[Dev] Windows Kernel - REGISTRY

```
HANDLE reg_key = NULL;
NTSTATUS status;

UNICODE_STRING key_path = RTL_CONSTANT_STRING(L"\\Registry\\Machine\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion");
OBJECT_ATTRIBUTE object_attribute = {0};

InitializeObjectAttributes(
    &object_attribute,
    &key_path,
    OBJ_CASE_INSENSITIVE,
    NULL,
    NULL
);
status = ZwOpenKey(&reg_key, KEY_READ, &object_attribute);
if (!NT_SUCCESS(status))
{
    ....
}
```

## References

- [ZwOpenKey](https://msdn.microsoft.com/en-us/library/windows/hardware/ff567014(v=vs.85).aspx)
- [ZwQueryValueKey](https://msdn.microsoft.com/en-us/library/windows/hardware/ff567069(v=vs.85).aspx)
- [ZwSetValueKey](https://msdn.microsoft.com/en-us/library/windows/hardware/ff567109(v=vs.85).aspx)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Dev] Windows Kernel - REGISTRY #14

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[Dev] Windows Kernel - REGISTRY #14

Description

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions