Load registry hive (AdjustTokenPrivileges error)

G

Guest

Writing an app in VB.NET 2005 which needs to load a registry hive. As far as
I can determine, there isn't any managed code to do this (sigh), so I need to
revert to APIs. Additional privileges need to be added to the current
process token before RegLoadKey can be used successfully. This exception is
thrown when I call AdjustTokenPrivileges: "The parameter is incorrect.
(Exception from HRESULT: 0x80070057 (E_INVALIDARG))".

I'm unable to determine which parameter is incorrent and have tried lots of
things with my API declaration and stuff. Any idea, hints, pointers or
solutions would be much appreciated. Thanks.

Code extract:
----------------
' constants
Public Const TOKEN_ADJUST_PRIVLEGES = &H20
Public Const TOKEN_QUERY = &H8
Public Const SE_PRIVILEGE_ENABLED = &H2
Public Const HKEY_USERS = &H80000003
Public Const SE_RESTORE_NAME = "SeRestorePrivilege"
Public Const SE_BACKUP_NAME = "SeBackupPrivilege"
Public Const ANYSIZE_ARRAY As Int32 = 1

' structures
<StructLayout(LayoutKind.Sequential)> _
Public Structure TOKEN_PRIVILEGES
Public PrivilegeCount As Int32
Public Privileges() As LUID_AND_ATTRIBUTES
End Structure

<StructLayout(LayoutKind.Sequential)> _
Public Structure LUID
Public LowPart As Int32
Public HighPart As Int32
End Structure

<StructLayout(LayoutKind.Sequential)> _
Public Structure LUID_AND_ATTRIBUTES
Public pLuid As LUID
Public Attributes As Int32
End Structure


' API Declarations
<DllImport("kernel32.dll", SetLastError:=True)> _
Public Function FormatMessage(ByVal dwFlags As Integer, ByRef lpSource
As IntPtr, _
ByVal dwMessageId As Integer, ByVal dwLanguageId As Integer, ByRef
lpBuffer As [String], _
ByVal nSize As Integer, ByRef Arguments As IntPtr) As Integer
End Function

<DllImport("advapi32.dll", EntryPoint:="RegLoadKeyA",
SetLastError:=True)> _
Public Function RegLoadKey(ByVal hKey As Int32, ByVal lpSubKey As
String, ByVal lpFile As String) As Int32
End Function

<DllImport("advapi32.dll", EntryPoint:="RegUnLoadKeyA",
SetLastError:=True)> _
Public Function RegUnLoadKey(ByVal hKey As Int32, ByVal lpSubKey As
String) As Int32
End Function

<DllImport("kernel32.dll", SetLastError:=True)> _
Public Function GetCurrentProcess() As IntPtr
End Function

Public Declare Function OpenProcessToken Lib "advapi32.dll" _
Alias "OpenProcessToken" _
(ByVal ProcessHandle As Integer, _
ByVal DesiredAccess As Integer, _
ByRef TokenHandle As IntPtr) As Integer

Dim Retval As Long
Dim strKeyName As String
Dim MyToken As IntPtr
Dim TP As TOKEN_PRIVILEGES
Dim RestoreLuid As LUID
Dim BackupLuid As LUID
Dim procHandle As IntPtr = GetCurrentProcess()

Retval = OpenProcessToken(procHandle, TOKEN_ADJUST_PRIVLEGES _
Or TOKEN_QUERY, MyToken)
If Retval = 0 Then MsgBox("OpenProcess: " &
GetErrorMessage(Err.LastDllError))

retval = LookupPrivilegeValue(vbNullString, SE_RESTORE_NAME, _
RestoreLuid)
If retval = 0 Then MsgBox("LookupPrivileges: " & Err.LastDllError)

retval = LookupPrivilegeValue(vbNullString, SE_BACKUP_NAME,
BackupLuid)
If retval = 0 Then MsgBox("LookupPrivileges: " & retval)

TP.PrivilegeCount = 2
ReDim TP.Privileges(1)
TP.Privileges(0).pLuid = RestoreLuid
TP.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED
TP.Privileges(1).pLuid = BackupLuid
TP.Privileges(1).Attributes = SE_PRIVILEGE_ENABLED

Retval = AdjustTokenPrivileges(MyToken, False, TP, 0, Nothing,
Nothing) '***** ERROR OCCURS HERE *****
If retval = 0 Then MsgBox("AdjustTokenPrivileges: " &
Err.LastDllError)


Retval = RegLoadKey(RegistryHive.Users, "TempHive", "C:\Documents
and Settings\Default User\NTUSER.DAT")
If retval <> 0 Then
Dim strErrorMessage As String = GetErrorMessage(retval)
MsgBox(strErrorMessage)
End If

<DllImport("advapi32.dll", EntryPoint:="LookupPrivilegeValueA",
SetLastError:=True)> _
Public Function LookupPrivilegeValue(ByVal lpSystemName As String, _
ByVal lpName As String, ByRef lpLuid As LUID) As Long
End Function

<DllImport("advapi32.dll", SetLastError:=True)> _
Public Function AdjustTokenPrivileges(ByRef TokenHandle As IntPtr, _
<MarshalAs(UnmanagedType.Bool)> ByVal DisableAllPrivileges As
Boolean, _
ByRef NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, _
ByRef PreviousState As TOKEN_PRIVILEGES, ByRef ReturnLength As Long)
As Long
End Function
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top