查看注册表键值修改时间

  • A+
所属分类:安全博客
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#include <stdio.h>
#include <string.h>
#include <Windows.h>
#include <iostream>
#include <tchar.h>

#define MAX_KEY_LENGTH 255
#define MAX_VALUE_NAME 16383

void __cdecl TestMain(void);

int wmain(int argc, TCHAR * argv[])
{
TestMain();

}

void QueryKey(HKEY hKey)
{
char achKey[MAX_KEY_LENGTH]; // buffer for subkey name
DWORD cbName; // size of name string
TCHAR achClass[MAX_PATH] = TEXT(""); // buffer for class name
DWORD cchClassName = MAX_PATH; // size of class string
DWORD cSubKeys=0; // number of subkeys
DWORD cbMaxSubKey; // longest subkey size
DWORD cchMaxClass; // longest class string
DWORD cValues; // number of values for key
DWORD cchMaxValue; // longest value name
DWORD cbMaxValueData; // longest value data
DWORD cbSecurityDescriptor; // size of security descriptor
FILETIME ftLastWriteTime; // last write time

DWORD i, retCode;

TCHAR achValue[MAX_VALUE_NAME];
DWORD cchValue = MAX_VALUE_NAME;

// Get the class name and the value count.
retCode = RegQueryInfoKey(
hKey, // key handle
achClass, // buffer for class name
&cchClassName, // size of class string
NULL, // reserved
&cSubKeys, // number of subkeys
&cbMaxSubKey, // longest subkey size
&cchMaxClass, // longest class string
&cValues, // number of values for this key
&cchMaxValue, // longest value name
&cbMaxValueData, // longest value data
&cbSecurityDescriptor, // security descriptor
&ftLastWriteTime); // last write time

// Enumerate the subkeys, until RegEnumKeyEx fails.

if (cSubKeys)
{
printf( "nNumber of subkeys: %dn", cSubKeys);

for (i=0; i<cSubKeys; i++)
{
cbName = MAX_KEY_LENGTH;

retCode = RegEnumKeyExA(hKey, i,
achKey,
&cbName,
NULL,
NULL,
NULL,
&ftLastWriteTime);
if (retCode == ERROR_SUCCESS)
{
char szLocalTime[255];
char szLocalDate[255];
SYSTEMTIME sSTYM;
FileTimeToSystemTime(&ftLastWriteTime, &sSTYM);
GetTimeFormatA( LOCALE_USER_DEFAULT, 0, &sSTYM, NULL, szLocalTime, 255 );
GetDateFormatA( LOCALE_USER_DEFAULT, DATE_LONGDATE, &sSTYM, NULL,
szLocalDate, 255 );
printf("%s [%s %s]n",achKey,szLocalDate,szLocalTime);
}
}
}


if (cValues)
{
printf( "nNumber of values: %dn", cValues);

for (i=0, retCode=ERROR_SUCCESS; i<cValues; i++)
{
cchValue = MAX_VALUE_NAME;
achValue[0] = '';
retCode = RegEnumValue(hKey, i,
achValue,
&cchValue,
NULL,
NULL,
NULL,
NULL);

if (retCode == ERROR_SUCCESS )
{
_tprintf(TEXT("(%d) %sn"), i+1, achValue);
}
}
}
}

void __cdecl TestMain(void)
{
HKEY hTestKey;

if( RegOpenKeyEx( HKEY_LOCAL_MACHINE,
TEXT("SYSTEM\CurrentControlSet\services"),
0,
KEY_READ,
&hTestKey) == ERROR_SUCCESS
)
{
QueryKey(hTestKey);
}

RegCloseKey(hTestKey);
}

Source:wolvez.club | Author:wolvez

相关推荐: 如何挖掘UPnP服务漏洞-入门篇

本文首发于xray社区:https://mp.weixin.qq.com/s/VK5CiWa5IIiMMwf–26miA 周末测了一下屋里的几个iot设备,顺便学习了一下对于UPnP的服务如何去挖掘漏洞。这里记录一下UPnP的学习笔记。 UPnP …

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: