Parsing Windows registry files in JS


Parsing Windows registry files in JS

Inspired by this question on reddit, I though that it would be cool, if Windows registry files could be analyzed in a browser. Sometimes people have dead Windows, would like to for example recover its key, but a browser is all they have at hand. Or maybe I just wanted to have a fun programming exercise 🙂

I searched for a registry parser in JS, but haven't found anything. I have, however, found this awesome project for creating binary data parsers, called jBinary.

Using jBinary was both a blessing and a curse. On one hand, it made writing most of the parsing as easy as copying field names and data types from available documentation about the file format. On the other hand, I really struggled with more unusual constructs that had no built-in type available.

I still don't know how to access a field that is not in current context but above it, or how to make parsing lazy. Without lazy parsing it would go and parse the whole registry file at once. I've seen a lazy type in examples, but it's not documented. I tried to use it, but it wouldn't work as I expected, so I use jBinary to parse fragments of data, and have extra functions to parse more fragments.

I also haven't found a way to read a file only partially in a browser, so it reads the whole file at once, and some registry files can be quite big.

It took me 2 days to get it working well enough to be able to extract the product key from the registry. I'm a total amateur at programming in JS, so the code is not pretty or well thought out. I tested it in Firefox and Chromium only. Other browsers may not work.

It looks like this when it works: http://ift.tt/2uXpHpQ

Live version is here: http://ift.tt/2uovHuC

Sources here: http://ift.tt/2uXt2VB

I probably won't touch it ever again cause that's all I wanted to achieve, but maybe someone will find it useful 🙂

Submitted July 14, 2017 at 04:41AM by NaN-cat
via reddit http://ift.tt/2uoxdwC

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s