Monday, 29 February 2016

How to read 64 bit registry from 32 bit application using WMI

When we work with 32 Application in a 64 bit machine to read registry value using WMI, we have to access the node WoW6432Node instead of normal registry path, but if the requested registry value not available in WoW6432Node and if it is only available in 64 bit registry path, then we have to force WMI to load the 64-bit provider and get value from 64-bit registry

Use the following C# code to access 64 bit registry hive information from a application running in 32 bit mode on a 64 bit machine(WOW). We need to add the __ProviderArchitecture and __RequiredArchitecture option in ManagementScope's ConnectionOptions to force WMI to load the 64-bit provider.
private static void Read64RegistryFrom32App()
{
    uint LOCAL_MACHINE = 0x80000002;
    ConnectionOptions options = new ConnectionOptions();
    options.Impersonation = ImpersonationLevel.Impersonate;
    options.EnablePrivileges = true;
    options.Username = "MyUsername";
    options.Password = "MyPassword";

    ManagementScope mgmtScope = new ManagementScope("\\\\" + "ComputerName" + "\\root\\default", options);
            
    mgmtScope.Options.Context.Add("__ProviderArchitecture", 64);
    mgmtScope.Options.Context.Add("__RequiredArchitecture", true);

    ManagementClass mc = new ManagementClass(mgmtScope, new ManagementPath("StdRegProv"), null);
    ManagementBaseObject inParams = mc.GetMethodParameters("EnumKey");
    inParams["hDefKey"] = LOCAL_MACHINE;
    inParams["sSubKeyName"] = @"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall";

    ManagementBaseObject outParams = mc.InvokeMethod("EnumKey", inParams,null);
    inParams = mc.GetMethodParameters("GetStringValue");
    inParams["hDefKey"] = LOCAL_MACHINE;

    foreach (string name in (string[])outParams["sNames"])
    {
        inParams["sSubKeyName"] = @"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" + "\\" + name;
        inParams["sValueName"] = "DisplayName";
        outParams = mc.InvokeMethod("GetStringValue", inParams, null);
        Console.WriteLine(outParams["sValue"]);
    }
}


Advertisements
Advertisements

No comments:

Post a Comment