EARLIER FEATURES
FEATURES CONTENTS
LATER FEATURES
|
|
|
|
| 4th September 2002 | REGEDIT CRACKS AND THE HEX EDITOR |
Brian Grainger |
|
It is amazing how nothing happens for a while and then 2 problems are solved at once. This happened to me recently. For the last 2 years I have worked as an engineer, at the mercy of a classic IT department for computer services. We are networked via Windows NT4 and the user is shut out of various Windows functions to stop him messing up things. This makes sense. However, it is extremely annoying for someone like me, who thinks he knows what he is doing, not to have some of the tools I normally would. When problems occur IT can take an hour to simply respond, if the solution is beyond the help desk. If they cannot find an answer from 2nd line support the delay is much longer and you may not get an answer at all. One of my problems was closed out, without my being told and without a solution being provided! Consequently, I sometimes have to provide my own solutions. It is then that I need my tools. One of these is the ability to view the registry. Clearly IT do not want any novice to mess around with the registry so if you try to start Regedit.exe or Regedit32.exe you get a message saying the administrator has disabled access. I have been 2 years looking for a way round this problem. I thought, incorrectly as I know now, that it was something to do with access permissions, which cannot be changed unless you have administrative rights. Then recently, when I was Googleing for something else, I saw a reference in a help forum where an administrator had inadvertently locked himself out of the registry and was desperate for help to find a way in. One of the replies he had was to try a revised version of Regedit.exe to be found on a cracking site. Well, I am a bit wary of downloading stuff from a cracking site, especially for use on a PC at work. Fortunately, another response simply told him how to crack the existing Regedit.exe file for himself. First open Regedit.exe with a hex editor. Search for the string "DisableRegistryTools" in Regedit.exe. Change "DisableRegistryTools" to something else, say "ZisableRegistryTools"! Save the modified Regedit.exe file. How does this work? DisableRegistryTools is the value in the registry that actually determines if registry editing is disabled or not. If Regedit.exe sees that the value of DisableRegistryTools is set to 1 (true) in the registry, Regedit.exe won't run. Now when you run the modified Regedit.exe, it will check to see if ZisableRegistryTools in the registry is set to 1. Since it will not find ZisableRegistryTools in the registry, Regedit.exe will run. What a simple solution to an annoying problem. Unfortunately, this ruse does not work for Regedit32.exe, but this is not too great a problem. This trick will also work with Windows 98, although I am not sure about Windows 2000 or beyond. Well, that was the first problem solved. What was the second that I referred to? I mentioned above the use of a hex editor. But that is not standard with Windows. When I had Windows 95 I used to use the DOSSHELL from MSDOS version 5 for this ability. What could I use with NT? This sent me off on another Google search and I came up with a perfect tool. One that requires no installation, is well behaved in operation and does not cost anything! What I mean by no installation is one where you simply put files in a folder specially prepared for the tool. No files are added to the Windows folders and no changes are made to the registry. What I mean by well behaved in operation is that no extra files are created outside of the tools folder and the registry is not changed with use. Why this is a perfect tool, apart from the fact it can be used on company systems without requiring an administrator to install it, is that you are in total control. Being totally self contained it is not going to upset your Windows set up. I look for these kind of tools wherever possible. This is one area where the Internet scores over magazine cover disks. On cover disks it rarely says what happens when you install a program. On the Internet it usually does and you can see whether it is suitable or not. The suitable Hex Editor tool is called XVI32 and can be found at: Update for Windows 2000 and Windows XP Disabled Registry Editor Please read this page of the website: |
|
|
|
|
|
|
|
|
|
|
