I am looking to edit the registry values of a connected phone using windbg. I am using !reg query to look at the values. Is there an equivalent command to edit the value on the fly?
xxxxx@gmail.com wrote:
I am looking to edit the registry values of a connected phone using windbg. I am using !reg query to look at the values. Is there an equivalent command to edit the value on the fly?
Assuming you have permission and network connectivity, the “regedit” app
and the registry APIs can read and modify a remote registry.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Hi Tim,
My question is to edit the values using windbg just like !reg.
As per my understanding, RegEDIT is a seperate tool and cannot be invoked via windbg. REGAPIs have to be invoked from another script. Please tell me if I am missing some pt?
xxxxx@gmail.com wrote:
My question is to edit the values using windbg just like !reg.
As per my understanding, RegEDIT is a seperate tool and cannot be invoked via windbg. REGAPIs have to be invoked from another script. Please tell me if I am missing some pt?
No. You can’t do it from windbg, as you have already learned. I was
suggesting alternative ways to solve your problem. Another option is to
use the .! (dot bang) command to open up a shell on the remote machine,
and then use the “reg” command line tool to manipulate the registry.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Thanks for the clarification Tim. I tried dot bang to open the shell but when I do reg add in that shell, it is editing the registry of host machine and not the connected target. Windbg suggests that I can use the target’s name in the command (say \ABC\registry_path). However, I am not able to change the connected target that way (I am not sure why).
It says:
<.shell waiting 1 second(s) for process>
<.shell process may need input>ERROR: The network path was not found.
That path is valid and accessible if I put the target in mass storage and read its SYSTEM hive using regedit.
I don’t remember if i edited or modified the values
if tim says it is not possible then it might not be possible
just in case you are interested in parsing the registry you can get
some pointers in this thread
http://www.osronline.com/showthread.cfm?link=229472
iirc mathieu suiche released in github some extensions that could play
with remote registry
(improved !reg functionality ) you could check them out too
On 1/20/16, xxxxx@gmail.com wrote:
> Thanks for the clarification Tim. I tried dot bang to open the shell but
> when I do reg add in that shell, it is editing the registry of host machine
> and not the connected target. Windbg suggests that I can use the target’s
> name in the command (say \ABC\registry_path). However, I am not able to
> change the connected target that way (I am not sure why).
> It says:
> <.shell waiting 1 second(s) for process>
> <.shell process may need input>ERROR: The network path was not found.
> That path is valid and accessible if I put the target in mass storage and
> read its SYSTEM hive using regedit.
>
> —
> WINDBG is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software
> drivers!
> Details at http:
>
> To unsubscribe, visit the List Server section of OSR Online at
> http:
></http:></http:>