diff options
author | Richard Jones <rjones@redhat.com> | 2010-02-19 17:34:45 +0000 |
---|---|---|
committer | Richard Jones <rjones@redhat.com> | 2010-02-19 17:34:45 +0000 |
commit | b16681296193da751e739c09e3d8224c4c6812ad (patch) | |
tree | ce776098e62f8b0dc57abb373628b77efebfd614 /README | |
parent | 8cc227ce3ead0c4043432e3462560d7b31c538e9 (diff) | |
download | hivex-b16681296193da751e739c09e3d8224c4c6812ad.tar.gz hivex-b16681296193da751e739c09e3d8224c4c6812ad.tar.xz hivex-b16681296193da751e739c09e3d8224c4c6812ad.zip |
Move README, LICENSE files to the toplevel directory.
Diffstat (limited to 'README')
-rw-r--r-- | README | 35 |
1 files changed, 35 insertions, 0 deletions
@@ -0,0 +1,35 @@ +hivex - by Richard W.M. Jones, rjones@redhat.com +Copyright (C) 2009-2010 Red Hat Inc. +---------------------------------------------------------------------- + +This is a self-contained library for reading Windows Registry "hive" +binary files. + +Unlike many other tools in this area, it doesn't use the textual .REG +format for output, because parsing that is as much trouble as parsing +the original binary format. Instead it makes the file available +through a C API, or there is a separate program to export the hive as +XML. + +This library was derived from several sources: + + . NTREG registry reader/writer library by Petter Nordahl-Hagen + (LGPL v2.1 licensed library and program) + . http://pogostick.net/~pnh/ntpasswd/WinReg.txt + . dumphive (a BSD-licensed Pascal program by Markus Stephany) + . http://www.sentinelchicken.com/data/TheWindowsNTRegistryFileFormat.pdf + . editreg program from Samba - this program was removed in later + versions of Samba, so you have to go back in the source repository + to find it (GPLv2+) + . http://amnesia.gtisc.gatech.edu/~moyix/suzibandit.ltd.uk/MSc/ + . reverse engineering the format (see hivex/tools/visualizer.ml) + +Like NTREG, this library only attempts to read Windows NT registry +files (ie. not Windows 3.1 or Windows 95/98/ME). See the link above +for documentation on the older formats if you wish to read them. + +Unlike NTREG, this code is much more careful about handling error +cases, corrupt and malicious registry files, and endianness. + +The license for this library is LGPL v2.1, but not later versions. +For full details, see the file LICENSE in this directory. |