Back to index

Elepheye - Source - Registry

Description

Arguments

registry PATH ...
PATH ...
Full paths to registry entries.
The key name and value name are separated by `\\'.
If the path is a key, also find its values and sub keys recursively.

Examples

registry HKEY_CURRENT_USER HKEY_LOCAL_MACHINE
registry HKCU HKLM

Root keys.

registry HKCU\SubKey

A sub key.

registry \\Server\HKLM

A remote key.

registry HKCU\SubKey\\Value

A value.

registry HKCU\SubKey\\

An unnamed default value.

Fields

path
Full path to a registry entry.
class
Class name of the key.
last_write_time
Last write time of the key in UTC, in ISO 8601 format.
type
Type name of the value.
size
Size of the value in bytes.
owner
Owner security information of the key in SDDL format.
group
Group security information of the key in SDDL format.
dacl
DACL security information of the key in SDDL format.
sacl
SACL security information of the key in SDDL format.
md5
MD5 checksum of the value.
sha1
SHA1 checksum of the value.

Options

ignore_children
Stop to find values and sub keys of the current record.

Back to index