wwe has asked for the wisdom of the Perl Monks concerning the following question:

Dear monks, I'm looking for a way to export windows registry. I know about Win32::TieRegistry module which works fine but this not what I want. I want to export a key with all subkeys using the same format the as native regedit.exe tool. This format is a bit specific, something like text but "enhanced" registry types like REG_MULTI_SZ are exported as hex string: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\wwe]
"binary"=hex:00,11
"dword"=dword:00000010
"multi-sz"=hex(7):66,00,69,00,72,00,73,00,74,00,20,00,6c,00,69,00,6e,0
+0,65,00,\
  00,00,73,00,65,00,63,00,6f,00,6e,00,64,00,20,00,6c,00,69,00,6e,00,65
+,00,00,\
  00,74,00,68,00,69,00,72,00,64,00,20,00,6c,00,69,00,6e,00,65,00,00,00
+,00,00
"reg-sz"="string"
"expand-sz"=hex(2):25,00,70,00,61,00,74,00,68,00,25,00,00,00

[download]
It's easy to get following output using Win32::tieRegistry: 
"binary"=3:<one or two non-ASCII character displayed here>
"dword"=4:0x00000010
"multi-sz"=7:first<null delimiter here>line-second line<null delimiter
+ here>third line<null delimiter here><null delimiter here>
"reg-sz"=1:string
"expand-sz"=2:%path%

[download]
if I use this code: 
use Modern::Perl;

use Win32::TieRegistry ( Delimiter=>'/', SplitMultis=>0, FixSzNulls =>
+1, ArrayValues => 0,
qw( REG_SZ REG_EXPAND_SZ REG_DWORD REG_BINARY REG_MULTI_SZ
    KEY_READ KEY_WRITE KEY_ALL_ACCESS ), );

my $reg_obj = $Registry->Open("LMachine/Software/wwe", { Access=>'KEY_
+READ' } )
  or die "Error: $^E\n";
  
foreach my $value ($reg_obj->ValueNames()) {
    my ($valuedata, $valuetype) = $reg_obj->GetValue( $value );
    my %valuetypes = (
    );
    say qq{"$value"=$valuetype:$valuedata};
}

[download]

I'm looking for a long time for a module or a ready script wich exports the registry in the same format but I didn't found anything until now.

Is there a way to get the "regedit" output without doing manual pack/unpack? I don't want to do it as I'm not really familiar with pack. I know about the possibility to call regedit.exe with an /E parameter (or reg.exe) but this not enough I want to process remote machines too. It would be OK if the solution is limited to Windows plattform, I don't think there is some crasy user who want to start it somewhere else :-) I'm also open to any other ideas. Thank you in advance.

Replies are listed 'Best First'.
Re: Win32 registry export
by Anonymous Monk on Jun 16, 2010 at 15:56 UTC
[reply]
      I checked this module already. This is only for processing native binary registry files like SYSTEM.DAT. After re-reading the docs according to your advice I found an interesting function "as_regedit_export". It looks like what I'm looking for. At the moment I'm trying to adapt this function for my code.
[reply]
        First of all thank you Anonymous Monk. You advise pointed me to the right direction. At the moment I'm able to get the output in a format of regedit.exe tool. There is only one problem: the tool writes the files as Unicode UTF-16LE with byte-order-marks (BOM). There is no problem to write a file in unicode and also the BOM sequence came up very fast: 
        open my $fh, '>:encoding(UTF-16LE)', 'wwe-perl.reg';
print {$fh} "\x{FEFF}";
print {$fh} "Windows Registry Editor Version 5.00\n\n";
say {$fh} "[HKLM\\SOFTWARE\\WWE]";
close $fh;

        [download]
        But I'm stuck with a problem I can't find a solution: every end of line has a byte sequence of "00 0D 00 0A" at regedit output and "00 0D 0A 00" at my script output. I don't know what is wrong and how to change this. With the current output I the file looks like a number of Chinese characters. Everything works fine if don't add "\n" to my output (the editor displays the string "Windows Registry Editor Version 5.00" and Unicode BOM as file format. Thank you for any help!
[reply]
[d/l]

Back to Seekers of Perl Wisdom