public static List <LogInfo> RegWrite(EngineState s, CodeCommand cmd) { // RegWrite,<HKey>,<ValueType>,<KeyPath>,<ValueName>,<ValueData>,[OptionalData] List <LogInfo> logs = new List <LogInfo>(); CodeInfo_RegWrite info = cmd.Info.Cast <CodeInfo_RegWrite>(); string keyPath = StringEscaper.Preprocess(s, info.KeyPath); string valueName = null; if (info.ValueName != null) { valueName = StringEscaper.Preprocess(s, info.ValueName); } if (info.HKey == null) { throw new InternalException("Internal Logic Error"); } string hKeyStr = RegistryHelper.RegKeyToString(info.HKey); string fullKeyPath = $"{hKeyStr}\\{keyPath}"; string fullValuePath = $"{hKeyStr}\\{keyPath}\\{valueName}"; (byte[] BinData, string ValueData) ParseByteArrayFromString() { if (info.ValueData == null) { // Use info.ValueDataList string[] binStrs = StringEscaper.Preprocess(s, info.ValueDataList).ToArray(); string valueData = StringEscaper.PackRegBinary(binStrs); if (!StringEscaper.UnpackRegBinary(binStrs, out byte[] binData))
public void PackRegBinary_2() { byte[] src = new byte[] { 0x43, 0x00, 0x3A, 0x00, 0x5C, 0x00 }; string dest = StringEscaper.PackRegBinary(src); string comp = "43,00,3A,00,5C,00"; Assert.IsTrue(dest.Equals(comp, StringComparison.Ordinal)); }
public void PackRegBinary_1() { byte[] src = Encoding.Unicode.GetBytes("C:\\"); string dest = StringEscaper.PackRegBinary(src); string comp = "43,00,3A,00,5C,00"; Assert.IsTrue(dest.Equals(comp, StringComparison.Ordinal)); }
public static List <LogInfo> RegWrite(EngineState s, CodeCommand cmd) { // RegWrite,<HKey>,<ValueType>,<KeyPath>,<ValueName>,<ValueData>,[OptionalData] List <LogInfo> logs = new List <LogInfo>(); CodeInfo_RegWrite info = cmd.Info.Cast <CodeInfo_RegWrite>(); string keyPath = StringEscaper.Preprocess(s, info.KeyPath); string valueName = null; if (info.ValueName != null) { valueName = StringEscaper.Preprocess(s, info.ValueName); } if (info.HKey == null) { throw new InternalException("Internal Logic Error"); } string hKeyStr = RegistryHelper.RegKeyToString(info.HKey); string fullKeyPath = $"{hKeyStr}\\{keyPath}"; string fullValuePath = $"{hKeyStr}\\{keyPath}\\{valueName}"; using (RegistryKey subKey = info.HKey.CreateSubKey(keyPath, true)) { if (valueName == null) { logs.Add(new LogInfo(LogState.Success, $"Registry subkey [{fullKeyPath}] created")); return(logs); } object checkData = subKey.GetValue(valueName); if (checkData != null) { logs.Add(new LogInfo(info.NoWarn ? LogState.Ignore : LogState.Overwrite, $"Registry value [{fullValuePath}] already exists")); } switch (info.ValueType) { case RegistryValueKind.None: { subKey.SetValue(valueName, new byte[0], RegistryValueKind.None); logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_NONE")); } break; case RegistryValueKind.String: { string valueData = StringEscaper.Preprocess(s, info.ValueData); subKey.SetValue(valueName, valueData, RegistryValueKind.String); logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_SZ [{valueData}]")); } break; case RegistryValueKind.ExpandString: { string valueData = StringEscaper.Preprocess(s, info.ValueData); subKey.SetValue(valueName, valueData, RegistryValueKind.ExpandString); logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_EXPAND_SZ [{valueData}]")); } break; case RegistryValueKind.MultiString: { string[] multiStrs = StringEscaper.Preprocess(s, info.ValueDatas).ToArray(); subKey.SetValue(valueName, multiStrs, RegistryValueKind.MultiString); string valueData = StringEscaper.PackRegMultiBinary(multiStrs); logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullValuePath}] set to REG_MULTI_SZ [{valueData}]")); } break; case RegistryValueKind.Binary: { if (info.ValueData == null) { // Use info.ValueDatas string[] binStrs = StringEscaper.Preprocess(s, info.ValueDatas).ToArray(); string valueData = StringEscaper.PackRegBinary(binStrs); if (!StringEscaper.UnpackRegBinary(binStrs, out byte[] binData))
public static List <LogInfo> RegRead(EngineState s, CodeCommand cmd) { // RegRead,<HKey>,<KeyPath>,<ValueName>,<DestVar> List <LogInfo> logs = new List <LogInfo>(); CodeInfo_RegRead info = cmd.Info.Cast <CodeInfo_RegRead>(); string keyPath = StringEscaper.Preprocess(s, info.KeyPath); string valueName = StringEscaper.Preprocess(s, info.ValueName); string hKeyStr = RegistryHelper.RegKeyToString(info.HKey); if (hKeyStr == null) { throw new InternalException("Internal Logic Error"); } string fullKeyPath = $"{hKeyStr}\\{keyPath}"; string valueDataStr; using (RegistryKey subKey = info.HKey.OpenSubKey(keyPath, false)) { if (subKey == null) { return(LogInfo.LogErrorMessage(logs, $"Registry key [{fullKeyPath}] does not exist")); } object valueData = subKey.GetValue(valueName, null, RegistryValueOptions.DoNotExpandEnvironmentNames); if (valueData == null) { return(LogInfo.LogErrorMessage(logs, $"Cannot read registry key [{fullKeyPath}]")); } RegistryValueKind kind = subKey.GetValueKind(valueName); switch (kind) { case RegistryValueKind.None: return(LogInfo.LogErrorMessage(logs, $"Cannot read empty value [{fullKeyPath}\\{valueName}]")); case RegistryValueKind.String: case RegistryValueKind.ExpandString: valueDataStr = (string)valueData; break; case RegistryValueKind.Binary: valueDataStr = StringEscaper.PackRegBinary((byte[])valueData); break; case RegistryValueKind.DWord: valueDataStr = ((uint)(int)valueData).ToString(); break; case RegistryValueKind.MultiString: valueDataStr = StringEscaper.PackRegMultiString((string[])valueData); break; case RegistryValueKind.QWord: valueDataStr = ((ulong)(long)valueData).ToString(); break; default: return(LogInfo.LogErrorMessage(logs, $"Unsupported registry value type [0x{(int)kind:0:X}]")); } } logs.Add(new LogInfo(LogState.Success, $"Registry value [{fullKeyPath}\\{valueName}]'s data is [{valueDataStr}]")); List <LogInfo> varLogs = Variables.SetVariable(s, info.DestVar, valueDataStr); logs.AddRange(varLogs); return(logs); }