使用Python脚本操作注册表 Use python to read regedit

Question

使用Python脚本操作注册表 Use python to read regedit

睿郑 1

我有一个python脚本，当使用winreg模块读取HKEY_LOCAL_MACHINE键时，报错WinError 5 拒绝访问，即使我使用System权限的命令行来运行这个脚本也不管用，希望大家能帮助我解决一下，谢谢

I have a python script which uses module winreg to read HKEY_LOCAL_MACINE. When it runs, there's a error 5: access denied., even though I use administration or System. Does anyone know what happen? Please help me, thank you!

Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-18T02:06:17.047+00:00

Could you please show a minimal, reproducible sample without private information? If the problem arises from Python Module, you could consult to Python community.
睿郑 1 Reputation point

2022-11-18T02:30:29.037+00:00

Thank you for your reply! I will send it to you
Anonymous

2022-11-25T08:25:51.877+00:00

@睿郑 Does @Xiaopo Yang - MSFT 's answer solve your issue?

2 answers

Your answer

Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-18T02:06:17.047+00:00

Could you please show a minimal, reproducible sample without private information? If the problem arises from Python Module, you could consult to Python community.
睿郑 1 Reputation point

2022-11-18T02:30:29.037+00:00

Thank you for your reply! I will send it to you
Anonymous

2022-11-25T08:25:51.877+00:00

@睿郑 Does @Xiaopo Yang - MSFT 's answer solve your issue?

Answer 1

The code is under here. Just run and see what will happen.

import winreg  
  
key_dict = {}  
regedit = {}  
  
  
def get_key(hand, path):  
    index = 0  
    flag = True  
    while flag:  
        try:  
            key = winreg.EnumKey(hand, index)  
            complete = path + "\\" + key  
            next_hand = winreg.OpenKey(hand, key, reserved=0, access=winreg.KEY_READ)  
            key_dict[complete] = next_hand  
            get_key(next_hand, complete)  
            index += 1  
        except Exception as e:  
            if e.__str__() != "[WinError 259] 没有可用的数据了。":  
                print("\033[1;31m Fatal: {} \033[0m".format(e))  
            flag = False  
    return  
  
  
def get_reg(reg_root, path_root):  
    print("Starting reading {} key......".format(path_root))  
    get_key(reg_root, "\\{}".format(path_root))  
    print("Reading {} key successfully!".format(path_root))  
    print("Starting reading {} regedit......".format(path_root))  
    for path, father_key in key_dict.items():  
        # print(path)  
        i = 0  
        flag = True  
        while flag:  
            try:  
                r = winreg.EnumValue(father_key, i)  
                key = r[0]  
                value = r[1]  
                if isinstance(value, list):  
                    value = tuple(value)  
                if isinstance(value, bytes):  
                    value = int.from_bytes(value, "big")  
                key = "{}\\{}".format(path, key)  
                # print(key)  
                regedit[key] = value  
                # try:  
                #     if isinstance(regedit[key], list):  
                #         regedit[key].append(value)  
                #     else:  
                #         regedit[key] = [regedit[key], value]  
                # except KeyError:  
                #     regedit[key] = value  
                i += 1  
            except OSError as e:  
                if e.__str__() != "[WinError 259] 没有可用的数据了。":  
                    print("\033[1;31m Fatal: {} \033[0m".format(e))  
                    print("\033[1;41m Problem: {} \033[0m".format("{}\\{}".format(path, key)))  
                flag = False  
    print("Reading {} regedit successfully!".format(path_root))  
  
  
def clear():  
    key_dict = {}  
    regedit = {}  
  
  
root_key = [  
    winreg.HKEY_CURRENT_USER,  
    winreg.HKEY_LOCAL_MACHINE,  
    winreg.HKEY_USERS,  
    winreg.HKEY_CLASSES_ROOT,  
    winreg.HKEY_CURRENT_CONFIG,  
]  
  
root_path = [  
    "HKEY_CURRENT_USER",  
    "HKEY_LOCAL_MACHINE",  
    "HKEY_USERS",  
    "HKEY_CLASSES_ROOT",  
    "HKEY_HKEY_CURRENT_CONFIG"  
]  
  
  
def record():  
    result = []  
    for i in range(len(root_key)):  
        print("Reading {}".format(root_path[i]))  
        get_reg(root_key[i], root_path[i])  
        result.append(regedit)  
    return result  
  
  
print(record())

Answer 2

Xiaopo Yang - MSFT 12,731 Microsoft External Staff

I have reproduced using the sample. But there could be no problem when the user doesn't have the access. Do you, administration or System have the access?

睿郑 1 Reputation point

2022-11-18T03:33:32.15+00:00

Yes, I do have the access of administration and System
睿郑 1 Reputation point

2022-11-18T03:37:52.67+00:00

Do you mean I should use a normal user to run it rather than a administration.
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-18T05:12:06.027+00:00

Can you show the HKEY_LOCAL_MACINE\BCD00000000 security property?
睿郑 1 Reputation point

2022-11-18T06:53:27.32+00:00

Ok, The picture is here
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-18T06:58:47.373+00:00

Is the “读取” checked? SYSTEM doesn't have the read access.
睿郑 1 Reputation point

2022-11-18T07:14:39.127+00:00

You mean I have to set the authority manually? I wil have a try, thank you!
RLWA32 49,536 Reputation points

2022-11-18T09:06:42.717+00:00

On a clean install of Windows 10 21H2 regedit showed that SYSTEM has Full Control of the BCD00000000 key and the Administrators group has read access.

I suggest that the Questioner look at the Advanced settings as shown above before making any changes.
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-21T01:43:16.623+00:00

As @RLWA32 said, you ‘d check if there has the read access at advanced security settings before making any change. @睿郑 , Have you solved?
睿郑 1 Reputation point

2022-11-21T06:34:42.25+00:00

I tried to change the access, but it seems it still can't work as expect. The information is under here.
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-21T07:58:02.253+00:00

I tried the sample on a system which I have full access and find out that the exact access is “Query Value” access. When I have unchecked this, access is denied.
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-22T01:32:48.973+00:00

Registry key objects have the specific access rights you can refer to. Specially, KEY_READ (0x20019) Combines the STANDARD_RIGHTS_READ, KEY_QUERY_VALUE, KEY_ENUMERATE_SUB_KEYS, and KEY_NOTIFY values. @睿郑
睿郑 1 Reputation point

2022-11-24T02:05:14.64+00:00

I have just tried this method. The problem with BCD00000000 has been solved successfully. But there're still problems.Details can be found in the picture under here. For some of the keys, I can't edit the advanced access.

Please help me found out the solution. Thank you.
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-24T05:51:10.593+00:00

Per value has an DACL. These are used by the operating system and It's unrecommended to edit the permissions. Registry Editor also has the same behavior.
睿郑 1 Reputation point

2022-11-24T08:55:56.843+00:00

Can I change those advance access automatically by a python or cmd script?
Xiaopo Yang - MSFT 12,731 Reputation points Microsoft External Staff

2022-11-24T09:22:02.137+00:00

You can edit Advanced Security Property Sheet in C++ or in Registry Editor.
The picture you attached shows administrators, which grants access and is not needed to change, have full control. For me, there is no ACE on an access denied registry in my system.
RLWA32 49,536 Reputation points

2022-11-24T09:53:24.007+00:00

The Administrators group is not included in the DACL for the ProtectedRoots subkey and the owner of the key is the SYSTEM account.

Share via

使用Python脚本操作注册表 Use python to read regedit

2 answers

The code is under here. Just run and see what will happen.

Your answer