Hello
I have a problem with RegEnumValue.
I add a BINARY key in the register.
When I enumerate all the key, there is a problem with the binary key :
Normally the message should be empty because there is no value in the binary key.
Why its take the value of key of the top ?!
Thanx
I have a problem with RegEnumValue.
invoke RegEnumValue, hKey, dwIndex, addr regName, addr szName, 0, 0, addr regData, addr szData
.if eax==ERROR_NO_MORE_ITEMS
.break
.else
invoke MessageBox, 0, addr regData, addr regName, MB_OK
.endif
inc dwIndexI add a BINARY key in the register.
When I enumerate all the key, there is a problem with the binary key :
Normally the message should be empty because there is no value in the binary key.
Why its take the value of key of the top ?!
Thanx
may be you use invoke MessageBox, 0, addr regData, addr regName, MB_OK is wrong, because this function only dispaly strings, if first value is 0, then it will nothing to dispaly.
It will display something. 0 for hwnd is alright.
I am not sure why it is not working. Really sorry.
I am not sure why it is not working. Really sorry.
Ok, now i use MessageBox and WriteFile :
I add a new BINARY key :
if I use : Inc dwIndex
In message box :
And in the txt file :
Now if i remplace dwIndex by 5 :
In message box :
In the txt file :
Why with inc dwIndex there is a problem ? plz help, thx
invoke MessageBox, 0, addr regData, addr regName, MB_OK
invoke WriteFile, FHandle, addr regData, 1000, addr Bytes, 0 I add a new BINARY key :
if I use : Inc dwIndex
invoke RegEnumValue, hKey, dwIndex, addr regName, addr szName, 0, 0, addr regData, addr szDataIn message box :
And in the txt file :
Helloogram files\reg firewall\regprot.exe /start
Now if i remplace dwIndex by 5 :
invoke RegEnumValue, hKey, 5, addr regName, addr szName, 0, 0, addr regData, addr szDataIn message box :
In the txt file :
Hello
Why with inc dwIndex there is a problem ? plz help, thx
What's the initial value of dwIndex? Is it 0?
my code :
.386
.model flat, stdcall
option casemap :none
include \masm32\include\advapi32.inc
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
include \masm32\include\windows.inc
includelib \masm32\lib\advapi32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib
.data
subKey db "Software\Microsoft\Windows\CurrentVersion\Run", 0
.data?
hKey dd ?
dwIndex dd ?
regName db 260 dup (?)
regData db 260 dup (?)
szName dd ?
szData dd ?
.code
start:
invoke RegOpenKeyEx, HKEY_LOCAL_MACHINE, addr subKey, 0, KEY_ALL_ACCESS, addr hKey
mov dwIndex, 0
.while TRUE
mov szName, 256
mov szData, 256
invoke RegEnumValue, hKey, dwIndex, addr regName, addr szName, 0, 0, addr regData, addr szData
.if eax == ERROR_NO_MORE_ITEMS
.break
.else
invoke MessageBox, 0, addr regData, addr regName, MB_OK
.endif
inc dwIndex
.endw
invoke RegCloseKey, hKey
invoke ExitProcess, 0
END startbinary data in the registry is not an asciiz string. So you will have to check the content of szData (which should be a DWORD!). If it is 0, no data has been read and the buffer may contain the data read previously.