Skip to content

Latest commit

 

History

History
140 lines (99 loc) · 4.19 KB

README.md

File metadata and controls

140 lines (99 loc) · 4.19 KB

PyRegedit

Table of Contents

Project for GUI editor of Windows Registry hives. This project aim to allow users to access their data from Linux platform, without using any Microsoft proprietary API.

alt Screenshot

  • Show directory structure like tree view
  • Show list of keys -> values foreach node
  • Add new node to node tree
  • Remove node from node tree
  • Edit registry key value
  • Add new registry key value
  • Deleting single key

Install package

  • download debian package - pyregedit_1.0-1.deb
  • install gdebi - sudo apt-get update && sudo apt-get install gdebi
  • install package and dependencies sudo gdebi pyregedit_1.0-1.deb
  • after install check manual man pyregedit
  • run it - pyregedit

Install from source

  • clone content of this repository
  • install dependencies - sudo apt-get install python2.7 python-wxgtk2.8 python-hivex
  • run it by python pyregedit.py
  • libhivex 1.3.6
  • wxPython
  • python 2.7

There is results of various tests, that should cover basic operation. Purpouse of this tests is prove that data is safely saved and Windows can read them correctly.

Windows -> Linux

Operation Windows XP Windows 7 Professional Windows 8.1
Create 3 top keys by Regedit32 and read them by PyRegedit. Yes Yes Yes
Create 3 subkeys by Regedit32 and read them by PyRegedit. Yes Yes Yes
Create 2 new values in key – REG_SZ, REG_DWORD and read them by PyRegedit. Yes Yes Yes
Change 2 values by PyRegedit and read them by Regedit32. Yes Yes Yes
Remove one key from hive by PyRegedit and check result in Regedit32 Yes Yes Yes

Linux -> Windows

Operation Windows XP Windows 7 Professional Windows 8.1
Create 3 top keys by PyRegedit and read them by Regedit32. Yes Yes Yes
Create 3 subkeys by PyRegedit and read them by Regedit32. Yes Yes Yes
Create 2 new values in key – REG_SZ, REG_DWORD and read them by Regedit32 Yes Yes Yes
Change 2 values by Regedit32 and read them by PyRegedit Yes Yes Yes
Remove one key from hive by Regedit32 and check result in PyRegedit Yes Yes Yes

Is changes directly saved to hive?

No. All changes which you made on current hive are not saved until you manually saved it. Also, after first save is made a backup copy - which should help, when something happened with original file.

How is performed changes of hive?

About all low-end operations with hive is responsible library hivex, this library is designed to change values directly in binary structure of any hive.

Is there any limitations?

Yes, this editor is only interface for communication with library hivex. If hivex doesn't support any type of operation it's not possible to do that. For more please see this - http://libguestfs.org/hivex.3.html

Why I should use this and not hivex directly?

This editor should only make easier access to hive for users, which are not so technical advanced to use hivex directly from command line or program their own solution.

Author

Martin Klíma martin.klima@hotmail.cz