Binary reg key to string

Forums

My Profile

Inbox

Address Book

My Subscription

My Forums

Binary reg key to string

Logged in as: Guest

arrSession:exec spGetSession 2,2,62294

	Active Users: There are 0 members and 0 guests.
	Users viewing this topic: none

Printable Version

All Forums >> [Scripting] >> WSH & Client Side VBScript >> Binary reg key to string
Do you like VisualBasicScript.com? Link to us and help spread the word about our forum. Thanks!

Page: [1]

Message

<< Older Topic Newer Topic >>

Binary reg key to string - 7/10/2008 12:01:18 AM

TomRiddle

Posts: 190
Score: 4
Joined: 2/7/2008
Status: offline

I just knocked this script up for a job I want to do tomorrow.
I could not find a binary to Char function for registry keys.
Anyone done this before or can think of a different way?

'Script by TomRiddle 2008
'Read Default UserName that Office2000 uses for new documents.

'Change 9.0 in registry key to the value that represents your version of MS-Office

'-----------------------------------------------------------------------

'Read Binary Key and convert to HEX
'http://www.microsoft.com/technet/scriptcenter/scripts/os/registry/osrgvb15.mspx

const HKEY_CURRENT_USER = &H80000001
   strComputer = "."
 
   Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
   strComputer & "\root\default:StdRegProv")
 
   strKeyPath = "Software\Microsoft\Office\9.0\Common\UserInfo"
   strValueName = "UserName"
   oReg.GetBinaryValue HKEY_CURRENT_USER,strKeyPath,_
   strValueName,strValue
  
   For i = lBound(strValue) to uBound(strValue)
      if strValue(i) <> "0" then
         hexUserName = hexUserName & "%" & hex(strValue(i))
      end if
   Next

msgbox hexDecode(hexUserName)

'-----------------------------------------------------------------------

function hexDecode(str)
'Convert HEX to a readable string
'http://www.philreeve.com/hexEncodeDecode.php

dim strDecoded, i, hexValue
   strDecoded = ""
   for i = 2 to Len(str)
      hexValue = ""
      while Mid(str, i, 1) <> "%" and i <= Len(str)
         hexValue = hexValue + Mid(str, i, 1)
            i = i+1
      wend
      strDecoded = strDecoded + chr(CLng("&h" & hexValue))
   next
   
   hexDecode = strDecoded

end function

'-----------------------------------------------------------------------

Post #: 1

RE: Binary reg key to string - 7/10/2008 10:41:32 AM

TomRiddle

Posts: 190
Score: 4
Joined: 2/7/2008
Status: offline

I know all about accessing a remote registry and how you need to look in HKU/SID to see the current user hive for the person logged in but thought WMI would handle that! DOH, oh well, that is what the web is for, no need to re-invent the wheel, tacked in a few more snipits, one to find the userid logged into the remote machine and another to find their SID,

Then do my remote registry query.

'Script by MJP 2008
'Read Default UserName that Office2003 uses for new documents. 
'Change 11.0 in registry key to the value that represents your version of MS-Office
'-----------------------------------------------------------------------
'Read Binary Key and convert to HEX
'http://www.microsoft.com/technet/scriptcenter/scripts/os/registry/osrgvb15.mspx
 const HKEY_CURRENT_USER = &H80000001
 Const HKEY_USERS  = &H80000003 
 strComputer = inputbox("Enter Barcode of Machine to Report on "&vbcrlf&"Current User's Office UserName Property "&vbcrlf&"Press cancel to query this computer", "Office2003 UserName Property") 
 if strComputer<>"" then
    CU=GetCurrentUser(strComputer)
    CUSID = GetSIDFromUser(CU)
    Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
    strComputer & "\root\default:StdRegProv")

strKeyPath = CUSID&"\Software\Microsoft\Office\11.0\Common\UserInfo"
    strValueName = "UserName"
    oReg.GetBinaryValue HKEY_USERS,strKeyPath,_
    strValueName,strValue

For i = lBound(strValue) to uBound(strValue)
       if strValue(i) <> "0" then
          hexUserName = hexUserName & "%" & hex(strValue(i))
       end if
    Next
    msgbox hexDecode(hexUserName)
 else
    strComputer = "."

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_ 
    strComputer & "\root\default:StdRegProv")

strKeyPath = "Software\Microsoft\Office\11.0\Common\UserInfo"
    strValueName = "UserName"
    oReg.GetBinaryValue HKEY_CURRENT_USER,strKeyPath,_
    strValueName,strValue

For i = lBound(strValue) to uBound(strValue)
       if strValue(i) <> "0" then
          hexUserName = hexUserName & "%" & hex(strValue(i))
       end if
    Next
    msgbox hexDecode(hexUserName)
 end if
'-----------------------------------------------------------------------
function hexDecode(str)
'Convert HEX to a readable string
'http://www.philreeve.com/hexEncodeDecode.php
 dim strDecoded, i, hexValue
 strDecoded = ""
 for i = 2 to Len(str)
    hexValue = ""
    while Mid(str, i, 1) <> "%" and i <= Len(str)
       hexValue = hexValue + Mid(str, i, 1)
          i = i+1
    wend
    strDecoded = strDecoded + chr(CLng("&h" & hexValue))
 next
 
 hexDecode = strDecoded
end function

'-----------------------------------------------------------------------
Function GetCurrentUser(strComputer) 
'Input: strComputer = machine to query 
'Output: Current User as domain\logon 
'http://groups.google.com/group/microsoft.public.scripting.vbscript/msg/1bd0d208ef41dda7
 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") 
 Set colProcessList = objWMIService.ExecQuery("Select * from Win32_Process Where Name = 'explorer.exe'") 
 For Each objProcess in colProcessList 
    objProcess.GetOwner strUserName, strUserDomain 
 Next 
 GetCurrentUser = strUserDomain & "\" & strUserName 
End Function

'-----------------------------------------------------------------------
Function GetSIDFromUser(UserName) 
'Input: UserName as domain\logon 
'Output: SID 
'http://groups.google.com/group/microsoft.public.scripting.vbscript/msg/1bd0d208ef41dda7

Dim DomainName, Result, WMIUser

If InStr(UserName, "\") > 0 Then 
  DomainName = Mid(UserName, 1, InStr(UserName, "\") - 1) 
  UserName = Mid(UserName, InStr(UserName, "\") + 1) 
Else 
  DomainName = CreateObject("WScript.Network").UserDomain 
End If

On Error Resume Next 
Set WMIUser = GetObject("winmgmts:{impersonationlevel=impersonate}!" _ 
  & "/root/cimv2:Win32_UserAccount.Domain='" & DomainName & "'" _ 
  & ",Name='" & UserName & "'") 
If Err = 0 Then Result = WMIUser.SID Else Result = "" 
On Error GoTo 0

GetSIDFromUser = Result 
End Function 
'-----------------------------------------------------------------------

(in reply to TomRiddle)

Post #: 2

RE: Binary reg key to string - 7/10/2008 6:18:26 PM

ginolard

Posts: 1053
Score: 21
Joined: 8/10/2005
Status: offline

Quick word of warning. The method of finding the loggedon user won't work on Win2K machines.

I know this from bitter experience ;)

_____________________________

Author of ManagePC - http://managepc.net
AD Query Template - http://www.visualbasicscript.com/m_40609/tm.htm
Consolidated Scripting Framework - http://www.visualbasicscript.com/m_59109/tm.htm

(in reply to TomRiddle)

Post #: 3

RE: Binary reg key to string - 7/10/2008 10:19:17 PM

TomRiddle

Posts: 190
Score: 4
Joined: 2/7/2008
Status: offline

quote:

ORIGINAL: ginolard

Quick word of warning. The method of finding the loggedon user won't work on Win2K machines.

I know this from bitter experience ;)

Thanks ginolard, I forgot to put in that I only tested on XP, It literally has been 2 years since I saw a w2k box, working in a corporate environment is a bit of a luxury. Surely your experience couldn't have been that bitter?

Anyway it did the trick,
A user was reporting that at least once a week people complaining to him that their documents were being locked open by him but he didn't and and even sometimes didn't even have network permissions to the file. His network ID is XXX and users were getting a message like this:- filename.doc is checked out or locked for editing by xxx

Everyone was assuming because the victims userid was xxx, then xxx is the culprit, when in fact where xxx comes from is the UserName property you set in Office. I.e you change that to "GOD" and then open a few files, people get the message filename.doc is checked out or locked for editing by GOD, maybe they will pray for it to be released?

I fed all the computer names straight from AD into the script and out to a log file and there was over 30 users with UserName xxx set in their profile. It is still a mystery but I recon at this stage it is most likely from a dodgy installation package which has that userid xxx in it.

(in reply to ginolard)

Post #: 4

If you found our site useful please link to us <a href="http://www.visualbasicscript.com">VisualBasicScript.com</a>.

All Forums >> [Scripting] >> WSH & Client Side VBScript >> Binary reg key to string

Page: [1]

Jump to:

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts