If you are looking for something that comes standard with NT or 2000 use regedit. You can use the /e switch to export key and value information from the registry. regedit /e c:\temp\regdump.reg This will dump all information from the registry to a text file. You are still restricted by ACL's but this is not usually a problem as by default everyone has access to read most of the registry. This tends to make quite a large text file. It is possible to specifically dump information for only one registry key. regedit /e c:\temp\regdump.reg \\HKEY_LOACL_MACHINE\SOFTWARE\TEST\ This is a good information gathering exercise that works well with exploits like Unicode on IIS. regedit /s c:\temp\input.reg Where input.reg contains something along the lines of: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\TEST] "FileName"="test.exe" Will allow you to add or change information in the registry that you have access to. Hope this helps. It is not the best way of adding/changing values in the registry. I would only recommend using it if there is no other option available to you. Phill. -----Original Message----- From: adi77at_private Sent: Friday, 13 April 2001 11:42 a.m. To: PEN-TESTat_private Subject: Re: [PEN-TEST] Security Issues ... NT vuln ? Simply use reg.exe tool that comes with WinNT 4.0 Resource Kit. reg Command-line registry manipulation utility version 1.00. Copyright Microsoft Corporation 1997. All rights reserved. REG operation <Parameter List> operation [ QUERY | ADD | UPDATE | DELETE | COPY | SAVE | BACKUP | RESTORE | LOAD | UNLOAD ] For help on a specific operation type: REG operation /? Examples: REG QUERY /? REG ADD /? REG UPDATE /? REG DELETE /? REG COPY /? REG SAVE /? REG BACKUP /? REG RESTORE /? REG LOAD /? REG UNLOAD /? Cheers, Adrian Lazar -----Original Message----- From: Penetration Testers [mailto:PEN-TESTat_private]On Behalf Of Lahoz Casarramona, Gemma Sent: Wednesday, April 11, 2001 1:58 AM To: PEN-TESTat_private Subject: Re: [PEN-TEST] Security Issues ... NT vuln ? KiXtart95, an enhanced batch language for Win95 and WinNT (I've got it working on Win2k as well) can do that for you. It comes with the Windows NT 4.0 Resource Kit, accompanied by a very good manual that explains how to use it. -----Original Message----- From: sekure [mailto:sekureat_private] Sent: dinsdag 10 april 2001 13:54 To: PEN-TESTat_private Subject: [PEN-TEST] Security Issues ... NT vuln ? 6) Somebody know a program for command (cmd.exe or command.com) that can manipule the registry ?? To see keys, write in keys, ... ! Do you know?? Where i can get it ?? ************************************************************ CAUTION: This e-mail and any attachment(s) contains information that is both confidential and possibly legally privileged. No reader may make any use of its content unless that use is approved by Deloitte separately in writing. Any opinion, advice or information contained in this e-mail and any attachment(s) is to be treated as interim and provisional only and for the strictly limited purpose of the recipient as communicated to us. Neither the recipient nor any other person should act upon it without our separate written authorisation of reliance. If you have received this message in error please notify us immediately and destroy this message. Thank you. Phillip Mawson Deloitte Touche Tohmatsu Internet: www.deloitte.co.nz ************************************************************
This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 17:07:39 PDT