Jump to content

Write in HKCU from other account

Sn00f

By Sn00f
in Windows Tips 'n' Tweaks

 Share

Recommended Posts

Sn00f

Sn00f

Posted
  • Author
Posted

I Found reg.exe v3.0, thanks

any ideas about

is it possible to do this just like an "ipn" variable?

for /F "tokens=1 delims=." %%A in ('ipn') do set logname=%%A

echo %logname%: >> t:\Logs\name.txt

for /F "tokens=1 delims=." %%A in ('<vbsscript>') do set pid=%%A

(pid= S-1-5-21-1605980848-1645125239-839522115-1001)

reg add hku\%pid%\blablabla?

?

Link to comment
Share on other sites

maxXPsoft

maxXPsoft

Posted
Posted

I think I told you wrong or we got crossed up,

HKEY_USERS\PID untill you load the respective hive with XP you are loading the ntuser.dat file located in their respective folder from Doc's and Setting's. I don't know if you have that in 2000. The user cannot be logged on at current time. Then you can change their settings. It simple with just reg file's at that point however you can use the Reg.exe also. Have to make sure to unload afterward's.

Link to comment
Share on other sites
Sn00f

Sn00f

Posted
  • Author
Posted

hum ok,

I've got this in windows 2000 (regedt32.exe), but I would like to automate this with a script or something like that.

Why?

Because I have to change some settings remotely on about 300 machines....with Norton ghost, which uses the SYSTEM account to work on remote computers.

I would like to "find" "user1" pid automaticaly and then put it into a variable, and then use reg.exe or another tool to change their settings.

any ideas?

Link to comment
Share on other sites
maxXPsoft

maxXPsoft

Posted
Posted (edited)
change some settings remotely

That is not simple. :no:

In fact its a nightmare with first passing arguments to tell Windows you are an admin of the remote machine and you are running in Admin mode. I have all that in my VB app to write registry values because to load the Hives you have to be an Administrator, but the remote stuff is commented out since I never cared to go there yet.

Perhaps someone can show you how to do this in VBScript

Edited by maxXPsoft
Link to comment
Share on other sites
Sn00f

Sn00f

Posted
  • Author
Posted

Hum I didn't explain that very well.

I will send (with Ghost) a script on a remote computer.

There, i'll launch that file and this file (launched by the SYSTEM account) would change the registry entries.

the batch or script would do this:

I would like to "find" "user1" pid automaticaly and then put it into a variable, and then use reg.exe or another tool to change their settings.

other ideas?

Link to comment
Share on other sites
maxXPsoft

maxXPsoft

Posted
Posted

.reg import might be the thing then as someone mentioned above

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download]
"CheckExeSignatures"="no"
"RunInvalidSignatures"=dword:00000001

Then to execute

[script]

REGEDIT /S %systemdrive%\Download.reg

DEL %systemdrive%\Download.reg

[/script]

You could set this up to run when they logon as the /S means to do it silently.

Link to comment
Share on other sites
Timshel

Timshel

Posted
Posted

I have done this by using a combination of Reg.exe and VBScript...

This could quite easily be converted to a NT CMD file instead of VBS...

Note also that I rushed this code together based on a previous implementation of it so I may have left something out... I wouldn't be surprised if there were a couple of errors... The concept works though.

The code will iterate through all the profiles on a PC excluding system accounts, all users and the current logged in user. For the current user profile simply edit HKCU either by importing a reg file or using oShell.RegWrite

Cheers, Timshel

here is the VBS code....

Dim oShell : Set oShell = WScript.CreateObject("Wscript.Shell")

Dim oFS : Set oFS = WScript.CreateObject("Scripting.FileSystemObject")

Dim strCUProfile : strCUProfile = strCUProfile = oShell.Environment("Process")("UserProfile")

Dim oFolder

For Each oFolder In oFS.GetFolder("C:\Documents and Settings").SubFolders

If oFS.FileExists (oFolder &"\NTUser.DAT") _

And LCase(oFolder.Name) <> LCase(strCUProfile) _

And LCase(oFolder.Name) <> LCase("LocalService") _

And LCase(oFolder.Name) <> LCase ("NetworkService") _

And LCase(oFolder.Name) <> LCase("All Users") Then

oShell.Run "cmd /c reg load HKLM\TempHive " &Chr(34) &oFolder &"\NTUser.DAT" &Chr(34), ,1

'Put your registry hacks here...

'Either use oShell.RegWrite... eg below...

'oShell.RegWrite "HKLM\TempHive\Software\MySoftware\MyDword", 1, "REG_DWORD"

'OR

'Run "Regedit.exe /s REGHack.Reg" and import a premodified reg file - the key in the reg file start With

'HKEY_Local_Machine\TempHive\

'eg below...

'oShell.Run "Regedit.exe /s RegHack.reg"

oShell.Run "cmd /c reg unload HKLM\TempHive", 0, True

End If

Next

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...