Security Basics mailing list archives
Re: Null Terminated Strings
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 29 Jun 2005 11:29:23 +0200
On 2005-06-27 ChayoteMu wrote:
I'm not sure if it'd work because I haven't tried it, but if you're feeling brave you could try to export the registry, then go through the export file and remove the key from there. Then import the fixed reg file. It sounds doable, but I don't know what the exported reg file looks like sp I don't know what's involved in all of that, but I'll give it a shot tonight.
Importing a .reg file that doesn't contain a specific key surely won't make that key disappear in the registry. That wouldn't make any sense. However, creating and importing a .reg file like this may do the trick: ----8<---- REGEDIT4 [-HKLM\Your\Invisible\Key] ---->8---- Another option may be starting regedit with SYSTEM privileges (e.g. by using the "at" command as an administrator) and checking the ACLs of the key in question. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Null Terminated Strings e_borgard (Jun 27)
- RE: Null Terminated Strings Prashant Meswani (Jun 27)
- Re: Null Terminated Strings ChayoteMu (Jun 28)
- Re: Null Terminated Strings Ansgar -59cobalt- Wiechers (Jun 29)