Hello Perl Monks,
I am in quiet a pickle right now. I have a script that is used to scan windows xp registry values and compare them to prewritten text values. I am having issues with creating a new key when the full path the where the key needs to go is not in existance. I have searched for hours both here and on cpan.org, but I have not found the answer I seek and I fear it is going to end up being a simple one. Below is my full script but here is the synopsis:
Please help. Thanks.
use Win32::Registry;
use Win32::TieRegistry(Delimiter=>"/");
use Win32::File;
use strict;
use warnings;
sub print_decimal_hex
{
my $actual_val = shift;
my $expected_val = shift;
my $color = shift;
# Print reg values in hex.
print VALUES "<td align=middle valign=middle><font color=$color>";
if($actual_val !~ /\D/)
{
print VALUES "Decimal: $actual_val<br>";
print VALUES 'Hexadecimal: 0x', sprintf("%08x", $actual_val),"
+</td>\n";
}
else
{
print VALUES "$actual_val</td>\n";
}
print VALUES "<td align=middle valign=middle><font color=$color>";
if($expected_val !~ /\D/)
{
print VALUES "Decimal: $expected_val<br>";
print VALUES 'Hexadecimal: 0x', sprintf("%08x", $expected_val)
+, "</td>\n";
}
else
{
print VALUES "$expected_val</td>\n";
}
}
sub regvals
{
our $oskey;
our $osval;
my $Description;
my $ExpectedResult;
my $ActualResult;
my $TestResult;
my $Requirement;
my $TestComments;
my $TestNumber;
print "Retrieving Registry Values...\n\n";
if($HKEY_LOCAL_MACHINE->Open('SOFTWARE\Microsoft\Windows NT\Curren
+tVersion', $oskey))
{
$oskey->QueryValueEx('ProductName', REG_SZ, $osval);
if($osval =~ /2003/ix)
{
open(KEYS, "scripts\\files\\registry_values_2003.txt")
or warn "Couldn't open registry_values_2003.txt for re
+ading\n";
}
elsif($osval =~ /XP/ix)
{
open(KEYS, "scripts\\files\\registry_values_xp.txt")
or warn "Couldn't open registry_values_xp.txt for read
+ing\n";
}
elsif($osval =~ /2000/ix)
{
open(KEYS, "scripts\\files\\registry_values_2000.txt")
or warn "Couldn't open registry_values_2000.txt for re
+ading\n";
}
elsif($osval =~ /vista/ix)
{
open(KEYS, "scripts\\files\\registry_values_vista.txt")
or warn "Couldn't open registry_values_vista.txt for r
+eading\n";
}
elsif($osval =~ /2008.*R2/ix)
{
open(KEYS, "scripts\\files\\registry_values_2008_r2.txt")
or warn "Couldn't open registry_values_2008_r2.txt for
+ reading\n";
}
elsif($osval =~ /2008/ix)
{
open(KEYS, "scripts\\files\\registry_values_2008.txt")
or warn "Couldn't open registry_values_2008.txt for re
+ading\n";
}
elsif($osval =~ /7/ix)
{
open(KEYS, "scripts\\files\\registry_values_7.txt")
or warn "Couldn't open registry_values_7.txt for readi
+ng\n";
}
else
{
open(KEYS, "scripts\\files\\registry_values_xp.txt")
or warn "Couldn't open registry_values_xptxt for r
+eading\n";
}
}
else
{
open(KEYS, "scripts\\files\\win2000RegVals.txt")
or warn "Couldn't open win2000RegVals.txt for reading\n";
}
# File which displays the registry values
open(VALUES, ">C:\\Temp\\WASSP\\Files\\Regvals.html")
or warn "Couldn't open Regvals.html for writing\n";
print VALUES "<html>\n";
print VALUES "<head>\n";
print VALUES "<title>Registry Values</title>\n";
print VALUES "<script language=\"javascript\">\n";
print VALUES "function PopUp(ref)\n";
print VALUES "{\n";
print VALUES "var strFeatures=\"toolbar=no,status=no,menubar=no,lo
+cation=no\"\n";
print VALUES "strFeatures=strFeatures+\",scrollbars=yes,resizable=
+yes,height=320,width=500\"\n";
print VALUES "newWin = window.open(ref,\"TellObj\",strFeatures)\n"
+;
print VALUES "newWin.opener=top;\n";
print VALUES "}\n";
print VALUES "</script>\n";
print VALUES "</head>\n";
print VALUES "<body>\n";
print VALUES "<center><font size=+1 color=navy><br><b>Registry Val
+ues</b></center></font><br>\n";
print VALUES "\n";
print VALUES "<table border = \"1\" cellpadding =\"5\" width=\"100
+%\">\n";
print VALUES "<tr>\n";
print VALUES "<th>Registry Value</th>\n";
print VALUES "<th>Test Result</th>\n";
print VALUES "<th>Actual Value</th>\n";
print VALUES "<th>Expected Value</th>\n";
print VALUES "<th>Vulnerability Level</th>\n";
print VALUES "<th>Description</th>\n";
print VALUES "<th>Requirement</th>\n";
print VALUES "<th>Comments</th>\n";
print VALUES "</tr>\n";
my $regstring;
my $value;
my $type;
my $expectedval;
my $hkey;
my $retval;
my $val;
my $description;
my $comments;
my $requirements;
my $regkey;
my $keys;
my @reqs;
my $risklevel;
my $testnumber;
my $recommendation;
while(<KEYS>)
{
chomp ($_);
($regstring,$value, $type, $expectedval,$description, $comment
+s, $requirements, $risklevel, $testnumber, $recommendation) = split /
+;/, $_;
@reqs = split /\+/ , $requirements;
my $regkey;
$regkey = $Registry->{$regstring}->{$value};
if(defined($regkey))
{
print VALUES "<tr>\n";
if ($type =~ /REG\_BINARY/ix)
{
my $hexkey = bin2dec($regkey);
if("$hexkey" ne "$expectedval")
{
print VALUES "<td align=left valign=top><font colo
+r=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=red>Fail</font></td>\n";
&print_decimal_hex($hexkey, $expectedval, 'red');
print FINDINGS "RegVals;$regstring<br>$value;$hexk
+ey;$expectedval;$description<br>Type - $type;$risklevel;$testnumber;$
+requirements;$recommendation\n";
}
else
{
print VALUES "<td align=left valign=top><font colo
+r=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=green>Pass</font></td>\n";
&print_decimal_hex($hexkey, $expectedval, 'green')
+;
}
print VALUES "<td align=middle valign=middle>$riskleve
+l</td>\n";
print VALUES "<td align=left valign=top>$description<b
+r>Type - $type</td>\n";
print VALUES "<td align=middle valign=middle>-</td>\
+n" unless ($requirements ne "");
print VALUES "<td align=left valign=top>\n" unless (
+$requirements eq "");
my $req;
foreach $req(@reqs)
{
print VALUES "<a href=\"javascript:PopUp('..\\\\
+Requirements\\\\$req.htm')\">$req</a><br>\n";
}
print VALUES "</font></td>\n";
print VALUES "<td align=left valign=top>$comments</fon
+t></td>\n" unless ($comments eq "");
print VALUES "<td align=middle valign=middle>-</td>\
+n" unless ($comments ne "");
print VALUES "</tr>\n";
}
else
{
$regkey = hex($regkey) if $regkey =~/^0/ix;
if($value =~ /GreetingMessage/ix)
{
print VALUES "<td align=left valign=top>$regstring
+<br>$value</td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=#FFCC00>Manual Review</font></td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=#FFCC00>$regkey</font></td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=#FFCC00>$expectedval</font></td>\n";
}
elsif($value =~ /Optional|os2libpath|os2|posix|default
+password/ix)
{
if(($regkey eq "") || ($regkey eq " ") || ($regkey
+ =~ /^.$/i))
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>-</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>$expectedval</font></td>\n";
}
else
{
#START ADDED to change the value vise just printin
+g log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type =~
+/REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not exi
+st";
$nkey= new Win32::TieRegistry $regstring, { Access
+=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval );
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red >Fail</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>$regkey</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>$expectedval</font></td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /WarningLevel/ix)
{
if($regkey <= 90 && $regkey >=1)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /KeepAliveTime/ix)
{
if($regkey =~ /300000|30\,000/ix)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /MaximumDynamicBacklog/ix)
{
if($regkey =~ /20000|20\,000/ix)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /MaxSize/ix)
{
if( ($regkey <= 4294901760) && ($regkey >=64) )
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /SCRNSAVE.EXE/ix)
{
if($regkey =~ /logon\.scr/mix)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif( ($regstring =~ /EventLog\/System|EventLog\/Appl
+ication/ix) && ($value =~ /Retention/ix))
{
if($regkey <= 1209600)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /ScreenSaveTimeOut/ix)
{
if($regkey <= 900)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /maximumpasswordage/ix)
{
if($regkey <= 90)
{
print VALUES "<td align=left valign=top><font
+color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'gre
+en');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
}
else
{
#START ADDED to change the value vise just pri
+nting log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type
+ =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not
+ exist";
$nkey= new Win32::TieRegistry $regstring, { Ac
+cess=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval )
+;
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font
+color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=middle><
+font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red
+');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\
+n";
#print VALUES "<td align=middle valign=middle>
+<font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "
+</td>\n";
print FINDINGS "RegVals;$regstring<br>$value;$
+regkey;$expectedval;$description<br>Type - $type;$risklevel;$testnumb
+er;$requirements;$recommendation\n";
}
}
elsif($value =~ /SubmitControl|RefusePasswordChange|LD
+APServerIntegrity/ix)
{
if($regkey eq "0")
{
print VALUES "<td align=left valign=top><f
+ont color=green>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=midd
+le><font color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval,
+'green');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=mid
+dle><font color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</
+td>\n";
#print VALUES "<td align=middle valign=mid
+dle><font color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval
+), "</td>\n";
}
else
{
#START ADDED to change the value vise just
+ printing log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachi
+ne/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes
+/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConf
+ig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($
+type =~ /REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does
+ not exist";
$nkey= new Win32::TieRegistry $regstring,
+{ Access=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedv
+al );
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><f
+ont color=red>$regstring<br>$value</font></td>\n";
print VALUES "<td align=middle valign=midd
+le><font color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval,
+'red');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=mid
+dle><font color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</
+td>\n";
#print VALUES "<td align=middle valign=mid
+dle><font color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval
+), "</td>\n";
print FINDINGS "RegVals;$regstring<br>$val
+ue;$regkey;$expectedval;$description<br>Type - $type;$risklevel;$test
+number;$requirements;$recommendation\n";
}
}
elsif("$regkey" ne "$expectedval")
{
#START ADDED to change the value vise just printin
+g log
#####contains dec2bin converstion#####
my $nkey;
my $okay;
$regstring =~ s/\\/\//g;
$regstring =~ s/^HKEY_USERS/Users/;
$regstring =~ s/^HKEY_LOCAL_MACHINE/LMachine/;
$regstring =~ s/^HKEY_CLASSES_ROOT/Classes/;
$regstring =~ s/^HKEY_CURRENT_CONFIG/CConfig/;
$regstring =~ s/^HKEY_CURRENT_USER/CUser/;
$expectedval = dec2bin($expectedval) if ($type =~
+/REG\_BINARY/ix);
$expectedval = "" if $expectedval eq "Does not exi
+st";
$nkey= new Win32::TieRegistry $regstring, { Access
+=>KEY_READ()|KEY_WRITE(), Delimiter=>"/" };
$okay= $nkey->SetValue( $value, $expectedval );
print "$regstring\n";
print "Actual Value: $value\n";
print "Will change to $expectedval\n\n";
$_ = <STDIN>;
#END ADDED
print VALUES "<td align=left valign=top><font colo
+r=red>$regstring<br>$value</td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=red>Fail</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'red');
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle><fon
+t color=red>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\n";
#print VALUES "<td align=middle valign=middle><fon
+t color=red>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "</td
+>\n";
print FINDINGS "RegVals;$regstring<br>$value;$regk
+ey;$expectedval;$description<br>Type - $type;$risklevel;$testnumber;$
+requirements;$recommendation\n";
}
else
{
print VALUES "<td align=left valign=top><font colo
+r=green>$regstring<br>$value</td>\n";
print VALUES "<td align=middle valign=middle><font
+ color=green>Pass</font></td>\n";
&print_decimal_hex($regkey, $expectedval, 'green')
+;
#DAVE E UPDATE: Print reg values in hex.
#print VALUES "<td align=middle valign=middle><fon
+t color=green>";
#print VALUES "$regkey<br>";
#print VALUES sprintf("%04x", $regkey),"</td>\n";
#print VALUES "<td align=middle valign=middle><fon
+t color=green>";
#print VALUES "$expectedval<br>";
#print VALUES sprintf("%04x", $expectedval), "</td
+>\n";
}
print VALUES "<td align=middle valign=middle>$riskleve
+l</td>\n";
print VALUES "<td align=left valign=top>$description<b
+r>Type - $type</td>\n";
print VALUES "<td align=middle valign=middle>-</td>\n"
+ unless ($requirements ne "");
print VALUES "<td align=left valign=top>\n" unless (
+$requirements eq "");
my $req;
foreach $req(@reqs)
{
print VALUES "<a href=\"javascript:PopUp('..\\\\
+Requirements\\\\$req.htm')\">$req</a><br>\n";
}
print VALUES "</font></td>\n";
print VALUES "<td align=left valign=top>$comments</t
+d>\n" unless ($comments eq "");
print VALUES "<td align=middle valign=middle>-</td>\
+n" unless ($comments ne "");
print VALUES "</tr>\n";
}
}
elsif( ($value =~ /^\000\000$/) || ($value =~ /\/n/) )
{
print VALUES "<tr>\n";
if($comments =~ /This.registry.value.should.not.exist|This
+.registry.value.should.be.null/ix)
{
print VALUES "<td align=left valign=top><font color=gr
+een>$regstring<br>$value</td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=green>Pass</font></td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=green>-</td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=green>$expectedval</td>\n";
}
else
{
print VALUES "<td align=left valign=top>$regstring<br>
+$value</td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=#FFCC00>Manual Review</font></td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=#FFCC00>Does not exist or not defined</font></td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=#FFCC00>$expectedval</font></td>\n";
print FINDINGS "RegVals;$regstring<br>$value;-;$expect
+edval;$description<br>Type - $type;$risklevel;$testnumber;$requiremen
+ts;$recommendation\n";
}
print VALUES "<td align=middle valign=middle>$risklevel</t
+d>\n";
print VALUES "<td align=left valign=top>$description<br>Ty
+pe - $type</td>\n";
print VALUES "<td align=middle valign=middle>-</td>\n" unl
+ess ($requirements ne "");
print VALUES "<td align=left valign=top>\n" unless ($requ
+irements eq "");
my $req;
foreach $req(@reqs)
{
print VALUES "<a href=\"javascript:PopUp('..\\\\Requir
+ements\\\\$req.htm')\">$req</a><br>\n";
}
print VALUES "</font></td>\n";
print VALUES "<td align=left valign=top>$comments</td>\n"
+unless ($comments eq "");
print VALUES "<td align=middle valign=middle>-</td>\n" u
+nless ($comments ne "");
print VALUES "</tr>\n";
}
else
{
print VALUES "<tr>\n";
if($comments =~ /This.registry.value.should.not.exist|This
+.registry.value.should.be.null/ix)
{
print VALUES "<td align=left valign=top><font color=gr
+een>$regstring<br>$value</td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=green>Pass</font></td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=green>-</td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=green>$expectedval</td>\n";
}
else
{
print "\n\n$regstring\n\n$value\n\n";
print "$expectedval\n\n";
print "Registry Description:\n$description\n\n";
print "Do you want to add this registry? (y/n)";
my $answer;
$answer = <STDIN>;
chomp $answer;
if ($answer =~ /^[Yy]/) {
$HKEY_LOCAL_MACHINE->Open("SYSTEM", $system);
$system->Create("CurrentControlSet/Services/NTDS/Param
+eters/LDAPServerIntegrity/TEST", $Test) || die "Create: $!";
print "Added Successfully!\n\n\n";
}
else
{
print "Not added.\n\n\n";
}
print VALUES "<td align=left valign=top>$regstring<br>
+$value</td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=#FFCC00>Manual Review</font></td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=#FFCC00>Does not exist or not defined</font></td>\n";
print VALUES "<td align=middle valign=middle><font col
+or=#FFCC00>$expectedval</font></td>\n";
print FINDINGS "RegVals;$regstring<br>$value;-;$expect
+edval;$description<br>Type - $type;$risklevel;$testnumber;$requiremen
+ts;$recommendation\n";
}
print VALUES "<td align=middle valign=middle>$risklevel</t
+d>\n";
print VALUES "<td align=left valign=top>$description<br>Ty
+pe - $type</td>\n";
print VALUES "<td align=middle valign=middle>-</td>\n" unl
+ess ($requirements ne "");
print VALUES "<td align=left valign=top>\n" unless ($requ
+irements eq "");
my $req;
foreach $req(@reqs)
{
print VALUES "<a href=\"javascript:PopUp('..\\\\Requir
+ements\\\\$req.htm')\">$req</a><br>\n";
}
print VALUES "</font></td>\n";
print VALUES "<td align=left valign=top>$comments</font></
+td>\n" unless ($comments eq "");
print VALUES "<td align=middle valign=middle>-</td>\n" u
+nless ($comments ne "");
print VALUES "</tr>\n";
}
}
print VALUES "</font>\n";
print VALUES "</table>\n";
print VALUES "<br><hr>\n";
print VALUES "<img src=\"..//footer.gif\" align=right>\n";
print VALUES "</body>\n";
print VALUES "</html>\n";
close(KEYS);
close(VALUES);
}
return 1;