/* * ----- * Screenshot Sender - registry.js * ----- * Provides Screenshot Sender registry access * ----- */ // todo // add functions to create 'hidden' registry functions // Registry value types var REG_NONE = 0; var REG_SZ = 1; var REG_EXPAND_SZ = 2; var REG_BINARY = 3; var REG_DWORD = 4; var REG_MULTI_SZ = 7; // Registry key locations var HKEY_CLASSES_ROOT = 0x80000000; var HKEY_CURRENT_USER = 0x80000001; var HKCU = HKEY_CURRENT_USER; var HKEY_LOCAL_MACHINE = 0x80000002; var HKEY_USERS = 0x80000003; var HKEY_PERFORMANCE_DATA = 0x80000004; var HKEY_PERFORMANCE_TEXT = 0x80000050; var HKEY_PERFORMANCE_NLSTEXT = 0x80000060; var HKEY_CURRENT_CONFIG = 0x80000005; var HKEY_DYN_DATA = 0x80000006; // Registry key constants var KEY_READ = 0x20019; var KEY_WRITE = 0x20006; var KEY_EXECUTE = 0x20019; var KEY_ALL_ACCESS = 0xf003f; var REG_OPTION_NON_VOLATILE = 0; var ERROR_SUCCESS = 0; var ERROR_NO_MORE_ITEMS = 259; /* Name: Registry_CreateKey Purpose: Creates a key in the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location to create. Last key in the path should be the only one that doesn't exist. Function is not recursive. Return: True if key was created properly/False if it failed */ function Registry_CreateKey(lKeyLocation, sKey) { var hKey = Interop.Allocate(4); if (Registry_KeyExist(lKeyLocation, sKey) == false) var lRetVal = Interop.Call('advapi32.dll', 'RegCreateKeyW', lKeyLocation, sKey, hKey); Registry_CloseKey(hKey.ReadDWORD(0)); return lRetVal === ERROR_SUCCESS; } /* Name: Registry_DeleteKey Purpose: Deletes a key in the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Key to delete. Must not have any subkeys or values Return: True if key was deleted properly/False if it failed */ function Registry_DeleteKey(lKeyLocation, sKey) { var hKey = Interop.Allocate(4); return Interop.Call('advapi32.dll', 'RegDeleteKeyW', lKeyLocation, sKey) === ERROR_SUCCESS; } /* Name: Registry_DeleteKeyValue Purpose: Deletes a value in the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location where the key to be deleted resides sKeyName - Key to be deleted Return: True if key was deleted properly/False if it failed */ function Registry_DeleteKeyValue(lKeyLocation, sKey, sKeyName) { var hKey = Interop.Allocate(4); var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_WRITE, hKey) if (lRetVal === ERROR_SUCCESS) { lRetVal = Interop.Call('advapi32.dll', 'RegDeleteValueW', hKey.ReadDWORD(0), sKeyName); Registry_CloseKey(hKey.ReadDWORD(0)); return lRetVal === ERROR_SUCCESS; }else{ return false; } } /* Name: Registry_KeyExist Purpose: Checks to see if a key exists in the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location to check Return: True if the key exists/False if it doesn't */ function Registry_KeyExist(lKeyLocation, sKey) { var hKey = Interop.Allocate(4); var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_READ, hKey); Registry_CloseKey(hKey.ReadDWORD(0)); return lRetVal === ERROR_SUCCESS; } /* Name: Registry_KeyValueExist Purpose: Checks to see if a value exists in the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location where the key should reside sKeyName - Key that is being checked to see if it exists Return: True if the value exists/False if it doesn't */ function Registry_KeyValueExist(lKeyLocation, sKey, sKeyName) { var hKey = Interop.Allocate(4); var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_READ, hKey); if (lRetVal === ERROR_SUCCESS) { lRetVal = Interop.Call('advapi32.dll', 'RegQueryValueExW', hKey.ReadDWORD(0), sKeyName, 0, 0, 0, 0); Registry_CloseKey(hKey.ReadDWORD(0)); return lRetVal === ERROR_SUCCESS; }else{ return false; } } /* Name: Registry_EnumSubkeys Purpose: Retrieves a all of the subkeys of a specific key from the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location where to retrieve the subkeys from sOut - Object to return the subkeys to Return: Array of subkeys / False if it failed */ function Registry_EnumSubkeys(lKeyLocation, sKey, sOut) { var hKey = Interop.Allocate(4); var lpName = Interop.Allocate((255 + 1) * 2); var lpcName = Interop.Allocate(4); lpcName.WriteDWORD(0, 255); var lpftLastWriteTime = Interop.Allocate(8); var lIndex = 0; var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_READ, hKey); if (lRetVal === ERROR_SUCCESS) { while (Interop.Call('advapi32', 'RegEnumKeyExW', hKey.ReadDWORD(0), lIndex, lpName, lpcName, 0, 0, 0, 0) != ERROR_NO_MORE_ITEMS) { sOut[lpName.ReadString(0)] = ''; ++lIndex; lpcName.WriteDWORD(0, 255); lpName.Size = 0; lpName = Interop.Allocate((255 + 1) * 2); } Registry_CloseKey(hKey.ReadDWORD(0)); return sOut; } else { return false; } } /* Name: Registry_EnumKeys Purpose: Retrieves a all of the subkeys of a specific key from the registry Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location where to retrieve the keys from sOut - Object which to store keys and values Return: Object containing keys and their values / False if it failed */ function Registry_EnumKeys(lKeyLocation, sKey, sOut) { var hKey = Interop.Allocate(4); var lpName = Interop.Allocate((255 + 1) * 2); var lpcName = Interop.Allocate(4); lpcName.WriteDWORD(0, 255); var lpType = Interop.Allocate(4); var lIndex = 0; var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_READ, hKey); if (lRetVal === ERROR_SUCCESS) { while (Interop.Call('advapi32', 'RegEnumValueW', hKey.ReadDWORD(0), lIndex, lpName, lpcName, 0, lpType, 0, 0) !== ERROR_NO_MORE_ITEMS) { sOut[lpName.ReadString(0)] = Registry_GetKeyValue(HKCU, sKey, lpName.ReadString(0)); ++lIndex; lpcName.WriteDWORD(0, 255); lpName = Interop.Allocate((255 + 1) * 2); } Registry_CloseKey(hKey.ReadDWORD(0)); return sOut; } else { return false; } } /* Name: Registry_GetKeyValue Purpose: Get the type of key to generically call the function (useful if you don't remember the type) Parameters: lKeyLocation - Hive to look in for the sKey(ex. HKEY_CURRENT_USER) sKey - Location where the key should reside sKeyName - Key to retrieve the value of Return: Value of the registry key/False if it failed */ function Registry_GetKeyValue(lKeyLocation, sKey, sKeyName) { var hKey = Interop.Allocate(4); var buff_size = 255; var lBufferSize = Interop.Allocate(4); lBufferSize.WriteDWORD(0, 2 * buff_size); var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_READ, hKey); if (lRetVal === ERROR_SUCCESS) { var lpType = Interop.Allocate(4); lRetVal = Interop.Call('advapi32.dll', 'RegQueryValueExW', hKey.ReadDWORD(0), sKeyName, 0, lpType, 0, lBufferSize); if (lRetVal === ERROR_SUCCESS) { switch (lpType.ReadDWORD(0)) { case REG_EXPAND_SZ : case REG_MULTI_SZ : case REG_SZ : var Buffer = Interop.Allocate(2 * lBufferSize.ReadDWORD(0) + 2); Interop.Call('advapi32.dll', 'RegQueryValueExW', hKey.ReadDWORD(0), sKeyName, 0, lpType, Buffer, lBufferSize); Buffer = Buffer.ReadString(0); break; case REG_DWORD: var Buffer = Interop.Allocate(Math.max(4, lBufferSize.ReadDWORD(0))); Interop.Call('Advapi32', 'RegQueryValueExW', hKey.ReadDWORD(0), sKeyName, 0, lpType, Buffer, lBufferSize); Buffer = Buffer.ReadDWORD(0); break; case REG_BINARY : var Buffer = Interop.Allocate(2 * lBufferSize.ReadDWORD(0) + 2); Interop.Call('advapi32.dll', 'RegQueryValueExW', hKey.ReadDWORD(0), sKeyName, 0, lpType, Buffer, lBufferSize); Buffer = Buffer.ReadString(0); break; default: return false; //Cannot read registry key } Registry_CloseKey(hKey.ReadDWORD(0)); return Buffer; } else { return false; } } else { return false; } } /* Name: Registry_SetKeyValue Purpose: Set the value of key(useful if you don't remember the type) Parameters: lKeyLocation - Hive to save sKey in(ex. HKEY_CURRENT_USER) sKey - Location where the key will reside sKeyName - Key to create sKeyValue - Value of the key to be set lpType - Key type(ex. REG_DWORD) Return: True if succeeded /False if it failed */ function Registry_SetKeyValue(lKeyLocation, sKey, sKeyName, sKeyValue, lpType) { var hKey = Interop.Allocate(4); var lRetVal = Interop.Call('advapi32.dll', 'RegOpenKeyExW', lKeyLocation, sKey, 0, KEY_WRITE, hKey); if (lRetVal === ERROR_SUCCESS) { switch (lpType) { case REG_EXPAND_SZ : case REG_MULTI_SZ : case REG_SZ : sKeyValue = String(sKeyValue); var buff_size = sKeyValue.length; var lBufferSize = Interop.Allocate(4); lBufferSize.WriteDWORD(0, (2 * buff_size + 2)); lRetVal = Interop.Call('advapi32.dll', 'RegSetValueExW', hKey.ReadDWORD(0), sKeyName, 0, lpType, sKeyValue, lBufferSize.ReadDWORD(0)); break; case REG_DWORD : var lKeyValue = Interop.Allocate(4); lKeyValue.WriteDWORD(0, (sKeyValue & 0xFFFFFFFF)); lRetVal = Interop.Call('advapi32.dll', 'RegSetValueExW', hKey.ReadDWORD(0), sKeyName, 0, REG_DWORD, lKeyValue, 4); break; case REG_BINARY : sKeyValue = String(sKeyValue); var lBufferSize = Interop.Allocate(4); lBufferSize.WriteDWORD(0, (2 * sKeyValue.length + 2)); lRetVal = Interop.Call('advapi32.dll', 'RegSetValueExW', hKey.ReadDWORD(0), sKeyName, 0, REG_BINARY, sKeyValue, lBufferSize.ReadDWORD(0)); break; default : return false; } Registry_CloseKey(hKey.ReadDWORD(0)); return lRetVal === ERROR_SUCCESS; } else { return false; } } /* Name: Registry_CloseKey Purpose: Closes the open handle to the registry Parameters: hKey - handle to the open registry key Return: True if it closed / False if it failed */ function Registry_CloseKey(hKey) { return Interop.Call('advapi32.dll', 'RegCloseKey', hKey) === ERROR_SUCCESS; }