Topic: Logon As Admin - Registry Persmissions / Ownership  (Read 419 times)

0 Members and 1 Guest are viewing this topic.

Logon As Admin - Registry Persmissions / Ownership
« on: December 17, 2017, 09:38:36 PM »

bob.omb

  • Chef
  • ***
  • Location: USA
  • Date Registered: Jul 2017
  • Posts: 271
Anyone else have access denied issues accessing certain keys on remote mounted reg files?

Using a passwword reset plugin that works fine on system account, when using loginasadmin plugin I get access denied on a mounted SAM key from the local disk.
« Last Edit: December 17, 2017, 09:39:03 PM by bob.omb »

Re: Logon As Admin - Registry Persmissions / Ownership
« Reply #1 on: December 18, 2017, 03:17:20 AM »

JFX

  • Moderator, Code Baker
  • Sr. Chef
  • *****
  • Date Registered: Dec 2010
  • Posts: 924
That to be expected. The SAM key has no read permission set for Admins.

Re: Logon As Admin - Registry Persmissions / Ownership
« Reply #2 on: December 18, 2017, 12:53:00 PM »

bob.omb

  • Chef
  • ***
  • Location: USA
  • Date Registered: Jul 2017
  • Posts: 271
Is there a way to set read for admin for the PE registry? It loads the SAM from the remote registry into HKLM\Keyname but gets access denied when attempting to read it...
I'm guessing its not PE's registry permissions??? and that its permissions in the local machines registry that carry over when loaded into PE Registry???? When loading a remote registry are the permissions propagated or does it use the host registry permissions?

Or can we possibly run an application as system from within admin?  There is apparently a TSCON 1 error with 1709 that does not allow switching back to system after logging in as admin...It is error 5023 cannot connect.(For switching back to system user - "tscon.exe 1")

Ideally just running the application AS system(another user besides admin) would be my first choice but not sure if we can do this in PE...(Currently - See below)

"Psexec -i -s filename.exe" is not working.  "The username or password is incorrect" is the error displayed.

There was some discussion here: http://theoven.org/index.php?topic=2269.0

But it is not being looked at by anyone presently i don't think.

An alternative to fixing the system login would be fine(for me) but I am willing to help with this as much as I can if anyone is actually trying to fix the system account switching completely.

Thanks JFX for your time...
« Last Edit: December 18, 2017, 02:07:10 PM by bob.omb »

Re: Logon As Admin - Registry Persmissions / Ownership
« Reply #3 on: December 19, 2017, 03:10:51 AM »

JFX

  • Moderator, Code Baker
  • Sr. Chef
  • *****
  • Date Registered: Dec 2010
  • Posts: 924
Every registry key has it's own permissions.

Try NSudo to run an apllication with system rights.

Re: Logon As Admin - Registry Persmissions / Ownership
« Reply #4 on: December 19, 2017, 09:29:26 AM »

bob.omb

  • Chef
  • ***
  • Location: USA
  • Date Registered: Jul 2017
  • Posts: 271
JFX you are the man!  :w00t: It works!

 

Powered by EzPortal