Re: Null Terminated Strings

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2005-06-27 ChayoteMu wrote:
> I'm not sure if it'd work because I haven't tried it, but if you're
> feeling brave you could try to export the registry, then go through
> the export file and remove the key from there. Then import the fixed
> reg file. It sounds doable, but I don't know what the exported reg
> file looks like sp I don't know what's involved in all of that, but
> I'll give it a shot tonight.

Importing a .reg file that doesn't contain a specific key surely won't
make that key disappear in the registry. That wouldn't make any sense.
However, creating and importing a .reg file like this may do the trick:

----8<----
REGEDIT4

[-HKLM\Your\Invisible\Key]


---->8----

Another option may be starting regedit with SYSTEM privileges (e.g. by
using the "at" command as an administrator) and checking the ACLs of the
key in question.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq