MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
MeshCentral/agents/modules_meshcore_min/win-registry.min.js

1 line
4.6 KiB
JavaScript
Raw Blame History

var KEY_QUERY_VALUE=1;var KEY_ENUMERATE_SUB_KEYS=8;var KEY_WRITE=131078;var KEY_DATA_TYPES={REG_NONE:0,REG_SZ:1,REG_EXPAND_SZ:2,REG_BINARY:3,REG_DWORD:4,REG_DWORD_BIG_ENDIAN:5,REG_LINK:6,REG_MULTI_SZ:7,REG_RESOURCE_LIST:8,REG_FULL_RESOURCE_DESCRIPTOR:9,REG_RESOURCE_REQUIREMENTS_LIST:10,REG_QWORD:11};function windows_registry(){this._ObjectId="win-registry";this._marshal=require("_GenericMarshal");this._AdvApi=this._marshal.CreateNativeProxy("Advapi32.dll");this._AdvApi.CreateMethod("RegCreateKeyExA");this._AdvApi.CreateMethod("RegEnumKeyExA");this._AdvApi.CreateMethod("RegEnumValueA");this._AdvApi.CreateMethod("RegOpenKeyExA");this._AdvApi.CreateMethod("RegQueryInfoKeyA");this._AdvApi.CreateMethod("RegQueryValueExA");this._AdvApi.CreateMethod("RegCloseKey");this._AdvApi.CreateMethod("RegDeleteKeyA");this._AdvApi.CreateMethod("RegDeleteValueA");this._AdvApi.CreateMethod("RegSetValueExA");this.HKEY={Root:Buffer.from("80000000","hex").swap32(),CurrentUser:Buffer.from("80000001","hex").swap32(),LocalMachine:Buffer.from("80000002","hex").swap32(),Users:Buffer.from("80000003","hex").swap32()};this.QueryKey=function b(o,A,q){var l;var m=this._marshal.CreatePointer();var s=this._marshal.CreateVariable(4);var E=this._marshal.CreateVariable(4);var n=this._marshal.CreatePointer(o);var C=null;if(q){q=this._marshal.CreateVariable(q)}if(!A){A=""}if((l=this._AdvApi.RegOpenKeyExA(n,this._marshal.CreateVariable(A),0,KEY_QUERY_VALUE|KEY_ENUMERATE_SUB_KEYS,m).Val)!=0){throw ("Opening Registry Key: "+A+" => Returned Error: "+l)}if((A==""&&!q)||!q){var B={subkeys:[],values:[]};var d=this._marshal.CreateVariable(1024);var f=this._marshal.CreateVariable(1024);var g=this._marshal.CreateVariable(32768);var j=this._marshal.CreateVariable(4);var x=this._marshal.CreateVariable(4);var e=this._marshal.CreateVariable(4);e.toBuffer().writeUInt32LE(1024);var y=this._marshal.CreateVariable(4);var z=this._marshal.CreateVariable(4);var u=this._marshal.CreateVariable(4);var t=this._marshal.CreateVariable(4);var w=this._marshal.CreateVariable(4);var v=this._marshal.CreateVariable(4);var D=this._marshal.CreateVariable(4);var r=this._marshal.CreateVariable(8);C=this._AdvApi.RegQueryInfoKeyA(m.Deref(),d,e,0,y,u,t,z,w,v,D,r);if(C.Val!=0){throw ("RegQueryInfoKeyA() returned error: "+C.Val)}for(var p=0;p<y.toBuffer().readUInt32LE();++p){x.toBuffer().writeUInt32LE(1024);C=this._AdvApi.RegEnumKeyExA(m.Deref(),p,f,x,0,0,0,r);if(C.Val==0){B.subkeys.push(f.String)}}for(var p=0;p<z.toBuffer().readUInt32LE();++p){j.toBuffer().writeUInt32LE(32768);if(this._AdvApi.RegEnumValueA(m.Deref(),p,g,j,0,0,0,0).Val==0){B.values.push(g.String)}}return(B)}if(this._AdvApi.RegQueryValueExA(m.Deref(),q,0,0,0,s).Val==0){var k=this._marshal.CreateVariable(s.toBuffer().readUInt32LE());if(this._AdvApi.RegQueryValueExA(m.Deref(),q,0,E,k,s).Val==0){switch(E.toBuffer().readUInt32LE()){case KEY_DATA_TYPES.REG_DWORD:C=k.toBuffer().readUInt32LE();break;case KEY_DATA_TYPES.REG_DWORD_BIG_ENDIAN:C=k.toBuffer().readUInt32BE();break;case KEY_DATA_TYPES.REG_SZ:C=k.String;break;case KEY_DATA_TYPES.REG_BINARY:default:C=k.toBuffer();C._data=k;break}}}else{this._AdvApi.RegCloseKey(m.Deref());throw ("Not Found")}this._AdvApi.RegCloseKey(m.Deref());return(C)};this.WriteKey=function c(g,j,i,l){var k;var f=this._marshal.CreatePointer();if(this._AdvApi.RegCreateKeyExA(this._marshal.CreatePointer(g),this._marshal.CreateVariable(j),0,0,0,KEY_WRITE,0,f,0).Val!=0){throw ("Error Opening Registry Key: "+j)}var d;var e;switch(typeof(l)){case"boolean":e=KEY_DATA_TYPES.REG_DWORD;d=this._marshal.CreateVariable(4);d.toBuffer().writeUInt32LE(l?1:0);break;case"number":e=KEY_DATA_TYPES.REG_DWORD;d=this._marshal.CreateVariable(4);d.toBuffer().writeUInt32LE(l);break;case"string":e=KEY_DATA_TYPES.REG_SZ;d=this._marshal.CreateVariable(l);break;default:e=KEY_DATA_TYPES.REG_BINARY;d=this._marshal.CreateVariable(l.length);l.copy(d.toBuffer());break}if(this._AdvApi.RegSetValueExA(f.Deref(),this._marshal.CreateVariable(i),0,e,d,d._size).Val!=0){this._AdvApi.RegCloseKey(f.Deref());throw ("Error writing reg key: "+i)}this._AdvApi.RegCloseKey(f.Deref())};this.DeleteKey=function a(e,g,f){if(!f){if(this._AdvApi.RegDeleteKeyA(this._marshal.CreatePointer(e),this._marshal.CreateVariable(g)).Val!=0){throw ("Error Deleting Key: "+g)}}else{var d=this._marshal.CreatePointer();var i;if(this._AdvApi.RegOpenKeyExA(this._marshal.CreatePointer(e),this._marshal.CreateVariable(g),0,KEY_QUERY_VALUE|KEY_WRITE,d).Val!=0){throw ("Error Opening Registry Key: "+g)}if((i=this._AdvApi.RegDeleteValueA(d.Deref(),this._marshal.CreateVariable(f)).Val)!=0){this._AdvApi.RegCloseKey(d.Deref());throw ("Error["+i+"] Deleting Key: "+g+"."+f)}this._AdvApi.RegCloseKey(d.Deref())}}}module.exports=new windows_registry();
Reference in New Issue View Git Blame Copy Permalink