JavaScript client registry

// Generate a wscript. Shell object that can operate the registry and execute command lines.

VaR OBJ = new activexobject ("wscript. Shell ");

// Read the value of testvalue from the explorer table entry

VaR testvalue = obj. regread ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue ");

// Write a new key to the explorer table entry: testvalue; Value: 1; Type: REG_SZ

OBJ. regwrite ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue", "1", "REG_SZ ");

// Write a new table entry to the explorer table entry: testvalue. The default value is null and the type is REG_SZ.

OBJ. regwrite ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue \", "", "REG_SZ ");

// Delete the key named testvalue In the explorer table

OBJ. regdelete ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue ");

// Delete the table item testvalue and its subkeys In the explorer table item

Obj. RegDelete ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ TestValue \\");

We can see that when you use WScript. Shell to operate the registry, "\" is used to distinguish whether the operation object is a table item or a key.

Using this method to operate the client registry requires that the client's browser security settings allow "Running unsigned ActiveX scripts", otherwise it will not work. This is obvious, or the virus will flood.