Context Navigation

reglookup.1.t2t @ 51

Last change on this file since 51 was 49, checked in by tim, 19 years ago
updated documentation
File size: 3.0 KB

Rev	Line
[9]	1	reglookup
	2
	3
	4	=NAME=
[45]	5	reglookup - windows NT+ registry reader/lookup tool
[9]	6
	7
	8	=SYNOPSIS=
	9	reglookup [options] <REGISTRY_FILE>
	10
	11
	12	=DESCRIPTION=
[45]	13	reglookup is designed to read windows registry elements and
	14	print them out to stdout in a CSV-like format. It has filtering
	15	options to narrow the focus of the output. This tool is
	16	designed to work with on windows NT/2K/XP/2K3 registries, though
	17	your mileage may vary.
[9]	18
	19
	20	=OPTIONS=
[45]	21	-p <PREFIX_FILTER>
	22	Specify a path prefix filter. Only keys/values under
	23	this registry path will be output.
[9]	24
[45]	25	-t <TYPE_FILTER>
[9]	26	Specify a type filter. Only elements which match this
	27	registry data type will be printed. Acceptable values
[45]	28	are: SZ,EXPAND_SZ,BINARY,DWORD,DWORD_BE,LINK,MULTI_SZ,
	29	RSRC_LIST,RSRC_DESC,RSRC_REQ_LIST,KEY
[9]	30
[47]	31	-h Enables the printing of a column header row. (default)
	32
	33	-H Disables the printing of a column header row.
	34
[45]	35	-s Adds four additional columns to output containing
	36	information from key security descriptors. The columns
	37	are: owner, group, sacl, dacl.
	38	(This feature's output probably contains bugs right now.)
	39
	40	-S Disables the printing of security descriptor
[47]	41	information. (default)
[45]	42
[9]	43	-v Verbose output.
[45]	44	(Currently does little to nothing.)
[9]	45
	46
	47	REGISTRY_FILE
	48	Required argument. Specifies the location of the
	49	registry file to read. Typically, these files will be
[45]	50	found on a NTFS partition under
[9]	51	%SystemRoot%/system32/config.
	52
	53
	54	=EXAMPLES=
[45]	55	To read and print the contents of an entire system registry
	56	file:
[9]	57
[28]	58	reglookup /mnt/win/c/WINNT/system32/config/system
[9]	59
	60	To limit the output to just those entries under the Services
	61	key:
	62
[45]	63	reglookup -p /ControlSet002/Services /mnt/win/c/WINNT/system32/config/system
[9]	64
[45]	65	To limit the output to all registry values of type BINARY:
[9]	66
[45]	67	reglookup -t BINARY /mnt/win/c/WINNT/system32/config/system
[9]	68
[45]	69	And to limit the output to BINARY values under the Services key:
[9]	70
[45]	71	reglookup -t BINARY -p /ControlSet002/Services /mnt/win/c/WINNT/system32/config/system
[9]	72
	73
	74	=BUGS=
	75	The current incarnation of this program has only been tested on
[45]	76	windows 2K/XP.
[9]	77
[49]	78	Verbose output is not working. MTIME and SID conversions
	79	haven't been checked for accuracy.
[45]	80
[9]	81	You'll notice that registry paths aren't all the same as the
[45]	82	ones the equivalents you see in the windows registry editor.
	83	Don't ask me why that is. I just work here.
[9]	84
	85	This software should be considered unstable at this time.
	86
	87
	88	=CREDITS=
[45]	89	This program was initially based on editreg.c by
	90	Richard Sharpe. It has since been rewritten to use a modified
	91	version the regfio library written by Gerald Carter. Heavy
	92	modifications to the library and the original command line
	93	interface have been done by Timothy D. Morgan.
[9]	94
	95	Please see source code for a full list of copyrights.
	96
	97
	98	=LICENSE=
	99	Please see the file "LICENSE" included with this software
	100	distribution.
	101
	102	This program is distributed in the hope that it will be useful,
	103	but WITHOUT ANY WARRANTY; without even the implied warranty of
	104	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	105	GNU General Public License version 2 for more details.

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format