Peeking inside Windows Phone 8 registry

Windows Phone 8 lacks, unfortunately, a bunch of tools – including something that would show you logs or registry. This limits your ability to see what is really going on in the phone. Forums like Windows Phone 8 Development and Hacking show you how to mount ffu or describe partition layout – that helps.

So to aid you a bit see below for a way to read registry from a WP8 emulator

  1. Launch WP8 emulator and do whatever you want to check later (for example enroll the phone with Intune)
  2. While the emulator is running, copy %userprofile%\AppData\Local\Microsoft\XDE\*.avhd to another folder, for example on your Desktop (that folder should contain a single .avhd file). Why do you want to do it while the emulator is running? The reason is .avhd is not merged back into emulator’s disk when you shut it down. Every time you shut down the emulator it essentially resets all settings and forgets whatever you did in the previous session. There should be a way around this – by running XDE.exe manually – but since that stopped working on my system recently, I won’t consider it a working alternative.
  3. Rename .avhd to .vhd
  4. Right-click on the .vhd and mount the disk
  5. Your system now should have couple new drives mounted (WP8 partitions) – we’re looking for the one with \Windows\System32\config\SOFTWARE (my case it was G drive)
  6. Copy the entire \Windows\System32\config folder somewhere else, for example to your Desktop
  7. Clean file attributes (read-only, archive, system) on all files in this folder
  8. Mount SOFTWARE hive using regedit (http://www.petri.co.il/edit_registry_settings_for_users_other_than_myself.htm)
  9. Profit!

So what’s interesting there?

  • Looks like there are FM radio-related keys – so was Microsoft preparing to support it?
  • The MDM related stuff:
    • \Microsoft\Enrollment – phone enrollment information
    • \Microsoft\Enrollment\OmaDmRetry – OMA DM protocol settings
    • \Microsoft\EnterpriseAppManagement\Database\Tbl_EnrollmentToken – Application Enrollment Token (AET) information
    • \Microsoft\EnterpriseAppManagement\Database\Tbl_XAPRequest – Company Hub/Enterprise App information – including whether the download was successful and what was the error if it failed
    • \Microsoft\Provisioning – this is the goldmine, for example a list of supported CSPs, including hints that there is much more supported than what the official documentation mentions, like “BrowserFavorite” or “HotSpot”… both were there in Windows Mobile Oma

This post is also available in: English polski

Leave a Reply

Your email address will not be published.