private_hive/
private-hive.rs1use registry::{Hive, Security};
2use windows::{core::PCWSTR, Win32::{Foundation::{HANDLE, LUID}, Security::{AdjustTokenPrivileges, LookupPrivilegeValueW, LUID_AND_ATTRIBUTES, SE_BACKUP_NAME, SE_PRIVILEGE_ENABLED, SE_RESTORE_NAME, TOKEN_ADJUST_PRIVILEGES, TOKEN_PRIVILEGES}, System::Threading::{GetCurrentProcess, OpenProcessToken}}};
3
4fn main() -> Result<(), windows::core::Error> {
5 let mut token = HANDLE::default();
6 unsafe { OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &mut token)? };
7
8 set_privilege(token, SE_RESTORE_NAME)?;
9 set_privilege(token, SE_BACKUP_NAME)?;
10 let hive_key = Hive::load_file(
11 r"C:\Users\Default\NTUSER.DAT",
12 Security::Read | Security::Write,
13 )
14 .unwrap();
15
16 let keys: Vec<_> = hive_key.keys().map(|k| k.unwrap().to_string()).collect();
17
18 println!("{:?}", keys);
19 Ok(())
20}
21
22fn set_privilege(handle: HANDLE, name: PCWSTR) -> Result<(), windows::core::Error> {
23 let mut luid: LUID = LUID {
24 LowPart: 0,
25 HighPart: 0,
26 };
27 unsafe { LookupPrivilegeValueW(None, name, &mut luid)? };
28
29 let mut privilege = TOKEN_PRIVILEGES {
30 PrivilegeCount: 1,
31 Privileges: [LUID_AND_ATTRIBUTES {
32 Luid: luid,
33 Attributes: SE_PRIVILEGE_ENABLED,
34 }],
35 };
36
37 unsafe {
38 AdjustTokenPrivileges(
39 handle,
40 false,
41 Some(&mut privilege),
42 std::mem::size_of::<TOKEN_PRIVILEGES>() as u32,
43 None,
44 None,
45 )?
46 };
47
48 Ok(())
49}