Sign in to follow this  
Followers 0
ViciousXUSMC

String to Binary RegWrite

7 posts in this topic

So I am trying to write a script that can take the current computer name and write it to a registry key.

This key uses REG_BINARY type of key and looks like this:

Value 1
  Name:            LocalName
  Type:            REG_BINARY
  Data:            
00000000   54 4f 55 47 48 42 4f 4f - 4b 36 30 39 38 00 00 00  TOUGHBOOK6098...
00000010   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000020   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000030   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000040   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000050   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000060   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000070   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000080   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
00000090   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000a0   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000b0   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000c0   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000d0   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000e0   00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000f0   00 00 00 00 00 00 00 00 -                          ........

Its apparently very important that all the ending 00's are in there I found this out as I was working on some other keys that had to do with security settings, and if the key was say 01 00 00 putting any less or any extra ending zeros would cause the change in the regsitry to not effect the software.

So what I am attempting to do is use the @ComputerName macro and plug it into a StringtoBinary() function and then write it to the registry.

The challenge I face is how to fill in the entire binary value for the registry key and not just the converted strings value.

I wonder if there is some easy code to do that.  I imagine there must be a few ways but I am looking for the most straight forward/easiest. 

Also on a side note, instead of using RegWrite is there a way to create a .REG file that I can call from CMD with Reg Import?

This is being done at an enterprise level and the users do not have access to write to the registry, but they can import a reg file via .bat or in my case a Autoit .exe with @ComSpec

Currently I am importing all the "static" keys I need for configuration, but computer name is dynamic so that is why I am trying to find a way to use the @ComputerName macro to insert that value.

Regards,

Share this post


Link to post
Share on other sites



The easy way ... you said

RegWrite("HKCUSoftwareMicrosoftWindowsCurrent VersionSettingsClickTask.comX-" & $program_name, "002", "REG_SZ", _StringEncrypt( 1, @ComputerName))

 

Thats what I used...

8)


NEWHeader1.png

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Another method: 

ConsoleWrite(StringToBinaryFixed(@ComputerName, 16) & @CRLF)

Func StringToBinaryFixed($sString, $iLength)
    Local $tChar = DllStructCreate("CHAR[" & $iLength & "]")
    Local $tByte = DllStructCreate("BYTE[" & $iLength & "]", DllStructGetPtr($tChar))

    DllStructSetData($tChar, 1, $sString)

    Return DllStructGetData($tByte, 1)
EndFunc
Edited by Tekk

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Managed to come up with my own solution, very crude but very simple :)

I am sure it can be tightened up to be cleaner and still use this same technique

This wont help me get past the fact normal users do not have admin access to the registry so I will have to see if there is a way to make a .REG file out of my result and also still further yet need a simple check to see if the machine in 32bit or 64bit since they use different HKLM directories for software.

Looking forward to see what you guys can add.

;Name to REG Binary Test
;496 Zeros

$part1 = StringtoBinary(@ComputerName)
$part2 = "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" & _
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"

$final = $part1 & $part2

$result = StringLeft($final, 496)
MsgBox(0, "", $result)

RegWrite("HKLM\Software\TOSHIBA", "Test", "REG_BINARY", $result)
Edited by ViciousXUSMC

Share this post


Link to post
Share on other sites

Not sure this is what you're after but...

#include <FileConstants.au3>

Global $g_dData = StringToBinaryFixed(@ComputerName, 247)

$g_dData = StringTrimLeft($g_dData, 2)
$g_dData = StringRegExpReplace($g_dData, "[0-9A-F]{2}", "\0,")
$g_dData = StringTrimRight($g_dData, 1)
$g_dData = StringLower($g_dData)

Global $g_sHive

If (@OSArch == "X86") Then
    $g_sHive = "HKEY_LOCAL_MACHINE\SOFTWARE\Toshiba"
Else
    $g_sHive = "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Toshiba"
EndIf

Global $g_sValue = "Test"

Global $g_sFileText = StringFormat('Windows Registry Editor Version 5.00\n\n[%s]\n"%s"=hex:%s', $g_sHive, $g_sValue, $g_dData)

Global $g_hFile = FileOpen(@DesktopDir & "\RegKey.reg", $FO_OVERWRITE + $FO_CREATEPATH) ;~ Create .reg file on desktop.
FileWrite($g_hFile, $g_sFileText)
FileClose($g_hFile)

Func StringToBinaryFixed($sString, $iLength)
    Local $tChar = DllStructCreate("CHAR[" & $iLength & "]")
    Local $tByte = DllStructCreate("BYTE[" & $iLength & "]", DllStructGetPtr($tChar))

    DllStructSetData($tChar, 1, $sString)

    Return DllStructGetData($tByte, 1)
EndFunc

Share this post


Link to post
Share on other sites

#RequireAdmin

@osarch

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • X_xkijux_x
      By X_xkijux_x
      Ok so im using this program. clarify for school. I would like to have a program that takes every word i type in microsoft word and searches on it in claryfi. is this possible. I would like to have the program not stopping me from typing more after that word. Like when i type a word it auto search it on clarify without making me stop typing and if i want to change i can do that and if im fine that word i can just keep typing and it will search after the next word. 
    • Miliardsto
      By Miliardsto
      Is this possible to make program works like in diagram? There is so much encryption methods and UDFs are they give security? If the $Address will be crypted with some encryption algorithm could be possible to get the value of $Address in easy way? Of course We know its easy too look into autoit code and get value of variable and so We dont want to anyone see $Address value - there are functions Could func1.au3, func2.au3.. be for example func1.php or other type of file? As we know .php files are unnable to see. For example func1 would be read by FileRead() and then Execute() Is this generally possible to do?
      Will it give secure?
      What do you think about? Maybe there is something wrong in this concept or missed.

    • JaredStroeb
      By JaredStroeb
      I need to open an application and send it keys in Session 0.  I have exe's working locally, I can see the application open in session 0 through interactive services, but my send commands do not go to the application.  The following article running-autoit-session-0, directs me to use ControlSend() however my application has no controls that can be identified by AutoIt v3 Window Info.  Get All Windows Controls also returned nothing for the application's handle.  
      What are my options?  
      Can this be done with AutoIt?
      Is there a different "relatively simple" library/tool to use? (I am familiar with C# if there is a viable library there )

       
    • nassausky
      By nassausky
      Hey all,
      Has anyone created any queries for youtube? I was thinking it might be something like this but can't quite figure it out:
      $oIE = _IECreateEmbedded() _IENavigate($oIE,"https://www.youtube.com") Local $oForms = _IETagNameGetCollection($oIE, "form") Local $sTxt = "" For $oForm In $oForms If $oForm.id = "masthead-search" Then $oInputs = _IETagNameGetCollection($oIE, "input") For $oInput In $oInputs If $oInput.id = "masthead-search-term" Then _IEFormElementSetValue($oInput, "cards") _IEFormSubmit($oForm) EndIf Next EndIf Next  
    • Skysnake
      By Skysnake
      Scite comes up occasional, almost incidentally, in some support topics.  I have not found a "Scite" topic in the forums, so this is where I will start.  I have recently been using Scite intensively, specifically with a large project and I have certain issues.  I know that Scite is not an AutoIt product, but it is so closely integrated to the core release that it makes sense to raise issues and request support here.  If this is not the right please refer me to the right forum.
      Thx
       
      Skysnake