So this week I have been working on a script that will allow me to view the registry on remote machines.
While speaking to a colleague about this he already had a script put together, which worked…but what’s the fun in that.
So taking a quick look at his code, I pulled the key factor.
In .NET there is a class that will allow you to open a remote registry.
This “OpenSubKey()” method allows you to specify a registry for it to open. There is also a “GetValueNames()” method that returns the keys in the specified registry.
What I wanted to do was to be able to specify a Hive/Registry/Key and for it to spit out the value. I also wanted the script to do was for me to just specify the Hive/Registry and for it to tell me the
other “folders” in that registry.
So, this is what I came up with.
Please feel free to use it.
Here is a image of a typical output if you specify all parameters:
Here is a image of a typical output when you do not specify the -Key parameter:
As you can see from the above image, because there are no keys in this Reg it just returns you the sub-folders (I call the subreg in the object)
If you have any questions about this script you can drop me a line on twitter alexinnes