如何从 32 位 Powershell 实例访问 64 位注册表? [英] How to access the 64-bit registry from a 32-bit Powershell instance?
问题描述
如果您启动 32 位 Powershell 实例 (%SystemRoot%syswow64WindowsPowerShellv1.0powershell.exe),则注册表提供程序只能看到注册表中有限的 32 位部分.
If you launch a 32-bit instance of Powershell (%SystemRoot%syswow64WindowsPowerShellv1.0powershell.exe), then the registry provider only sees the limited 32-bit parts of the registry.
**32-bit console**
PS> (dir HKLM:SOFTWARE | measure).count - (dir HKLM:SOFTWAREwow6432node | measure).count
0
**64-bit console**
PS> (dir HKLM:SOFTWARE | measure).count - (dir HKLM:SOFTWAREwow6432node | measure).count
-5
有没有办法强制提供程序进入 64 位模式?我可以选择 [Microsoft.Win32] .Net API,或者 WMI,但我宁愿不这样做.如果可以扩展所有可能性,我正在使用 Powershell v2 CTP3.
Is there any way to force the provider into 64-bit mode? I could drop down to [Microsoft.Win32] .Net APIs, or maybe WMI, but I'd rather not. I'm using Powershell v2 CTP3 if that expands the possibilities at all.
推荐答案
当 Powershell 作为 32 位进程运行时,我不知道将其切换"到 64 位模式的机制.64 位系统中虚拟化支持的全部意义在于让 32 位进程相信它们生活在 32 位操作系统中......
When Powershell is running as a 32 bit process, I am not aware of a mechanism to "switch it" to 64bit mode. The whole point of virtualization support in 64bit systems is to make 32bit processes believe they are living in a 32bit OS...
然而,这表示我过去使用了以下技术,它对我来说效果很好(以下代码在带有 Powershell v1 的 Vista SP1 x64 上进行了测试).该技术依赖于这样一个事实:即使从 32 位进程调用,.NET 的任何 CPU"可执行文件也将作为 64 位进程运行.我们将执行的步骤:
However, that said I used the following technique in the past and it worked very nicely for me (the following code was tested on Vista SP1 x64 with Powershell v1). The technique relies on the fact that .NET's "Any CPU" executables will run as 64bit process even when invoked from a 32bit process. The steps we will be performing:
- 编译一个将启动 powershell 的简短 C# 程序(即一个非常简单的fork"实现:-))
- 运行编译好的C#程序
- 编译后的 C# 程序将启动 Powershell,但因为它是任何 CPU",它将作为 64 位进程运行,因此它将启动 64 位 Powershell(请注意,因为这只是一个概念验证,我希望使用 powershell进入你的路径")
- 新的 64 位 Powershell 将运行我们选择的命令行开关
这是上面操作的屏幕截图(注意进程的位):进程树 http://img3.imageshack.us/img3/3248/powershellfork.png
This is a screenshot of the above in action (notice bit-ness of the processes): Process tree http://img3.imageshack.us/img3/3248/powershellfork.png
以下程序期望列出的所有文件都位于同一目录中.我建议创建一个测试目录,例如C:TempPowershellTest,并将所有文件存储在那里).
The following program expects all the files listed to reside in the same directory. I recommend creating a test directory, e.g. C:TempPowershellTest, and storing all the files there).
程序的入口点将是一个简单的命令行开关:
Entry point to the program will be a simple commandlet:
# file "test.ps1"
$basePath = Split-Path -resolve $myInvocation.MyCommand.Path
$exe = Join-Path $basePath test.exe
&"$env:SystemRootMicrosoft.NETFrameworkv3.5csc.exe" /nologo /target:exe /out:$exe (Join-Path $basePath test.cs)
&$exe (Join-Path $basePath visibility.ps1)
它运行 csc(32 位,但没关系:-))然后运行 csc 编译器的结果,传递一个参数,(完整路径)visibility.ps1(这是我们想要在 64 位中运行的命令行开关)Powershell).
It runs csc (32bit, but it doesn't matter :-) ) and then runs result of csc compiler, passing one argument, (full path to) visibility.ps1 (this is the commandlet we want to run in 64bit Powershell).
C# 代码也很简单:
// file "test.cs"
using System.Diagnostics;
static class Program {
static int Main(string[] args) {
ProcessStartInfo i = new ProcessStartInfo("powershell", args[0]);
i.UseShellExecute = false;
using(Process p = Process.Start(i)) {
p.WaitForExit();
return p.ExitCode;
}
}
}
最后,你的可见性"脚本:
And finally, your "visibility" script:
# file "visibility.ps1"
(dir HKLM:SOFTWARE).count - (dir HKLM:SOFTWAREwow6432node).count
现在从 32 位 Powershell 运行入口脚本会产生预期的结果(只是为了表明我没有作弊,我先直接运行可见性脚本,然后使用我们的 fork 技术):
Running the entry script from 32bit Powershell now yields desired result (just to show I was not cheating I run the visibility script directly first, then using our fork technique):
程序运行 http://img3.imageshack.us/img3/2766/powershellrunc.png
这篇关于如何从 32 位 Powershell 实例访问 64 位注册表?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
