develooper Front page | perl.perl6.users | Postings from January 2020

Re: stolen uint's

Thread Previous | Thread Next
From:
ToddAndMargo via perl6-users
Date:
January 29, 2020 21:40
Subject:
Re: stolen uint's
Message ID:
1bcaad1b-e7f4-9c6c-c320-449deadba0c2@zoho.com
On 2020-01-29 13:01, Trey Harris wrote:
> 
> On Wed, Jan 29, 2020 at 15:28 ToddAndMargo via perl6-users 
> <perl6-users@perl.org <mailto:perl6-users@perl.org>> wrote:
> 
>     "Todd" would convert to
>           84 00 111 00 100 00 100 00 00 00
> 
> 
> I’m sorry, you misunderstood me. I wasn’t asking how to convert text 
> into UTF. I was asking for an example of the 3-byte UTF plus 32-bit null 
> cbData field. “Todd\0” is not 3-bytes + null, it’s 4 bytes + null. (You 
> can see that from your groupings above—every two pairs make an octet, 
> and there are 5 pairs. That’s 40 bits, not 32.)
> 
> Also, I assume you used that because it’s your name—could you use an 
> example from the actual registry dataset like what you’re processing, 
> please, and not one that you’ve invented yourself? I’m trying to see how 
> it’s _used_ in real life, not how you’re imagining it could be used.


Hi Trey,

In the following example, I am not messing
with a key that Widows actually uses, but should,
don't you think?

     The registry hive is: HKEY_LOCAL_MACHINE
     The key location is:  SOFTWARE\Microsoft\Windows NT\CurrentVersion
     The key is:           BestLookingEngineer
     The key type is:      REG_SZ  (means a string)
     and the "True" turns on debugging

perl6 -I. -e "use NativeConstants; use WinReg :WinRegSetValue; say 
WinRegSetValue( HKEY_LOCAL_MACHINE, Q[SOFTWARE\Microsoft\Windows 
NT\CurrentVersion], Q[BestLookingEngineer], REG_SZ, 'Todd', True );"


WinRegSetValue Debug
      ValueType  REG_SZ  (1)
        KeyName  BestLookingEngineer
    lpValueName  66 101 115 116 76 111 111 107 105 110 103 69 110 103 
105 110 101 101 114 0
         dsType  1
      ValueData  Todd
         lpData  84 111 100 100 0
   lpData.elems  5
         cdData  10


lpValueName is comes from

     sub to-UTF16-c-str( Str $RakuStr ) returns CArray[uint16] is 
export( :to-UTF16-c-str )  {
        # Converts a UTF8 Raku string into a UTF16 little endian C string
        # Note: C Strings are always terminated with a nul.  WinAPI will 
malfunction without it

        my $CStr = CArray[uint16].new();
        $CStr = CArray[uint16].new( $RakuStr.encode.list, 0 );  # add a 
nul to the end

        return $CStr;
      }


I have yet to figure out a way to break

    my $CStr = CArray[uint16].new();

into bytes for analysis, but it is UTF16 little endian.
The "W" at the end of "RegSetValueExW" requires it.

In the real world, I check the LUA key

 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]

      "EnableLUA"=dword:00000000

to make sure it is zero, so I can mount and dismount
hidden drive partitions.  The same module will
unset the LUA for you on a prompt.

-T

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About