Jump to content

RegRead Question


Recommended Posts

Hi to all, i am trying to read this reg values:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSavePidlMRU

I want read all values of the subdirectory (know what people have been opening/saving to when the common file save/open dialog comes up. It's for a security script that im writing DONT worry :bye:

This value seems to be a Binary Value, i have tried BynaryToString function but it seems to not work.

This is my code :

Local $aCount = 0, $bCount = 0
While 1
  $aCount += 1
  If @OSVersion = "WIN_VISTA" Or @OSVersion = "WIN_7" Then
   $Rkey = "HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSavePidlMRU"
  Else
   $Rkey = "HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSaveMRU"
  EndIf
  $enum = RegEnumKey($Rkey, $aCount)
  If @error <> 0 Then ExitLoop
  While 1
   $bCount += 1
   $enum2 = RegEnumVal($Rkey & "" & $enum, $bCount)
   If @error <> 0 Then ExitLoop
   If $enum2 == "MRUList" Then ContinueLoop
   $read = RegRead($Rkey & "" & $enum, $enum2)
   If @OSVersion = "WIN_VISTA" Or @OSVersion = "WIN_7"Then
    ConsoleWrite(BinaryToString($read) & @CRLF) ;This Don't Work
   Else
   ConsoleWrite($read & @CRLF) ;In windows XP there is no encryption, it's work  :)
   EndIf
  WEnd
  $bCount = ""
WEnd

How i can decode this subs key value

I have found on google this topic here, where a guy advice to use the SHGetPathFromIDListW function to convert the binary registry key to a readable system path.

How i can do that with autoit?

Thanks in advantage :oops:

Edited by StungStang
Link to comment
Share on other sites

Hi to all, i am trying to read this reg values:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSavePidlMRU

I want read all values of the subdirectory (know what people have been opening/saving to when the common file save/open dialog comes up. It's for a security script that im writing DONT worry :bye:

This value seems to be a Binary Value, i have tried BynaryToString function but it seems to not work.

This is my code :

Local $aCount = 0, $bCount = 0
While 1
  $aCount += 1
  If @OSVersion = "WIN_VISTA" Or @OSVersion = "WIN_7" Then
   $Rkey = "HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSavePidlMRU"
  Else
   $Rkey = "HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSaveMRU"
  EndIf
  $enum = RegEnumKey($Rkey, $aCount)
  If @error <> 0 Then ExitLoop
  While 1
   $bCount += 1
   $enum2 = RegEnumVal($Rkey & "" & $enum, $bCount)
   If @error <> 0 Then ExitLoop
   If $enum2 == "MRUList" Then ContinueLoop
   $read = RegRead($Rkey & "" & $enum, $enum2)
   If @OSVersion = "WIN_VISTA" Or @OSVersion = "WIN_7"Then
    ConsoleWrite(BinaryToString($read) & @CRLF) ;This Don't Work
   Else
   ConsoleWrite($read & @CRLF) ;In windows XP there is no encryption, it's work  :)
   EndIf
  WEnd
  $bCount = ""
WEnd

How i can decode this subs key value

I have found on google this topic here, where a guy advice to use the SHGetPathFromIDListW function to convert the binary registry key to a readable system path.

How i can do that with autoit?

Thanks in advantage :oops:

Not very sure about this yo, but one time when I was trying to do the same as you, but instead, I was trying to see what data was being stored in some REG_BINARY keys, I discovered that they aren't simply converted into binary as you might assume, I think they are encrypted using CryptProtectData and decrypting them require that you call CryptUnprotectData from the same user context that encrypted the data.
Link to comment
Share on other sites

In that post wakillon mentioned, this is an improved version of that code as it now works on Windows 7 x64 too.

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites

Thanks for the suggestion, i've seen this as guinness suggest to me. But unfortunatly i dont have completly understand how to adapt this function to my script to make possible to read the contenent stored in that REG_BINARY keys. Can anyone help me?

Thanks in advantage for the help :oops:

Link to comment
Share on other sites

Am I experiencing deja vu StungStang? I thought you wrote this message yesterday?

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites

  • Moderators

guinness,

He did. :bye:

StungStang,

Deleting and reposting to act as an "unseen bump" is not acceptable. We can see you did it - do not do it again. :oops:

M23

Public_Domain.png.2d871819fcb9957cf44f4514551a2935.png Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind

Open spoiler to see my UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Link to comment
Share on other sites

I'm busy, but have you checked WinAPIEx?

Edited by guinness

UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Link to comment
Share on other sites

I'm searching about 3 days to find a way to make this possible, but as you seen without success. The only advice found on google is this function "SHGetPathFromIDListW", but i dont know how to do that in autoit and your adviced function don't seems to be the same, and for me doesn't work :oops:

Hi!

Link to comment
Share on other sites

  • Developers

Wondering how long you are going to do the "up" thingy without adding any extra effort from your site.

SciTE4AutoIt3 Full installer Download page   - Beta files       Read before posting     How to post scriptsource   Forum etiquette  Forum Rules 
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Link to comment
Share on other sites

@Jos

Unfortunatly i've no other idea how to help for adding any extra effort to solve the problem. All the advice give to me didn't work, my only hope is this SHGetPathFromIDListW funtion. I have tried to convert that in autoit, but doesnt work, i am sure that it's my foult.

Func _Convert_Reg_To_Text($Reg_Key)
$hwndOwner = 0
$folderPath = DllStructCreate("char[260]")
$result = DllCall("Shell32.dll", "int", "SHGetPathFromIDListW","int", $hwndOwner, "ptr",DllStructGetPtr($folderPath),"int", $Reg_Key)
If @error Then Return SetError(2, 0, "")
Return DllStructGetData($lpszPath, 1)
EndFunc

That's really all :oops:

Edited by StungStang
Link to comment
Share on other sites

I've found the function "SHGetPathFromIDListW" on WinApiEx, but that give me an empty string. But i am not sure how to use correctly this function. This is my code

$Reg_Read = RegRead("HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSavePidlMRU*", "0")
ConsoleWrite($Reg_Read & @CRLF) ;For Testing Purpose Only
If $Reg_Read <> "" Then
MsgBox(0, "", _WinAPI_ShellGetPathFromIDList($Reg_Read))
EndIf

; #FUNCTION# ====================================================================================================================
; Name...........: _WinAPI_ShellGetPathFromIDList
; Description....: Converts an item identifier list to a file system path.
; Syntax.........: _WinAPI_ShellGetPathFromIDList ( $PIDL )
; Parameters.....: $PIDL   - The address of an item identifier list that specifies a file or directory location relative to the
;                           root of the namespace (the desktop).
; Return values..: Success - The file system path.
;                 Failure - Empty string and sets the @error flag to non-zero.
; Author.........: Yashied
; Modified.......:
; Remarks........: None
; Related........:
; Link...........: @@MsdnLink@@ SHGetPathFromIDList
; Example........: Yes
; ===============================================================================================================================
Func _WinAPI_ShellGetPathFromIDList($PIDL)
Local $Ret = DllCall('shell32.dll', 'int', 'SHGetPathFromIDListW', 'ptr', $PIDL, 'wstr', '')
If (@error) Or (Not $Ret[0]) Then
  Return SetError(1, 0, '')
EndIf
Return $Ret[2]
EndFunc   ;==>_WinAPI_ShellGetPathFromIDList

Anyone know how to get it working?

Link to comment
Share on other sites

Anyone know how to get it working?

$Reg_Read = RegRead("HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerComDlg32OpenSavePidlMRU*", "0")
ConsoleWrite($Reg_Read & @CRLF) ;For Testing Purpose Only
If $Reg_Read <> "" Then
    $tPIDL = DllStructCreate('byte[' & BinaryLen($Reg_Read) & ']')
    DllStructSetData($tPIDL, 1, $Reg_Read)
    MsgBox(0, "", _WinAPI_ShellGetPathFromIDList(DllStructGetPtr($tPIDL)))
EndIf
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...