Last active
June 11, 2024 22:44
-
-
Save davidlu1001/0f002dcdf17341cafc5757fd06626cb3 to your computer and use it in GitHub Desktop.
Check REG value contains string
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param( | |
[string]$dnsNamePattern = '.*\.co\.nz$' # Regex to match DNS names ending with '.co.nz' | |
) | |
# Define the registry paths to check | |
$registryPaths = @("HKLM:\SOFTWARE", "HKLM:\SYSTEM", "HKLM:\SECURITY") | |
# Create an array to store the results | |
$results = @() | |
# Iterate over each registry path | |
foreach ($registryPath in $registryPaths) { | |
# Check if the registry path exists | |
if (Test-Path $registryPath -ErrorAction SilentlyContinue) { | |
# Get all subkeys recursively under the current registry path | |
$allRegistryPaths = Get-ChildItem -Path $registryPath -Recurse -ErrorAction SilentlyContinue | |
# Iterate over each path | |
foreach ($path in $allRegistryPaths) { | |
if ($path.PSIsContainer) { | |
try { | |
$properties = Get-ItemProperty -Path $path.PSPath -ErrorAction SilentlyContinue | |
# Check each property in the current path | |
foreach ($property in $properties.PSObject.Properties) { | |
if ($property.Value -and $property.Value.GetType().Name -eq "String") { | |
if ($property.Value -match $dnsNamePattern) { | |
$result = [PSCustomObject]@{ | |
regPath = $path.PSPath | |
regValue = $property.Value | |
} | |
$results += $result | |
} | |
} | |
} | |
} catch { | |
Write-Error "Error accessing properties in $path : $_" | |
} | |
} | |
} | |
} else { | |
Write-Warning "Registry path $registryPath does not exist." | |
} | |
} | |
# Check if any results were found | |
if ($results.Count -gt 0) { | |
Write-Host "DNS names matching the pattern '$dnsNamePattern' found in the following registry paths:" | |
$results | Format-Table -AutoSize | |
# Export the results to a CSV file | |
$results | Export-Csv -Path "RegistryScanResults.csv" -NoTypeInformation | |
} else { | |
Write-Host "No DNS names matching the pattern '$dnsNamePattern' were found in the registry." | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment