php/dos ：如何解析 regedit 导出文件？

发布于 2024-07-13 21:27:06 字数 1636 浏览 12 评论 0原文

我的目标是在注册表配置单元中查找 Company 键值，然后提取相应的 Guid 以及其后面的其他键和值。所以我想我应该运行 regedit export 命令，然后使用 php 解析文件以获取我需要的密钥。

因此，运行 dos 批处理命令后，

>regedit /E "output.txt" "HKLM\System....\Company1"

输出文本文件似乎采用某种 UNICODE 格式，这对正则表达式不友好。我正在使用 php 解析文件并提取密钥。

这是我用来解析文件的 php 代码

<?php 

$regfile = "output.txt";


$handle = fopen ("c:\\\\" . $regfile,"r");
//echo "handle: " . $file . "<br>";
$row = 1;


while ((($data = fgets($handle, 1024)) !== FALSE) ) {

    $num = count($data);
    echo "$num fields in line $row: \n";

$reg_section = $data;   
//$reg_section = "[HKEY_LOCAL_MACHINE\SOFTWARE\TECHNOLOGIES\MEDIUS\CONFIG MANAGER\SYSTEM\COMPANIES\RECORD11]";

$pattern = "/^(\[HKEY_LOCAL_MACHINE\\\SOFTWARE\\\TECHNOLOGIES\\\MEDIUS\\\CONFIG MANAGER\\\SYSTEM\\\COMPANIES\\\RECORD(\d+)\])$/";
if ( preg_match($pattern, $reg_section )) { 

echo "<font color=red>Found</font><br>"; 

} else { 
echo "not found<br>"; 
echo $data . "<br>";
}
$row++;
} //end while 
fclose($handle);


?>

，输出如下所示......

第 1 行有 1 个字段：未找到 ÿþW�i�n�d�ow�s�R�e�g�i�t�r�y� “编辑”“查看” �5�.�0�0� � 第 2 行 1 个字段：否找到了
第 3 行有 1 个字段：未找到 [�H�K�E�Y��L�O�C�A�L��M�A�C�H�I�N�E�\�S�O�F �T�W�A�R�E�\�I�N�T�E�R�S�T�A�R� �T�E�C�H�N�O�L�O�G�I�E�S�\�X�M�E�D�I�U�S�\�C�O�N�F �I�G� �M�A�N�A�G�E�R�\�S�Y�S�T�E�M�\�C�O�M�P�A�N�I�E�S�] � � 第 4 行 1 个字段：未找到 “……下一步……重新接收……” �I�D�"�=�"�4�1�"� � 1 行字段 5：未找到

任何想法如何解决这个问题？

提前致谢

原文

My objective is to look for Company key-value in the registry hive and then pull the corresponding Guid and other keys and values following it. So I figured i would run the regedit export command and then parse the file with php for the keys I need.

So after running the dos batch command

>regedit /E "output.txt" "HKLM\System....\Company1"

The output textfile seems to be in some kind of UNICODE format which isn't regex friendly. I'm using php to parse the file and pull the keys.

Here is the php code i'm using to parse the file

<?php 

$regfile = "output.txt";


$handle = fopen ("c:\\\\" . $regfile,"r");
//echo "handle: " . $file . "<br>";
$row = 1;


while ((($data = fgets($handle, 1024)) !== FALSE) ) {

    $num = count($data);
    echo "$num fields in line $row: \n";

$reg_section = $data;   
//$reg_section = "[HKEY_LOCAL_MACHINE\SOFTWARE\TECHNOLOGIES\MEDIUS\CONFIG MANAGER\SYSTEM\COMPANIES\RECORD11]";

$pattern = "/^(\[HKEY_LOCAL_MACHINE\\\SOFTWARE\\\TECHNOLOGIES\\\MEDIUS\\\CONFIG MANAGER\\\SYSTEM\\\COMPANIES\\\RECORD(\d+)\])$/";
if ( preg_match($pattern, $reg_section )) { 

echo "<font color=red>Found</font><br>"; 

} else { 
echo "not found<br>"; 
echo $data . "<br>";
}
$row++;
} //end while 
fclose($handle);


?>

and the output looks like this....

1 fields in line 1: not found
ÿþW�i�n�d�o�w�s� �R�e�g�i�s�t�r�y�
�E�d�i�t�o�r� �V�e�r�s�i�o�n�
�5�.�0�0� � 1 fields in line 2: not
found
1 fields in line 3: not found
[�H�K�E�Y��L�O�C�A�L��M�A�C�H�I�N�E�\�S�O�F�T�W�A�R�E�\�I�N�T�E�R�S�T�A�R�
�T�E�C�H�N�O�L�O�G�I�E�S�\�X�M�E�D�I�U�S�\�C�O�N�F�I�G�
�M�A�N�A�G�E�R�\�S�Y�S�T�E�M�\�C�O�M�P�A�N�I�E�S�]�
� 1 fields in line 4: not found
"�N�e�x�t� �R�e�c�o�r�d�
�I�D�"�=�"�4�1�"� � 1 fields in line
5: not found

Any ideas how to approach this?

thanks in advance

分享到QQ

分享到微博