Create reg_export_fullkey.py

[tanhengyeow]

Greetings

Credits to the team for creating and maintaining this wonderful library. It is really useful for working with registry files using python.

I worked with the reg_export.py script and realized that it only exports the content of a registry key path/registry value of a key path and displays it to the console.

I created this script to extend the reg_export.py script further by exporting out values of subkeys in registry key path(s) read from a text file. All the content generated would be exported and generated into a .reg file.

Let me know what you think!

Regards
Heng Yeow

[NiKiZe]

Hmm sounds like something I have done before, and it seems I never created any PR for it NiKiZe/python-registry@c2fd43c

Will your code generate files identical to the windows registry as well?

[EricZimmerman]

i tried and tried to make my .reg exports exactly the same layout as what regedit exports, but never got it to work. there are certain conditions where things wrap with an extra byte (and not based on length of the row).

While the content was exactly the same in the .reg files, when you compare them things will be different as regedit .reg files may have 55 bytes on a line and 22 on the next in some cases whereas mine might have 54 on one line and 23 on the next, etc.

in the end the data is the same once imported, but depending on how you are doing your testing and validation i found it very difficult to just diff 2 .reg files and say they are the same

@NiKiZe were you able to generate identical .reg files for a wide variety of data types (numbers, long strings, long binary data, etc)?

[NiKiZe]

@EricZimmerman It was a few years ago so my memory isn't exactly fresh ;) but if I'm not mistaken all the testcases I had at the time got identical output. But indeed it was not as varied testcases as one could want.

@williballenthin do you know of any case where you expect the reg_export.py to only export one level? Or would it be okay to update that sample? (instead of having multiple samples doing almost the same thing)

[tanhengyeow]

@NiKiZe So far I've tested inserting the generated .reg files into Windows and they work fine. This script uses the current reg_export.py to generate the required format in the destination .reg file. It doesn't replace it so it's ok to have 2 of them sitting in the same folder :)

[NiKiZe]

@tanhengyeow I think you misunderstood ...
Having 2 files that does almost the same thing is a bit confusing, and it is also harder to maintain 2 files that does almost the same thing. So I think the function should be in the same file not 2 different.
(should be noted tho that this is only my personal opinion)

And I'm talking about if the generated files are identical to if you used windows to export the files. (not if they work to import)
The reason for this is so that you can run diff -u org.reg new.reg to test if something has changed, and it could also be used as a way of testing the code itself after changes, (think of it as a way of running unit tests)

[EricZimmerman]

if you go the diff route, make sure you use data other than dwords =)

long strings and long binary data (hundreds of bytes) should show the problem across a few hives.