{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 smile是对你的礼貌 的问题《Using windows environment variables as registry va》','https://www.manongdao.com/q-765835.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Hey, i want to use windows environment variables as value for a registry entry. Unfortunately i can not simply write sth like %systemroot%\system32\MyScreensaver.scr.
As you can guess, i want to point some reg values to my own app, such as the auto start and screensaver and some other things.
Any ideas?
Use an expandable string
DWORD = dword: Expandable String = hex(2): Multi String = hex(7):
A DWORD is a 32-bit unsigned integer (range: 0 through 4294967295 decimal) In the registry, a DWORD always begins with 0x. In the registry, DWORDS always have 8 digits that follow 0x. This can be in decimal or hexadecimal format, 1000 can be written as: 0x00001000 or 0x000003e8
DWORDS can only make use of the digits 0-9. Strings, any kind, always use ASCII, in ACSII 1000 can only be written as 31,30,30,30 For the String data type, ASCII works in the background without you even knowing. It has to because the computer only understand 1s and 0s. For Expandable String and Multi String data types, these save your entries as a series of ASCII codes in a hexadecimal format, separated by a commas and hex zeroes. So, an Expandable String of 1000 would be: hex(2):31,00,30,00,30,00,30,00
So let's convert %PROGRAMFILES% into an expandable string. First, download this: https://hotfile.com/dl/244097278/55aa086/ASCII_2_HEX_Conversion_Tool.7z.html
Now open that in any modern browser. Put %PROGRAMFILES% into the ASCII box, and select encode it. It will give you %25%50%52%4F%47%52%41%4D%46%49%4C%45%53%25 Copy paste that into a text editor, move the first % to the end. Select the replace command, find all "%" and replace with ",00,". Remove the comma at the very end. You should get: 25,00,50,00,52,00,4F,00,47,00,52,00,41,00,4D,00,46,00,49,00,4C,00,45,00,53,00,25,00 And finally, hex(2):25,00,50,00,52,00,4F,00,47,00,52,00,41,00,4D,00,46,00,49,00,4C,00,45,00,53,00,25,00
Done.
Have you ever tried to convert a curious hex registry entry into ASCII and failed miserably. This lesson contains all the knowledge required to reverse engineer any hex coded registry entry that is not encrypted. Have Fun!
You can use the Windows Installer formatted type. For example, your registry value can be:
This way Windows Installer will automatically resolve the environment variable during installation.
It's kind of tricky but very easy to do. This example would allow you to open a certain type of file (*.test) up with a program (Notepad++) that resides in a user specific directory. I used this for a scenario on my Windows 2008 server running Remote Desktop (AKA Terminal Server) to allow each user to use a program installed PER user account so that different settings could be used per user (ex: *.ini files located within the apps directory). Note: Not that it matters but the folder "programs" is hidden so the users do not see it.
Step 1. IF you are using mandatory profiles be sure to change the NTUSER.MAN file back to NTUSER.DAT.
Step 2. Log into the profile you wish to edit using Remote Desktop Client.
Step 3. Open up regedit and delete the following keys if they exist.
Step 4. Create a new text file and name it "original.reg". Fill it with the following...
Step 5. Refresh registry (F5) and look for the new key. Should see the "command" key with "(Default)" value blank. In the "command" key add a new "Expandable String Value" called "New Value #1". Set the value to the application's path "Y:\%username%\programs\Notepad++\notepad++.exe" "%1". Then export the "command" key to the desktop as "expanded.reg".
Step 6. Edit the "expanded.reg" file in notepad and copy all the data after the "New Value #1". Ex: =hex(2):22...
Step 7. Close expanded.reg file and open the "original.reg" file then replace the default command (that is empty "") with the new hex value we have in our clipboard. The file "original.reg" should look like the following now...
Step 8. Now that we have our expanded variable ready to go lets just add an extension to associate with the application. Add the following to the "original.reg" file making it look like the following...
Step 9. Open up regedit and delete the following keys if they exist. (Yes do it again)... Now the registry is like we never did anything and we have a registry file ready to insert into the registry!
Step 10. If you want to apply this to the current profile then RUN THE REGISTRY FILE "original.reg" and insert it into the registry.
And that's it! Now all *.test files will open up with "Y:\%username%\programs\Notepad++\notepad++.exe". Go check the registry and see the new default entry.
This an expansion on Rick Sladkey's answer:
He had answered REG_EXPAND_SZ will allow you to use Environmental variables which is correct but you should also note that some registry functionalities will only work with the Default entry of a key. For example, say you want to setup a command for the context menu in Windows shell called Example (accessible when right clicking the background of a folder):
and the command you want to input is:
This will only work if the default entry is REG_EXPAND_SZ whereas the default entries created by Regedit when creating a key are REG_SZ. If you're using Regedit, you're going to have to do some acrobatics to convert the default entry from REG_SZ to REG_EXPAND_SZ as Regedit can't do that itself. Here is the work around needed to do this:
Going back to my example, within the command key, create a REG_EXPAN_SZ entry. Double click it and input your command of choice. For example:
The entry you've just created will not be the default entry and at this point shell can't execute it. To fix this, right click the command registry key and export it as command.reg. Your exported reg file should look like this:
Obviously the hash will vary if you're using a different command. To convert the REG_EXPAND_SZ entry into the default entry, just delete the @="" line and rename
to
(note there is no quotation marks around the @ here).
Once you've done your mod, just merge command.reg and the default entry will now be in REG_EXPAND_SZ format.
The Windows registry supports this natively with the
REG_EXPAND_SZregistry value type.Just use
REG_EXPAND_SZinstead ofREG_SZwhen you want to embed environment variables in the registry key value.Here is an example of C# code accessing a
REG_EXPAND_SZand the expansion is handled automatically:Here is an example of creating an expandable registry value:
Other platforms or scripting languages have other mechanisms to support this. Here is the low-level Win32 description of
REG_EXPAND_SZ:On the command line you can use the Reg add command (built in to Windows) to set registry values that contain environment variables.
See here: How to use REG_EXPAND_SZ from the commandline?