Open Invitation to Hack Windows Vista

This is, as the title says, nothing more than an open invitation to hack Windows Vista to the extreme. But in order to do so you will have to become familiarized with a hierarchical database in Windows Vista containing all the values of variables in the operating system together with the applications and services that run on the platform. Namely the registry.

Now, you can play around in the Windows Vista registry for as much as you like, but the bottom line is that you should know what it is you are doing in order to understand and anticipate potential result. I always say that it is a healthy practice to backup the registry before any hack, just to be on the safe side.

The volume of data that is stored in the registry ranges from user profiles, installed applications, file extensions, property settings, the system hardware configuration and I/O ports. All this data can be accessed and edited according to your preferences.

What you have to understand is that when managing the vista registry, you are handling actual files locate on the hard drive because the configuration manager has coded all the path names to all the hives/keys/subkeys etc. To put it simple, all the Windows Vista Hive registry paths have corresponding file locations on the disk. And here is where you will be able to find them:

- HKEY_LOCAL_MACHINESYSTEM: %SystemRoot%system32configSYSTEM
- HKEY_LOCAL_MACHINESAM: %SystemRoot%system32configSAM
- HKEY_LOCAL_MACHINESECURITY: %SystemRoot%system32configSECURITY
- HKEY_LOCAL_MACHINESOFTWARE: %SystemRoot%system32configSOFTWARE
- HKEY_LOCAL_MACHINEHARDWARE: Volatile hive
- HKEY_LOCAL_MACHINESYSTEMClone: Volatile hive
- HKEY_USERSUserProfile: NTUSER.DAT
- HKEY_USERS.DEFAULT: %SystemRoot%system32configDEFAULT

In this context you have to understand the fact that all the root keys are combined together. In this manner the Vista registry architecture is built via the Configuration Manager.

The HKEY_CLASSES_ROOT hive includes data associated with the file extension on your operating system and the COM class registrations. HKEY_CLASSES_ROOT centralized information from HKEY_LOCAL_MACHINESoftwareClasses and HKEY_CURRENT_USERSoftwareClasses. The two storage locations contain general and user specific class registration data. The image on the left illustrates the default text editing application that I am using, OpenOffice. And what you are able to see is the default system extension for the native OpenOffice document.

Data related to the user profiles and logged-in accounts on a Windows Vista operating system, are stored by the HKEY_USERS, together with the HKEY_CURRENT_USER hives. A word of advice at this point. You will not be able to view, access or edit the registry entries here if you do not launch the Registry Editor with administrative privileges.

In order to run the Registry Editor with elevated privileges in Windows Vista simply enter "regedit" in the Search Box under the Start Menu and the click Ctrl + Shift + Enter.

"HKEY_USERS contains the user-profile hives of logged-on accounts and the root of all user profiles on the computer. As you can see below, there is a subkey named HKU.DEFAULT that is linked to the default workstation profile. There are also subkeys for each loaded user profile and user class registration database on the system. The HKEY_CURRENT_USER hive contains the user specific information for the user who is logged on. This is a symbolic link to a key under HKEY_USERS that represents a user's profile hive," revealed CC Hameed, EPS - Performance Support Engineer.

HKEY_LOCAL_MACHINE is the hive that generally centralizes both troubleshooting attempts and hacks. Due to the simple fact that all the configuration data specific to the computer is stored here, HKEY_LOCAL_MACHINE contains information related to the hardware configuration, the local accounts, security, the installed software along with the general system configuration.