# --- Author: zetod1ce (github.com/ztd38f) --- # # --- DISCLAIMER: Provided as-is, without warranties. For educational and testing use only in controlled environments. Use at your own risk. --- # function RegUnlock { param( [Parameter(Mandatory=$true)] [string]$KeyPath, [switch]$Everyone, [switch]$System, [switch]$Admins, [switch]$Users, [ValidateSet('On', 'Off')] [string]$Inheritance = 'On' ) # Enable All Privileges function SetAllPrivileges {whoami /priv |? {$_ -match '^Se\w+'} |% {$matches[0]} |% {([diagnostics.process].GetMember('SetPrivilege',60)).Invoke($null,("$_",2))}}; SetAllPrivileges # Define root key and path $hiveMap = @{ 'HKLM' = [Microsoft.Win32.Registry]::LocalMachine 'HKCU' = [Microsoft.Win32.Registry]::CurrentUser 'HKU' = [Microsoft.Win32.Registry]::Users 'HKCR' = [Microsoft.Win32.Registry]::ClassesRoot 'HKCC' = [Microsoft.Win32.Registry]::CurrentConfig } $hive = [Microsoft.Win32.Registry]::LocalMachine $subKeyPath = $KeyPath foreach ($prefix in $hiveMap.Keys) { if ($KeyPath -match "^$prefix[:\\](.*)") { $hive = $hiveMap[$prefix] $subKeyPath = $matches[1] break } } # Define owner by priority $owners = @( @{Condition = $Everyone; SID = "S-1-1-0"; Name = "Everyone"} @{Condition = $Users; SID = "S-1-5-32-545"; Name = "Users"} @{Condition = $Admins; SID = "S-1-5-32-544"; Name = "Administrators"} @{Condition = $System; SID = "S-1-5-18"; Name = "System"} ) $owner = $owners |? {$_.Condition} | Select -Last 1 try { # Take ownership via Administrators first $adminSid = [Security.Principal.SecurityIdentifier]::new("S-1-5-32-544") $regKey = $hive.OpenSubKey($subKeyPath, 'ReadWriteSubTree', 'ChangePermissions') if ($null -eq $regKey) { Write-Host "Failed to open key: $KeyPath" -f Red return } $acl = $regKey.GetAccessControl() # Set Administrators as owner $acl.SetOwner($adminSid) $acl.SetAccessRuleProtection($true, $false) # Give Administrators full control $adminRule = New-Object Security.AccessControl.RegistryAccessRule($adminSid, 'FullControl', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl.SetAccessRule($adminRule) $regKey.SetAccessControl($acl) $regKey.Close() # Reopen key Start-Sleep -Milliseconds 50 $regKey = $hive.OpenSubKey($subKeyPath, 'ReadWriteSubTree', 'ChangePermissions') if ($null -eq $regKey) { Write-Host "Failed to reopen key: $KeyPath" -f Red return } $acl = $regKey.GetAccessControl() # Set desired owner if ($owner) { $acl.SetOwner([Security.Principal.SecurityIdentifier]$owner.SID) Write-Host "Owner set: $($owner.Name)" -f Cyan } # Configure inheritance - enabled to propagate to all subkeys $acl.SetAccessRuleProtection($Inheritance -eq 'Off', $false) Write-Host "Inheritance $(if($Inheritance -eq 'Off'){'disabled'}else{'enabled'})" -f Yellow # Add rules for all specified groups with inheritance flags $groups = @( @{Switch = $Everyone; SID = "S-1-1-0"; Name = "Everyone"} @{Switch = $System; SID = "S-1-5-18"; Name = "System"} @{Switch = $Admins; SID = "S-1-5-32-544"; Name = "Administrators"} @{Switch = $Users; SID = "S-1-5-32-545"; Name = "Users"} ) $groups |? {$_.Switch} |% { $sid = New-Object Security.Principal.SecurityIdentifier($_.SID) $acl.PurgeAccessRules($sid) $rule = New-Object Security.AccessControl.RegistryAccessRule($sid, 'FullControl', 'ContainerInherit,ObjectInherit', 'None', 'Allow') $acl.AddAccessRule($rule) Write-Host "Access granted to $($_.Name)" -f Green } $regKey.SetAccessControl($acl) $regKey.Close() Write-Host Write-Host "Permissions applied successfully. Inheritance will propagate to all subkeys." -f Green } catch { Write-Host "Error setting permissions for $KeyPath : $_" -f Red } }