If you are using a debugger based on the Windows debugging engine, you can use the !dreg command to dump a registry key, but what if you want to modify a registry key?
I don’t know how often it happens to you, but it happens to us a lot here inside Microsoft: You are given a remote debugging connection to a process that is running on some computer to which you have no physical access. You therefore cannot just run regedit
and do your registry work there. You may also be in a situation where you don’t want to run regedit
because running another process would interfere with the issue you are debugging.¹
One way to set a registry key from inside the debugger is to simulate a call to the RegSetValueEx
function.
Or you can think outside the box: Use the .shell
command and shell out to reg.exe
.
0:001> .shell reg add hkcu\Software\Contoso /v UseWarpCore /t REG_DWORD /d 1
This assumes that the debugger was created without the -noshell
option. Otherwise, you’re back to simulating the call.
¹ Usually because you are debugging some focus-related problem, and running regedit
changes focus. Or, if you work in my building, because you are debugging Explorer itself and therefore cannot launch any new programs.
0 comments