Hivetools 0.4pre0

Hivetools software is organized into a low-level library (lib), a mid-level library (hivetools) and user programs (bin).

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!
send us
an update
GPL (GNU General Public License) 
1.9/5 19
Sean Loaring
ROOT \ System \ Recovery
Hivetools software is organized into a low-level library (lib), a mid-level library (hivetools) and user programs (bin). The low-level library provides access to raw hive files. Its interface attempts to approximate that of the win32 registry API.

The mid-level library facilitates use of the low-level library. It provides a POSIX-like API as well as functions that operate on data stored within the registry (such as SAM data). The programs leverage both the mid and low-level libraries. They allow users to perform actions upon the registry.

Programs (bin)
regmod - insert and extract .reg (Regedit style) files
hiveshell - what has become of the chntpw interface. Some of the chntpw functionality is still missing from hiveshell at this time.
sam - provides access to Security Accounts Manager data

Mid-level Library (hivetools)

The mid-level library is found in the hivetools directory (which may be renamed in the near future). It currently provides the following:

nstdreg: provides registry access through a more POSIX-like interface. Provides functions such as
ns_open(char*) open a registry key such as "HKEY_LOCAL_MACHINE/software/whatever"
etc, etc...
sam: provides access to the SAM database
retrieve user list
decode user V,F structures
decode SAM F structure
password crypto functions

Low-level library (lib)

The low-level library attempts to emulate (currently poorly) the windows registry API. It provides functions such as:

long rlRegOpenHiveFile(rl_hkey *result, const char *fname, const char *keypath, int mode );
long rlRegOpenKeyEx(rl_hkey hkey, const char *skname, ulong options, REGSAM, rl_hkey *result);
long rlRegQueryValueEx(rl_hkey key, const char *vname, unsigned long *type,
long rlRegEnumKeyEx(rl_hkey, unsigned long index, char *name, unsigned long *len, char *cname,
long rlRegEnumValue(rl_hkey key, unsigned long index, char *vname, unsigned
long rlRegSetValueEx( rl_hkey key, const char *vname, ulong reserved, ulong type, const char* buf, ulong blen);
long rlRegCreateKeyEx(rl_hkey hkey, const char *skname, const char *r_class, unsigned long options, REGSAM desired,
long rlRegQueryInfoKey()
long rlRegQueryMultipleValues()
long rlRegCloseKey(rl_hkey key)
long rlRegFlushKey(rl_hkey key)
long rlRegDeleteKey(rl_hkey key, const char *skname)
long rlRegDeleteValue(rl_hkey key, const char *vname)

What's New in This Release:

Vastly improved Unicode support.
There are some bugfixes.
proftool has been added to aid in manual profile migration.

Last updated on October 18th, 2007

#low-level library #mid-level library #registry API #Hivetools #low-level #mid-level #library

Add your review!