How Do Tipsters Discover Previously Unknown Registry Keys?


geekinchief

geekinchief

Well-known member
Local time
4:03 PM
Posts
17
OS
Windows 11
I've been wondering how folks go about discovering new registry keys in Windows 11 (or 10) like, for example, the Strart_ShowClassicMode key: how did the first person who found that, find it? It's not in the registry already so did they get a tip from someone at Microsoft?

I have tried using Process Monitor, which logs all queries for Registry keys, to see if the system is querying for any interesting keys that don't exist by default, but I'm not finding anything. It doesn't even show Start_ShowClassicMode as something Windows 11 looks for, unless you have already created the key. What's the trick that the pros use to find out about these secret keys?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo ThinkPad X1 Carbon
    CPU
    Core i7-8550U
    Memory
    16GB
    Graphics Card(s)
    Intel HD Graphics
    Screen Resolution
    1920 x 1080
    Browser
    Chrome
Hello geekinchief, welcome to Eleven Forums.

all it takes is someone at Microsoft to create the keys for the purpose of software development, then for someone else to publish the results. Microsoft used to publish a book called Windows Registry Guide by Jerry Honeycutt on Microsoft Press. That book is not maintained and updated. Microsoft dose not like people playing with the registry directly, as it is so error prone - better to use Group Policy, but Group Policy does not cover everything.
 

My Computers

System One System Two

  • OS
    Windows 11
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 5600
    Motherboard
    MSI B550-A Pro
    Memory
    16 GB
    Graphics Card(s)
    Sapphire Radeon RX 6500XT (8 GB version)
    Monitor(s) Displays
    BenQ Mobuiz EX2710Q QHD, Iiyama ProLite X23377HDS
    Hard Drives
    MSI Spatium M461 4TB
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Acer A114
    CPU
    Intel Celeron N4020
MS documents everything so if you do not have access to it, it is only a matter of time till it leaks.
If you are part of Business or Developers, you will get access to it ASAP, otherwise you have to wait.
I watch for the latest security baseline where tweaks are posted or alternatively something like admx.

Force classic Start Menu

This setting affects the presentation of the Start menu.
admx.help

I have just updated my tweaks for the Edge 92 to automatically use HTTPS, new policies are on top.
docs.microsoft.com

Microsoft Edge Browser Policy Documentation

Windows and Mac documentation for policies supported by Microsoft Edge.
docs.microsoft.com
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 8600G (07/24)
    Motherboard
    ASROCK B650M-HDV/M.2 3.20 (07/24)
    Memory
    2x32GB Kingston FURY DDR5 5600 MHz CL36 @5200 CL40 (07/24)
    Graphics Card(s)
    ASROCK Radeon RX 6600 Challenger D 8G @60FPS (08/24)
    Sound Card
    Creative Sound BlasterX AE-5 Plus (05/24)
    Monitor(s) Displays
    24" Philips 24M1N3200ZS/00 (05/24)
    Screen Resolution
    1920×1080@165Hz via DP1.4
    Hard Drives
    Kingston KC3000 NVMe 2TB (05/24)
    ADATA XPG GAMMIX S11 Pro 512GB (07/19)
    PSU
    Seasonic Core GM 550 Gold (04/24)
    Case
    Fractal Design Define 7 Mini with 3x Noctua NF-P14s/12@555rpm (04/24)
    Cooling
    Noctua NH-U12S with Noctua NF-P12 (04/24)
    Keyboard
    HP Pavilion Wired Keyboard 300 (07/24) + Rabalux 76017 Parker (01/24)
    Mouse
    Logitech M330 Silent Plus (04/23)
    Internet Speed
    500/100 Mbps via RouterOS (05/21) & TCP Optimizer
    Browser
    Edge & Brave for YouTube & LibreWolf for FB
    Antivirus
    NextDNS blocking 99% TLDs
    Other Info
    Backup: Hasleo Backup Suite (PreOS)
    Headphones: Sennheiser RS170 (09/10)
    Phone: Samsung Galaxy Xcover 7 (02/24)
    Chair: Huzaro Force 4.4 Grey Mesh (05/24)
    Notifier: Xiaomi Mi Band 9 Milanese (10/24)
    2nd Monitor: AOC G2460VQ6 @75Hz (02/19)
Interesting as I was wondering the very same thing and these tweaks appear almost as soon as the OS goes live. The information must be out there somewhere... and we are very pleased it is :cool:
 

My Computer

System One

  • OS
    W11 Pro x64 24H2 Dev
    Computer type
    Laptop
    Manufacturer/Model
    Dell 7760 Mobile Precision 17"
    CPU
    Intel i5
    Motherboard
    Unknown
    Memory
    8Gb
    Graphics Card(s)
    Intel HD Graphics
    Sound Card
    Realtek
    Monitor(s) Displays
    Internal
    Hard Drives
    2 x 256Gb SSD
    PSU
    Dell 240 watt
    Mouse
    Dell Premier Bluetooth
    Internet Speed
    50Mbps
    Browser
    Edge
    Antivirus
    Default Microsoft Security
Hi there
How do hackers get into systems, CIA agents break into Russian systems / vice versa. People start probably by debugging and memory dumping everything and probably looking at 1000's of registry keys looking to see what they do or where they are used etc etc. Probaly takes them hours and hours too at cost of a lot of oher more exciting things in life to do. !!

It's not impossible but a lot of work.

I'm not sure there's one of those yellow "Idiots Guide" to hacking around but who knows what's available on the "Dark Web".

The real answer is probably echoed by "Those in the know" following the famous Hollywood line -- If I told you --I'd have to kill you.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7
geekinchief said:
I've been wondering how folks go about discovering new registry keys in Windows 11 (or 10) like, for example, the Strart_ShowClassicMode key: how did the first person who found that, find it? It's not in the registry already so did they get a tip from someone at Microsoft?

I have tried using Process Monitor, which logs all queries for Registry keys, to see if the system is querying for any interesting keys that don't exist by default, but I'm not finding anything. It doesn't even show Start_ShowClassicMode as something Windows 11 looks for, unless you have already created the key. What's the trick that the pros use to find out about these secret keys?
Click to expand...
You might be interested in the life and works of Mark Russinovich, a brilliant computer genius who discovered and revealed so much about the inner workings of Windows, that Microsoft bought his company and gave him an excellent position within the company, currently CTO of Microsoft Azure: Mark Russinovich - Wikipedia
 

My Computer

System One

  • OS
    Windows 11, update 21H2 29/06/2021 10.0.22000.51
    Computer type
    PC/Desktop
    Manufacturer/Model
    Apple iMac9,1
    CPU
    Intel(R) Core(TM)2 Duo E8435 @ 3.06GHz
    Motherboard
    Apple Inc. Mac-F2218FA9
    Memory
    8 GB DDR3
    Graphics Card(s)
    Nvidia GForce GT 130
    Sound Card
    Realtek HD audio
    Monitor(s) Displays
    Imac 2009 23"
    Screen Resolution
    1920x1200
    Hard Drives
    WDC WD1001FALS-40K1B0 SATA 1TB
    PSU
    Apple
    Case
    Aluminium (or is it Aluminum?)
    Cooling
    Fan
    Keyboard
    USB UK extended generic
    Mouse
    Novatech USB wheel optical mouse
    Internet Speed
    51.4 down 16.7 up ethernet
    Browser
    Chrome
    Antivirus
    MS Defender
    Other Info
    obtained secondhand from CEX 2018 £140
You must log in or register to reply here.

Latest Support Threads

Latest Tutorials

Back
Top Bottom