hivex: invalid hive files
| Package(s): | hivex | CVE #(s): | |||||||||
| Created: | December 8, 2014 | Updated: | December 10, 2014 | ||||||||
| Description: | From the Fedora advisory:
Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' lets you export and merge to the textual regedit format. 'hivexml' can be used to convert a hive file to a more useful XML format. In order to get access to the hive files themselves, you can copy them from a Windows machine. They are usually found in %systemroot%\system32\config. For virtual machines we recommend using libguestfs or guestfish to copy out these files. libguestfs also provides a useful high-level tool called 'virt-win-reg' (based on hivex technology) which can be used to query specific registry keys in an existing Windows VM. | ||||||||||
| Alerts: |
| ||||||||||