Public-Mirrors
/
Debloat-Windows-10
mirror of https://github.com/W4RH4WK/Debloat-Windows-10
1
0
Fork 0
Code Issues Releases Wiki Activity
A collection of Scripts which disable / remove Windows 10 Features and Apps
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
154 Commits
1 Branch
0 Tags
650 KiB
 
 
Tree: 8ab363a918
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8ab363a918'
${ noResults }
Debloat-Windows-10/lib/take-own.psm1

80 lines
3.0 KiB
Raw Blame History

function Takeown-Registry($key) {
# TODO does not work for all root keys yet
switch ($key.split('\')[0]) {
"HKEY_CLASSES_ROOT" {
$reg = [Microsoft.Win32.Registry]::ClassesRoot
$key = $key.substring(18)
}
"HKEY_CURRENT_USER" {
$reg = [Microsoft.Win32.Registry]::CurrentUser
$key = $key.substring(18)
}
"HKEY_LOCAL_MACHINE" {
$reg = [Microsoft.Win32.Registry]::LocalMachine
$key = $key.substring(19)
}
}
# get administraor group
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$admins = $admins.Translate([System.Security.Principal.NTAccount])
# set owner
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
$acl = $key.GetAccessControl()
$acl.SetOwner($admins)
$key.SetAccessControl($acl)
# set FullControl
$acl = $key.GetAccessControl()
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow")
$acl.SetAccessRule($rule)
$key.SetAccessControl($acl)
}
function Elevate-Privileges {
param($Privilege)
$Definition = @"
using System;
using System.Runtime.InteropServices;
public class AdjPriv {
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid {
public int Count;
public long Luid;
public int Attr;
}
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege) {
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
"@
$ProcessHandle = (Get-Process -id $pid).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege)
}