Pages

Thursday, 24 February 2022

VB Script to set a registry under HKCU through system context

 strComputer = "."

strRegPathSuffix = "\Desktop\Pavan"

strRegValueName = "EnableADAL"

intRegValueDec = "1"

strRegPathSuffix1 = "\Desktop\Pavan"

strRegValueName1 = "EnableADAL2"

intRegValueDec1 = "2"

Const HKEY_USERS = &H80000003

Set oReg = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")

strKeyPath = ""

oReg.EnumKey HKEY_USERS, strKeyPath, arrSubKeys
For Each subkey In arrSubKeys

    'wscript.echo subkey

    'We only want to do something if the subkey does not contain any of the following: .DEFAULT or S-1-5-18 or S-1-5-19 or S-1-5-20 or _Classes

    If NOT ((InStr(1,subkey,".DEFAULT",1) > 0) OR (InStr(1,subkey,"S-1-5-18",1) > 0) OR (InStr(1,subkey,"S-1-5-19",1) > 0) OR (InStr(1,subkey,"S-1-5-20",1) > 0) OR (InStr(1,subkey,"_Classes",1) > 0)) Then

    'Create desired registry key/value

    strKeyPath = subkey & strRegPathSuffix

    'wscript.echo strKeyPath

    oReg.CreateKey HKEY_USERS, strKeyPath

    oReg.SetStringValue HKEY_USERS, strKeyPath, strRegValueName, intRegValueDec

      oReg.SetDWORDValue HKEY_USERS, strKeyPath, strRegValueName1, intRegValueDec1

    End If

Next
at No comments:

Wednesday, 16 February 2022

Set user environmental variable through system contest

 # get the domain and username for the currently logged on user

 $domain, $userName = (Get-WmiObject -Class Win32_ComputerSystem).UserName -split '\\', 2

 # next, get the SID for that current user
 
 $user = [System.Security.Principal.NTAccount]::new($domain, $userName)
 
 $sid  = $user.Translate([System.Security.Principal.SecurityIdentifier]).Value
 
 # set the registry value for this user.
 Set-ItemProperty -Path "Registry::HKEY_USERS\$sid\Environment" -Name 'NAME2' -Value 'Value2' -Type String
 
at No comments:

Thursday, 10 February 2022

read and write permission through powershell

$folder_to_change = "C:\Temp\Aspen"
$acl = Get-Acl "$folder_to_change"
$ar = New-Object System.Security.AccessControl.FileSystemAccessRule("BUILTIN\Users", @("Read", "write"), "ContainerInherit,ObjectInherit", "None", "Allow")
$acl.SetAccessRule($ar)
Set-Acl "$folder_to_change" $acl
at No comments:
Subscribe to: Posts (Atom)

User based detection

function getloggedindetails () {     ##Find logged in username     $user = Get-WmiObject Win32_Process - Filter "Name='explorer...

Search This Blog