In [1]:
# update pip and setuptools
import sys
!{sys.executable} -m pip install --upgrade pip
!{sys.executable} -m pip install --upgrade setuptools

# install lib_registry from pypi
!{sys.executable} -m pip install --upgrade lib_registry

# install lib_registry from github
!{sys.executable} -m pip install --upgrade git+https://github.com/bitranox/lib_registry.git

Collecting pip
  Downloading pip-23.2-py3-none-any.whl (2.1 MB)
[2K     [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m2.1/2.1 MB[0m [31m15.9 MB/s[0m eta [36m0:00:00[0m00:01[0m00:01[0m
[?25hInstalling collected packages: pip
  Attempting uninstall: pip
    Found existing installation: pip 23.1.2
    Uninstalling pip-23.1.2:
      Successfully uninstalled pip-23.1.2
Successfully installed pip-23.2
Collecting setuptools
  Obtaining dependency information for setuptools from https://files.pythonhosted.org/packages/c7/42/be1c7bbdd83e1bfb160c94b9cafd8e25efc7400346cf7ccdbdb452c467fa/setuptools-68.0.0-py3-none-any.whl.metadata
  Downloading setuptools-68.0.0-py3-none-any.whl.metadata (6.4 kB)
Downloading setuptools-68.0.0-py3-none-any.whl (804 kB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m804.0/804.0 kB[0m [31m14.0 MB/s[0m eta [36m0:00:00[0ma [36m0:00:01[0m
[?25hInstalling collected packages: setuptools
  Attempting uninstall: setuptools
    Found 

In [2]:
# please be noted that the lib_registry interface will change (a lot) in the future, to offer pathlib-like
# behaviour, as well as context managers, etc.

# this version is fully functional however and allows to read / write / query the windows registry
# here a few examples !

# lib_registry is using fake_winreg to simulate a windows registry on linux, so this is possible here on jupyter.
from lib_registry import *
registry=Registry()

In [3]:
# query values - there are only a few values set in the fake registry You can query here.
# on Your windows machine of course You can query all values You have permission for.
registry.get_value(key='HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion', value_name='CurrentBuild')

'18363'

In [4]:
# all subkeys, values, etc use generator objects
registry.subkeys(winreg.HKEY_USERS)

<generator object Registry.subkeys at 0x7f81a6a3ab20>

In [5]:
# so lets make a list of all subkeys of HKEY_USERS
list(registry.subkeys(winreg.HKEY_USERS))

['.DEFAULT',
 'S-1-5-18',
 'S-1-5-19',
 'S-1-5-20',
 'S-1-5-21-206651429-2786145735-121611483-1001',
 'S-1-5-21-206651429-2786145735-121611483-1001_Classes']

In [6]:
# create a key - pathlib like options (in preparation to pathlib-like behaviour)
testkey=r'HKCU\\Software\\lib_registry_test'
reg_handle = registry.create_key(testkey, exist_ok=True, parents=True)

In [7]:
# set a value, REG_TYPE can be given or is automatically set
binary_test_value=(chr(128512) * 10).encode('utf-8')
registry.set_value(testkey, value_name='test_string', value='HAM')
registry.set_value(testkey, value_name='test_multi_string', value=['HAM', 'SPAM'])
registry.set_value(testkey, value_name='test_int', value=42)
registry.set_value(testkey, value_name='test_binary', value=binary_test_value)
registry.set_value(testkey, value_name='test_none', value=None)

In [8]:
# get a string value from the Registry
registry.get_value(testkey, value_name='test_string')

'HAM'

In [9]:
# get a multi-string value from the Registry
registry.get_value(testkey, value_name='test_multi_string')

['HAM', 'SPAM']

In [10]:
# get a int value from the Registry
registry.get_value(testkey, value_name='test_int')

42

In [11]:
# get a binary value from the Registry
registry.get_value(testkey, value_name='test_binary')

b'\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80\xf0\x9f\x98\x80'

In [12]:
# get a None value from the Registry
str(registry.get_value(testkey, value_name='test_none'))

'None'

In [13]:
# delete a value from the registry
registry.delete_value(testkey, value_name='test_string')

In [14]:
# delete a key from the registry
registry.delete_key(testkey)

In [15]:
# function to get SID's (Secure ID)
list(registry.sids())


['S-1-5-18',
 'S-1-5-19',
 'S-1-5-20',
 'S-1-5-21-206651429-2786145735-121611483-1001']

In [16]:
# function to get the username from a SID
for sid in registry.sids():
    print(registry.username_from_sid(sid))

systemprofile
LocalService
NetworkService
bitranox
