是否有用于解析 Windows 注册表文件的纯 Python 库? [英] Is there a pure Python library for parsing a Windows Registry file?

问题描述

是否有用于解析 Windows 注册表文件 (NTUSER.DAT) 的纯 Python(即完全跨平台)库?只读访问是可以接受的.

Is there a pure Python (ie. fully cross-platform) library for parsing Windows Registry files (NTUSER.DAT)? Read-only access is acceptable.

如果没有，有哪些资源可以记录注册表文件的逆向工程结构?

If there is not, what resources exist that document the reverse-engineered structure of the Registry files?

谢谢！

更新由于在提出此问题时似乎不存在纯 Python 解决方案，因此我继续编写了一个.python-registry 向 Windows 注册表文件公开了一个 Pythonic 的只读接口.

Update Since it seemed that a pure Python solution did not exist at the time this question was asked, I went ahead and wrote one. python-registry exposes a Pythonic, read-only interface to Windows Registry files.

推荐答案

winreg 显然只是 Windows，不会读取注册表配置单元文件(NTUSER.DAT 等)，而是直接访问注册表.

winreg is obviously Windows only, and does not read registry hive files (NTUSER.DAT, etc.), but rather accesses the registry directly.

您正在寻找的是一个用于解析 hive 文件的库，看起来这个库可能有用:

What you're looking for is a library for parsing hive files, and it seems like this one might work:

http://rwmj.wordpress.com/2010/11/28/use-hivex-from-python-to-read-and-write-windows-registry-hive-files/

示例代码看起来很有希望:

The example code seems promising:

# Use hivex to pull out a registry key.
h = hivex.Hivex ("/tmp/ntuser.dat")

key = h.root ()
key = h.node_get_child (key, "Software")
key = h.node_get_child (key, "Microsoft")
key = h.node_get_child (key, "Internet Explorer")
key = h.node_get_child (key, "Main")

val = h.node_get_value (key, "Start Page")
start_page = h.value_value (val)
#print start_page

# The registry key is encoded as UTF-16LE, so reencode it.
start_page = start_page[1].decode ('utf-16le').encode ('utf-8')

print "User %s's IE home page is %s" % (username, start_page)

缺点是它仍然不是纯 python，而是另一个跨平台库的 python 包装器.

The downside is that it's still not pure python, but rather a python wrapper for another cross-platform library.

如果你一定要有没有二进制依赖的纯python代码，你可以看看这个项目:http://code.google.com/p/creddump/

If you must have pure python code with no binary dependencies, you can take a look at this project: http://code.google.com/p/creddump/

它似乎是纯 python，并且能够以跨平台的方式读取注册表配置单元，但它是一个特殊用途的工具，而不是一个库——那里的代码可能需要一些调整.

It seems to be pure python, and able to read registry hives in a cross platform manner, but a special-purpose tool and not a library - the code there will probably need some adaptation.

这篇关于是否有用于解析 Windows 注册表文件的纯 Python 库?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！