/usr/share/doc/libparse-win32registry-perl/examples/regsecurity.pl is in libparse-win32registry-perl 1.0-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 | #!/usr/bin/perl
eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
if 0; # not running under some shell
use strict;
use warnings;
use File::Basename;
use Parse::Win32Registry 0.50;
binmode(STDOUT, ':utf8');
my $filename = shift or die usage();
my $registry = Parse::Win32Registry->new($filename)
or die "'$filename' is not a registry file\n";
my $root_key = $registry->get_root_key
or die "Could not get root key of '$filename'\n";
# Use the root key to get the first security entry
my $security = $root_key->get_security
or die "Root key of '$filename' does not have any security information\n";
my %offsets_seen = ();
my $offset = $security->get_offset;
while (!exists $offsets_seen{$offset}) {
$offsets_seen{$offset} = undef; # value not required
printf "Security at offset 0x%x, %d references\n",
$offset, $security->get_reference_count;
my $sd = $security->get_security_descriptor;
print $sd->as_stanza;
print "\n";
$security = $security->get_next;
if (!defined $security) {
die "Unable to get next security entry\n";
}
$offset = $security->get_offset;
}
sub usage {
my $script_name = basename $0;
return <<USAGE;
$script_name for Parse::Win32Registry $Parse::Win32Registry::VERSION
Displays all the security entries in a registry file.
Each key contains a reference to one of these security entries.
Only Windows NT registry files contain security information.
$script_name <filename>
USAGE
}
|