What's wrong with my code?

delphi package - easy access to security apis

What's wrong with my code?

Postby jzjjony » Fri Jun 23, 2006 4:47 am

I try to change a registry key's DACL,but there is an error in //*********
line,could you tell me why and what can i do?

My code:

var
dwRet:dword;
SamName:LPSTR;
pSD:PSECURITY_DESCRIPTOR;
pOldDacl,pNewDacl:PACL;
ea:EXPLICIT_ACCESS_A ;
Keys:HKEY ;
reg:tregistry;
str:tstringlist;
begin
keys:=0;
getmem(samname,MAX_PATH);
strcopy(samname,'MACHINE\SAM\SAM');
try
if SetEntriesInAcl(0, nil, nil, pOldDacl)<>ERROR_SUCCESS then
begin
messagebox(handle,'Error 1','infromation',mb_ok);
exit;;
end ;

if SetEntriesInAcl(0, nil, nil, pNewDacl)<>ERROR_SUCCESS then
begin
messagebox(handle,'Error 2','infromation',mb_ok);
exit;;
end ;
if GetNamedSecurityInfo(SamName, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION,
nil, nil, pOldDacl, nil, pSD)<>ERROR_SUCCESS then
begin
messagebox(handle,'get SAM's DACL Error','infromation',mb_ok);
exit;;
end;
ZeroMemory(@ea, sizeof(EXPLICIT_ACCESS_A));
BuildExplicitAccessWithName(@ea, 'Everyone',GENERIC_ALL{ KEY_ALL_ACCESS}, SET_ACCESS,
SUB_CONTAINERS_AND_OBJECTS_INHERIT);
if (pNewDacl=nil) then //************error here,"pNewDacl" always nil
messagebox(handle,'Build New DACL error ','infromation',mb_ok);
dwRet:= SetEntriesInAcl(1, @ea, pOldDacl, pNewDacl);
if dwRet<>ERROR_SUCCESS then
begin
messagebox(handle,'Error add new DACL ','infromation',mb_ok);
exit;;
end;
if SetNamedSecurityInfo(SamName, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION,
nil, nil, pNewDacl, nil)<> ERROR_SUCCESS then
begin
messagebox(handle,'Fresh SAM's DACL ','infromation',mb_ok);
exit;;
end;

// ope SAM's subkey and do something
reg:=tregistry.Create ;
str:=tstringlist.Create;
reg.RootKey:=HKEY_LOCAL_MACHINE;
if reg.OpenKey('SAM\SAM',false) then
begin
reg.GetKeyNames(str);
memo1.Lines.AddStrings(str);
end;
reg.CloseKey;
finally
if Keys<>0 then RegCloseKey(Keys);
if pNewDacl<>nil then LocalFree(dword(pNewDacl));
if pOldDacl<>nil then SetNamedSecurityInfo(SamName, SE_REGISTRY_KEY, DACL_SECURITY_INFORMATION,
nil, nil, pOldDacl, nil);
if pSD<>nil then LocalFree(dword(pSD));
if samname<>nil then freemem(samname);
end;
end;
jzjjony
 
Posts: 15
Joined: Mon Jan 23, 2006 12:33 pm

Postby madshi » Fri Jun 23, 2006 9:02 am

You're posting in the madSecurity forum, but seemingly you're not using madSecurity. By using madSecurity you could have it easier, because it calls all those nasty win32 APIs for you internally.

http://help.madshi.net/madSecurity.htm
madshi
Site Admin
 
Posts: 9880
Joined: Sun Mar 21, 2004 5:25 pm


Return to madSecurity

Who is online

Users browsing this forum: No registered users and 1 guest

cron