regshell command examples

regshell command examples

regshell – Windows registry file browser using readline

Browsing thru a nt4 registry file

regshell -b nt4 NTUSER.DAT
$$$PROTO.HIV> ls
K AppEvents
K Console
K Control Panel
K Environment
K Identities
K Keyboard Layout
K Network
K Printers
K Software
K UNICODE Program Groups
K Windows 3.1 Migration Status
$$$PROTO.HIV> exit

Listing the subkeys of HKEY_CURRENT_USER\AppEvents on a remote computer:

#regshell --remote=ncacn_np:aurelia -c "jelmer%secret"
HKEY_CURRENT_MACHINE> predef HKEY_CURRENT_USER
HKEY_CURRENT_USER> cd AppEvents
Current path is: HKEY_CURRENT_USER\AppEvents
HKEY_CURRENT_USER\AppEvents> ls
K EventLabels
K Schemes
HKEY_CURRENT_USER\AppEvents> exit

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us | Privacy Policy