Registry UDFs

58 posts in this topic

#1 ·  Posted (edited)

SecurityEx.au3

Reg.au3

(Requires SecurityEx.au3 from above)

Current functions:

_RegLoadHive

_RegRestoreHive

_RegSaveHive

_RegUnloadHive

Features:

These functions support remote computers.

Notes:

All functions are supposed to work on Windows 2000 and later

HKCUReg.au3

(Requires Reg.au3 from above)

Current functions:

_HKCU_Delete

_HKCU_EnumKey

_HKCU_EnumVal

_HKCU_Import

_HKCU_Read

_HKCU_Write

Features:

With the exception of _HKCU_Import, all functions support remote computers.

It's possible to specify one user account or use all accounts on a computer at once.

Both local accounts and domain like accounts are supported.

Notes:

_HKCU_Import is supposed to work on Windows XP and later.

The rest are supposed to work on Windows 2000 and later.

Reg.au3 requires SecurityEx.au3 on the same folder to work properly.

HKCUReg.au3 requires Reg.au3 and SecurityEx.au3 on the same folder to work properly.

Edited by engine
1 person likes this

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites



#5 ·  Posted

Nice tools, I've been doing this same thing but using the command line from my scripts, this may just make my scripts a little cleaner.

Thanks

Share this post


Link to post
Share on other sites

#6 ·  Posted

Nice work engine.


GeorgeQuestion about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.*** The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else."Old age and treachery will always overcome youth and skill!"

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Thanks guys.

Reg.au3 was updated again.

I wasn't quite happy with one of the internal functions, "Split_sRootKey". So I couldn't stop thinking about it. And I have just rewritten it.

Also now SetPrivilege is called immediately before it is needed.

Regards.

Edited by engine

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#8 ·  Posted

This is great, thanks!

Share this post


Link to post
Share on other sites

#9 ·  Posted

Updated.

_RegLoadHive and _RegUnloadHive syntax changed.

It's now easier and identical to all the other functions.

Syntax for the rest of the functions is the same.


My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

Updated both UDFs.

Function "GetProfile" no longer use WMI and use Windows APIs instead.

Windows APIs have less requirements and should run faster. They should also run on all Windows NT based OS.

Also, now a temporary non existent SID is generated for the "Default User", to work as the temporary hive.

I need feedback from people that are using these functions on Networks with thousands of computers. Need to know if they execute within a reasonable time period.

Please try this.

#include <Array.au3>
#include "HKCUReg.au3"

$sComputer = @ComputerName ; Replace with your own remote computer name

$a = GetProfile("", $sComputer)
_ArrayDisplay($a)

Exit

And tell me if it runs fast. There is no need to post the result.

Thanks.

Edited by engine

My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#12 ·  Posted

alot faster!

thanks engine

Share this post


Link to post
Share on other sites

#13 ·  Posted

Updated "Reg.au3".

SetPrivilege function now returns the previous privileges states, if they were modified.

For increased security, previous privileges states are restored immediately after the needed elevation of privilege.


My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#14 ·  Posted

How would you suggest I delete multiple registry values from the same user hive without loading and unloading all the user hives for each value? I know I can modify the function to handle this, but is there any builtin functionality already?

Share this post


Link to post
Share on other sites

#15 ·  Posted

There isn't built in functionality for that purpose.

Instead I suggest you use _RegLoadHive and _RegUnloadHive functions on your script. That if you have a high amount of RegDelete operations you need to do on the same user hive.

Regards.


My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#16 ·  Posted

I ended up modifying the HKCU Delete function to accept an array as well, the array contains the list of registry keys to delete. Thanks for this code, it's excellent!

Share this post


Link to post
Share on other sites

#17 ·  Posted

I ended up modifying the HKCU Delete function to accept an array as well, the array contains the list of registry keys to delete. Thanks for this code, it's excellent!

Great idea!

If time and will permits, I might modify Write, Delete and Read functions to accept both strings and arrays.

Regards.


My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#18 ·  Posted

"Reg.au3" updated again.

A review to internal function SetPrivilege, allowed the removal of two lines, now unnecessary.


My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]

Share this post


Link to post
Share on other sites

#19 ·  Posted

"Reg.au3" updated again.

A review to internal function SetPrivilege, allowed the removal of two lines, now unnecessary.

Just keeps getting better and better engine. Keep it up.

GeorgeQuestion about decompiling code? Read the decompiling FAQ and don't bother posting the question in the forums.Be sure to read and follow the forum rules. -AKA the AutoIt Reading and Comprehension Skills test.*** The PCRE (Regular Expression) ToolKit for AutoIT - (Updated Oct 20, 2011 ver:3.0.1.13) - Please update your current version before filing any bug reports. The installer now includes both 32 and 64 bit versions. No change in version number.Visit my Blog .. currently not active but it will soon be resplendent with news and views. Also please remove any links you may have to my website. it is soon to be closed and replaced with something else."Old age and treachery will always overcome youth and skill!"

Share this post


Link to post
Share on other sites

#20 ·  Posted (edited)

Has this code been tested on a Domain Controller? It doesn't appear to work correctly.

Edit:

This appears to be because the _Security__LookupAccountSid and _Security__LookupAccountName functions do not return the expected values. This would be because there are no local accounts.

Edited by archrival

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now