MeshCentral/agents/modules_meshcore_min/win-registry.min.js
2019-01-04 14:35:44 -08:00

1 line
3.3 KiB
JavaScript

var KEY_QUERY_VALUE=1;var KEY_WRITE=131078;var KEY_DATA_TYPES={REG_NONE:0,REG_SZ:1,REG_EXPAND_SZ:2,REG_BINARY:3,REG_DWORD:4,REG_DWORD_BIG_ENDIAN:5,REG_LINK:6,REG_MULTI_SZ:7,REG_RESOURCE_LIST:8,REG_FULL_RESOURCE_DESCRIPTOR:9,REG_RESOURCE_REQUIREMENTS_LIST:10,REG_QWORD:11};function windows_registry(){this._ObjectId="win-registry";this._marshal=require("_GenericMarshal");this._AdvApi=this._marshal.CreateNativeProxy("Advapi32.dll");this._AdvApi.CreateMethod("RegCreateKeyExA");this._AdvApi.CreateMethod("RegOpenKeyExA");this._AdvApi.CreateMethod("RegQueryValueExA");this._AdvApi.CreateMethod("RegCloseKey");this._AdvApi.CreateMethod("RegDeleteKeyA");this._AdvApi.CreateMethod("RegDeleteValueA");this._AdvApi.CreateMethod("RegSetValueExA");this.HKEY={Root:Buffer.from("80000000","hex").swap32(),CurrentUser:Buffer.from("80000001","hex").swap32(),LocalMachine:Buffer.from("80000002","hex").swap32(),Users:Buffer.from("80000003","hex").swap32()};this.QueryKey=function b(g,k,i){var e=this._marshal.CreatePointer();var j=this._marshal.CreateVariable(4);var m=this._marshal.CreateVariable(4);i=this._marshal.CreateVariable(i);var f=this._marshal.CreatePointer(g);var l=null;if(this._AdvApi.RegOpenKeyExA(f,this._marshal.CreateVariable(k),0,KEY_QUERY_VALUE,e).Val!=0){throw ("Error Opening Registry Key: "+k)}if(this._AdvApi.RegQueryValueExA(e.Deref(),i,0,0,0,j).Val==0){var d=this._marshal.CreateVariable(j.toBuffer().readUInt32LE());if(this._AdvApi.RegQueryValueExA(e.Deref(),i,0,m,d,j).Val==0){switch(m.toBuffer().readUInt32LE()){case KEY_DATA_TYPES.REG_DWORD:l=d.toBuffer().readUInt32LE();break;case KEY_DATA_TYPES.REG_DWORD_BIG_ENDIAN:l=d.toBuffer().readUInt32BE();break;case KEY_DATA_TYPES.REG_SZ:l=d.String;break;case KEY_DATA_TYPES.REG_BINARY:default:l=d.toBuffer();l._data=d;break}}}else{this._AdvApi.RegCloseKey(e.Deref());throw ("Not Found")}this._AdvApi.RegCloseKey(e.Deref());return(l)};this.WriteKey=function c(g,j,i,l){var k;var f=this._marshal.CreatePointer();if(this._AdvApi.RegCreateKeyExA(this._marshal.CreatePointer(g),this._marshal.CreateVariable(j),0,0,0,KEY_WRITE,0,f,0).Val!=0){throw ("Error Opening Registry Key: "+j)}var d;var e;switch(typeof(l)){case"boolean":e=KEY_DATA_TYPES.REG_DWORD;d=this._marshal.CreateVariable(4);d.toBuffer().writeUInt32LE(l?1:0);break;case"number":e=KEY_DATA_TYPES.REG_DWORD;d=this._marshal.CreateVariable(4);d.toBuffer().writeUInt32LE(l);break;case"string":e=KEY_DATA_TYPES.REG_SZ;d=this._marshal.CreateVariable(l);break;default:e=KEY_DATA_TYPES.REG_BINARY;d=this._marshal.CreateVariable(l.length);l.copy(d.toBuffer());break}if(this._AdvApi.RegSetValueExA(f.Deref(),this._marshal.CreateVariable(i),0,e,d,d._size).Val!=0){this._AdvApi.RegCloseKey(f.Deref());throw ("Error writing reg key: "+i)}this._AdvApi.RegCloseKey(f.Deref())};this.DeleteKey=function a(e,g,f){if(!f){if(this._AdvApi.RegDeleteKeyA(this._marshal.CreatePointer(e),this._marshal.CreateVariable(g)).Val!=0){throw ("Error Deleting Key: "+g)}}else{var d=this._marshal.CreatePointer();var i;if(this._AdvApi.RegOpenKeyExA(this._marshal.CreatePointer(e),this._marshal.CreateVariable(g),0,KEY_QUERY_VALUE|KEY_WRITE,d).Val!=0){throw ("Error Opening Registry Key: "+g)}if((i=this._AdvApi.RegDeleteValueA(d.Deref(),this._marshal.CreateVariable(f)).Val)!=0){this._AdvApi.RegCloseKey(d.Deref());throw ("Error["+i+"] Deleting Key: "+g+"."+f)}this._AdvApi.RegCloseKey(d.Deref())}}}module.exports=new windows_registry();