windows registry hive extraction library. PLEASE DO NOT USE GITHUB FOR ISSUES OR PULL REQUESTS. See the website for how to file a bug or contact us. http://libguestfs.org
OCaml C Perl M4 Makefile Shell Other
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gnulib @ 613ab49 Update gnulib to latest. Feb 26, 2018
extra-tests Fix shebang in perl scripts Oct 5, 2015
generator generator: Use Bytes instead of String. Nov 8, 2017
html Add html/ directory, include POD CSS. Feb 19, 2010
images Add a minimal hive with "special" keys and values Jan 13, 2014
lib Add a cache for iconv_t handles to hive_t Feb 10, 2018
m4 Update gnulib to latest. Feb 26, 2018
ocaml ocaml: Link the C bindings with LDFLAGS (RHBZ#1548536). Feb 26, 2018
perl hivexregedit: add --max-depth option for exports Jan 2, 2018
po Version 1.3.15. Feb 26, 2018
python python: add heavier tests for setvalue Aug 18, 2014
regedit hivexregedit: add --max-depth option for exports Jan 2, 2018
ruby ruby: tests: convert from Test::Unit to MiniTest (RHBZ#1090407) Apr 23, 2014
sh build: do not ignore pod2man error codes Jul 14, 2017
xml build: do not ignore pod2man error codes Jul 14, 2017
.gitignore Ignore config.cache file. Feb 26, 2018
.gitmodules Support for Windows Registry. Feb 19, 2010
.x-sc_prohibit_magic_number_exit maint: use EXIT_SUCCESS and EXIT_FAILURE, not 0 and 1 to exit Feb 19, 2010
LICENSE Move README, LICENSE files to the toplevel directory. Feb 19, 2010
Makefile.am Don't fail if libxml2 is not installed (RHBZ#1276364). Oct 29, 2015
README README: Document how to choose Python 2 vs Python 3. May 22, 2017
TODO Refresh documentation. Dec 23, 2010
autogen.sh maint: avoid using test's -a and -o operators; they are not portable Jun 28, 2011
bootstrap Add a cache for iconv_t handles to hive_t Feb 10, 2018
cfg.mk maint: avoid some syntax-check test failures Aug 28, 2012
configure.ac Version 1.3.15. Feb 26, 2018
hivex.pc.in Support for Windows Registry. Feb 19, 2010
run.in run.in: Quote contents of @VAR@ substitutions Sep 6, 2017

README

hivex - by Richard W.M. Jones, rjones@redhat.com
Copyright (C) 2009-2010 Red Hat Inc.
----------------------------------------------------------------------

This is a self-contained library for reading and writing Windows
Registry "hive" binary files.

Unlike many other tools in this area, it doesn't use the textual .REG
format for output, because parsing that is as much trouble as parsing
the original binary format.  Instead it makes the file available
through a C API, or there is a separate program to export the hive as
XML.

This library was derived from several sources:

 . NTREG registry reader/writer library by Petter Nordahl-Hagen
    (LGPL v2.1 licensed library and program)
 . http://pogostick.net/~pnh/ntpasswd/WinReg.txt
 . dumphive (a BSD-licensed Pascal program by Markus Stephany)
 . http://www.sentinelchicken.com/data/TheWindowsNTRegistryFileFormat.pdf
 . editreg program from Samba - this program was removed in later
   versions of Samba, so you have to go back in the source repository
   to find it (GPLv2+)
 . http://amnesia.gtisc.gatech.edu/~moyix/suzibandit.ltd.uk/MSc/
 . reverse engineering the format (see lib/tools/visualizer.ml)

Like NTREG, this library only attempts to read Windows NT registry
files (ie. not Windows 3.1 or Windows 95/98/ME).  See the link above
for documentation on the older formats if you wish to read them.

Unlike NTREG, this code is much more careful about handling error
cases, corrupt and malicious registry files, and endianness.

License
-------

The license for this library is LGPL v2.1, but not later versions.
For full details, see the file LICENSE in this directory.

Dependencies
------------

To just build the library, the dependencies are quite minimal.  You
only need the following:

- An ISO C compiler.

- Perl tools 'pod2man' and 'pod2text'.

These dependencies are needed for the tools:

- Readline library (optional, to add command-line editing to hivexsh).

- libxml2 (optional, for hivexml).

If you want to make the generated files or change the API, then you
will need the OCaml interpreter (/usr/bin/ocaml).

To build the language bindings, you will need various extra packages.
See the configure output for more details.

Directories and tools
---------------------

extra-tests/

        Extra tests which need external test data.  See
        hivex-test-data on http://git.annexia.org

generator/

	Generator used to write a lot of boilerplate code for
	header files, documentation, language bindings etc.
	The API for hivex is specified in the generator.

images/

	Test hive files.  See images/README.

lib/

	The C library.

ocaml/
perl/
python/
ruby/

	OCaml, Perl, Python or Ruby bindings and tests.  The bindings
	are generated by 'generator/generator.ml'.

        Python 2 or 3 is supported.  To select between them, set
        PYTHON to point to the Python interpreter you want to use, eg:

        ./configure PYTHON=/usr/bin/python3

regedit/
        Regedit-like registry merging tool.

sh/

	Interactive shell.  This also contains the old 'hivexget'
	tool (originally written in C, now replaced by a hivexsh
	shell script).

xml/

	hivexml program which converts hive files to XML.