use warnings;
use strict;
use Win32::Security::Raw;

#my $object = "MACHINE\\SYSTEM\\CurrentControlSet\\Services";
my @objects = ("MACHINE\\SYSTEM\\CurrentControlSet\\services","MACHINE\\SYSTEM\\CurrentControlSet\\Services","MACHINE\\SYSTEM\\CurrentControlSet\\services\\.NET CLR Data", "MACHINE\\SYSTEM\\CurrentControlSet\\services\\Lsa\\Performance");
my $ObjectType = 'SE_REGISTRY_KEY';
my $SecurityInfo = 'DACL_SECURITY_INFORMATION';

# Establish variables.
my $psidOwner;
my $psidGroup;
my $pDacl;
my $pSacl;
my $pSecurityDescriptor;

foreach my $object (@objects) {
	print "object = $object\n";
	# Call GetNamedSecurityInfo. This is to get the DACL.
	($psidOwner, $psidGroup, $pDacl, $pSacl, $pSecurityDescriptor) = Win32::Security::Raw::GetNamedSecurityInfo($object, $ObjectType, 'DACL_SECURITY_INFORMATION');
	print "$psidOwner, $psidGroup, $pDacl, $pSacl, $pSecurityDescriptor.\n";

	if (defined($pSecurityDescriptor))
	{
		Win32::Security::Raw::LocalFree($pSecurityDescriptor);
	}
	print "\n\n";
}