使用REGINI修改注册表权限
2015-09-04 11:28
323 查看
regini regset.ini 就行啦
regset.ini 是你要修改的数据
1、注册表修改
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
test =
c:\windows\system32\fucktheworld.exe
2、注册表权限修改
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [17]
usage: REGINI [-m machinename | -h hivefile hiveroot | -w Win95 Directory]
[-i n] [-o outputWidth]
[-b] textFiles...
where: -m specifies a
remote windows NT machine whose registry is to be manipula
ted.
-h
specifies a specify local hive to manipulate.
-w specifies the paths to a
windows 95 system.dat and user.dat files
-i n specifies the display
indentation multiple. Default is 4
-o outputWidth specifies how wide the
output is to be. By default the
outputWidth is set to the width of the
console window if standard
output has not been redirected to a file. In the
latter case, an
outputWidth of 240 is used.
-b specifies that REGINI
should be backward compatible with older
versions of REGINI that did not
strictly enforce line continuations
and quoted strings Specifically,
REG_BINARY, REG_RESOURCE_LIST and
REG_RESOURCE_REQUIREMENTS_LIST data types
did not need line
continuations after the first number that gave the size of
the data.
It just kept looking on following lines until it found enough data
values to equal the data length or hit invalid input. Quoted
strings
were only allowed in REG_MULTI_SZ. They could not be
specified around key or
value names, or around values for REG_SZ or
REG_EXPAND_SZ Finally, the old
REGINI did not support the semicolon
as an end of line comment character.
textFiles is one or more ANSI or Unicode text files with registry data.
The easiest way to understand the format of the input textFile is to use
the REGDMP command with no arguments to dump the current contents of
your NT Registry to standard out. Redirect standard out to a file and
this file is acceptable as input to REGINI
Some general rules are:
Semicolon character is an end-of-line comment character, provided it
is
the first non-blank character on a line
Backslash character is a line
continuation character. All
characters from the backslash up to but not
including the first
non-blank character of the next line are ignored. If
there is more
than one space before the line continuation character, it is
replaced by a single space.
Indentation is used to indicate the tree
structure of registry keys
The REGDMP program uses indentation in multiples
of 4. You may use
hard tab characters for indentation, but embedded hard tab
characters are converted to a single space regardless of their
position
Values should come before child keys, as they are associated with
the previous key at or above the value's indentation level.
For key
names, leading and trailing space characters are ignored and
not included in
the key name, unless the key name is surrounded by
quotes. Imbedded spaces
are part of a key name.
Key names can be followed by an Access Control
List (ACL) which is a
series of decimal numbers, separated by spaces,
bracketed by a
square brackets (e.g. [8 4 17]). The valid numbers and their
meanings are:
1 - Administrators Full Access
2 - Administrators Read Access
3 - Administrators Read and Write Access
4 - Administrators Read, Write and Delete Access
5 - Creator Full Access
6 - Creator Read and Write Access
7 - World Full Access
8 - World
Read Access
9 - World Read and Write Access
10 - World Read, Write and
Delete Access
11 - Power Users Full Access
12 - Power Users Read and
Write Access
13 - Power Users Read, Write and Delete Access
14 - System
Operators Full Access
15 - System Operators Read and Write Access
16 -
System Operators Read, Write and Delete Access
17 - System Full Access
18 - System Read and Write Access
19 - System Read Access
20 -
Administrators Read, Write and Execute Access
21 - Interactive User Full
Access
22 - Interactive User Read and Write Access
23 - Interactive User
Read, Write and Delete Access
If there is an equal sign on the same line
as a left square bracket
then the equal sign takes precedence, and the line
is treated as a
registry value. If the text between the square brackets is
the
string DELETE with no spaces, then REGINI will delete the key and
any values and keys under it.
For registry values, the syntax
is:
value Name = type data
Leading spaces, spaces on either side
of the equal sign and spaces
between the type keyword and data are ignored,
unless the value name
is surrounded by quotes. If the text to the right of
the equal sign
is the string DELETE, then REGINI will delete the value.
The value name may be left off or be specified by an at-sign
character which is the same thing, namely the empty value name. So
the
following two lines are identical:
= type data
@ = type data
This syntax means that you can't create a value with leading or
trailing spaces, an equal sign or an at-sign in the value name,
unless
you put the name in quotes.
Valid value types and format of data that
follows are:
REG_SZ text
REG_EXPAND_SZ text
REG_MULTI_SZ "string1" "str""ing2" ...
REG_DATE
mm/dd/yyyy HH:MM DayOfWeek
REG_DWORD numberDWORD
REG_BINARY
numberOfBytes numberDWORD(s)...
REG_NONE (same format as REG_BINARY)
REG_RESOURCE_LIST (same format as REG_BINARY)
REG_RESOURCE_REQUIREMENTS
(same format as REG_BINARY)
REG_RESOURCE_REQUIREMENTS_LIST (same format as
REG_BINARY)
REG_FULL_RESOURCE_DESCRIPTOR (same format as REG_BINARY)
REG_QWORD numberQWORD
REG_MULTISZ_FILE fileName
REG_BINARYFILE
fileName
If no value type is specified, default is REG_SZ
For
REG_SZ and REG_EXPAND_SZ, if you want leading or trailing spaces
in the
value text, surround the text with quotes. The value text
can contain any
number of imbedded quotes, and REGINI will ignore
them, as it only looks at
the first and last character for quote
characters.
For REG_MULTI_SZ,
each component string is surrounded by quotes. If
you want an imbedded quote
character, then double quote it, as in
string2 above.
For
REG_BINARY, the value data consists of one or more numbers The
default base
for numbers is decimal. Hexidecimal may be specified
by using 0x prefix. The
first number is the number of data bytes,
excluding the first number. After
the first number must come enough
numbers to fill the value. Each number
represents one DWORD or 4
bytes. So if the first number was 0x5 you would
need two more
numbers after that to fill the 5 bytes. The high order 3 bytes
of the second DWORD would be ignored.
Whenever specifying a registry
path, either on the command line
or in an input file, the following prefix
strings can be used:
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_USER
USER:
Each of these strings can stand alone as
the key name or be followed
a backslash and a subkey path.
REGINI:
No textFile specified
regset.ini 是你要修改的数据
1、注册表修改
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
test =
c:\windows\system32\fucktheworld.exe
2、注册表权限修改
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [17]
usage: REGINI [-m machinename | -h hivefile hiveroot | -w Win95 Directory]
[-i n] [-o outputWidth]
[-b] textFiles...
where: -m specifies a
remote windows NT machine whose registry is to be manipula
ted.
-h
specifies a specify local hive to manipulate.
-w specifies the paths to a
windows 95 system.dat and user.dat files
-i n specifies the display
indentation multiple. Default is 4
-o outputWidth specifies how wide the
output is to be. By default the
outputWidth is set to the width of the
console window if standard
output has not been redirected to a file. In the
latter case, an
outputWidth of 240 is used.
-b specifies that REGINI
should be backward compatible with older
versions of REGINI that did not
strictly enforce line continuations
and quoted strings Specifically,
REG_BINARY, REG_RESOURCE_LIST and
REG_RESOURCE_REQUIREMENTS_LIST data types
did not need line
continuations after the first number that gave the size of
the data.
It just kept looking on following lines until it found enough data
values to equal the data length or hit invalid input. Quoted
strings
were only allowed in REG_MULTI_SZ. They could not be
specified around key or
value names, or around values for REG_SZ or
REG_EXPAND_SZ Finally, the old
REGINI did not support the semicolon
as an end of line comment character.
textFiles is one or more ANSI or Unicode text files with registry data.
The easiest way to understand the format of the input textFile is to use
the REGDMP command with no arguments to dump the current contents of
your NT Registry to standard out. Redirect standard out to a file and
this file is acceptable as input to REGINI
Some general rules are:
Semicolon character is an end-of-line comment character, provided it
is
the first non-blank character on a line
Backslash character is a line
continuation character. All
characters from the backslash up to but not
including the first
non-blank character of the next line are ignored. If
there is more
than one space before the line continuation character, it is
replaced by a single space.
Indentation is used to indicate the tree
structure of registry keys
The REGDMP program uses indentation in multiples
of 4. You may use
hard tab characters for indentation, but embedded hard tab
characters are converted to a single space regardless of their
position
Values should come before child keys, as they are associated with
the previous key at or above the value's indentation level.
For key
names, leading and trailing space characters are ignored and
not included in
the key name, unless the key name is surrounded by
quotes. Imbedded spaces
are part of a key name.
Key names can be followed by an Access Control
List (ACL) which is a
series of decimal numbers, separated by spaces,
bracketed by a
square brackets (e.g. [8 4 17]). The valid numbers and their
meanings are:
1 - Administrators Full Access
2 - Administrators Read Access
3 - Administrators Read and Write Access
4 - Administrators Read, Write and Delete Access
5 - Creator Full Access
6 - Creator Read and Write Access
7 - World Full Access
8 - World
Read Access
9 - World Read and Write Access
10 - World Read, Write and
Delete Access
11 - Power Users Full Access
12 - Power Users Read and
Write Access
13 - Power Users Read, Write and Delete Access
14 - System
Operators Full Access
15 - System Operators Read and Write Access
16 -
System Operators Read, Write and Delete Access
17 - System Full Access
18 - System Read and Write Access
19 - System Read Access
20 -
Administrators Read, Write and Execute Access
21 - Interactive User Full
Access
22 - Interactive User Read and Write Access
23 - Interactive User
Read, Write and Delete Access
If there is an equal sign on the same line
as a left square bracket
then the equal sign takes precedence, and the line
is treated as a
registry value. If the text between the square brackets is
the
string DELETE with no spaces, then REGINI will delete the key and
any values and keys under it.
For registry values, the syntax
is:
value Name = type data
Leading spaces, spaces on either side
of the equal sign and spaces
between the type keyword and data are ignored,
unless the value name
is surrounded by quotes. If the text to the right of
the equal sign
is the string DELETE, then REGINI will delete the value.
The value name may be left off or be specified by an at-sign
character which is the same thing, namely the empty value name. So
the
following two lines are identical:
= type data
@ = type data
This syntax means that you can't create a value with leading or
trailing spaces, an equal sign or an at-sign in the value name,
unless
you put the name in quotes.
Valid value types and format of data that
follows are:
REG_SZ text
REG_EXPAND_SZ text
REG_MULTI_SZ "string1" "str""ing2" ...
REG_DATE
mm/dd/yyyy HH:MM DayOfWeek
REG_DWORD numberDWORD
REG_BINARY
numberOfBytes numberDWORD(s)...
REG_NONE (same format as REG_BINARY)
REG_RESOURCE_LIST (same format as REG_BINARY)
REG_RESOURCE_REQUIREMENTS
(same format as REG_BINARY)
REG_RESOURCE_REQUIREMENTS_LIST (same format as
REG_BINARY)
REG_FULL_RESOURCE_DESCRIPTOR (same format as REG_BINARY)
REG_QWORD numberQWORD
REG_MULTISZ_FILE fileName
REG_BINARYFILE
fileName
If no value type is specified, default is REG_SZ
For
REG_SZ and REG_EXPAND_SZ, if you want leading or trailing spaces
in the
value text, surround the text with quotes. The value text
can contain any
number of imbedded quotes, and REGINI will ignore
them, as it only looks at
the first and last character for quote
characters.
For REG_MULTI_SZ,
each component string is surrounded by quotes. If
you want an imbedded quote
character, then double quote it, as in
string2 above.
For
REG_BINARY, the value data consists of one or more numbers The
default base
for numbers is decimal. Hexidecimal may be specified
by using 0x prefix. The
first number is the number of data bytes,
excluding the first number. After
the first number must come enough
numbers to fill the value. Each number
represents one DWORD or 4
bytes. So if the first number was 0x5 you would
need two more
numbers after that to fill the 5 bytes. The high order 3 bytes
of the second DWORD would be ignored.
Whenever specifying a registry
path, either on the command line
or in an input file, the following prefix
strings can be used:
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_USER
USER:
Each of these strings can stand alone as
the key name or be followed
a backslash and a subkey path.
REGINI:
No textFile specified
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- MariaDB 5.5.44 for CentOS7 简单安装
- 递归查找子窗口
- 10分钟掌握Linux vi编辑器常见命令的使用,最简单的vi编辑器教程
- 面试题:描述一下C程序的编译过程
- 远程开共享
- chrome与pdf的事情
- Oracle主要学习资源绝对干货-DBA之路
- AI (Adobe Illustrator)详细用法(三)
- WINRAR 自解压脚本命令及变量
- POJ 3071 概率DP
- 在Notepad++里配置python环境
- spark 安装与设置
- 11.7 Matlab 访问文件
- HDU 1402(A * B Problem Plus-FFT速度测试)
- HDU1175 连连看(DFS)
- 运行tomcat7w.exe,提示:指定的服务未安装unable to open the service tomcat7
- native2ascii命令一点心得
- SQLCMD
- JAVAmap容器基本使用
- 使用Ping来做等待的时间计算