From 086183ba3d99890259bc96e87cfc71168d9b5067 Mon Sep 17 00:00:00 2001 From: NULL Date: Thu, 20 Sep 2018 00:37:46 +0200 Subject: [PATCH] Update rdpwrap-ini-kb.txt --- res/rdpwrap-ini-kb.txt | 188 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 187 insertions(+), 1 deletion(-) diff --git a/res/rdpwrap-ini-kb.txt b/res/rdpwrap-ini-kb.txt index 4f9c24f..06bdb0f 100644 --- a/res/rdpwrap-ini-kb.txt +++ b/res/rdpwrap-ini-kb.txt @@ -1,6 +1,6 @@ [Main] ; Last updated date -Updated=2018-05-16 +Updated=2018-09-10 ; Address to log file (RDP Wrapper will write it, if exists) LogFile=\rdpwrap.txt ; Hook SLPolicy API on Windows NT 6.0 @@ -343,6 +343,34 @@ DefPolicyPatch.x64=1 DefPolicyOffset.x64=17AD2 DefPolicyCode.x64=CDefPolicy_Query_eax_rdi +[6.1.7600.20890] +SingleUserPatch.x86=1 +SingleUserOffset.x86=19E2D +SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=17DF2 +SingleUserCode.x64=Zero +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=196FB +DefPolicyCode.x86=CDefPolicy_Query_eax_esi +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=17B0E +DefPolicyCode.x64=CDefPolicy_Query_eax_rdi + +[6.1.7600.21316] +SingleUserPatch.x86=1 +SingleUserOffset.x86=19E2D +SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=17E3E +SingleUserCode.x64=Zero +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=196FB +DefPolicyCode.x86=CDefPolicy_Query_eax_esi +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=17B5E +DefPolicyCode.x64=CDefPolicy_Query_eax_rdi + [6.1.7601.17514] ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled ; Imagebase: 6F2E0000 @@ -386,6 +414,48 @@ DefPolicyPatch.x64=1 DefPolicyOffset.x64=17D8A DefPolicyCode.x64=CDefPolicy_Query_eax_rdi +[6.1.7601.21650] +SingleUserPatch.x86=1 +SingleUserOffset.x86=1A49D +SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=180BE +SingleUserCode.x64=Zero +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=19D53 +DefPolicyCode.x86=CDefPolicy_Query_eax_esi +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=17D5A +DefPolicyCode.x64=CDefPolicy_Query_eax_rdi + +[6.1.7601.21866] +SingleUserPatch.x86=1 +SingleUserOffset.x86=1A49D +SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=180BE +SingleUserCode.x64=Zero +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=19D53 +DefPolicyCode.x86=CDefPolicy_Query_eax_esi +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=17D5A +DefPolicyCode.x64=CDefPolicy_Query_eax_rdi + +[6.1.7601.22104] +SingleUserPatch.x86=1 +SingleUserOffset.x86=1A49D +SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=180C6 +SingleUserCode.x64=Zero +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=19D53 +DefPolicyCode.x86=CDefPolicy_Query_eax_esi +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=17D5E +DefPolicyCode.x64=CDefPolicy_Query_eax_rdi + [6.1.7601.18540] ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled ; Imagebase: 6F2E0000 @@ -1216,6 +1286,32 @@ SLInitHook.x64=1 SLInitOffset.x64=5D830 SLInitFunc.x64=New_CSLQuery_Initialize +[6.3.9600.19093] +LocalOnlyPatch.x86=1 +LocalOnlyOffset.x86=B3958 +LocalOnlyCode.x86=jmpshort +LocalOnlyPatch.x64=1 +LocalOnlyOffset.x64=8AE4E +LocalOnlyCode.x64=nopjmp +SingleUserPatch.x86=1 +SingleUserOffset.x86=3F045 +SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=36BC9 +SingleUserCode.x64=Zero +DefPolicyPatch.x86=1 +DefPolicyOffset.x86=3D899 +DefPolicyCode.x86=CDefPolicy_Query_eax_ecx +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=45305 +DefPolicyCode.x64=CDefPolicy_Query_eax_rcx +SLInitHook.x86=1 +SLInitOffset.x86=18288 +SLInitFunc.x86=New_CSLQuery_Initialize +SLInitHook.x64=1 +SLInitOffset.x64=5D660 +SLInitFunc.x64=New_CSLQuery_Initialize + [6.4.9841.0] ; Patch CEnforcementCore::GetInstanceOfTSLicense ; .text:1009569B call sub_100B7EE5 @@ -2203,18 +2299,30 @@ SLInitFunc.x64=New_CSLQuery_Initialize LocalOnlyPatch.x86=1 LocalOnlyOffset.x86=A6088 LocalOnlyCode.x86=jmpshort +LocalOnlyPatch.x64=1 +LocalOnlyOffset.x64=8D781 +LocalOnlyCode.x64=jmpshort ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled SingleUserPatch.x86=1 SingleUserOffset.x86=359C5 SingleUserCode.x86=nop +SingleUserPatch.x64=1 +SingleUserOffset.x64=299A4 +SingleUserCode.x64=Zero ; Patch CDefPolicy::Query DefPolicyPatch.x86=1 DefPolicyOffset.x86=2FF29 DefPolicyCode.x86=CDefPolicy_Query_eax_ecx +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=1AFC5 +DefPolicyCode.x64=CDefPolicy_Query_eax_rcx ; Hook CSLQuery::Initialize SLInitHook.x86=1 SLInitOffset.x86=45636 SLInitFunc.x86=New_CSLQuery_Initialize +SLInitHook.x64=1 +SLInitOffset.x64=C930 +SLInitFunc.x64=New_CSLQuery_Initialize [10.0.14393.1737] ; Patch CEnforcementCore::GetInstanceOfTSLicense @@ -2246,6 +2354,20 @@ SLInitHook.x64=1 SLInitOffset.x64=C930 SLInitFunc.x64=New_CSLQuery_Initialize +[10.0.14393.2457] +LocalOnlyPatch.x64=1 +LocalOnlyOffset.x64=8D781 +LocalOnlyCode.x64=jmpshort +SingleUserPatch.x64=1 +SingleUserOffset.x64=2A3D4 +SingleUserCode.x64=Zero +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=1B545 +DefPolicyCode.x64=CDefPolicy_Query_eax_rcx +SLInitHook.x64=1 +SLInitOffset.x64=C920 +SLInitFunc.x64=New_CSLQuery_Initialize + [10.0.14901.1000] ; Patch CEnforcementCore::GetInstanceOfTSLicense LocalOnlyPatch.x86=1 @@ -3092,6 +3214,21 @@ SLInitHook.x64=1 SLInitOffset.x64=D1EC SLInitFunc.x64=New_CSLQuery_Initialize +[10.0.15063.1155] +; no x86 version +LocalOnlyPatch.x64=1 +LocalOnlyOffset.x64=8CB01 +LocalOnlyCode.x64=jmpshort +SingleUserPatch.x64=1 +SingleUserOffset.x64=15EA4 +SingleUserCode.x64=Zero +DefPolicyPatch.x64=1 +DefPolicyOffset.x64=FAE5 +DefPolicyCode.x64=CDefPolicy_Query_eax_rcx +SLInitHook.x64=1 +SLInitOffset.x64=234DC +SLInitFunc.x64=New_CSLQuery_Initialize + [10.0.16179.1000] ; Patch CEnforcementCore::GetInstanceOfTSLicense LocalOnlyPatch.x86=1 @@ -4248,6 +4385,25 @@ bServerSku.x64 =FA068 ulMaxDebugSessions.x64=FA06C bRemoteConnAllowed.x64=FA070 +[6.3.9600.19093-SLInit] +bFUSEnabled.x86 =D3068 +lMaxUserSessions.x86 =D306C +bAppServerAllowed.x86 =D3070 +bInitialized.x86 =D3074 +bMultimonAllowed.x86 =D3078 +bServerSku.x86 =D307C +ulMaxDebugSessions.x86=D3080 +bRemoteConnAllowed.x86=D3084 + +bFUSEnabled.x64 =FA054 +lMaxUserSessions.x64 =FA058 +bAppServerAllowed.x64 =FA05C +bInitialized.x64 =FA060 +bMultimonAllowed.x64 =FA064 +bServerSku.x64 =FA068 +ulMaxDebugSessions.x64=FA06C +bRemoteConnAllowed.x64=FA070 + [6.4.9841.0-SLInit] bFUSEnabled.x86 =BF9F0 lMaxUserSessions.x86 =BF9F4 @@ -4782,6 +4938,15 @@ bMultimonAllowed.x86 =C1F80 ulMaxDebugSessions.x86=C1F84 bFUSEnabled.x86 =C1F88 +bServerSku.x64 =E73D0 +lMaxUserSessions.x64 =E73D4 +bAppServerAllowed.x64 =E73D8 +bInitialized.x64 =E8470 +bRemoteConnAllowed.x64=E8474 +bMultimonAllowed.x64 =E8478 +ulMaxDebugSessions.x64=E847C +bFUSEnabled.x64 =E8480 + [10.0.14393.1737-SLInit] bInitialized.x86 =C1F6C bServerSku.x86 =C1F70 @@ -4801,6 +4966,16 @@ bMultimonAllowed.x64 =E8478 ulMaxDebugSessions.x64=E847C bFUSEnabled.x64 =E8480 +[10.0.14393.2457-SLInit] +bServerSku.x64 =E73D0 +lMaxUserSessions.x64 =E73D4 +bAppServerAllowed.x64 =E73D8 +bInitialized.x64 =E8470 +bRemoteConnAllowed.x64=E8474 +bMultimonAllowed.x64 =E8478 +ulMaxDebugSessions.x64=E847C +bFUSEnabled.x64 =E8480 + [10.0.14901.1000-SLInit] bInitialized.x86 =C1F6C bServerSku.x86 =C1F70 @@ -5334,6 +5509,17 @@ bServerSku.x64 =E9484 lMaxUserSessions.x64 =E9488 bAppServerAllowed.x64 =E948C +[10.0.15063.1155-SLInit] +; no x86 version +bInitialized.x64 =E9468 +bRemoteConnAllowed.x64=E946C +bMultimonAllowed.x64 =E9470 +ulMaxDebugSessions.x64=E9474 +bFUSEnabled.x64 =E9478 +bServerSku.x64 =E9484 +lMaxUserSessions.x64 =E9488 +bAppServerAllowed.x64 =E948C + [10.0.16179.1000-SLInit] bInitialized.x86 =C7F6C bServerSku.x86 =C7F70