拨开荷叶行,寻梦已然成。仙女莲花里,翩翩白鹭情。
IMG-LOGO
主页 文章列表 即使运行没有错误,C 也不会改变注册表

即使运行没有错误,C 也不会改变注册表

白鹭 - 2022-02-13 1984 0 0

尝试撰写代码以在无尽的时间后使用 C 更改注册表项我达到了这一点,但是即使以管理员身份运行,此代码仍然无法编辑注册表

根据我使用的这个问题,更改注册表需要 4 个函式,并且每个函式都回传零,这意味着该函式没有错误完成,但注册表 gui 中的值仍然没有更改

SecurityHealthstrartup服务是我的机器上运行,并且具有路径%windir%\system32\SecurityHealthSystray.exe和型别REG_EXPAND_SZ

我什至尝试创建一个类似于的新条目,但 SecurityHealth仍然没有任何改变

我以管理员身份编译并以管理员身份运行

HKEY open_reg()
{
    int result;
    LPCSTR lpSubKey = "Software\\Microsoft\\Windows\\CurrentVersion\\Run";
    HKEY hKey; 

    result = RegOpenKeyExA(HKEY_LOCAL_MACHINE, lpSubKey, 0, KEY_QUERY_VALUE|KEY_WRITE|KEY_READ|KEY_SET_VALUE, &hKey);

    if ( result != 0)
    {
        cout << " Failed to open registry. - [ "<< result<< "]" <<endl;
    }
    else
    {
        cout << "Found registry key. - [" << result<<"]" << endl;
    }
    return hKey;
}




HKEY find_reg_value(HKEY handle)
{
    

    LPCSTR lpValueName = "SecurityHealth";
    DWORD BufferSize = TOTALBYTES;
    DWORD cbData;
    int dwRet;

    PPERF_DATA_BLOCK PerfData = (PPERF_DATA_BLOCK) malloc( BufferSize );
    cbData = BufferSize;

    cout << "\nRetrieving the data..." << endl;

    dwRet = RegQueryValueExA( handle,
                             lpValueName,
                             NULL,
                             NULL,
                             (LPBYTE) PerfData,
                             &cbData );

    if ( dwRet == 0 ) 
    { 
        cout << "Successfully quered [" << dwRet << "]"<<endl;
    }
    else 
    {
        cout << "Failed to query  Error code : [" << dwRet << "]"<<endl;
    } 

    return handle;
}






void set_reg_value(HKEY handle)
{
    
    int result;
    LPCSTR lpValueName = "SecurityHealth";
    std::string file = "C:\\Windows\\System32\\cmd.exe";
    
    const  char * sth = file.c_str();
    unsigned char m_Test[file.size()];
    strcpy((char*)m_Test, sth);

    DWORD DATA_SIZE = file.size() 1;

    result = RegSetValueExA(handle,lpValueName,0,REG_EXPAND_SZ,m_Test,DATA_SIZE);
    
    if ( result == 0 ) 
    { 
        cout << "Successfully changed value [" << result << "]"<<endl;
    }
    else 
    {
        cout << "Failed to change value  Error code : [" << result << "]"<<endl;
    } 
    RegCloseKey (handle);
}


int main()
{
    cout << "testing windows registry " << endl;
    HKEY reg_handle = open_reg();
    HKEY handler = find_reg_value(reg_handle);
    set_reg_value(handler);
    system("PAUSE");
    return 0;   
}

终端中编译的exe输出

testing windows registry
Found registry key. - [0]

Retrieving the data...
Successfully quered [0]
Successfully changed value [0]
Press any key to continue . . .

编译与 g regutil.cpp

uj5u.com热心网友回复:

我怀疑您正在编译为 32 位程序,但正在查看 64 位注册表。改为编译为 64 位。(取而代之的是一个 32 位注册表,可以发现它隐藏在 64 位配置单元中,但您可能想要更改实际的 64 位版本)。

uj5u.com热心网友回复:

唯一可能发生的情况是:

  1. 进行更改后,您不会更新 GUI。

  2. 您正在修改注册表的不同区域,然后您正在查看,即,如果您正在修改 32 位注册表但查看 64 位注册表,反之亦然。阅读有关注册表重定向器受 WOW64 影响的注册表项访问MSDN 上的备用注册表视图以获取有关使用 32 位和 64 位注册表视图的更多详细信息。

话虽如此,您的代码中还有许多其他错误。

尝试更像这样的事情:

HKEY open_reg()
{
    HKEY hKey = NULL;
    int result = RegOpenKeyExA( HKEY_LOCAL_MACHINE,
                             "Software\\Microsoft\\Windows\\CurrentVersion\\Run",
                             0,
                             KEY_QUERY_VALUE | KEY_SET_VALUE /* | KEY_WOW64_(32|64)KEY if needed */,
                             &hKey );

    if ( result != 0 )
    {
        cout << " Failed to open Registry, Error " << result << endl;
        return NULL;
    }
    else
    {
        cout << "Opened Registry key" << endl;
        return hKey;
    }
}

void query_reg_value(HKEY handle)
{
    DWORD cbBuffer = TOTALBYTES;
    std::vector<char> buffer(cbBuffer);

    cout << "\nRetrieving the data..." << endl;

    int result = RegQueryValueExA( handle,
                             "SecurityHealth",
                             NULL,
                             NULL,
                             reinterpret_cast<LPBYTE>(buffer.data()),
                             &cbBuffer );

    if ( result == 0 ) 
    { 
        cout << "Successfully quered: ";
        while (cbBuffer != 0 && buffer[cbBuffer-1] == '\0') --cbBuffer; // ignore null terminator(s)
        cout.write(buffer.data(), cbBuffer);
        cout << endl;
    }
    else 
    {
        cout << "Failed to query, Error " << result << endl;
    }
}

void set_reg_value(HKEY handle)
{
    std::string file = "C:\\Windows\\System32\\cmd.exe";

    int result = RegSetValueExA( handle,
                             "SecurityHealth",
                             0,
                             REG_EXPAND_SZ,
                             reinterpret_cast<LPCBYTE>(file.c_str()),
                             file.size() 1);
    
    if ( result == 0 ) 
    { 
        cout << "Successfully changed value" << endl;
    }
    else 
    {
        cout << "Failed to change value, Error " << result << endl;
    }
}

int main()
{
    cout << "testing Windows Registry" << endl;
    HKEY hKey = open_reg();
    if (hKey) {
        query_reg_value(hKey);
        set_reg_value(hKey);
        RegCloseKey(hKey);
    }
    system("PAUSE");
    return 0;   
}

但是,应该注意的是,默认情况下只有管理员用户对 HKLM 密钥具有写访问权限,大多数用户具有只读访问权限。因此,除非您知道自己在做什么,否则在 HKLM 下同时打开密钥进行读取和写入并不是一个好主意。您应该打开一个只读键,读取它,然后关闭它。写作也是一样。例如:

HKEY open_reg(bool isWriting)
{
    HKEY hKey = NULL;
    int result = RegOpenKeyExA( HKEY_LOCAL_MACHINE,
                             "Software\\Microsoft\\Windows\\CurrentVersion\\Run",
                             0,
                             (isWriting ? KEY_SET_VALUE : KEY_QUERY_VALUE) /* | KEY_WOW64_(32|64)KEY if needed */,
                             &hKey );

    if ( result != 0 )
    {
        cout << " Failed to open Registry, Error " << result << endl;
        return NULL;
    }
    else
    {
        cout << "Opened registry key" << endl;
        return hKey;
    }
}

void query_reg_value()
{
    HKEY hKey = open_reg(false);
    if (!hKey) return;

    DWORD cbBuffer = TOTALBYTES;
    std::vector<char> buffer(cbBuffer);

    cout << "\nRetrieving the data..." << endl;

    int result = RegQueryValueExA( hKey,
                             "SecurityHealth",
                             NULL,
                             NULL,
                             reinterpret_cast<LPBYTE>(buffer.data()),
                             &cbBuffer );

    if ( result == 0 ) 
    { 
        cout << "Successfully quered: ";
        while (cbBuffer != 0 && buffer[cbBuffer-1] == '\0') --cbData; // ignore null terminator(s)
        cout.write(buffer.data(), cbBuffer);
        cout << endl;
    }
    else 
    {
        cout << "Failed to query, Error " << result << endl;
    }

    RegCloseKey(hKey);
}

void set_reg_value()
{
    HKEY hKey = open_reg(true);
    if (!hKey) return;

    std::string file = "C:\\Windows\\System32\\cmd.exe";

    int result = RegSetValueExA( hKey,
                             "SecurityHealth",
                             0,
                             REG_EXPAND_SZ,
                             reinterpret_cast<LPCBYTE>(file.c_str()),
                             file.size() 1);
    
    if ( result == 0 ) 
    { 
        cout << "Successfully changed value" << endl;
    }
    else 
    {
        cout << "Failed to change value, Error " << result << endl;
    }

    RegCloseKey(hKey);
}

int main()
{
    cout << "testing Windows Registry" << endl;
    query_reg_value();
    set_reg_value();
    system("PAUSE");
    return 0;   
}
标签:

0 评论

发表评论

您的电子邮件地址不会被公开。 必填的字段已做标记 *