diff --git a/res/rdpwrap.ini b/res/rdpwrap.ini index 5fe0c87..90f7315 100644 --- a/res/rdpwrap.ini +++ b/res/rdpwrap.ini @@ -2,7 +2,7 @@ ; Do not modify without special knowledge [Main] -Updated=2014-11-25 +Updated=2014-12-10 LogFile=\rdpwrap.txt SLPolicyHookNT60=1 SLPolicyHookNT61=1 @@ -1205,6 +1205,71 @@ SLInitHook.x64=1 SLInitOffset.x64=1EB00 SLInitFunc.x64=New_CSLQuery_Initialize +[6.4.9879.0] +; Patch CEnforcementCore::GetInstanceOfTSLicense +; .text:100A9CBB call ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *) +; .text:100A9CC0 test eax, eax +; .text:100A9CC2 js short loc_100A9CDF +; .text:100A9CC4 cmp [ebp+var_C], 0 +; .text:100A9CC8 jz short loc_100A9CDF <- jmp +LocalOnlyPatch.x86=1 +LocalOnlyOffset.x86=A9CC8 +LocalOnlyCode.x86=jmpshort +; .text:0000000180095603 call ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *) +; .text:0000000180095608 test eax, eax +; .text:000000018009560A js short loc_18009562B +; .text:000000018009560C cmp [rsp+58h+arg_18], 0 +; .text:0000000180095611 jz short loc_18009562B <- jmp +LocalOnlyPatch.x64=1 +LocalOnlyOffset.x64=95611 +LocalOnlyCode.x64=jmpshort +; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled +; .text:10030C51 lea eax, [esp+150h+VersionInformation] +; .text:10030C55 inc ebx <- nop +; .text:10030C56 mov [edi], ebx +; .text:10030C58 push eax ; lpVersionInformation +; .text:10030C59 call ds:__imp__GetVersionExW@4 ; GetVersionExW(x) +SingleUserPatch.x86=1 +SingleUserOffset.x86=30C55 +SingleUserCode.x86=nop +; .text:0000000180016A2E call memset_0 +; .text:0000000180016A33 mov ebx, 1 <- 0 +; .text:0000000180016A38 mov [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch +; .text:0000000180016A40 lea rcx, [rsp+190h+VersionInformation] ; lpVersionInformation +; .text:0000000180016A45 mov [rdi], ebx +; .text:0000000180016A47 call cs:__imp_GetVersionExW +SingleUserPatch.x64=1 +SingleUserOffset.x64=16A34 +SingleUserCode.x64=Zero +; Patch CDefPolicy::Query +; Original +; .text:1002DAB9 cmp eax, [ecx+320h] +; .text:1002DABF jz loc_1006C38A +; Changed +; .text:1002DAB9 mov eax, 100h +; .text:1002DABE mov [ecx+320h], eax +; .text:1002DAC4 nop +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=2DAB9 +DefPolicyCode.x86=CDefPolicy_Query_eax_ecx +; Original +; .text:000000018001BDC5 cmp [rcx+63Ch], eax +; .text:000000018001BDCB jz sub_180045540 +; Changed +; .text:000000018001BDC5 mov eax, 100h +; .text:000000018001BDCA mov [rcx+638h], eax +; .text:000000018001BDD0 nop +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=1BDC5 +DefPolicyCode.x64=CDefPolicy_Query_eax_rcx +; Hook CSLQuery::Initialize +SLInitHook.x86=1 +SLInitOffset.x86=41132 +SLInitFunc.x86=New_CSLQuery_Initialize +SLInitHook.x64=1 +SLInitOffset.x64=24750 +SLInitFunc.x64=New_CSLQuery_Initialize + [SLInit] bServerSku=1 bRemoteConnAllowed=1 @@ -1328,3 +1393,22 @@ bMultimonAllowed.x64 =ECBE8 bServerSku.x64 =ECBEC ulMaxDebugSessions.x64=ECBF0 bRemoteConnAllowed.x64=ECBF4 + +[6.4.9879.0-SLInit] +bFUSEnabled.x86 =C27D8 +lMaxUserSessions.x86 =C27DC +bAppServerAllowed.x86 =C27E0 +bInitialized.x86 =C27E4 +bMultimonAllowed.x86 =C27E8 +bServerSku.x86 =C27EC +ulMaxDebugSessions.x86=C27F0 +bRemoteConnAllowed.x86=C27F4 + +bFUSEnabled.x64 =EDBF0 +lMaxUserSessions.x64 =EDBF4 +bAppServerAllowed.x64 =EDBF8 +bInitialized.x64 =EDBFC +bMultimonAllowed.x64 =EDC00 +bServerSku.x64 =EDC04 +ulMaxDebugSessions.x64=EDC08 +bRemoteConnAllowed.x64=EDC0C diff --git a/src-installer/RDPWInst.dpr b/src-installer/RDPWInst.dpr index 34f402b..ed41840 100644 --- a/src-installer/RDPWInst.dpr +++ b/src-installer/RDPWInst.dpr @@ -600,6 +600,7 @@ begin Writeln('[*] Path: ', ExtractFilePath(ExpandPath(WrapPath))); Halt(0); end; + ExtractRes('config', ExtractFilePath(ExpandPath(WrapPath)) + 'rdpwrap.ini'); case Arch of 32: begin ExtractRes('rdpw32', ExpandPath(WrapPath)); @@ -617,14 +618,27 @@ end; procedure DeleteFiles; var Code: DWORD; + FullPath, Path: String; begin - if not DeleteFile(PWideChar(ExpandPath(TermServicePath))) then + FullPath := ExpandPath(TermServicePath); + Path := ExtractFilePath(FullPath); + + if not DeleteFile(PWideChar(Path + 'rdpwrap.ini')) then + begin + Code := GetLastError; + Writeln('[-] DeleteFile error (code ', Code, ').'); + Exit; + end; + Writeln('[+] Removed file: ', FullPath); + + if not DeleteFile(PWideChar(FullPath)) then begin Code := GetLastError; Writeln('[-] DeleteFile error (code ', Code, ').'); Exit; end; - Writeln('[+] Removed file: ', ExpandPath(TermServicePath)); + Writeln('[+] Removed file: ', FullPath); + if not RemoveDirectory(PWideChar(ExtractFilePath(ExpandPath(TermServicePath)))) then begin Code := GetLastError; @@ -683,11 +697,12 @@ end; procedure CheckTermsrvVersion; var SuppLvl: Byte; + VerTxt: String; begin GetFileVersion(ExpandPath(TermServicePath), FV); - Writeln('[*] Terminal Services version: ', - Format('%d.%d.%d.%d', - [FV.Version.w.Major, FV.Version.w.Minor, FV.Release, FV.Build])); + VerTxt := Format('%d.%d.%d.%d', + [FV.Version.w.Major, FV.Version.w.Minor, FV.Release, FV.Build]); + Writeln('[*] Terminal Services version: ', VerTxt); if (FV.Version.w.Major = 5) and (FV.Version.w.Minor = 1) then begin @@ -716,60 +731,11 @@ begin Writeln('[!] This version of Terminal Services may crash on logon attempt.'); Writeln('It''s recommended to upgrade to Service Pack 1 or higher.'); end; - if (FV.Release = 6000) and (FV.Build = 16386) then - SuppLvl := 2; - if (FV.Release = 6001) and (FV.Build = 18000) then - SuppLvl := 2; - if (FV.Release = 6002) and (FV.Build = 18005) then - SuppLvl := 2; - if (FV.Release = 6002) and (FV.Build = 19214) then - SuppLvl := 2; - if (FV.Release = 6002) and (FV.Build = 23521) then - SuppLvl := 2; end; - if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then begin + if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 1) then SuppLvl := 1; - if (FV.Release = 7600) and (FV.Build = 16385) then - SuppLvl := 2; - if (FV.Release = 7601) and (FV.Build = 17514) then - SuppLvl := 2; - if (FV.Release = 7601) and (FV.Build = 18540) then - SuppLvl := 2; - if (FV.Release = 7601) and (FV.Build = 22750) then - SuppLvl := 2; - if (FV.Release = 7601) and (FV.Build = 18637) then - SuppLvl := 2; - if (FV.Release = 7601) and (FV.Build = 22843) then - SuppLvl := 2; - end; - if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 2) then begin - if (FV.Release = 8102) and (FV.Build = 0) then - SuppLvl := 2; - if (FV.Release = 8250) and (FV.Build = 0) then - SuppLvl := 2; - if (FV.Release = 8400) and (FV.Build = 0) then - SuppLvl := 2; - if (FV.Release = 9200) and (FV.Build = 16384) then - SuppLvl := 2; - if (FV.Release = 9200) and (FV.Build = 17048) then - SuppLvl := 2; - if (FV.Release = 9200) and (FV.Build = 21166) then - SuppLvl := 2; - end; - if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 3) then begin - if (FV.Release = 9431) and (FV.Build = 0) then - SuppLvl := 2; - if (FV.Release = 9600) and (FV.Build = 16384) then - SuppLvl := 2; - if (FV.Release = 9600) and (FV.Build = 17095) then - SuppLvl := 2; - end; - if (FV.Version.w.Major = 6) and (FV.Version.w.Minor = 4) then begin - if (FV.Release = 9841) and (FV.Build = 0) then - SuppLvl := 2; - if (FV.Release = 9860) and (FV.Build = 0) then - SuppLvl := 2; - end; + if Pos('[' + VerTxt + ']', ExtractResText('config')) > 0 then + SuppLvl := 2; case SuppLvl of 0: begin Writeln('[-] This version of Terminal Services is not supported.'); @@ -915,7 +881,7 @@ end; var I: Integer; begin - Writeln('RDP Wrapper Library v1.4'); + Writeln('RDP Wrapper Library v1.5'); Writeln('Installer v2.2'); Writeln('Copyright (C) Stas''M Corp. 2014'); Writeln(''); @@ -941,7 +907,7 @@ begin if ParamStr(1) = '-l' then begin - Writeln(ExtractResText('LICENSE')); + Writeln(ExtractResText('license')); Exit; end; diff --git a/src-installer/RDPWInstResource.rc b/src-installer/RDPWInstResource.rc deleted file mode 100644 index a0a5a20..0000000 --- a/src-installer/RDPWInstResource.rc +++ /dev/null @@ -1,4 +0,0 @@ -rdpclip64 RCData "..\\rdpclip-x64.exe" -rdpclip32 RCData "..\\rdpclip-x86.exe" -rdpw32 RCData "..\\v1.2-x86-binarymaster\\rdpwrap.dll" -rdpw64 RCData "..\\v1.2-x86-x64-Fusix\\rdpw64.dll" diff --git a/src-installer/resource.res b/src-installer/resource.res index 5f44448..560f5f6 100644 Binary files a/src-installer/resource.res and b/src-installer/resource.res differ diff --git a/technical.txt b/technical.txt index 5f11588..12286bc 100644 --- a/technical.txt +++ b/technical.txt @@ -35,16 +35,21 @@ Terminal Services supported versions 6.3.9431.0 (Windows 8.1 Preview) [init hook + extended patch] 6.3.9600.16384 (Windows 8.1) [init hook + extended patch] 6.3.9600.17095 (Windows 8.1 with KB2959626) [init hook + extended patch] -6.3.9600.17415 (Windows 8.1 with KB3000850) [init hook + extended patch ~ requires INI support] +6.3.9600.17415 (Windows 8.1 with KB3000850) [init hook + extended patch] 6.4.9841.0 (Windows 10 Technical Preview) [init hook + extended patch] 6.4.9860.0 (Windows 10 Technical Preview Update 1) [init hook + extended patch] -6.4.9879.0 (Windows 10 Technical Preview Update 2) [!todo] +6.4.9879.0 (Windows 10 Technical Preview Update 2) [init hook + extended patch] Known failures 6.0.6000.16386 (Windows Vista RTM x86, crashes on logon attempt) Source code changelog (rdpwrap library): +2014.12.10 : +- C++ version seems to work well now! +- added support for termsrv.dll 6.4.9879.0 +- preparing the new release + 2014.12.09 : - many bug fixes in C++ version, you can track it in the git history :) - it can be compiled now :D