News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

REG <-> HIVE file conversion question

Started by TASMUser, September 20, 2010, 10:08:19 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

TASMUser

September 20, 2010, 10:08:19 PM
I want to convert binary "hive" files to text based "reg" files created by REGEDIT.EXE or REG.EXE or any other program.

1) Is there any ready-to-use program available for this purpose?
2) If not 1), are there any WinAPI functions which can be used to convert these file types straightly without the need to import/export the "hive"/"reg" file into/from the registry?

I couldn't find any information at the M$ site which fit my needs.

Thanks in advance for any help.

ecube

#1
September 20, 2010, 10:14:41 PM
there's some source out there, but what you're asking about "raw registry hives" is heavily undocumented and definitely not easy to do. Because the thing is in later versions of windows user access rights etc apply to the registry, using the hives directly would bypass that, so microsoft has no reason to document any of that.

KeepingRealBusy

#2
September 21, 2010, 02:43:33 AM
TASMUser ,

In 2002 at B Dalton's bookstore, when I was buying my MASM book (Kip's book), I also saw on display a very large book (larger and thicker than Kip's book) on the Registry by Microsoft Press. That was 8 years ago and I do not remember the name of the book, I was really interested in learning MASM. Since All Microsoft books are registered with ISBN, maybe the title can be obtained, then search the Web for a copy.

Dave.

Vortex

#3
September 21, 2010, 05:21:21 PM Last Edit: September 21, 2010, 07:08:50 PM by Vortex
Hi TASMUser,

Did you check the RegLoadKey and RegSaveKey functions?

EDIT : SaveRegToFile - Save a registry subkey to a .reg file

Twister

#4
September 22, 2010, 12:41:07 AM
What this guy is wanting to do (from what I can understanding) is dumping the Registry Hives to readable text. shows directories and all.

donkey

#5
September 22, 2010, 06:19:35 AM
The HIVEX library is a fairly easy to use library that can be used to directly access the registry hive. Haven't looked at it for a while so I'm not sure about registry security issues but its worth a try.

http://libguestfs.org/hivex.3.html
"Ahhh, what an awful dream. Ones and zeroes everywhere...[shudder] and I thought I saw a two." -- Bender
"It was just a dream, Bender. There's no such thing as two". -- Fry
-- Futurama

Donkey's Stable

TASMUser

#6
October 04, 2010, 04:08:14 PM
Quote from: GTX on September 22, 2010, 12:41:07 AM
What this guy is wanting to do (from what I can understanding) is dumping the Registry Hives to readable text. shows directories and all.
Exactly. I've got a .hiv file and want to convert it to a .reg file.

@donkey:
Thank you for the hint to the "hivex" library. Unfortunatly I can't compile it because it seems to be specialized for using only in linux with their special compiler. Also some header files are missing and many compiler switches within the .h files are undocumented. Very annoying.

Vortex

#7
October 04, 2010, 07:39:56 PM
Hi TASMUser,

Do you have the chance to convert the Linux object modules to MS COFF modules?  Linux uses the ELF object file format.

Here is the tool Object file converter by Agner Fog :

http://agner.org/optimize/#objconv
Print
Go Up Pages1
User actions