Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
windows-registry
Advanced tools
Read and Write to the Windows registry in-process from Node.js. Easily set application file associations and other goodies & such.
Read and Write to the Windows registry in-process from Node.js. Easily set application file associations and launch processes as an Administrator.
This library interacts with native Windows APIs. To add this module to your Node application, install the package:
npm install windows-registry
To install node modules that require compilation on Windows, make sure you have installed the necessary build tools. Specifically, we need npm install -g node-gyp
, a cross-platform cli written in Node.js for native addon modules for Node.js.
To install node-gyp
, install python v2.7.3 and Visual Studio 2013 build tools. You do not need to install the full Visual Studio, only the build tools are required. Once the build tools are installed, you should be able to do npm install -g node-gyp
.
To create a file association, you can call the fileAssociation.associateExeForFile
API, which will make windows assign a default program for an arbitrary file extension:
var utils = require('windows-registry').utils;
utils.associateExeForFile('myTestHandler', 'A test handler for unit tests', 'C:\\path\\to\\icon', 'C:\\Program Files\\nodejs\\node.exe %1', '.zzz');
After running the code above, you will see files with the extension of .zzz
will be automatically associated with the Node program and their file icon will be changed to the Node file icon.
This library implements only a few of the basic registry commands, which allow you to do basic CRUD operations for keys in the registry.
Registry keys can be opened by either opening a predefined registry key defined in the windef module:
var Key = require('windows-registry').Key;
var key = new Key(windef.HKEY.HKEY_CLASSES_ROOT, '.txt', windef.KEY_ACCESS.KEY_ALL_ACCESS);
Or you can open a sub key from an already opened key:
var Key = require('windows-registry').Key;
var key = new Key(windef.HKEY.HKEY_CLASSES_ROOT, '', windef.KEY_ACCESS.KEY_ALL_ACCESS);
var key2 = key.openSubKey('.txt', windef.KEY_ACCESS.KEY_ALL_ACCESS);
And don't forget to close your key when you're done. Otherwise, you will leak native resources:
key.close();
Creating a key just requires that you have a Key object by either using the predefined keys within the windef.HKEY
or opening a subkey from an existing key.
var Key = require('windows-registry').Key;
// predefined key
var key = new Key(windef.HKEY.HKEY_CLASSES_ROOT, '', windef.KEY_ACCESS.KEY_ALL_ACCESS);
var createdKey = key.createSubKey('\test_key_name', windef.KEY_ACCESS.KEY_ALL_ACCESS);
To delete a key just call the Key.deleteKey()
function.
createdKey.deleteKey();
To write a value, you will again need a Key object and just need to call the Key.setValue
function:
var Key = require('windows-registry').Key,
windef = require('windows-registry').windef;
var key = new Key(windef.HKEY.HKEY_CLASSES_ROOT, '.txt', windef.KEY_ACCESS.KEY_ALL_ACCESS);
key.setValue('test_value_name', windef.REG_VALUE_TYPE.REG_SZ, 'test_value');
To get a value from a key, just call Key.getValue
:
var value = key.getValue('test_value_name');
The return value depends on the type of the key (REG_SZ for example will give you a string).
To launch a process as an Administrator, you can call the utils.elevate
API, which will launch a process as an Administrator causing the UAC (User Account Control) elevation prompt to appear if required. This is similar to the Windows Explorer command "Run as administrator". Pass in FILEPATH
to the process you want to elevate. Pass in anyPARAMETERS
to run with the process. Since this is an asynchronous call, pass in a callback to handle user's selection.
var utils = require('windows-registry').utils;
utils.elevate('C:\\Program Files\\nodejs\\node.exe', 'index.js', function (err, result){console.log(result);});
The process you want to launch with admin access will only be launched after the callback is called and only if the user clicks Yes in the UAC prompt. Otherwise, the process will not be launched. If the user is already running as an admin, the UAC prompt will not be triggered and the process you provided will be launched as an administrator automatically.
Make your way over to the tests section to see how the module can be used.
FAQs
Read and Write to the Windows registry in-process from Node.js. Easily set application file associations and other goodies & such.
We found that windows-registry demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.