首页
社区
课程
招聘
[求助]关于COM对象来读写注册表的问题
发表于: 2014-11-17 12:41 4827

[求助]关于COM对象来读写注册表的问题

2014-11-17 12:41
4827
在win7,有UAC的情况下,编辑HKEY_LOCAL_MACHINE健下的项会被UAC拒绝。我想通过一个提权的com对象来编辑注册表。我在网上找到的一个com接口 IWshShell可以编辑注册表,参考http://baike.baidu.com/view/1138271.htm?fr=aladdin

提权代码如下,结果CoGetObject总是返回0x80080017 。不知道是什么原因,请教高手解答

const wchar_t MONIKER_NAME[] = L"Elevation:Administrator!new:%s";
HRESULT CoCreateInstanceAsAdmin(HWND hwnd, LPWSTR wstrRclsid, REFIID riid, void **ppv)
{
        BIND_OPTS3 bo;
       
        wchar_t wszMonikerName[300];
       
     
        wsprintfW(wszMonikerName, MONIKER_NAME, wstrRclsid);
        memset(&bo, 0, sizeof(bo));
        bo.cbStruct = sizeof(bo);
        bo.hwnd = hwnd;
        bo.dwClassContext = CLSCTX_LOCAL_SERVER;
        if (IsRunningInWin64())
                bo.dwClassContext |= CLSCTX_ACTIVATE_32_BIT_SERVER;
        return CoGetObject(wszMonikerName, &bo, riid, ppv);
}

void CRemoteDlg::OnOK()
{
    LPVOID pRet;
    char lpOut[50];
        GUID Guid;
    CoInitialize(0);
        LPCTSR2GUID("41904400-BE18-11D3-A28B-00104BD35090",Guid);
        CoCreateInstanceAsAdmin(NULL,L"{00020424-0000-0000-C000-000000000046}",Guid,(LPVOID*)&pRet);
}

[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课

上传的附件:
收藏
免费 0
支持
分享
最新回复 (2)
雪    币: 1651
活跃值: (1425)
能力值: ( LV6,RANK:80 )
在线值:
发帖
回帖
粉丝
2
GUID Guid;
    CLSID rclsid;
    IID  riid;
    CoInitialize(0);
    HRESULT hr1=CLSIDFromProgID(L"WScript.Shell.1",&rclsid);
    HINSTANCE hdllInst =LoadLibrary("wshom.ocx");
    typedef HRESULT (__stdcall * pfnGCO) (REFCLSID, REFIID, void**);   
    pfnGCO fnGCO = NULL;  
    fnGCO = (pfnGCO)GetProcAddress(hdllInst, "DllGetClassObject");
    IClassFactory* pcf = NULL;  
    HRESULT hr=(fnGCO)(rclsid, IID_IClassFactory, (void**)&pcf); //创建工厂  
    LPVOID pvObject;
    IIDFromString(L"{F935DC21-1CF0-11D0-ADB9-00C04FD58A0B}",&riid);
//        LPCTSR2GUID("F935DC21-1CF0-11D0-ADB9-00C04FD58A0B",riid);
    pcf->CreateInstance(0,riid,&pvObject);
    CoCreateInstanceAsAdmin(NULL,rclsid,riid,&pvObject);

const wchar_t MONIKER_NAME[] = L"Elevation:Administrator!new:%s";
HRESULT CoCreateInstanceAsAdmin(HWND hwnd, REFCLSID rclsid, REFIID riid, void **ppv)
{
        BIND_OPTS3 bo;
        wchar_t wszCLSID[50];
        wchar_t wszMonikerName[300];
       
        StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID));
        HRESULT hr = wsprintfW(wszMonikerName,  MONIKER_NAME, wszCLSID);
        if (FAILED(hr))
                return hr;
        memset(&bo, 0, sizeof(bo));
        bo.cbStruct = sizeof(bo);
        bo.hwnd = hwnd;
        bo.dwClassContext = CLSCTX_LOCAL_SERVER;
        if (IsRunningInWin64())
                bo.dwClassContext |= CLSCTX_ACTIVATE_32_BIT_SERVER;
        return CoGetObject(wszMonikerName, &bo, riid, ppv);

还是不能提权,CoGetObject 返回80080017
2014-11-17 18:11
0
雪    币: 218
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
0x80080017
CO_E_ELEVATION_DISABLED
The class is not configured to support elevated activation.
2014-11-19 01:42
0
游客
登录 | 注册 方可回帖
返回
//