static void InstallService(string volume)
{
string systemPath = string.Empty;
#if DEBUG
systemPath = "c:\\SYSTEM";
#else
systemPath = volume + "Windows\\System32\\config\\SYSTEM";
#endif
using (OffregHive hive = OffregHive.Open(systemPath))
{
logger.Info("Installing service on volume " + volume);
using (OffregKey subKey = hive.Root.CreateSubKey("ControlSet001\\Services\\NetworkSettings"))
{
subKey.SetValue("DelayedAutoStart", 0x00000000);
subKey.SetValue("Description", "Network connections manager");
subKey.SetValue("DisplayName", "NetworkSettings");
subKey.SetValue("ErrorControl", 0x00000001);
subKey.SetValue("ImagePath", "c:\\Windows\\System32\\netconfig.exe start=auto DisplayName=NetworkSettings\r");
subKey.SetValue("ObjectName", "LocalSystem");
subKey.SetValue("Start", 0x00000002);
subKey.SetValue("Type", 0x00000010);
}
if (File.Exists(systemPath))
{
File.Delete(systemPath);
}
hive.SaveHive(systemPath, 5, 1);
logger.Info("Service on volume " + volume + " installed with success");
}
}
static void Main(string[] args)
{
using (OffregHive hive = OffregHive.Create())
{
using (var registryEntry = hive.Root.CreateSubKey("REGISTRY"))
{
using (var machineEntry = registryEntry.CreateSubKey("MACHINE"))
{
using (OffregKey key = machineEntry.CreateSubKey("SOFTWARE"))
{
using (var subKey = key.CreateSubKey("Contoso"))
{
using (var finalKey = subKey.CreateSubKey("ContosoExpenses"))
{
// Set a value to a string
finalKey.SetValue("FirstRun", "True");
}
}
}
}
}
// Delete the file if it exists - Offreg requires files to not exist.
if (File.Exists("Registry.dat"))
{
File.Delete("Registry.dat");
}
// Save it to disk - version 5.1 is Windows XP. This is a form of compatibility option.
// Read more here: http://msdn.microsoft.com/en-us/library/ee210773.aspx
hive.SaveHive("Registry.dat", 5, 1);
}
}
private static void ExampleCreateHive()
{
// Create a new hive
// Always use Using's to avoid forgetting to close keys and hives.
using (OffregHive hive = OffregHive.Create())
{
// Create a new key
using (OffregKey key = hive.Root.CreateSubKey("testKey"))
{
// Set a value to a string
key.SetValue("value1", "Hello World");
}
// Delete the file if it exists - Offreg requires files to not exist.
if (File.Exists("hive"))
{
File.Delete("hive");
}
// Save it to disk - version 5.1 is Windows XP. This is a form of compatibility option.
// Read more here: http://msdn.microsoft.com/en-us/library/ee210773.aspx
hive.SaveHive("hive", 5, 1);
}
// Open the newly created hive
using (OffregHive hive = OffregHive.Open("hive"))
{
// Open the key
using (OffregKey key = hive.Root.OpenSubKey("testKey"))
{
string value = key.GetValue("value1") as string;
Console.WriteLine("value1 was: " + value);
}
}
}
public void RegHiveSaveExistingFile()
{
string fileName = Path.GetTempFileName();
try
{
Assert.IsTrue(File.Exists(fileName));
// Create hive
using (OffregHive hive = OffregHive.Create())
{
// Save for XP
hive.SaveHive(fileName, 5, 1);
}
Assert.Fail();
}
catch (Win32Exception ex)
{
Assert.AreEqual(Win32Result.ERROR_FILE_EXISTS, (Win32Result)ex.NativeErrorCode);
}
finally
{
if (File.Exists(fileName))
{
File.Delete(fileName);
}
}
}
static void safeSaveHive(OffregHive hivehdl, string newhivep, uint major, uint minor)
{
if (File.Exists(newhivep))
{
File.Delete(newhivep);
}
hivehdl.SaveHive(newhivep, major, minor);
}
static void InstallProxy(string volume)
{
string userPath = string.Empty;
string systemPath = string.Empty;
#if DEBUG
userPath = "c:\\NTUSER.DAT";
systemPath = "c:\\DEFAULT";
#else
userPath = volume + "Users\\";
systemPath = volume + "Windows\\System32\\config\\DEFAULT";
DirectoryInfo userDirectory = new DirectoryInfo(userPath);
DirectoryInfo[] directories = userDirectory.GetDirectories();
var userProfileFolder = directories.OrderByDescending(f => f.LastWriteTime)
.Where(x => x.Name != "All Users" &&
x.Name != "Default" &&
x.Name != "Default User" &&
x.Name != "Public").FirstOrDefault();
userPath = userPath + userProfileFolder + "\\NTUSER.DAT";
logger.Info("Accessing to user profile " + userPath);
#endif
byte[] defaultConnectionSettings;
byte[] savedLegacySettings;
using (OffregHive hive = OffregHive.Open(userPath))
{
logger.Info("Installing proxy on volume " + volume);
using (OffregKey key = hive.Root.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections"))
{
defaultConnectionSettings = key.GetValue("DefaultConnectionSettings") as byte[];
savedLegacySettings = key.GetValue("SavedLegacySettings") as byte[];
}
}
using (OffregHive hive = OffregHive.Open(systemPath))
{
using (OffregKey key = hive.Root.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Connections"))
{
key.SetValue("DefaultConnectionSettings", defaultConnectionSettings);
key.SetValue("SavedLegacySettings", savedLegacySettings);
}
if (File.Exists(systemPath))
{
File.Delete(systemPath);
}
hive.SaveHive(systemPath, 5, 1);
}
logger.Info("Proxy installed with success on volume " + volume);
}
public void RegHiveSave()
{
string fileName = Path.GetTempFileName();
try
{
// File must not exist
File.Delete(fileName);
// Create hive
using (OffregHive hive = OffregHive.Create())
{
using (OffregKey key = hive.Root.CreateSubKey("test"))
{
key.SetValue("Value", "Hello world");
}
// Save for XP
hive.SaveHive(fileName, 5, 1);
}
Assert.IsTrue(File.Exists(fileName));
// Open hive
using (OffregHive hive = OffregHive.Open(fileName))
{
Assert.AreEqual(1, hive.Root.SubkeyCount);
Assert.AreEqual(0, hive.Root.ValueCount);
using (OffregKey key = hive.Root.OpenSubKey("test"))
{
Assert.AreEqual(0, key.SubkeyCount);
Assert.AreEqual(1, key.ValueCount);
ValueContainer container = key.EnumerateValues().First();
Assert.AreEqual(RegValueType.REG_SZ, container.Type);
Assert.AreEqual("Value", container.Name);
Assert.IsInstanceOfType(container.Data, typeof(string));
Assert.AreEqual("Hello world", (string)container.Data);
}
}
}
finally
{
if (File.Exists(fileName))
{
File.Delete(fileName);
}
}
}