Python _winreg - read REG_BINARY

1.7k views Asked by At

I want to read windows registry using _winreg and Python

It works fine, but it doesn't show REG_BINARY values... when I create binary value in some key, doesn't matter where, it'll show any other values and not binary, I need to parse binary info to get windows licence key for HW/SW evidence in our company, I'd like to use this code, but it doesn't matter..

from _winreg import *
mapping = { "HKLM":HKEY_LOCAL_MACHINE, "HKCU":HKEY_CURRENT_USER, "HKU":HKEY_USERS }

def pathExists(hkey, regPath):
    try:
        reg = OpenKey(mapping[hkey], regPath)
    except WindowsError:
        return False
    CloseKey(reg)
    return True 

def readSubKeys(hkey, regPath):
    if not pathExists(hkey, regPath):
        return -1
    reg = OpenKey(mapping[hkey], regPath)
    subKeys = []
    noOfSubkeys = QueryInfoKey(reg)[0]
    for i in range(0, noOfSubkeys):
        subKeys.append(EnumKey(reg, i))
    CloseKey(reg)
    return subKeys

def readValues(hkey, regPath):
    if not pathExists(hkey, regPath):
        return -1
    reg = OpenKey(mapping[hkey], regPath)
    values = {}
    noOfValues = QueryInfoKey(reg)[1]
    for i in range(0, noOfValues):
        values[EnumValue(reg, i)[0]] = EnumValue(reg, i)[1]
    CloseKey(reg)
    return values
1

There are 1 answers

0
Murkantilism On BEST ANSWER

I'm a little late haha, but I ran into the same problem in Python 2.7.3 today. The reason for this problem is because Python is a 32-bit process. When running in a Windows 64 bit environment calling a 32-bit process to look for 64-bit REG_BINARY values causes bitness issues.

Unfortunately I couldn't figure out how to fix this issue using _winreg. It seems there is no option to change the sysnative location for the command prompt with _winreg.

The solution I used is:

import subprocess
cmd = ['C:\Windows\sysnative\cmd.exe /c REG QUERY HKLM\LocationToBinaryValue /v' BinaryValueName']
subprocess_checkoutput(cmd, shell=True)

The C:\Windows\sysnative\cmd.exe /c part of the command sets the command prompt shell to the correct bit. Then running the Reg Query as normal will work and enable reading REG_BINARY values.