Jump to content

Registry UDFs


engine
 Share

Recommended Posts

SecurityEx.au3

Reg.au3

(Requires SecurityEx.au3 from above)

Current functions:

_RegLoadHive

_RegRestoreHive

_RegSaveHive

_RegUnloadHive

Features:

These functions support remote computers.

Notes:

All functions are supposed to work on Windows 2000 and later

HKCUReg.au3

(Requires Reg.au3 from above)

Current functions:

_HKCU_Delete

_HKCU_EnumKey

_HKCU_EnumVal

_HKCU_Import

_HKCU_Read

_HKCU_Write

Features:

With the exception of _HKCU_Import, all functions support remote computers.

It's possible to specify one user account or use all accounts on a computer at once.

Both local accounts and domain like accounts are supported.

Notes:

_HKCU_Import is supposed to work on Windows XP and later.

The rest are supposed to work on Windows 2000 and later.

Reg.au3 requires SecurityEx.au3 on the same folder to work properly.

HKCUReg.au3 requires Reg.au3 and SecurityEx.au3 on the same folder to work properly.

Edited by engine

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to comment
Share on other sites

Nice work engine.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

Thanks guys.

Reg.au3 was updated again.

I wasn't quite happy with one of the internal functions, "Split_sRootKey". So I couldn't stop thinking about it. And I have just rewritten it.

Also now SetPrivilege is called immediately before it is needed.

Regards.

Edited by engine

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to comment
Share on other sites

  • 2 weeks later...

Updated both UDFs.

Function "GetProfile" no longer use WMI and use Windows APIs instead.

Windows APIs have less requirements and should run faster. They should also run on all Windows NT based OS.

Also, now a temporary non existent SID is generated for the "Default User", to work as the temporary hive.

I need feedback from people that are using these functions on Networks with thousands of computers. Need to know if they execute within a reasonable time period.

Please try this.

#include <Array.au3>
#include "HKCUReg.au3"

$sComputer = @ComputerName ; Replace with your own remote computer name

$a = GetProfile("", $sComputer)
_ArrayDisplay($a)

Exit

And tell me if it runs fast. There is no need to post the result.

Thanks.

Edited by engine

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to comment
Share on other sites

  • 2 weeks later...
  • 3 weeks later...

Updated "Reg.au3".

SetPrivilege function now returns the previous privileges states, if they were modified.

For increased security, previous privileges states are restored immediately after the needed elevation of privilege.

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to comment
Share on other sites

How would you suggest I delete multiple registry values from the same user hive without loading and unloading all the user hives for each value? I know I can modify the function to handle this, but is there any builtin functionality already?

Link to comment
Share on other sites

There isn't built in functionality for that purpose.

Instead I suggest you use _RegLoadHive and _RegUnloadHive functions on your script. That if you have a high amount of RegDelete operations you need to do on the same user hive.

Regards.

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to comment
Share on other sites

I ended up modifying the HKCU Delete function to accept an array as well, the array contains the list of registry keys to delete. Thanks for this code, it's excellent!

Great idea!

If time and will permits, I might modify Write, Delete and Read functions to accept both strings and arrays.

Regards.

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Link to comment
Share on other sites

"Reg.au3" updated again.

A review to internal function SetPrivilege, allowed the removal of two lines, now unnecessary.

Just keeps getting better and better engine. Keep it up.

George

Question about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.

Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.***

The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.

Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else.

"Old age and treachery will always overcome youth and skill!"

Link to comment
Share on other sites

Has this code been tested on a Domain Controller? It doesn't appear to work correctly.

Edit:

This appears to be because the _Security__LookupAccountSid and _Security__LookupAccountName functions do not return the expected values. This would be because there are no local accounts.

Edited by archrival
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...