regshell only goes to HKEY_CLASSES_ROOT

[TopCom 900]

Hi all,

I've compiled samba 4 from branches and it worked like a charm.

I'm trying to use regshell to read (remotely) the following Windows registry
key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

I can connect to the remote machine with no problems:

./regshell --remote=192.168.50.142 --user=Administrador%xxx
HKEY_CLASSES_ROOT>


HKEY_CLASSES_ROOT> info
Name: HKEY_CLASSES_ROOT
Full path: HKEY_CLASSES_ROOT
Time Last Modified: Wed Dec 31 19:00:00 1969

Number of subkeys: 2943
Number of values: 0
Maximum sub key name length: 140
Error getting security descriptor

I can also see the keys under HKEY_CLASSES_ROOT

HKEY_CLASSES_ROOT> list
<snip>
K System.Collections.CaseInsensitiveComparer
K System.Collections.CaseInsensitiveHashCodeProvider
K System.Collections.Hashtable
K System.Collections.Queue
K System.Collections.SortedList
K System.Collections.Stack
K System.ContextMarshalException

<snip>

Problem is when I want to go to another key, in this case I want to read, as
I said before,
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_CLASSES_ROOT> predef
HKEY_LOCAL_MACHINE
HKEY_CLASSES_ROOT> pwd
HKEY_CLASSES_ROOT

There is no way I can read the value of
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall, I've
tried loads of combinations, even escaping the "\"

Am I missing something? How can I read that key or at least move from
HKEY_CLASSES_ROOT key, which is the one I can only see.


Thank you in advance.

T