题


I am writing a network provider (Windows 7) to capture the domain name and username and I have to keep this in HKEY_CURRENT_USER\Software\MyApp\Profile

Since the network provider is running as a service the data is stored in HKEY_USER\.Default\Software\MyApp\Profile

After successful login if I try to read from my application it genuinely tries to read the data from that user's HKEY_CURRENT_USER which will not have anything.

How is this being managed in general? How shall I store the data into current users hive from a service.


回答1:


You need to get a user token (call OpenProcess then OpenProcessToken), impersonate your thread with that token and use RegOpenCurrentUser function to open user registry hive.

Also you can find out user SID and open HKEY_USER\<SID>.




回答2:


I had managed to get this done.

I did a LogonUser, LoadUserProfile and ImpersonateLoggedOnuser. The LoadUserProfile will return the PROFILEINFO structure. The member hProfile of PROFILEINFO is the actual HKCU root which should be used.

Calling LogonUser will trigger the network provider recursively, to block that you have to check the lpStationName from NPLogonNotify argument, if its "SvcVtl" then break the recursion. Look for msdn document for more detail on NPLogonNotify.

when all registry operation is done, call UnLoadUserProfile, RevertoToSelf, closeHandle(token)



来源:https://stackoverflow.com/questions/8182084/updating-hkey-current-user-hive-from-a-service

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!