Содержание
- RegOpenKeyExA function (winreg.h)
- Syntax
- Parameters
- Return value
- Remarks
- Examples
- RegOpenKeyA function (winreg.h)
- Syntax
- Parameters
- Return value
- Remarks
- Reg open key error
- Answered by:
- Question
- Answers
- All replies
- Name already in use
- sdk-api / sdk-api-src / content / winreg / nf-winreg-regopenkeyexa.md
RegOpenKeyExA function (winreg.h)
Opens the specified registry key. Note that key names are not case sensitive.
To perform transacted registry operations on a key, call the RegOpenKeyTransacted function.
Syntax
Parameters
A handle to an open registry key. This handle is returned by the RegCreateKeyEx or RegOpenKeyEx function, or it can be one of the following predefined keys:
HKEY_CLASSES_ROOT HKEY_CURRENT_CONFIG HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS
[in, optional] lpSubKey
The name of the registry subkey to be opened.
Key names are not case sensitive.
If the lpSubKey parameter is NULL or a pointer to an empty string, and if hKey is a predefined key, then the system refreshes the predefined key, and phkResult receives the same hKey handle passed into the function. Otherwise, phkResult receives a new handle to the opened key.
Specifies the option to apply when opening the key. Set this parameter to zero or the following:
Value | Meaning |
---|---|
REG_OPTION_OPEN_LINK | The key is a symbolic link. Registry symbolic links should only be used when absolutely necessary. |
A mask that specifies the desired access rights to the key to be opened. The function fails if the security descriptor of the key does not permit the requested access for the calling process. For more information, see Registry Key Security and Access Rights.
A pointer to a variable that receives a handle to the opened key. If the key is not one of the predefined registry keys, call the RegCloseKey function after you have finished using the handle.
Return value
If the function succeeds, the return value is ERROR_SUCCESS.
If the function fails, the return value is a nonzero error code defined in Winerror.h. You can use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic description of the error.
On legacy versions of Windows, this API is also exposed by kernel32.dll.
Unlike the RegCreateKeyEx function, the RegOpenKeyEx function does not create the specified key if the key does not exist in the registry.
Certain registry operations perform access checks against the security descriptor of the key, not the access mask specified when the handle to the key was obtained. For example, even if a key is opened with a samDesired of KEY_READ, it can be used to create registry keys if the key’s security descriptor permits. In contrast, the RegSetValueEx function specifically requires that the key be opened with the KEY_SET_VALUE access right.
If your service or application impersonates different users, do not use this function with HKEY_CURRENT_USER. Instead, call the RegOpenCurrentUser function.
Note that operations that access certain registry keys are redirected. For more information, see Registry Virtualization and 32-bit and 64-bit Application Data in the Registry.
Examples
To see this example in context, see Deleting a Key with Subkeys.
The winreg.h header defines RegOpenKeyEx as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Источник
RegOpenKeyA function (winreg.h)
Opens the specified registry key.
Syntax
Parameters
A handle to an open registry key. This handle is returned by the RegCreateKeyEx or RegOpenKeyEx function, or it can be one of the following predefined keys:
- HKEY_CLASSES_ROOT
- HKEY_CURRENT_CONFIG
- HKEY_CURRENT_USER
- HKEY_LOCAL_MACHINE
- HKEY_USERS
[in, optional] lpSubKey
The name of the registry key to be opened. This key must be a subkey of the key identified by the hKey parameter.
Key names are not case sensitive.
If this parameter is NULL or a pointer to an empty string, the function returns the same handle that was passed in.
A pointer to a variable that receives a handle to the opened key. If the key is not one of the predefined registry keys, call the RegCloseKey function after you have finished using the handle.
Return value
If the function succeeds, the return value is ERROR_SUCCESS.
If the function fails, the return value is a nonzero error code defined in Winerror.h. You can use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic description of the error.
The RegOpenKey function uses the default security access mask to open a key. If opening the key requires a different access right, the function fails, returning ERROR_ACCESS_DENIED. An application should use the RegOpenKeyEx function to specify an access mask in this situation.
RegOpenKey does not create the specified key if the key does not exist in the database.
If your service or application impersonates different users, do not use this function with HKEY_CURRENT_USER. Instead, call the RegOpenCurrentUser function.
The winreg.h header defines RegOpenKey as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Источник
Reg open key error
This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.
Answered by:
Question
i am attempting to check if a registry key exists in the HKEY_CLASSES_ROOT.
the code i am using is as follows;
if i use the line that is commented, i.e. looking in the hkey local machine, the code works correctly, but in the classes root, it never finds the key. Could someone tell me what it is i am doing wrong?
Answers
When a 32bit application accesses the registry on a 64bit OS, via WOW64, the operating system automatically translates the register request into the wow6432node path, so you can’t see the «normal» 64bit path. This is only visible from a 64bit application.
For details, you can read up on the Registry Redirector on MSDN .
Reed Copsey, Jr. — http://reedcopsey.com
32-bit and 64-bit apps have different views of the registry. Particularly HKCR is different since is it is actually an alias of HKLMSoftwareClasses. 32-bit apps see HKLMSoftwareWow6432Node*.*, 64-bit apps see the regular view, HKLMSoftware*.* This is well described in the SDK , including the flags you need to let a 32-bit app get the 64-bit view.
The reason the C# program works is because it will automatically run in 64-bit mode on a 64-bit operating system. Hans Passant.
If RegOpenKey != ERROR_SUCCESS, you can use the return value with FormatMessage to determine the exact cause of error. RegOpenKey describes this.
However, I see two potential possibilities.
1) The key should be («Installer\Components») [Note the capitalization]
2) You are failing to open the key due to inadequate permissions. RegOpenKey uses the default security to access, and you very well may not be able to access HKEY_CLASSES_ROOT. If this is the case, consider switching to RegOpenKeyEx and providing a better security descriptor.
Reed Copsey, Jr. — http://reedcopsey.com
CRegKey is a handy class for handling some if the gritty details.
CRegKey rk;
if (ERROR_SUCCESS != rk.Open (HKEY_LOCAL_MACHINE, «Software\Microsoft\TheKeyImInterestedIn», KEY_READ)))
Note the KEY_READ parameter, which is important when accessing HKLM as a standard user.
thanks for the reply,
i was originally writing it using the correct capitialization, it was not working either unforuntately.
I’m an administrator on the machine and i do have user account control turned off. I created a c# app to see if i could access it in .net and every thing worked correctly. I need c++ as i have inherited an app that needs updating.
I also tried the CRegKey method but alas the same problem occured. I get a return code of 2.
I will explore the regopenkeyex to determine if that is better. Its puzzling as i can access other reigstry keys but not this one.
It definately does exist, the one difference is that i am using a 64-bit machine. but the key is in an identical location, it is not in the wow6432node.
Источник
Name already in use
sdk-api / sdk-api-src / content / winreg / nf-winreg-regopenkeyexa.md
- Go to file T
- Go to line L
- Copy path
- Copy permalink
Copy raw contents
Copy raw contents
Opens the specified registry key. Note that key names are not case sensitive.
To perform transacted registry operations on a key, call the RegOpenKeyTransacted function.
A handle to an open registry key. This handle is returned by the RegCreateKeyEx or RegOpenKeyEx function, or it can be one of the following predefined keys:
HKEY_CLASSES_ROOT HKEY_CURRENT_CONFIG HKEY_CURRENT_USER HKEY_LOCAL_MACHINE HKEY_USERS
-param lpSubKey [in, optional]
The name of the registry subkey to be opened.
Key names are not case sensitive.
If the lpSubKey parameter is NULL or a pointer to an empty string, and if hKey is a predefined key, then the system refreshes the predefined key, and phkResult receives the same hKey handle passed into the function. Otherwise, phkResult receives a new handle to the opened key.
-param ulOptions [in]
Specifies the option to apply when opening the key. Set this parameter to zero or the following:
Value | Meaning |
---|---|
REG_OPTION_OPEN_LINK | The key is a symbolic link. Registry symbolic links should only be used when absolutely necessary. |
-param samDesired [in]
A mask that specifies the desired access rights to the key to be opened. The function fails if the security descriptor of the key does not permit the requested access for the calling process. For more information, see Registry Key Security and Access Rights.
-param phkResult [out]
A pointer to a variable that receives a handle to the opened key. If the key is not one of the predefined registry keys, call the RegCloseKey function after you have finished using the handle.
If the function succeeds, the return value is ERROR_SUCCESS.
If the function fails, the return value is a nonzero error code defined in Winerror.h. You can use the FormatMessage function with the FORMAT_MESSAGE_FROM_SYSTEM flag to get a generic description of the error.
[!NOTE] On legacy versions of Windows, this API is also exposed by kernel32.dll.
Unlike the RegCreateKeyEx function, the RegOpenKeyEx function does not create the specified key if the key does not exist in the registry.
Certain registry operations perform access checks against the security descriptor of the key, not the access mask specified when the handle to the key was obtained. For example, even if a key is opened with a samDesired of KEY_READ, it can be used to create registry keys if the key’s security descriptor permits. In contrast, the RegSetValueEx function specifically requires that the key be opened with the KEY_SET_VALUE access right.
If your service or application impersonates different users, do not use this function with HKEY_CURRENT_USER. Instead, call the RegOpenCurrentUser function.
Note that operations that access certain registry keys are redirected. For more information, see Registry Virtualization and 32-bit and 64-bit Application Data in the Registry.
To see this example in context, see Deleting a Key with Subkeys.
[!NOTE] The winreg.h header defines RegOpenKeyEx as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Источник
The MSDN documentation:
http://msdn.microsoft.com/en-us/library/ms724897(VS.85).aspx
Is strangely silent on what errors this function might return.
I’m particularly interested in what error code is returned if the key doesn’t exist, but more comprehensive information would be nice too.
asked Feb 17, 2010 at 22:29
This is a standard Win32 kernel error code. The kind of code that GetLastError() returns, so the set of possible values can be found in WinError.h. Note that these are not HRESULT values.
// The configuration registry database is corrupt.
//
#define ERROR_BADDB 1009L
// The configuration registry key is invalid.
//
#define ERROR_BADKEY 1010L
// The configuration registry key could not be opened.
//
#define ERROR_CANTOPEN 1011L
// The configuration registry key could not be read.
//
#define ERROR_CANTREAD 1012L
// The configuration registry key could not be written.
//
#define ERROR_CANTWRITE 1013L
// One of the files in the registry database had to be recovered by use of a log or alternate copy. The recovery was successful.
//
#define ERROR_REGISTRY_RECOVERED 1014L
// The registry is corrupted. The structure of one of the files containing registry data is corrupted, or the system's memory image of the file is corrupted, or the file could not be recovered because the alternate copy or log was absent or corrupted.
//
#define ERROR_REGISTRY_CORRUPT 1015L
// An I/O operation initiated by the registry failed unrecoverably. The registry could not read in, or write out, or flush, one of the files that contain the system's image of the registry.
//
#define ERROR_REGISTRY_IO_FAILED 1016L
// The system has attempted to load or restore a file into the registry, but the specified file is not in a registry file format.
//
#define ERROR_NOT_REGISTRY_FILE 1017L
// Illegal operation attempted on a registry key that has been marked for deletion.
//
#define ERROR_KEY_DELETED 1018L
// System could not allocate the required space in a registry log.
//
#define ERROR_NO_LOG_SPACE 1019L
// Cannot create a symbolic link in a registry key that already has subkeys or values.
//
#define ERROR_KEY_HAS_CHILDREN 1020L
// Cannot create a stable subkey under a volatile parent key.
//
#define ERROR_CHILD_MUST_BE_VOLATILE 1021L
A comprehensive list of possible error codes from RegOpenKeyEx would be quite large and likely to change with each version of Windows, You should be prepared to handle any Win32 error code.
Edit: Apparently the error for a non-existent key is ERROR_FILE_NOT_FOUND.
answered Feb 17, 2010 at 22:39
John KnoellerJohn Knoeller
33.1k4 gold badges60 silver badges92 bronze badges
1
Why don’t you simply try it and see in the debugger what it returns?
In the Visual Studio debugger you can simply enter
$err
to see the error code of the last executed function, and
$err,hr
to see the last error in full text.
answered Feb 17, 2010 at 22:33
PatrickPatrick
23k11 gold badges66 silver badges129 bronze badges
1
ERROR_FILE_NOT_FOUND
2 (0x2)
The system cannot find the file specified.
has already been noted by gdunbar.
I just encountered
ERROR_BAD_PATHNAME
161 (0xA1)
The specified path is invalid.
while erroneously using a path name starting with a '\'
character.
answered Sep 26, 2018 at 10:47
IvanIvan
4,17334 silver badges27 bronze badges
- Remove From My Forums
-
Question
-
hi all,
i am attempting to check if a registry key exists in the HKEY_CLASSES_ROOT.
the code i am using is as follows;
if i use the line that is commented, i.e. looking in the hkey local machine, the code works correctly, but in the classes root, it never finds the key. Could someone tell me what it is i am doing wrong?
thanks,
ro//if(RegOpenKey(HKEY_LOCAL_MACHINE,TEXT("Software\Microsoft"),&hKey) == ERROR_SUCCESS) { if(RegOpenKey(HKEY_CLASSES_ROOT,TEXT("installer\components"),&hKey) == ERROR_SUCCESS) { cout << "Opened"; } else { cout << "not opened"; }
Answers
-
When a 32bit application accesses the registry on a 64bit OS, via WOW64, the operating system automatically translates the register request into the wow6432node path, so you can’t see the «normal» 64bit path. This is only visible from a 64bit application.
For details, you can read up on the Registry Redirector on MSDN .
Reed Copsey, Jr. — http://reedcopsey.com
-
Marked as answer by
Wednesday, September 30, 2009 3:13 AM
-
Marked as answer by
-
32-bit and 64-bit apps have different views of the registry. Particularly HKCR is different since is it is actually an alias of HKLMSoftwareClasses. 32-bit apps see HKLMSoftwareWow6432Node*.*, 64-bit apps see the regular view, HKLMSoftware*.* This is well described in the SDK , including the flags you need to let a 32-bit app get the 64-bit view.
The reason the C# program works is because it will automatically run in 64-bit mode on a 64-bit operating system.
Hans Passant.
-
Marked as answer by
Wesley Yao
Wednesday, September 30, 2009 3:13 AM
-
Marked as answer by
Повреждение, отсутствие или удаление файлов regopenkey.exe может привести к возникновению ошибок исполняемого файла EXE, которые чаще всего наблюдаются на этапе запуска RegOpenKey v1.5. Как правило, любую проблему, связанную с файлом EXE, можно решить посредством замены файла на новую копию. Помимо прочего, в качестве общей меры по профилактике и очистке мы рекомендуем использовать очиститель реестра для очистки любых недопустимых записей файлов, расширений файлов EXE или разделов реестра, что позволит предотвратить появление связанных с ними сообщений об ошибках.
Типы Исполнимые файлы, которые используют EXE, также известны в качестве формата Windows Executable File. Вы можете скачать новую копию файла regopenkey.exe для %%os%% (и ряда операционных систем Windows) в таблице ниже. В настоящее время в нашем каталоге для загрузки могут отсутствовать некоторые файлы (такие как regopenkey.exe), но их можно запросить, нажав на кнопку Request (Запрос) ниже. В редких случаях, если вы не можете найти версию необходимого вам файла ниже, мы рекомендуем вам обратиться за дополнительной помощью к BlueLife.
Настоятельно рекомендуется выполнить проверку и убедиться в том, что файл был размещён в правильном каталоге. Тщательно следуйте настоящим инструкциям, чтобы устранить возникающую ошибку, связанную с файлом regopenkey.exe, однако мы рекомендуем выполнить быструю проверку. Мы рекомендуем повторно запустить RegOpenKey v1.5 для проверки того, возникает ли проблема.
regopenkey.exe Описание файла | |
---|---|
Тип: | EXE |
Категория: | |
Application: | RegOpenKey v1.5 |
Версия программного обеспечения: | 1.5.0.0 |
Программист: | BlueLife |
Имя: | regopenkey.exe |
Байт: | 284483 |
SHA-1: | dc17d696749d875fdd67ac308bdfda8af8712bb9 |
MD5: | 0415216d5aa9d70e0834c4d47ac78350 |
CRC32: |
Продукт Solvusoft
Загрузка
WinThruster 2023 — Сканировать ваш компьютер на наличие ошибок реестра в regopenkey.exe
Windows
11/10/8/7/Vista/XP
Установить необязательные продукты — WinThruster (Solvusoft) | Лицензия | Политика защиты личных сведений | Условия | Удаление
EXE
regopenkey.exe
Идентификатор статьи: 951411
Regopenkey.exe
Имя файла | ID | Размер (в байтах) | Загрузить | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
+ regopenkey.exe | 0415216d5aa9d70e0834c4d47ac78350 | 277.82 KB | ||||||||||||||||||
|
Ошибки Regopenkey.exe
Частичный список ошибок regopenkey.exe RegOpenKey v1.5:
- «Ошибка в приложении: regopenkey.exe»
- «Regopenkey.exe не является приложением Win32.»
- «Извините, regopenkey.exe столкнулся с проблемой. «
- «Regopenkey.exe не может быть найден. «
- «Regopenkey.exe не может быть найден. «
- «Ошибка запуска программы: regopenkey.exe.»
- «Regopenkey.exe не работает. «
- «Ошибка Regopenkey.exe. «
- «Ошибка пути программного обеспечения: regopenkey.exe. «
Эти сообщения об ошибках EXE могут появляться во время установки программы, в то время как программа, связанная с regopenkey.exe (например, RegOpenKey v1.5) работает, во время запуска или завершения работы Windows, или даже во время установки операционной системы Windows. Запись ошибок regopenkey.exe внутри RegOpenKey v1.5 имеет решающее значение для обнаружения неисправностей электронной и ретрансляции обратно в BlueLife для параметров ремонта.
Источники проблем Regopenkey.exe
Эти проблемы regopenkey.exe создаются отсутствующими или поврежденными файлами regopenkey.exe, недопустимыми записями реестра RegOpenKey v1.5 или вредоносным программным обеспечением.
Точнее, ошибки regopenkey.exe, созданные из:
- Недопустимая (поврежденная) запись реестра regopenkey.exe.
- Файл Regopenkey.exe поврежден от вирусной инфекции.
- Другая программа (не связанная с RegOpenKey v1.5) удалила regopenkey.exe злонамеренно или по ошибке.
- Regopenkey.exe конфликтует с другой программой (общим файлом).
- RegOpenKey v1.5 (regopenkey.exe) поврежден во время загрузки или установки.
Yodas 1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
||||
1 |
||||
26.07.2015, 20:45. Показов 10867. Ответов 15 Метки нет (Все метки)
RegOpenKeyEx возвращает 2 хотя ключ в реестре точно существует и в regedit я его вижу перепробывал уже тучу параметров подскажите что не так
__________________
0 |
Модератор 3352 / 2127 / 349 Регистрация: 13.01.2012 Сообщений: 8,290 |
|
26.07.2015, 20:47 |
2 |
мб нужны права админа?
0 |
hoggy 8719 / 4299 / 958 Регистрация: 15.11.2014 Сообщений: 9,744 |
||||
26.07.2015, 20:50 |
3 |
|||
RegOpenKeyEx возвращает 2 хотя ключ в реестре точно существует и в regedit я его вижу перепробывал уже тучу параметров подскажите что не так обратите внимание на параметр:
реестр на самом деле существует в двух экземплярах: возможно, ключ который вам нужен существует только в 32битной версии.
0 |
1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
|
26.07.2015, 21:00 [ТС] |
4 |
Насколько фпонимаю если она лежит в ветке с папкой Wow6432Node то ключ в 64м битном экземпляре Software\Wow6432Node\Microsoft\Windows\Current Version\Run\AVG_UI Миниатюры
0 |
1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
|
26.07.2015, 21:25 [ТС] |
5 |
мб нужны права админа? Запустил от имени администратора не помогло
0 |
Ушел с форума 16454 / 7418 / 1186 Регистрация: 02.05.2013 Сообщений: 11,617 Записей в блоге: 1 |
|
26.07.2015, 21:43 |
6 |
Уберите «Wow6432Node» в пути ключа реестра. Как написал hoggy выше, доступ в 64-битную ветку получается с Задавать в явном виде «Wow6432Node» не нужно.
0 |
1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
|
26.07.2015, 21:48 [ТС] |
7 |
Уберите «Wow6432Node» в пути ключа реестра. Как написал hoggy выше, доступ в 64-битную ветку получается с Задавать в явном виде «Wow6432Node» не нужно. Wow6432Node убрал, пробовал KEY_WOW64_64KEY и KEY_WOW64_32KEY все равно возвращает 2(Система не может найти указанный файл.)
0 |
Убежденный Ушел с форума 16454 / 7418 / 1186 Регистрация: 02.05.2013 Сообщений: 11,617 Записей в блоге: 1 |
||||||||
26.07.2015, 21:58 |
8 |
|||||||
Покажите исправленный код. И еще.
AVG_UI — это неправильно, ведь это название значения, а не ключа.
И далее RegQueryValueEx и вот уже туда передавайте AVG_UI.
0 |
Yodas 1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
||||||||||||
26.07.2015, 22:16 [ТС] |
9 |
|||||||||||
Покажите исправленный код. Добавлено через 1 минуту AVG_UI — это неправильно, ведь это название значения, а не ключа.
И далее RegQueryValueEx и вот уже туда передавайте AVG_UI.
Не дочитал счас попробую (И далее RegQueryValueEx и вот уже туда передавайте AVG_UI.) Добавлено через 18 минут
0 |
Ушел с форума 16454 / 7418 / 1186 Регистрация: 02.05.2013 Сообщений: 11,617 Записей в блоге: 1 |
|
26.07.2015, 22:49 |
10 |
У Вас на скриншоте выше четко видно, что открыт ключ HKLMSoftwareWow6432Node…Run,
0 |
Заблокирован |
|
27.07.2015, 10:54 |
11 |
Добавлю от себя.
2 |
Yodas 1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
||||
27.07.2015, 12:02 [ТС] |
12 |
|||
Пробовал различные комбинаций менял 32 и 64 запускал с правами Админа все равно ошибка два вылазит
Может это связана с тем что у меня 8.1 х64 там как то по другому реестр строиться
0 |
Ушел с форума 16454 / 7418 / 1186 Регистрация: 02.05.2013 Сообщений: 11,617 Записей в блоге: 1 |
|
27.07.2015, 12:13 |
13 |
В RegQueryValueEx первым параметром следует передавать hKey, открытый
0 |
1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
|
27.07.2015, 12:38 [ТС] |
14 |
В RegQueryValueEx первым параметром следует передавать hKey, открытый О_о пошло движение теперь выдает ошибку 5 в доступе отказано это я так понимаю надо KEY_Write менять?
0 |
Ушел с форума 16454 / 7418 / 1186 Регистрация: 02.05.2013 Сообщений: 11,617 Записей в блоге: 1 |
|
27.07.2015, 12:44 |
15 |
Сообщение было отмечено Yodas как решение Решение См. в MSDN на странице описания соответствующих функций работы с
1 |
1 / 1 / 0 Регистрация: 01.05.2015 Сообщений: 26 |
|
27.07.2015, 15:10 [ТС] |
16 |
Если кому интересно правильный ключ доступа был KEY_QUERY_VALUE.
0 |
I copied both SAM and SYSTEM files from my Windows7 OS, and then used this command to read the content of the SAM file samdump2 SAM SYSTEM > mdp_chiffres.txt
, but i’m getting this error Error reading ControlSet: _RegOpenKey
.
PS : I have a dual boot of Ubuntu 15.10 (Linux) and Windows 7, and this operation i mentioned above is being operated from Ubuntu.
asked Feb 1, 2016 at 17:05
Instead of:
samdump2 SAM SYSTEM
Try:
samdump2 SYSTEM SAM
The man page lists it the same way.
(Just tested this on samdump2 version 3)
schroeder♦
125k55 gold badges289 silver badges324 bronze badges
answered Sep 9, 2020 at 13:42
3
well i got it to work by following theses steps :
-
You have first to install a compatible version of
samdupm2
andbkhive
(because I have tested the ones on the repositories and it doesn’t work well) using this commands :curl http://http.us.debian.org/debian/pool/main/s/samdump2/samdump2_1.1.1-1.1_i386.deb > samdump2_1.1.1-1.1_i386.deb dpkg -i samdump2_1.1.1-1.1_i386.deb curl http://http.us.debian.org/debian/pool/main/b/bkhive/bkhive_1.1.1-1_i386.deb > bkhive_1.1.1-1_i386.deb dpkg -i bkhive_1.1.1-1_i386.deb
Ps : If you have problems with dependecies then execute this command
sudo apt-get install -f
-
Then you have to use
bkhive
on the SYSTEM file with this commandbkhive SYSTEM keys.txt
. -
And finally we use the
samdump2
to get the hashed passwords using this commandsamdump2 SAM keys.txt > hashed_passwords.txt
.
I have just tested it and it works just fine.
answered Feb 1, 2016 at 18:00
SidahmedSidahmed
6592 gold badges10 silver badges27 bronze badges