Skip to content

VolatileMindsLLC/ntreg-sharp

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 1 tag
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
reg_key_reader
 
 
LICENSE
 
 
NodeKey.cs
 
 
README.md
 
 
RegistryHive.cs
 
 
ValueKey.cs
 
 
ntreg-sharp.csproj
 
 
ntreg-sharp.sln
 
 

README.md

ntreg-sharp

This library enables a .NET or Mono programmer to read, and to an extent write to, offline NT registry hives.

Write support is basically experimental, and has a few caveats:

  1. The new string or data must be less than or equal the size of the original string or data

  2. If the string or data is less than the original, null bytes are appended.

I call this lazy writing, because the real way to do this is to update the node and value key data lengths AND the data itself, which requires expanding or contracting the size of the original hive. This is a bit more complicated. For most of my purposes, this lazy-write method has worked well. For instance, NTLM hashes are all the same size. :)

About

Offline parsing of NT registry hives.

www.volatileminds.net

Resources

Readme

License

MIT license

Stars

3 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages