How Do Tipsters Discover Previously Unknown Registry Keys?

geekinchief

Member
Local time
4:59 PM
Posts
13
I've been wondering how folks go about discovering new registry keys in Windows 11 (or 10) like, for example, the Strart_ShowClassicMode key: how did the first person who found that, find it? It's not in the registry already so did they get a tip from someone at Microsoft?

I have tried using Process Monitor, which logs all queries for Registry keys, to see if the system is querying for any interesting keys that don't exist by default, but I'm not finding anything. It doesn't even show Start_ShowClassicMode as something Windows 11 looks for, unless you have already created the key. What's the trick that the pros use to find out about these secret keys?
 

My Computer

System One

  • Operating System
    Windows 11

iko22

Well-known member
Member
VIP
Local time
9:59 PM
Posts
381
Location
South West England
Hello geekinchief, welcome to Eleven Forums.

all it takes is someone at Microsoft to create the keys for the purpose of software development, then for someone else to publish the results. Microsoft used to publish a book called Windows Registry Guide by Jerry Honeycutt on Microsoft Press. That book is not maintained and updated. Microsoft dose not like people playing with the registry directly, as it is so error prone - better to use Group Policy, but Group Policy does not cover everything.
 

My Computer

System One

  • Operating System
    Windows 10
    CPU
    TBA
    Motherboard
    TBA

TairikuOkami

Well-known member
Member
VIP
Local time
10:59 PM
Posts
165
Location
Trnava, SK
MS documents everything so if you do not have access to it, it is only a matter of time till it leaks.
If you are part of Business or Developers, you will get access to it ASAP, otherwise you have to wait.
I watch for the latest security baseline where tweaks are posted or alternatively something like admx.

I have just updated my tweaks for the Edge 92 to automatically use HTTPS, new policies are on top.
 

My Computer

System One

  • Operating System
    Windows 11 Home
    CPU
    AMD Ryzen 5 3600 (07/19)
    Motherboard
    MSI B450 TOMAHAWK 7C02v1H6 (07/19)
    Memory
    4x 8GB ADATA XPG GAMMIX D10 DDR4 3200MHz CL16
    Graphics Card(s)
    MSI Radeon RX 580 ARMOR 8G OC (08/19)
    Sound Card
    Creative Sound Blaster Z (11/16)
    Monitor(s) Displays
    24" AOC G2460VQ6 (01/19)
    Screen Resolution
    1920×1080@75Hz + FreeSync (DisplayPort)
    Hard Drives
    ADATA XPG GAMMIX S11 Pro SSD 512GB (07/19)
    PSU
    Seasonic M12II-520 80 Plus Bronze (11/16)
    Case
    Lian Li PC-7NB + 3x Noctua NF-S12A FLX@700rpm (11/16)
    Cooling
    CPU Cooler Noctua NH-U12S@700rpm
    Keyboard
    HP Pavilion Wireless Keyboard 600 (05/21)
    Mouse
    HP Wireless Silent 280M Mouse (05/21)
    Internet Speed
    300/30 Mbps via RouterOS (05/21) + TCP Optimizer
    Browser
    Microsoft Edge
    Antivirus
    None
    Other Info
    Headphones: Sennheiser RS170 (09/10) + Software: https://tinyurl.com/7hkjyhsj

Mooly

Member
VIP
Local time
9:59 PM
Posts
62
Interesting as I was wondering the very same thing and these tweaks appear almost as soon as the OS goes live. The information must be out there somewhere... and we are very pleased it is :cool:
 

My Computer

System One

  • Operating System
    W11 Pro x64 21H2 22000.51
    Computer type
    Laptop
    Manufacturer/Model
    Dell Vostro 3750 17"
    CPU
    Early i5
    Motherboard
    Unknown
    Memory
    8Gb
    Graphics Card(s)
    Intel Graphics
    Sound Card
    Realtek
    Monitor(s) Displays
    Internal
    Hard Drives
    500Gb Crucial SSD
    Internet Speed
    50Mbps
    Browser
    Edge
    Other Info
    Legacy BIOS. No TPM

jimbo45

Well-known member
Member
VIP
Local time
8:59 PM
Posts
646
Location
Hafnarfjörður IS
Hi there
How do hackers get into systems, CIA agents break into Russian systems / vice versa. People start probably by debugging and memory dumping everything and probably looking at 1000's of registry keys looking to see what they do or where they are used etc etc. Probaly takes them hours and hours too at cost of a lot of oher more exciting things in life to do. !!

It's not impossible but a lot of work.

I'm not sure there's one of those yellow "Idiots Guide" to hacking around but who knows what's available on the "Dark Web".

The real answer is probably echoed by "Those in the know" following the famous Hollywood line -- If I told you --I'd have to kill you.

Cheers
jimbo
 

My Computer

System One

  • Operating System
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7

fafhrd

Member
VIP
Local time
9:59 PM
Posts
57
Location
Portsmouth UK
I've been wondering how folks go about discovering new registry keys in Windows 11 (or 10) like, for example, the Strart_ShowClassicMode key: how did the first person who found that, find it? It's not in the registry already so did they get a tip from someone at Microsoft?

I have tried using Process Monitor, which logs all queries for Registry keys, to see if the system is querying for any interesting keys that don't exist by default, but I'm not finding anything. It doesn't even show Start_ShowClassicMode as something Windows 11 looks for, unless you have already created the key. What's the trick that the pros use to find out about these secret keys?
You might be interested in the life and works of Mark Russinovich, a brilliant computer genius who discovered and revealed so much about the inner workings of Windows, that Microsoft bought his company and gave him an excellent position within the company, currently CTO of Microsoft Azure: Mark Russinovich - Wikipedia
 

My Computer

System One

  • Operating System
    Windows 11, update 21H2 29/06/2021 10.0.22000.51
    Computer type
    PC/Desktop
    Manufacturer/Model
    Apple iMac9,1
    CPU
    Intel(R) Core(TM)2 Duo E8435 @ 3.06GHz
    Motherboard
    Apple Inc. Mac-F2218FA9
    Memory
    8 GB DDR3
    Graphics Card(s)
    Nvidia GForce GT 130
    Sound Card
    Realtek HD audio
    Monitor(s) Displays
    Imac 2009 23"
    Screen Resolution
    1920x1200
    Hard Drives
    WDC WD1001FALS-40K1B0 SATA 1TB
    PSU
    Apple
    Case
    Aluminium (or is it Aluminum?)
    Cooling
    Fan
    Keyboard
    USB UK extended generic
    Mouse
    Novatech USB wheel optical mouse
    Internet Speed
    51.4 down 16.7 up ethernet
    Browser
    Chrome
    Antivirus
    MS Defender
    Other Info
    obtained secondhand from CEX 2018 £140
Top Bottom