Context Navigation

reglookup.1.docbook @ 63

Last change on this file since 63 was 63, checked in by tim, 18 years ago
converted source of man page to Docbook XML.
File size: 7.4 KB

Rev	Line
[63]	1	<?xml version="1.0" encoding="UTF-8"?>
	2	<refentry id='reglookup.1'>
	3	<!-- $Id: $ -->
	4	<refmeta>
	5	<refentrytitle>reglookup</refentrytitle>
	6	<manvolnum>1</manvolnum>
	7	<refmiscinfo class="sectdesc">File Conversion Utilities</refmiscinfo>
	8	</refmeta>
	9	<refnamediv id='name'>
	10	<refname>reglookup</refname>
	11	<refpurpose>windows NT+ registry reader/lookup tool</refpurpose>
	12	</refnamediv>
	13
	14	<refsect1 id='syntax'>
	15	<title>SYNOPSIS</title>
	16	<para>
	17	<command>reglookup [options]</command> <replaceable>registry-file</replaceable>
	18	</para>
	19	</refsect1>
	20
	21	<refsect1 id='description'>
	22	<title>DESCRIPTION</title>
	23	<para>
	24	reglookup is designed to read windows registry elements and
	25	print them out to stdout in a CSV-like format. It has filtering
	26	options to narrow the focus of the output. This tool is
	27	designed to work with on windows NT/2K/XP/2K3 registries, though
	28	your mileage may vary.
	29	</para>
	30	</refsect1>
	31
	32	<refsect1 id='caveats'>
	33	<title>OPTIONS</title>
	34	<para>
	35	<command>reglookup</command> accepts the following parameters:
	36	</para>
	37
	38	<variablelist remap='IP'>
	39	<varlistentry>
	40	<term>
	41	<option>-p <replaceable>prefix-filter</replaceable></option>
	42	</term>
	43	<listitem>
	44	<para>
	45	Specify a path prefix filter. Only keys/values under
	46	this registry path will be output.
	47	</para>
	48	</listitem>
	49	</varlistentry>
	50	</variablelist>
	51
	52	<variablelist remap='IP'>
	53	<varlistentry>
	54	<term>
	55	<option>-t <replaceable>type-filter</replaceable></option>
	56	</term>
	57	<listitem>
	58	<para>
	59	Specify a type filter. Only elements which match this
	60	registry data type will be printed. Acceptable values
	61	are:
	62	<command>
	63	NONE, SZ, EXPAND_SZ, BINARY, DWORD, DWORD_BE,
	64	LINK, MULTI_SZ, RSRC_LIST, RSRC_DESC, RSRC_REQ_LIST,
	65	</command>
	66	and
	67	<command>
	68	KEY
	69	</command>
	70	</para>
	71	</listitem>
	72	</varlistentry>
	73	</variablelist>
	74
	75	<variablelist remap='IP'>
	76	<varlistentry>
	77	<term>
	78	<option>-h</option>
	79	</term>
	80	<listitem>
	81	<para>
	82	Enables the printing of a column header row. (default)
	83	</para>
	84	</listitem>
	85	</varlistentry>
	86	</variablelist>
	87
	88	<variablelist remap='IP'>
	89	<varlistentry>
	90	<term>
	91	<option>-H</option>
	92	</term>
	93	<listitem>
	94	<para>
	95	Disables the printing of a column header row.
	96	</para>
	97	</listitem>
	98	</varlistentry>
	99	</variablelist>
	100
	101	<variablelist remap='IP'>
	102	<varlistentry>
	103	<term>
	104	<option>-s</option>
	105	</term>
	106	<listitem>
	107	<para>
	108	Adds four additional columns to output containing
	109	information from key security descriptors. The columns
	110	are: owner, group, sacl, dacl.
	111	(This feature's output probably contains bugs right now.)
	112	</para>
	113	</listitem>
	114	</varlistentry>
	115	</variablelist>
	116
	117	<variablelist remap='IP'>
	118	<varlistentry>
	119	<term>
	120	<option>-S</option>
	121	</term>
	122	<listitem>
	123	<para>
	124	Disables the printing of security descriptor
	125	information. (default)
	126	</para>
	127	</listitem>
	128	</varlistentry>
	129	</variablelist>
	130
	131	<variablelist remap='IP'>
	132	<varlistentry>
	133	<term>
	134	<option>-v</option>
	135	</term>
	136	<listitem>
	137	<para>
	138	Verbose output. (Currently does little to nothing.)
	139	</para>
	140	</listitem>
	141	</varlistentry>
	142	</variablelist>
	143
	144	<variablelist remap='IP'>
	145	<varlistentry>
	146	<term>
	147	<option><replaceable>registry-file</replaceable></option>
	148	</term>
	149	<listitem>
	150	<para>
	151	Required argument. Specifies the location of the
	152	registry file to read. Typically, these files will be
	153	found on a NTFS partition under
	154	<command>%SystemRoot%/system32/config</command>.
	155	</para>
	156	</listitem>
	157	</varlistentry>
	158	</variablelist>
	159	</refsect1>
	160
	161	<refsect1 id='output'>
	162	<title>OUTPUT</title>
	163	<para>
	164	<!-- XXX: this should be a bit more formal -->
	165	<command>reglookup</command> generates a comma-separated values (CSV)
	166	compatible format to stdout. The format is designed to simplify parsing
	167	algorithms of other tools by quoting CSV special characters using a
	168	common hexadecimal format. Specifically, special characters or non-ascii
	169	bytes are converted to "\xQQ" where QQ is the hexadecimal value for
	170	the byte.
	171	</para>
	172	</refsect1>
	173
	174	<refsect1 id='examples'>
	175	<title>EXAMPLES</title>
	176	<para>
	177	To read and print the contents of an entire system registry
	178	file:
	179	</para>
	180	<para>
	181	<screen>
	182	reglookup /mnt/win/c/WINNT/system32/config/system
	183	</screen>
	184	</para>
	185	<para>
	186	To limit the output to just those entries under the Services
	187	key:
	188	</para>
	189	<para>
	190	<screen>
	191	reglookup -p /ControlSet002/Services /mnt/win/c/WINNT/system32/config/system
	192	</screen>
	193	</para>
	194	<para>
	195	To limit the output to all registry values of type BINARY:
	196	</para>
	197	<para>
	198	<screen>
	199	reglookup -t BINARY /mnt/win/c/WINNT/system32/config/system
	200	</screen>
	201	</para>
	202	<para>
	203	And to limit the output to BINARY values under the Services key:
	204	</para>
	205	<para>
	206	<screen>
	207	reglookup -t BINARY -p /ControlSet002/Services /mnt/win/c/WINNT/system32/config/system
	208	</screen>
	209	</para>
	210	</refsect1>
	211
	212	<refsect1 id='bugs'>
	213	<title>BUGS</title>
	214	<para>
	215	This program has only been tested on a few different systems.
	216	(Please report results to the development list if you test it
	217	on Windows NT 4.0, 2003, or Vista registries. Also, if you
	218	test on any 64-bit architecture, please contact us.)
	219	</para>
	220	<para>
	221	Verbose output is not working.
	222	</para>
	223	<para>
	224	MTIME and SID conversions haven't been checked for accuracy.
	225	</para>
	226	<para>
	227	Backslashes are currently considered special characters, to make
	228	parsing easier for automated tools. However, this causes paths
	229	to be difficult to read.
	230	</para>
	231	<para>
	232	You'll notice that registry paths aren't all the same as the
	233	ones the equivalents you see in the windows registry editor.
	234	Don't ask me why that is. I just work here.
	235	</para>
	236	<para>
	237	This software should be considered unstable at this time.
	238	</para>
	239	</refsect1>
	240
	241	<refsect1 id='credits'>
	242	<title>CREDITS</title>
	243	<para>
	244	This program was initially based on editreg.c by
	245	Richard Sharpe. It has since been rewritten to use a modified
	246	version the regfio library written by Gerald Carter. Heavy
	247	modifications to the library and the original command line
	248	interface have been done by Timothy D. Morgan.
	249	</para>
	250	<para>
	251	Please see source code for a full list of copyrights.
	252	</para>
	253	</refsect1>
	254
	255	<refsect1 id='license'>
	256	<title>LICENSE</title>
	257	<para>
	258	Please see the file "LICENSE" included with this software
	259	distribution.
	260	</para>
	261	<para>
	262	This program is distributed in the hope that it will be useful,
	263	but WITHOUT ANY WARRANTY; without even the implied warranty of
	264	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	265	GNU General Public License version 2 for more details.
	266	</para>
	267	</refsect1>
	268	</refentry>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format