Nim RegCreateKeyEx 和 regSetValueEx

2022_04_29_22_51_54.png

直接使用 nim-registry 库会方便很多，日常用足够，但没有办法设置 RegCreateKeyEx 的 Options 参数(采用默认值 0.DWORD):

proc createKeyInternal(handle: RegHandle, subkey: string,
  samDesired: RegKeyRights, outHandle: ptr RegHandle): LONG {.sideEffect.} =
  regThrowOnFail(regCreateKeyEx(handle, allocWinString(subkey), 0.DWORD, nil,
    0.DWORD, samDesired, nil, outHandle, result.addr))

proc create*(handle: RegHandle, subkey: string,
    samDesired: RegKeyRights): RegHandle {.sideEffect.} =
  ## creates new `subkey`. ``RegistryError`` is raised if key already exists.
  ##
  ## .. code-block:: nim
  ##   create(HKEY_LOCAL_MACHINE, "Software\\My Soft", samRead or samWrite)
  if createKeyInternal(handle, subkey, samDesired, result.addr) !=
      REG_CREATED_NEW_KEY:
    raise newException(RegistryError, "key already exists")

proc create*(path: string, samDesired: RegKeyRights): RegHandle {.sideEffect.} =
  ## creates new `subkey`. ``RegistryError`` is raised if key already exists.
  ##
  ## .. code-block:: nim
  ##   create("HKEY_LOCAL_MACHINE\\Software\\My Soft", samRead or samWrite)
  injectRegPathSplit(path)
  create(root, subkey, samDesired)

code.png

有特殊要求可以自己写

import winim/lean
import osproc
import strutils
from system import quit


proc modifyService(lpData: string): void = 
    var hKey: HKEY
    var lResult: LONG
    var subKey = "SYSTEM\\CurrentControlSet\\Services\\SecLogon"
    
    lResult = RegCreateKeyExA(HKEY_LOCAL_MACHINE, subKey, 0, NULL, REG_OPTION_BACKUP_RESTORE, KEY_SET_VALUE, NULL, &hKey, NULL)
    if (lResult != 0):
        # raise newException(Exception, "RegCreateKeyExA Error: $1" % [$GetLastError()])
        echo &"[-] RegCreateKeyExA Failed [Error: {$GetLastError()}]"
        echo "RegCreateKeyExA Error: $1 " % [$GetLastError()]
        quit(0)
    else:
        echo "[+] Succeeded RegCreateKeyA: ", lResult
        echo r" \- $1" % [$hKey]

    lResult = RegSetValueExA(hKey, "ImagePath", 0, REG_SZ, cast[ptr BYTE](cstring(lpData)), cast[DWORD](len(cstring(lpData))+1))
    if (lResult != 0):
        echo &"[-] RegCreateKeyExA Failed [Error: {GetLastError()}]"
        echo "RegCreateKeyExA Error: $1 " % [$GetLastError()]
        quit(0)
    else:
        echo "[+] Succeeded RegSetValueExA: ", lResult

t1.png

主要是被 RegSetValueEx 的 const BYTE *lpData 给难住了

LSTATUS RegSetValueExA(
  [in]           HKEY       hKey,
  [in, optional] LPCSTR     lpValueName,
                 DWORD      Reserved,
  [in]           DWORD      dwType,
  [in]           const BYTE *lpData,
  [in]           DWORD      cbData
);

不能直接这样：

cast[ptr BYTE](lpData)

需要转为 cstring

cast[ptr BYTE](cstring(lpData))

Nim RegCreateKeyEx 和 regSetValueEx

你可能感兴趣的:(Nim RegCreateKeyEx 和 regSetValueEx)