Difference between revisions of "Registry"
BrentNewland (talk | contribs) m |
m |
||
| (8 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | This page should probably serve as a place to document the registry. | |
| − | + | == Purpose == | |
| − | + | The purpose of the Registry is to contain most configuration-related information related to ReactOS (Windows) in one spot. The Registry is composed of a number of on disk files, accessed through the registry API. The on disk files are called "hives", and while the Operating System is running it keeps copies of (the most important?) registry areas in memory. | |
| − | + | == Links == | |
| + | * https://web.archive.org/web/20201109000715/http://amnesia.gtisc.gatech.edu/~moyix/suzibandit.ltd.uk/MSc/ | ||
| + | (original non-working link - http://amnesia.gtisc.gatech.edu/~moyix/suzibandit.ltd.uk/MSc/ ) | ||
| − | + | * https://github.com/msuhanov/regf/blob/master/Windows%20registry%20file%20format%20specification.md | |
| + | * http://sentinelchicken.com/data/TheWindowsNTRegistryFileFormat.pdf | ||
| + | * https://2017.zeronights.org/wp-content/uploads/materials/ZN17-Suhanov-Registry.pdf | ||
| + | * https://github.com/msuhanov/yarp | ||
| + | * https://www.mandiant.com/resources/digging-up-the-past-windows-registry-forensics-revisited | ||
| + | * https://andreafortuna.org/2021/02/06/windows-registry-transaction-logs-in-forensic-analysis/ | ||
| + | * https://www.nist.gov/itl/ssd/software-quality-group/computer-forensics-tool-testing-program-cftt/cftt-technical/ms | ||
| − | + | * (More Windows 2000-oriented): https://www.itprotoday.com/windows-78/inside-registry | |
| − | + | == Build == | |
| − | |||
| − | [[ | + | Registry [[hive file]]s in ReactOS are built with the tool [[mkhive]]. |
| − | |||
| − | |||
| − | [[ | + | [[Registry/changelog|Changelog - Outdated]] |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| + | [[Category:ReactOS Components]] | ||
[[Category:BNWIP]] | [[Category:BNWIP]] | ||
Latest revision as of 10:52, 25 March 2023
This page should probably serve as a place to document the registry.
Purpose
The purpose of the Registry is to contain most configuration-related information related to ReactOS (Windows) in one spot. The Registry is composed of a number of on disk files, accessed through the registry API. The on disk files are called "hives", and while the Operating System is running it keeps copies of (the most important?) registry areas in memory.
Links
(original non-working link - http://amnesia.gtisc.gatech.edu/~moyix/suzibandit.ltd.uk/MSc/ )
- https://github.com/msuhanov/regf/blob/master/Windows%20registry%20file%20format%20specification.md
- http://sentinelchicken.com/data/TheWindowsNTRegistryFileFormat.pdf
- https://2017.zeronights.org/wp-content/uploads/materials/ZN17-Suhanov-Registry.pdf
- https://github.com/msuhanov/yarp
- https://www.mandiant.com/resources/digging-up-the-past-windows-registry-forensics-revisited
- https://andreafortuna.org/2021/02/06/windows-registry-transaction-logs-in-forensic-analysis/
- https://www.nist.gov/itl/ssd/software-quality-group/computer-forensics-tool-testing-program-cftt/cftt-technical/ms
- (More Windows 2000-oriented): https://www.itprotoday.com/windows-78/inside-registry
Build
Registry hive files in ReactOS are built with the tool mkhive.
