Creating a Windows API to add, modify, query, delete Registry Keys from command line
I am undertaking a task which requires me to query, add(inc values), delete and modify registry keys. The program needs to support all the different types of registry data and most importantly, it needs to use command line arguments, much in the same way that reg.exe does.
A declaration, I am not well-versed in low-level programming languages (ie, I'm a noob); the task is part of a broader non-programming security course however I am keen to build upon what I've done so far and complete the task. I have created 3 individual .c files in Visual Studio which successfully run in debug mode; however, I do not know how to create a single code file which accepts command line arguments.
The code I have created thus far has been pieced together from various posts I have dug up while researching the solution; in addition I've watched a stack of YouTube vids but alas, no progress. I have also dug as deep as I can on Stack Overflow but I have found nothing that helps me to understand how to solve the main issues of
- Creating a single .c file which performs all of the required functions, with seperate calls; and
- Creating a call dispatcher to parse the user commands from the command line.
Below I have dropped in the .c file that includes the query, add and modify functions but not the delete function. This can be run from the command line using the .exe file which Visual Studio creates, however it simply runs the code from top to bottom. I am unaware of how to individually call each separate function of the program.
#include <stdio.h>
#include <Windows.h>
int main()
{
LONG lReg;
HKEY hKey;
DWORD number = 0x00000001;
LONG dresult;
if (RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"Software\\Test2\\Product\\SmartId", 0, KEY_SET_VALUE | KEY_WOW64_64KEY, &hKey) == ERROR_SUCCESS)
{
printf("Key location open successful \n");
dresult = RegDeleteKey(HKEY_LOCAL_MACHINE, L"Software\\Test2\\Product\\SmartId");
RegCloseKey(hKey);
}
else
{
lReg = RegCreateKeyEx(
HKEY_LOCAL_MACHINE,
L"Software\\Test2\\Product\\SmartId",
0,
NULL,
REG_OPTION_NON_VOLATILE,
KEY_ALL_ACCESS | KEY_WOW64_64KEY,
NULL,
&hKey,
NULL);
if (lReg == ERROR_SUCCESS)
{
printf("Key successfully added to registry \n");
}
else
{
printf("Key not added to registry");
}
}
if (RegSetValueExW(hKey, L"OEMBackground", 0, REG_DWORD, (LPBYTE)&number, sizeof(DWORD)) == ERROR_SUCCESS)
{
printf("Key changed in registry \n");
}
else
{
printf("Key not changed in registry \n");
}
RegCloseKey(hKey);
return 0;
}
I expect that the command line input will be something like (for query)
C:\Windows\system32>regfunction -q hklm\software\test2
dpa761 Answer
You must parse the command line
One of the methods is with CommandLineToArgvW
For example (based on SDK samples) =>
includes/libs :
#include <strsafe.h>
#include <shlwapi.h>
#pragma comment (lib,"Shlwapi.lib")
Test code (example for -q (query) and -d (delete) =>
BOOL bQuery = FALSE, bDelete = FALSE;
TCHAR wsParameter[MAX_PATH];
int nArgs;
LPWSTR *pszArgs = CommandLineToArgvW(GetCommandLine(), &nArgs);
if (pszArgs)
{
for (int iArg = 1; iArg != nArgs; iArg++)
{
LPTSTR pszArg = pszArgs[iArg];
if (!StrCmpNIC(pszArg, TEXT("-q"), 3))
{
bQuery = TRUE;
StringCchCopy(wsParameter, ARRAYSIZE(wsParameter), pszArg + 3);
break;
}
else if (!StrCmpNIC(pszArg, TEXT("-d"), 3))
{
bDelete = TRUE;
StringCchCopy(wsParameter, ARRAYSIZE(wsParameter), pszArg + 3);
break;
}
// else if ...
}
if (bQuery)
{
// Query code with wsParameter
}
else if (bDelete)
{
// Delete code with wsParameter
}
GlobalFree(pszArgs);
}
CastorixUser contributions licensed under CC BY-SA 3.0