Re: Accessing registry through command line

From: Penetration Testing (
Date: 10/09/01

Date: Mon, 8 Oct 2001 15:21:08 -0800 (GMT+8)
From: Penetration Testing <>
To: Esmerelda Fruitenschlein <>
Subject: Re: Accessing registry through command line
Message-ID: <>

On Thu, 4 Oct 2001, Esmerelda Fruitenschlein wrote:

> I have remote execution of code through a unicode vulnerability on an IIS
> box. I need to know if there is a way to get registry keys using only
> command line tools that are on a default NT install. (No file upload, not
> even using echo >, etc.) Perhaps something using rundll or somesuch thing?

As the other responses have mentioned, regedit can be used to dump all or
portions of the registry. I haven't had any luck using it to make changes
to the registry, as it pops up a confirmation dialog to the console about
the proposed changes. I don't know of any way of controlling windowing
apps from the command line.

I found a tool (via google) called simply "reg.exe" that does command line
reg edits without requiring console confirmation. This has worked for me
in the past.

I doubt that you would be able to interface to rundll without having the
facility of loading _some_ code onto the box.

Dave Taylor

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see: