Difference between revisions of "Advanced registry parameters"
(New page: Advanced registry parameters are additional conditions that have to be met by the scanner if identified. An easy example would be Value=Data which would need the value "Value" to be a stri...) |
(formatting; link to adv. build parameters) |
||
| Line 1: | Line 1: | ||
| − | Advanced registry parameters are additional conditions that have to be met by the scanner if identified. An easy example would be | + | Advanced registry parameters are additional conditions that have to be met by the scanner if identified. An easy example would be ''value=data'' which would need the value ''value'' to be a string containing the text ''data''. ''value=dword:755'' would be similar, but referencing to a REG_DWORD equaling decimal 755. |
| − | In addition to the equals sign, you can use negations. | + | |
| + | In addition to the equals sign, you can use negations. ''value!=data'' would detect only if ''value'' is NOT ''data''. And ''value=exists:'' would be true whenever ''value'' exists. | ||
| + | |||
You can also add relative paths (for checking values in subkeys), and absolute paths (beginning with a backslash, starting in the same root key). | You can also add relative paths (for checking values in subkeys), and absolute paths (beginning with a backslash, starting in the same root key). | ||
| + | |||
| + | Fields that accept advanced registry parameters often, but not always, also support [[Advanced build parameters|advanced build parameters]]. | ||
Latest revision as of 09:47, 22 February 2008
Advanced registry parameters are additional conditions that have to be met by the scanner if identified. An easy example would be value=data which would need the value value to be a string containing the text data. value=dword:755 would be similar, but referencing to a REG_DWORD equaling decimal 755.
In addition to the equals sign, you can use negations. value!=data would detect only if value is NOT data. And value=exists: would be true whenever value exists.
You can also add relative paths (for checking values in subkeys), and absolute paths (beginning with a backslash, starting in the same root key).
Fields that accept advanced registry parameters often, but not always, also support advanced build parameters.
