使用Python脚本操作注册表 Use python to read regedit

睿 郑 1 Reputation point
2022-11-18T00:37:55.367+00:00

我有一个python脚本,当使用winreg模块读取HKEY_LOCAL_MACHINE键时,报错WinError 5 拒绝访问, 即使我使用System权限的命令行来运行这个脚本也不管用,希望大家能帮助我解决一下,谢谢

I have a python script which uses module winreg to read HKEY_LOCAL_MACINE. When it runs, there's a error 5: access denied., even though I use administration or System. Does anyone know what happen? Please help me, thank you!

Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,422 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. 睿 郑 1 Reputation point
    2022-11-18T02:38:12.35+00:00

    The code is under here. Just run and see what will happen. 

    import winreg  
  
key_dict = {}  
regedit = {}  
  
  
def get_key(hand, path):  
    index = 0  
    flag = True  
    while flag:  
        try:  
            key = winreg.EnumKey(hand, index)  
            complete = path + "\\" + key  
            next_hand = winreg.OpenKey(hand, key, reserved=0, access=winreg.KEY_READ)  
            key_dict[complete] = next_hand  
            get_key(next_hand, complete)  
            index += 1  
        except Exception as e:  
            if e.__str__() != "[WinError 259] 没有可用的数据了。":  
                print("\033[1;31m Fatal: {} \033[0m".format(e))  
            flag = False  
    return  
  
  
def get_reg(reg_root, path_root):  
    print("Starting reading {} key......".format(path_root))  
    get_key(reg_root, "\\{}".format(path_root))  
    print("Reading {} key successfully!".format(path_root))  
    print("Starting reading {} regedit......".format(path_root))  
    for path, father_key in key_dict.items():  
        # print(path)  
        i = 0  
        flag = True  
        while flag:  
            try:  
                r = winreg.EnumValue(father_key, i)  
                key = r[0]  
                value = r[1]  
                if isinstance(value, list):  
                    value = tuple(value)  
                if isinstance(value, bytes):  
                    value = int.from_bytes(value, "big")  
                key = "{}\\{}".format(path, key)  
                # print(key)  
                regedit[key] = value  
                # try:  
                #     if isinstance(regedit[key], list):  
                #         regedit[key].append(value)  
                #     else:  
                #         regedit[key] = [regedit[key], value]  
                # except KeyError:  
                #     regedit[key] = value  
                i += 1  
            except OSError as e:  
                if e.__str__() != "[WinError 259] 没有可用的数据了。":  
                    print("\033[1;31m Fatal: {} \033[0m".format(e))  
                    print("\033[1;41m Problem: {} \033[0m".format("{}\\{}".format(path, key)))  
                flag = False  
    print("Reading {} regedit successfully!".format(path_root))  
  
  
def clear():  
    key_dict = {}  
    regedit = {}  
  
  
root_key = [  
    winreg.HKEY_CURRENT_USER,  
    winreg.HKEY_LOCAL_MACHINE,  
    winreg.HKEY_USERS,  
    winreg.HKEY_CLASSES_ROOT,  
    winreg.HKEY_CURRENT_CONFIG,  
]  
  
root_path = [  
    "HKEY_CURRENT_USER",  
    "HKEY_LOCAL_MACHINE",  
    "HKEY_USERS",  
    "HKEY_CLASSES_ROOT",  
    "HKEY_HKEY_CURRENT_CONFIG"  
]  
  
  
def record():  
    result = []  
    for i in range(len(root_key)):  
        print("Reading {}".format(root_path[i]))  
        get_reg(root_key[i], root_path[i])  
        result.append(regedit)  
    return result  
  
  
print(record())
    0 comments
  2. Xiaopo Yang - MSFT 11,496 Reputation points Microsoft Vendor
    2022-11-18T03:23:14.9+00:00

    I have reproduced using the sample. But there could be no problem when the user doesn't have the access. Do you, administration or System have the access?
    image.png