From 1c765dbf5dabc56f2e0f3c6eda934cdadc63bca7 Mon Sep 17 00:00:00 2001
From: Alex Hirsch <w4rh4wk@bluephoenix.at>
Date: Fri, 7 Aug 2015 15:50:12 +0200
Subject: [PATCH] privacy: add workaround for registry permission bullshit

---
 scripts/fix-privacy-settings.ps1 | 57 ++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/scripts/fix-privacy-settings.ps1 b/scripts/fix-privacy-settings.ps1
index 858b98c..2eea1b4 100644
--- a/scripts/fix-privacy-settings.ps1
+++ b/scripts/fix-privacy-settings.ps1
@@ -14,6 +14,51 @@ function regimport($reg) {
     rm $regfile
 }
 
+function Enable-Privilege {
+    param($Privilege)
+    $Definition = @"
+    using System;
+    using System.Runtime.InteropServices;
+    public class AdjPriv {
+        [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
+            internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall,
+                    ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
+        [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
+            internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
+        [DllImport("advapi32.dll", SetLastError = true)]
+            internal static extern bool LookupPrivilegeValue(string host, string name,
+                    ref long pluid);
+        [StructLayout(LayoutKind.Sequential, Pack = 1)]
+            internal struct TokPriv1Luid {
+                public int Count;
+                public long Luid;
+                public int Attr;
+            }
+        internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
+        internal const int TOKEN_QUERY = 0x00000008;
+        internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
+        public static bool EnablePrivilege(long processHandle, string privilege) {
+            bool retVal;
+            TokPriv1Luid tp;
+            IntPtr hproc = new IntPtr(processHandle);
+            IntPtr htok = IntPtr.Zero;
+            retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
+                    ref htok);
+            tp.Count = 1;
+            tp.Luid = 0;
+            tp.Attr = SE_PRIVILEGE_ENABLED;
+            retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
+            retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero,
+                    IntPtr.Zero);
+            return retVal;
+        }
+    }
+"@
+    $ProcessHandle = (Get-Process -id $pid).Handle
+    $type = Add-Type $definition -PassThru
+    $type[0]::EnablePrivilege($processHandle, $Privilege)
+}
+
 
 echo "Defuse Windows search settings"
 Set-WindowsSearchSetting -EnableWebResultsSetting $false
@@ -274,6 +319,18 @@ regimport(@"
 "@)
 
 echo "Disable submission of Windows Defender findings"
+do {} until (Enable-Privilege SeTakeOwnershipPrivilege)
+$key = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("SOFTWARE\Microsoft\Windows Defender\Spynet", "ReadWriteSubTree", "TakeOwnership")
+$owner = [Security.Principal.NTAccount]"Administrators"
+$acl = $key.GetAccessControl()
+$acl.SetOwner($owner)
+$key.SetAccessControl($acl)
+
+$acl = $key.GetAccessControl()
+$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
+$acl.SetAccessRule($rule)
+$key.SetAccessControl($acl)
+
 regimport(@"
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet]
 "SpyNetReporting"=dword:00000000