hivex
| Crates.io | hivex |
| lib.rs | hivex |
| version | 0.2.0 |
| created_at | 2024-10-24 23:52:25.202261+00 |
| updated_at | 2024-12-22 00:00:09.375356+00 |
| description | (Hopefully) idiomatic bindings to the Hivex library |
| homepage | |
| repository | https://codeberg.org/erin/toolsnt |
| max_upload_size | |
| id | 1421906 |
| size | 62,218 |
Erin (erin-desu)
documentation
README
Hivex
FFI bindings for the Hivex C library
Hivex is a library for reading and manipulating Windows NT registry hives. This crate attempts to idiomatically wrap this library for usage in Rust.
Most of the documentation, which isn't a Rust-specific concept like SelectedNode is taken and adapted from the Hivex documentation.
[!WARNING] Not everything is yet tested. Some data may be saved or retrieved incorrectly and corrupt your system. Proceed with caution.
Core concepts
- Hive: Windows Registry database file. These do not have to correspond to
HKEYs in the tree. Learn more in Microsoft docs. - Node: That's what Microsoft calls keys. These contain key-value entries (ye I know, confusing).
- Value: Values associated to keys in nodes. They have several types.
- Handle: An opaque reference to an entity inside hive.
- Selected{Node,Value}: Convenience wrapper referencing hive and the entity which allows you to manipulate it.
Implementation notes
- Hivex library itself doesn't support creation of new hives. This crate contains a pre-defined empty registry hive created on Windows NT 10.0
- Strings retrieved from the hive will get its NUL-terminator striped by the bindings