Compare commits

..

13 Commits

Author SHA1 Message Date
Kevin Smyth a5c64a4331 IniFile: don't lose last character if the file doesn't end with \r\n 2018-12-20 18:50:35 +03:00
Stas'M 326551985f
INI: Add support for new builds (fix #586)
- 6.1.7601.24234 x86
2018-10-10 15:57:37 +03:00
Stas'M 2eef50f254
INI: Add support for new builds (#542)
10.0.14393.2457 x86
2018-10-05 01:45:44 +03:00
Stas'M dc3b07f1fe
README: Add Telegram chat link 2018-10-04 15:31:04 +03:00
Stas'M 0c76513a27
INI: Add support for new builds
- 6.1.7601.24234 (fix #572)
- 10.0.15063.994 (fix #455)
- 10.0.17723.1000 (fix #537)
- 10.0.17763.1 (fix #578)
2018-10-03 23:59:34 +03:00
NULL b3e1c77321 INI: Add support for new builds (#568)
- 6.1.7600.20890 (fix #563)
- 6.1.7600.21316 (fix #564)
- 6.1.7601.21650 (fix #565)
- 6.1.7601.21866 (fix #566)
- 6.1.7601.22104 (fix #567)
- 6.3.9600.19093 (fix #549)
- 10.0.14393.2457 (fix #542)
- 10.0.15063.1155 (fix #506)
2018-10-03 21:47:48 +03:00
Stas'M 65b19543f4 INI: Add support for new builds
10.0.17115.1 (fix #424)
2018-05-16 19:26:57 +03:00
Stas'M 9b2a50bfb8 INI: Fix bug in DefPolicy patch (fix #486) 2018-05-16 18:55:16 +03:00
Stas'M 2df3a74958 Installer: Grant access to system and services (fix #391) 2018-05-16 17:14:17 +03:00
Stas'M 560c5a7b45 INI: Add support for new builds
10.0.17128.1
10.0.17133.1 (fix #442)
10.0.17134.1 (fix #456)
2018-05-16 12:40:21 +03:00
1nd1g0 7dc8817de9 INI: Add support for new builds
6.3.9600.18928 (fix #418)
2018-05-16 09:59:55 +03:00
Jim Yang 56915ccf5b Allow UDP 3389 at firewall configuration 2018-04-15 13:54:26 +03:00
Stanislav Motylkov a3cd8ca630
README: Update changelog for v1.6.2 2017-12-28 00:04:36 +03:00
8 changed files with 1255 additions and 31 deletions

View File

@ -1,5 +1,6 @@
# RDP Wrapper Library by Stas'M # RDP Wrapper Library by Stas'M
[![Telegram](https://img.shields.io/badge/chat-Telegram-blue.svg)](https://t.me/rdpwrap)
![Environment](https://img.shields.io/badge/Windows-Vista,%207,%208,%2010-brightgreen.svg) ![Environment](https://img.shields.io/badge/Windows-Vista,%207,%208,%2010-brightgreen.svg)
[![Release](https://img.shields.io/github/release/stascorp/rdpwrap.svg)](https://github.com/stascorp/rdpwrap/releases) [![Release](https://img.shields.io/github/release/stascorp/rdpwrap.svg)](https://github.com/stascorp/rdpwrap/releases)
![License](https://img.shields.io/github/license/stascorp/rdpwrap.svg) ![License](https://img.shields.io/github/license/stascorp/rdpwrap.svg)
@ -88,6 +89,8 @@ It's recommended to have original termsrv.dll file with the RDP Wrapper installa
### Links: ### Links:
- Official GitHub repository: - Official GitHub repository:
<br>https://github.com/stascorp/rdpwrap/ <br>https://github.com/stascorp/rdpwrap/
- Official Telegram chat:
<br>https://t.me/rdpwrap
- Active discussion in the comments here: - Active discussion in the comments here:
<br>[Enable remote desktop on Windows 8 core / basic - Andrew Block .net][andrewblock] <br>[Enable remote desktop on Windows 8 core / basic - Andrew Block .net][andrewblock]
- MDL Projects and Applications thread here: - MDL Projects and Applications thread here:
@ -165,6 +168,17 @@ Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check wh
### Change log: ### Change log:
#### 2017.12.27
- Version 1.6.2
- Installer updated
- Include updated INI file for latest Windows builds
- Added check for supported Windows versions ([#155](https://github.com/stascorp/rdpwrap/issues/155))
- Added feature to take INI file from current directory ([#300](https://github.com/stascorp/rdpwrap/issues/300))
- Added feature to restore rfxvmt.dll (missing in Windows 10 Home [#194](https://github.com/stascorp/rdpwrap/issues/194))
- RDP Config updated
- Added feature to allow custom start programs ([#13 (comment)](https://github.com/stascorp/rdpwrap/issues/13#issuecomment-77651843))
- MSI installation package added ([#14](https://github.com/stascorp/rdpwrap/issues/14))
#### 2016.08.01 #### 2016.08.01
- Version 1.6.1 - Version 1.6.1
- Include updated INI file for latest Windows builds - Include updated INI file for latest Windows builds
@ -271,12 +285,18 @@ Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check wh
- 6.0.6002.23521 (Windows Vista SP2 with KB3003743 LDR) - 6.0.6002.23521 (Windows Vista SP2 with KB3003743 LDR)
- 6.1.X.X (Windows 7 / Server 2008 R2) - 6.1.X.X (Windows 7 / Server 2008 R2)
- 6.1.7600.16385 (Windows 7) - 6.1.7600.16385 (Windows 7)
- 6.1.7600.20890 (Windows 7 with KB2479710)
- 6.1.7600.21316 (Windows 7 with KB2750090)
- 6.1.7601.17514 (Windows 7 SP1) - 6.1.7601.17514 (Windows 7 SP1)
- 6.1.7601.21650 (Windows 7 SP1 with KB2479710)
- 6.1.7601.21866 (Windows 7 SP1 with KB2647409)
- 6.1.7601.22104 (Windows 7 SP1 with KB2750090)
- 6.1.7601.18540 (Windows 7 SP1 with KB2984972 GDR) - 6.1.7601.18540 (Windows 7 SP1 with KB2984972 GDR)
- 6.1.7601.22750 (Windows 7 SP1 with KB2984972 LDR) - 6.1.7601.22750 (Windows 7 SP1 with KB2984972 LDR)
- 6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR) - 6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR)
- 6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR) - 6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR)
- 6.1.7601.23403 (Windows 7 SP1 with KB3125574) - 6.1.7601.23403 (Windows 7 SP1 with KB3125574)
- 6.1.7601.24234 (Windows 7 SP1 with KB4462923)
- 6.2.8102.0 (Windows 8 Developer Preview) - 6.2.8102.0 (Windows 8 Developer Preview)
- 6.2.8250.0 (Windows 8 Consumer Preview) - 6.2.8250.0 (Windows 8 Consumer Preview)
- 6.2.8400.0 (Windows 8 Release Preview) - 6.2.8400.0 (Windows 8 Release Preview)
@ -289,6 +309,8 @@ Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check wh
- 6.3.9600.17415 (Windows 8.1 with KB3000850) - 6.3.9600.17415 (Windows 8.1 with KB3000850)
- 6.3.9600.18692 (Windows 8.1 with KB4022720) - 6.3.9600.18692 (Windows 8.1 with KB4022720)
- 6.3.9600.18708 (Windows 8.1 with KB4025335) - 6.3.9600.18708 (Windows 8.1 with KB4025335)
- 6.3.9600.18928 (Windows 8.1 with KB4088876)
- 6.3.9600.19093 (Windows 8.1 with KB4343891)
- 6.4.9841.0 (Windows 10 Technical Preview) - 6.4.9841.0 (Windows 10 Technical Preview)
- 6.4.9860.0 (Windows 10 Technical Preview Update 1) - 6.4.9860.0 (Windows 10 Technical Preview Update 1)
- 6.4.9879.0 (Windows 10 Technical Preview Update 2) - 6.4.9879.0 (Windows 10 Technical Preview Update 2)
@ -319,6 +341,7 @@ Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check wh
- 10.0.14393.0 (Windows 10 RS1 Release 160715-1616) - 10.0.14393.0 (Windows 10 RS1 Release 160715-1616)
- 10.0.14393.1198 (Windows 10 RS1 Release Sec 170427-1353 with KB4019472) - 10.0.14393.1198 (Windows 10 RS1 Release Sec 170427-1353 with KB4019472)
- 10.0.14393.1737 (Windows 10 RS1 Release Inmarket 170914-1249 with KB4041691) - 10.0.14393.1737 (Windows 10 RS1 Release Inmarket 170914-1249 with KB4041691)
- 10.0.14393.2457 (Windows 10 RS1 Release Inmarket 180822-1743 with KB4343884)
- 10.0.14901.1000 (Windows 10 RS Pre-Release 160805-1700) - 10.0.14901.1000 (Windows 10 RS Pre-Release 160805-1700)
- 10.0.14905.1000 (Windows 10 RS Pre-Release 160811-1739) - 10.0.14905.1000 (Windows 10 RS Pre-Release 160811-1739)
- 10.0.14915.1000 (Windows 10 RS Pre-Release 160826-1902) - 10.0.14915.1000 (Windows 10 RS Pre-Release 160826-1902)
@ -348,6 +371,8 @@ Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check wh
- 10.0.15061.0 (Windows 10 Build 160101.0800) - 10.0.15061.0 (Windows 10 Build 160101.0800)
- 10.0.15063.0 (Windows 10 Build 160101.0800) - 10.0.15063.0 (Windows 10 Build 160101.0800)
- 10.0.15063.296 (Windows 10 Build 160101.0800) - 10.0.15063.296 (Windows 10 Build 160101.0800)
- 10.0.15063.994 (Windows 10 Build 160101.0800)
- 10.0.15063.1155 (Windows 10 Build 160101.0800)
- 10.0.16179.1000 (Windows 10 Build 160101.0800) - 10.0.16179.1000 (Windows 10 Build 160101.0800)
- 10.0.16184.1001 (Windows 10 Build 160101.0800) - 10.0.16184.1001 (Windows 10 Build 160101.0800)
- 10.0.16199.1000 (Windows 10 Build 160101.0800) - 10.0.16199.1000 (Windows 10 Build 160101.0800)
@ -377,6 +402,12 @@ Visit [issues](https://github.com/stascorp/rdpwrap/issues) section, and check wh
- 10.0.17035.1000 (Windows 10 Build 160101.0800) - 10.0.17035.1000 (Windows 10 Build 160101.0800)
- 10.0.17046.1000 (Windows 10 Build 160101.0800) - 10.0.17046.1000 (Windows 10 Build 160101.0800)
- 10.0.17063.1000 (Windows 10 Build 160101.0800) - 10.0.17063.1000 (Windows 10 Build 160101.0800)
- 10.0.17115.1 (Windows 10 Build 160101.0800)
- 10.0.17128.1 (Windows 10 Build 160101.0800)
- 10.0.17133.1 (Windows 10 Build 160101.0800)
- 10.0.17134.1 (Windows 10 Build 160101.0800)
- 10.0.17723.1000 (Windows 10 Build 160101.0800)
- 10.0.17763.1 (Windows 10 Build 160101.0800)
#### Confirmed working on: #### Confirmed working on:
- Windows Vista Starter (x86 - Service Pack 1 and higher) - Windows Vista Starter (x86 - Service Pack 1 and higher)

View File

@ -50,6 +50,7 @@ if not !errorlevel!==0 (
echo [*] Setting firewall configuration... echo [*] Setting firewall configuration...
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow
netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=udp localport=3389 profile=any action=allow
echo [*] Looking for TermService PID... echo [*] Looking for TermService PID...
tasklist /SVC /FI "SERVICES eq TermService" | find "PID" /V tasklist /SVC /FI "SERVICES eq TermService" | find "PID" /V
echo. echo.
@ -88,4 +89,4 @@ echo net start Service2
echo etc. echo etc.
goto END goto END
:END :END

View File

@ -1,6 +1,6 @@
[Main] [Main]
; Last updated date ; Last updated date
Updated=2017-12-27 Updated=2018-10-10
; Address to log file (RDP Wrapper will write it, if exists) ; Address to log file (RDP Wrapper will write it, if exists)
LogFile=\rdpwrap.txt LogFile=\rdpwrap.txt
; Hook SLPolicy API on Windows NT 6.0 ; Hook SLPolicy API on Windows NT 6.0
@ -53,6 +53,7 @@ CDefPolicy_Query_eax_rdi=B80001000089873806000090
CDefPolicy_Query_eax_ecx=B80001000089812003000090 CDefPolicy_Query_eax_ecx=B80001000089812003000090
CDefPolicy_Query_eax_ecx_jmp=B800010000898120030000EB0E CDefPolicy_Query_eax_ecx_jmp=B800010000898120030000EB0E
CDefPolicy_Query_eax_rcx=B80001000089813806000090 CDefPolicy_Query_eax_rcx=B80001000089813806000090
CDefPolicy_Query_edi_rcx=BF0001000089B938060000909090
[6.0.6000.16386] [6.0.6000.16386]
; HOW TO search CSessionArbitrationHelper::IsSingleSessionPerUserEnabled function in IDA Pro: ; HOW TO search CSessionArbitrationHelper::IsSingleSessionPerUserEnabled function in IDA Pro:
@ -342,6 +343,38 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17AD2 DefPolicyOffset.x64=17AD2
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7600.20890]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=19E2D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17DF2
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=196FB
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17B0E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7600.21316]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=19E2D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17E3E
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=196FB
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17B5E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.17514] [6.1.7601.17514]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
; Imagebase: 6F2E0000 ; Imagebase: 6F2E0000
@ -514,6 +547,54 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17DC6 DefPolicyOffset.x64=17DC6
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.21650]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=180BE
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19D53
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D5A
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.21866]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=180BE
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19D53
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D5A
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.22104]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=180C6
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19D53
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D5E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.22843] [6.1.7601.22843]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
; Imagebase: 6F2E0000 ; Imagebase: 6F2E0000
@ -573,6 +654,22 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17CE2 DefPolicyOffset.x64=17CE2
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.24234]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=1A675
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17F56
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19E41
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D2E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.2.8102.0] [6.2.8102.0]
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
; .text:1000F7E5 lea eax, [esp+150h+VersionInformation] ; .text:1000F7E5 lea eax, [esp+150h+VersionInformation]
@ -1185,6 +1282,66 @@ SLInitHook.x64=1
SLInitOffset.x64=5DB70 SLInitOffset.x64=5DB70
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[6.3.9600.18928]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=B39D8
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8B25D
LocalOnlyCode.x64=nopjmp
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=37D25
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=36C09
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=3D6F9
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=45495
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=18328
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=5D830
SLInitFunc.x64=New_CSLQuery_Initialize
[6.3.9600.19093]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=B3958
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8AE4E
LocalOnlyCode.x64=nopjmp
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=3F045
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=36BC9
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=3D899
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=45305
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=18288
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=5D660
SLInitFunc.x64=New_CSLQuery_Initialize
[6.4.9841.0] [6.4.9841.0]
; Patch CEnforcementCore::GetInstanceOfTSLicense ; Patch CEnforcementCore::GetInstanceOfTSLicense
; .text:1009569B call sub_100B7EE5 ; .text:1009569B call sub_100B7EE5
@ -2215,6 +2372,36 @@ SLInitHook.x64=1
SLInitOffset.x64=C930 SLInitOffset.x64=C930
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.14393.2457]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=A6248
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8D811
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=36CE5
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=29CF4
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=31209
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=1B545
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=45824
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=C920
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.14901.1000] [10.0.14901.1000]
; Patch CEnforcementCore::GetInstanceOfTSLicense ; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1 LocalOnlyPatch.x86=1
@ -3061,6 +3248,42 @@ SLInitHook.x64=1
SLInitOffset.x64=D1EC SLInitOffset.x64=D1EC
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.15063.994]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8CB01
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x64=1
SingleUserOffset.x64=15EA4
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x64=1
DefPolicyOffset.x64=FAE5
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x64=1
SLInitOffset.x64=234DC
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.15063.1155]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8CB01
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x64=1
SingleUserOffset.x64=15EA4
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x64=1
DefPolicyOffset.x64=FAE5
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x64=1
SLInitOffset.x64=234DC
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.16179.1000] [10.0.16179.1000]
; Patch CEnforcementCore::GetInstanceOfTSLicense ; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1 LocalOnlyPatch.x86=1
@ -3931,6 +4154,174 @@ SLInitHook.x64=1
SLInitOffset.x64=2318C SLInitOffset.x64=2318C
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17115.1]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17128.1]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17133.1]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17134.1]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17723.1000]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=75D91
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelperMgr::IsSingleSessionPerUserEnabled
SingleUserPatch.x64=1
SingleUserOffset.x64=1296C
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17A45
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x64=1
SLInitOffset.x64=1B10C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17763.1]
; Patch CEnforcementCore::GetInstanceOfTSLicense
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AF8E4
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=77941
LocalOnlyCode.x64=jmpshort
; Patch CSessionArbitrationHelperMgr::IsSingleSessionPerUserEnabled
SingleUserPatch.x86=1
SingleUserOffset.x86=4D505
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1322C
SingleUserCode.x64=Zero
; Patch CDefPolicy::Query
DefPolicyPatch.x86=1
DefPolicyOffset.x86=4BD09
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17F45
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
; Hook CSLQuery::Initialize
SLInitHook.x86=1
SLInitOffset.x86=5B02A
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=1ABFC
SLInitFunc.x64=New_CSLQuery_Initialize
[SLInit] [SLInit]
; Is server ; Is server
bServerSku=1 bServerSku=1
@ -4078,6 +4469,44 @@ bServerSku.x64 =FA068
ulMaxDebugSessions.x64=FA06C ulMaxDebugSessions.x64=FA06C
bRemoteConnAllowed.x64=FA070 bRemoteConnAllowed.x64=FA070
[6.3.9600.18928-SLInit]
bFUSEnabled.x86 =D3068
lMaxUserSessions.x86 =D306C
bAppServerAllowed.x86 =D3070
bInitialized.x86 =D3074
bMultimonAllowed.x86 =D3078
bServerSku.x86 =D307C
ulMaxDebugSessions.x86=D3080
bRemoteConnAllowed.x86=D3084
bFUSEnabled.x64 =FA054
lMaxUserSessions.x64 =FA058
bAppServerAllowed.x64 =FA05C
bInitialized.x64 =FA060
bMultimonAllowed.x64 =FA064
bServerSku.x64 =FA068
ulMaxDebugSessions.x64=FA06C
bRemoteConnAllowed.x64=FA070
[6.3.9600.19093-SLInit]
bFUSEnabled.x86 =D3068
lMaxUserSessions.x86 =D306C
bAppServerAllowed.x86 =D3070
bInitialized.x86 =D3074
bMultimonAllowed.x86 =D3078
bServerSku.x86 =D307C
ulMaxDebugSessions.x86=D3080
bRemoteConnAllowed.x86=D3084
bFUSEnabled.x64 =FA054
lMaxUserSessions.x64 =FA058
bAppServerAllowed.x64 =FA05C
bInitialized.x64 =FA060
bMultimonAllowed.x64 =FA064
bServerSku.x64 =FA068
ulMaxDebugSessions.x64=FA06C
bRemoteConnAllowed.x64=FA070
[6.4.9841.0-SLInit] [6.4.9841.0-SLInit]
bFUSEnabled.x86 =BF9F0 bFUSEnabled.x86 =BF9F0
lMaxUserSessions.x86 =BF9F4 lMaxUserSessions.x86 =BF9F4
@ -4631,6 +5060,25 @@ bMultimonAllowed.x64 =E8478
ulMaxDebugSessions.x64=E847C ulMaxDebugSessions.x64=E847C
bFUSEnabled.x64 =E8480 bFUSEnabled.x64 =E8480
[10.0.14393.2457-SLInit]
bInitialized.x86 =C1F94
bServerSku.x86 =C1F98
lMaxUserSessions.x86 =C1F9C
bAppServerAllowed.x86 =C1FA0
bRemoteConnAllowed.x86=C1FA4
bMultimonAllowed.x86 =C1FA8
ulMaxDebugSessions.x86=C1FAC
bFUSEnabled.x86 =C1FB0
bServerSku.x64 =E73D0
lMaxUserSessions.x64 =E73D4
bAppServerAllowed.x64 =E73D8
bInitialized.x64 =E8470
bRemoteConnAllowed.x64=E8474
bMultimonAllowed.x64 =E8478
ulMaxDebugSessions.x64=E847C
bFUSEnabled.x64 =E8480
[10.0.14901.1000-SLInit] [10.0.14901.1000-SLInit]
bInitialized.x86 =C1F6C bInitialized.x86 =C1F6C
bServerSku.x86 =C1F70 bServerSku.x86 =C1F70
@ -5164,6 +5612,26 @@ bServerSku.x64 =E9484
lMaxUserSessions.x64 =E9488 lMaxUserSessions.x64 =E9488
bAppServerAllowed.x64 =E948C bAppServerAllowed.x64 =E948C
[10.0.15063.994-SLInit]
bInitialized.x64 =E9468
bRemoteConnAllowed.x64=E946C
bMultimonAllowed.x64 =E9470
ulMaxDebugSessions.x64=E9474
bFUSEnabled.x64 =E9478
bServerSku.x64 =E9484
lMaxUserSessions.x64 =E9488
bAppServerAllowed.x64 =E948C
[10.0.15063.1155-SLInit]
bInitialized.x64 =E9468
bRemoteConnAllowed.x64=E946C
bMultimonAllowed.x64 =E9470
ulMaxDebugSessions.x64=E9474
bFUSEnabled.x64 =E9478
bServerSku.x64 =E9484
lMaxUserSessions.x64 =E9488
bAppServerAllowed.x64 =E948C
[10.0.16179.1000-SLInit] [10.0.16179.1000-SLInit]
bInitialized.x86 =C7F6C bInitialized.x86 =C7F6C
bServerSku.x86 =C7F70 bServerSku.x86 =C7F70
@ -5714,3 +6182,108 @@ bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438 bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440 bFUSEnabled.x64 =F2440
[10.0.17115.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17128.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17133.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17134.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17723.1000-SLInit]
bInitialized.x64 =E9AB0
bServerSku.x64 =E9AB4
lMaxUserSessions.x64 =E9AB8
bAppServerAllowed.x64 =E9AC0
bRemoteConnAllowed.x64=E9AC4
bMultimonAllowed.x64 =E9AC8
ulMaxDebugSessions.x64=E9ACC
bFUSEnabled.x64 =E9AD0
[10.0.17763.1-SLInit]
bInitialized.x86 =CD798
bServerSku.x86 =CD79C
lMaxUserSessions.x86 =CD7A0
bAppServerAllowed.x86 =CD7A8
bRemoteConnAllowed.x86=CD7AC
bMultimonAllowed.x86 =CD7B0
ulMaxDebugSessions.x86=CD7B4
bFUSEnabled.x86 =CD7B8
bInitialized.x64 =ECAB0
bServerSku.x64 =ECAB4
lMaxUserSessions.x64 =ECAB8
bAppServerAllowed.x64 =ECAC0
bRemoteConnAllowed.x64=ECAC4
bMultimonAllowed.x64 =ECAC8
ulMaxDebugSessions.x64=ECACC
bFUSEnabled.x64 =ECAD0

View File

@ -2,7 +2,7 @@
; Do not modify without special knowledge ; Do not modify without special knowledge
[Main] [Main]
Updated=2017-12-27 Updated=2018-10-10
LogFile=\rdpwrap.txt LogFile=\rdpwrap.txt
SLPolicyHookNT60=1 SLPolicyHookNT60=1
SLPolicyHookNT61=1 SLPolicyHookNT61=1
@ -35,6 +35,7 @@ CDefPolicy_Query_eax_rdi=B80001000089873806000090
CDefPolicy_Query_eax_ecx=B80001000089812003000090 CDefPolicy_Query_eax_ecx=B80001000089812003000090
CDefPolicy_Query_eax_ecx_jmp=B800010000898120030000EB0E CDefPolicy_Query_eax_ecx_jmp=B800010000898120030000EB0E
CDefPolicy_Query_eax_rcx=B80001000089813806000090 CDefPolicy_Query_eax_rcx=B80001000089813806000090
CDefPolicy_Query_edi_rcx=BF0001000089B938060000909090
[6.0.6000.16386] [6.0.6000.16386]
SingleUserPatch.x86=1 SingleUserPatch.x86=1
@ -120,6 +121,34 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17AD2 DefPolicyOffset.x64=17AD2
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7600.20890]
SingleUserPatch.x86=1
SingleUserOffset.x86=19E2D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17DF2
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=196FB
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17B0E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7600.21316]
SingleUserPatch.x86=1
SingleUserOffset.x86=19E2D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17E3E
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=196FB
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17B5E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.17514] [6.1.7601.17514]
SingleUserPatch.x86=1 SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D SingleUserOffset.x86=1A49D
@ -148,20 +177,6 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17C82 DefPolicyOffset.x64=17C82
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.22750]
SingleUserPatch.x86=1
SingleUserOffset.x86=1A655
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17E8E
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19E21
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17C92
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.18637] [6.1.7601.18637]
SingleUserPatch.x86=1 SingleUserPatch.x86=1
SingleUserOffset.x86=1A4DD SingleUserOffset.x86=1A4DD
@ -176,6 +191,62 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17DC6 DefPolicyOffset.x64=17DC6
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.21650]
SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=180BE
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19D53
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D5A
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.21866]
SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=180BE
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19D53
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D5A
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.22104]
SingleUserPatch.x86=1
SingleUserOffset.x86=1A49D
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=180C6
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19D53
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D5E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.22750]
SingleUserPatch.x86=1
SingleUserOffset.x86=1A655
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17E8E
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19E21
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17C92
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.22843] [6.1.7601.22843]
SingleUserPatch.x86=1 SingleUserPatch.x86=1
SingleUserOffset.x86=1A655 SingleUserOffset.x86=1A655
@ -204,6 +275,20 @@ DefPolicyPatch.x64=1
DefPolicyOffset.x64=17CE2 DefPolicyOffset.x64=17CE2
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.1.7601.24234]
SingleUserPatch.x86=1
SingleUserOffset.x86=1A675
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=17F56
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=19E41
DefPolicyCode.x86=CDefPolicy_Query_eax_esi
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17D2E
DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
[6.2.8102.0] [6.2.8102.0]
SingleUserPatch.x86=1 SingleUserPatch.x86=1
SingleUserOffset.x86=F7E9 SingleUserOffset.x86=F7E9
@ -480,6 +565,58 @@ SLInitHook.x64=1
SLInitOffset.x64=5DB70 SLInitOffset.x64=5DB70
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[6.3.9600.18928]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=B39D8
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8B25D
LocalOnlyCode.x64=nopjmp
SingleUserPatch.x86=1
SingleUserOffset.x86=37D25
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=36C09
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=3D6F9
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=45495
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x86=1
SLInitOffset.x86=18328
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=5D830
SLInitFunc.x64=New_CSLQuery_Initialize
[6.3.9600.19093]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=B3958
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8AE4E
LocalOnlyCode.x64=nopjmp
SingleUserPatch.x86=1
SingleUserOffset.x86=3F045
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=36BC9
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=3D899
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=45305
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x86=1
SLInitOffset.x86=18288
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=5D660
SLInitFunc.x64=New_CSLQuery_Initialize
[6.4.9841.0] [6.4.9841.0]
LocalOnlyPatch.x86=1 LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=956A8 LocalOnlyOffset.x86=956A8
@ -1236,6 +1373,32 @@ SLInitHook.x64=1
SLInitOffset.x64=C930 SLInitOffset.x64=C930
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.14393.2457]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=A6248
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8D811
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x86=1
SingleUserOffset.x86=36CE5
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=29CF4
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=31209
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=1B545
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x86=1
SLInitOffset.x86=45824
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=C920
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.14901.1000] [10.0.14901.1000]
LocalOnlyPatch.x86=1 LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=A6038 LocalOnlyOffset.x86=A6038
@ -1966,6 +2129,34 @@ SLInitHook.x64=1
SLInitOffset.x64=D1EC SLInitOffset.x64=D1EC
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.15063.994]
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8CB01
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x64=1
SingleUserOffset.x64=15EA4
SingleUserCode.x64=Zero
DefPolicyPatch.x64=1
DefPolicyOffset.x64=FAE5
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x64=1
SLInitOffset.x64=234DC
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.15063.1155]
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=8CB01
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x64=1
SingleUserOffset.x64=15EA4
SingleUserCode.x64=Zero
DefPolicyPatch.x64=1
DefPolicyOffset.x64=FAE5
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x64=1
SLInitOffset.x64=234DC
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.16179.1000] [10.0.16179.1000]
LocalOnlyPatch.x86=1 LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AA568 LocalOnlyOffset.x86=AA568
@ -2720,6 +2911,150 @@ SLInitHook.x64=1
SLInitOffset.x64=2318C SLInitOffset.x64=2318C
SLInitFunc.x64=New_CSLQuery_Initialize SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17115.1]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17128.1]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17133.1]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17134.1]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AD738
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=925D1
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x86=1
SingleUserOffset.x86=36B0C
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1511C
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=33569
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=10E78
DefPolicyCode.x64=CDefPolicy_Query_edi_rcx
SLInitHook.x86=1
SLInitOffset.x86=474AD
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=22E6C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17723.1000]
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=75D91
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x64=1
SingleUserOffset.x64=1296C
SingleUserCode.x64=Zero
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17A45
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x64=1
SLInitOffset.x64=1B10C
SLInitFunc.x64=New_CSLQuery_Initialize
[10.0.17763.1]
LocalOnlyPatch.x86=1
LocalOnlyOffset.x86=AF8E4
LocalOnlyCode.x86=jmpshort
LocalOnlyPatch.x64=1
LocalOnlyOffset.x64=77941
LocalOnlyCode.x64=jmpshort
SingleUserPatch.x86=1
SingleUserOffset.x86=4D505
SingleUserCode.x86=nop
SingleUserPatch.x64=1
SingleUserOffset.x64=1322C
SingleUserCode.x64=Zero
DefPolicyPatch.x86=1
DefPolicyOffset.x86=4BD09
DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
DefPolicyPatch.x64=1
DefPolicyOffset.x64=17F45
DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
SLInitHook.x86=1
SLInitOffset.x86=5B02A
SLInitFunc.x86=New_CSLQuery_Initialize
SLInitHook.x64=1
SLInitOffset.x64=1ABFC
SLInitFunc.x64=New_CSLQuery_Initialize
[SLInit] [SLInit]
bServerSku=1 bServerSku=1
bRemoteConnAllowed=1 bRemoteConnAllowed=1
@ -2844,6 +3179,44 @@ bServerSku.x64 =FA068
ulMaxDebugSessions.x64=FA06C ulMaxDebugSessions.x64=FA06C
bRemoteConnAllowed.x64=FA070 bRemoteConnAllowed.x64=FA070
[6.3.9600.18928-SLInit]
bFUSEnabled.x86 =D3068
lMaxUserSessions.x86 =D306C
bAppServerAllowed.x86 =D3070
bInitialized.x86 =D3074
bMultimonAllowed.x86 =D3078
bServerSku.x86 =D307C
ulMaxDebugSessions.x86=D3080
bRemoteConnAllowed.x86=D3084
bFUSEnabled.x64 =FA054
lMaxUserSessions.x64 =FA058
bAppServerAllowed.x64 =FA05C
bInitialized.x64 =FA060
bMultimonAllowed.x64 =FA064
bServerSku.x64 =FA068
ulMaxDebugSessions.x64=FA06C
bRemoteConnAllowed.x64=FA070
[6.3.9600.19093-SLInit]
bFUSEnabled.x86 =D3068
lMaxUserSessions.x86 =D306C
bAppServerAllowed.x86 =D3070
bInitialized.x86 =D3074
bMultimonAllowed.x86 =D3078
bServerSku.x86 =D307C
ulMaxDebugSessions.x86=D3080
bRemoteConnAllowed.x86=D3084
bFUSEnabled.x64 =FA054
lMaxUserSessions.x64 =FA058
bAppServerAllowed.x64 =FA05C
bInitialized.x64 =FA060
bMultimonAllowed.x64 =FA064
bServerSku.x64 =FA068
ulMaxDebugSessions.x64=FA06C
bRemoteConnAllowed.x64=FA070
[6.4.9841.0-SLInit] [6.4.9841.0-SLInit]
bFUSEnabled.x86 =BF9F0 bFUSEnabled.x86 =BF9F0
lMaxUserSessions.x86 =BF9F4 lMaxUserSessions.x86 =BF9F4
@ -3396,6 +3769,25 @@ bMultimonAllowed.x64 =E8478
ulMaxDebugSessions.x64=E847C ulMaxDebugSessions.x64=E847C
bFUSEnabled.x64 =E8480 bFUSEnabled.x64 =E8480
[10.0.14393.2457-SLInit]
bInitialized.x86 =C1F94
bServerSku.x86 =C1F98
lMaxUserSessions.x86 =C1F9C
bAppServerAllowed.x86 =C1FA0
bRemoteConnAllowed.x86=C1FA4
bMultimonAllowed.x86 =C1FA8
ulMaxDebugSessions.x86=C1FAC
bFUSEnabled.x86 =C1FB0
bServerSku.x64 =E73D0
lMaxUserSessions.x64 =E73D4
bAppServerAllowed.x64 =E73D8
bInitialized.x64 =E8470
bRemoteConnAllowed.x64=E8474
bMultimonAllowed.x64 =E8478
ulMaxDebugSessions.x64=E847C
bFUSEnabled.x64 =E8480
[10.0.14901.1000-SLInit] [10.0.14901.1000-SLInit]
bInitialized.x86 =C1F6C bInitialized.x86 =C1F6C
bServerSku.x86 =C1F70 bServerSku.x86 =C1F70
@ -3929,6 +4321,26 @@ bServerSku.x64 =E9484
lMaxUserSessions.x64 =E9488 lMaxUserSessions.x64 =E9488
bAppServerAllowed.x64 =E948C bAppServerAllowed.x64 =E948C
[10.0.15063.994-SLInit]
bInitialized.x64 =E9468
bRemoteConnAllowed.x64=E946C
bMultimonAllowed.x64 =E9470
ulMaxDebugSessions.x64=E9474
bFUSEnabled.x64 =E9478
bServerSku.x64 =E9484
lMaxUserSessions.x64 =E9488
bAppServerAllowed.x64 =E948C
[10.0.15063.1155-SLInit]
bInitialized.x64 =E9468
bRemoteConnAllowed.x64=E946C
bMultimonAllowed.x64 =E9470
ulMaxDebugSessions.x64=E9474
bFUSEnabled.x64 =E9478
bServerSku.x64 =E9484
lMaxUserSessions.x64 =E9488
bAppServerAllowed.x64 =E948C
[10.0.16179.1000-SLInit] [10.0.16179.1000-SLInit]
bInitialized.x86 =C7F6C bInitialized.x86 =C7F6C
bServerSku.x86 =C7F70 bServerSku.x86 =C7F70
@ -4479,3 +4891,108 @@ bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438 bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440 bFUSEnabled.x64 =F2440
[10.0.17115.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17128.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17133.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17134.1-SLInit]
bInitialized.x86 =CBF38
bServerSku.x86 =CBF3C
lMaxUserSessions.x86 =CBF40
bAppServerAllowed.x86 =CBF44
bRemoteConnAllowed.x86=CBF48
bMultimonAllowed.x86 =CBF4C
ulMaxDebugSessions.x86=CBF50
bFUSEnabled.x86 =CBF54
bServerSku.x64 =F1378
lMaxUserSessions.x64 =F137C
bAppServerAllowed.x64 =F1380
bInitialized.x64 =F2430
bRemoteConnAllowed.x64=F2434
bMultimonAllowed.x64 =F2438
ulMaxDebugSessions.x64=F243C
bFUSEnabled.x64 =F2440
[10.0.17723.1000-SLInit]
bInitialized.x64 =E9AB0
bServerSku.x64 =E9AB4
lMaxUserSessions.x64 =E9AB8
bAppServerAllowed.x64 =E9AC0
bRemoteConnAllowed.x64=E9AC4
bMultimonAllowed.x64 =E9AC8
ulMaxDebugSessions.x64=E9ACC
bFUSEnabled.x64 =E9AD0
[10.0.17763.1-SLInit]
bInitialized.x86 =CD798
bServerSku.x86 =CD79C
lMaxUserSessions.x86 =CD7A0
bAppServerAllowed.x86 =CD7A8
bRemoteConnAllowed.x86=CD7AC
bMultimonAllowed.x86 =CD7B0
ulMaxDebugSessions.x86=CD7B4
bFUSEnabled.x86 =CD7B8
bInitialized.x64 =ECAB0
bServerSku.x64 =ECAB4
lMaxUserSessions.x64 =ECAB8
bAppServerAllowed.x64 =ECAC0
bRemoteConnAllowed.x64=ECAC4
bMultimonAllowed.x64 =ECAC8
ulMaxDebugSessions.x64=ECACC
bFUSEnabled.x64 =ECAD0

View File

@ -1,5 +1,5 @@
{ {
Copyright 2017 Stas'M Corp. Copyright 2018 Stas'M Corp.
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.
@ -26,7 +26,9 @@ uses
Classes, Classes,
WinSvc, WinSvc,
Registry, Registry,
WinInet; WinInet,
AccCtrl,
AclAPI;
function EnumServicesStatusEx( function EnumServicesStatusEx(
hSCManager: SC_HANDLE; hSCManager: SC_HANDLE;
@ -41,6 +43,11 @@ function EnumServicesStatusEx(
pszGroupName: PWideChar): BOOL; stdcall; pszGroupName: PWideChar): BOOL; stdcall;
external advapi32 name 'EnumServicesStatusExW'; external advapi32 name 'EnumServicesStatusExW';
function ConvertStringSidToSid(
StringSid: PWideChar;
var Sid: PSID): BOOL; stdcall;
external advapi32 name 'ConvertStringSidToSidW';
type type
FILE_VERSION = record FILE_VERSION = record
Version: record case Boolean of Version: record case Boolean of
@ -639,14 +646,57 @@ begin
Result := True; Result := True;
end; end;
procedure GrantSidFullAccess(Path, SID: String);
var
p_SID: PSID;
pDACL: PACL;
EA: EXPLICIT_ACCESS;
Code, Result: DWORD;
begin
p_SID := nil;
if not ConvertStringSidToSid(PChar(SID), p_SID) then
begin
Code := GetLastError;
Writeln('[-] ConvertStringSidToSid error (code ', Code, ').');
Exit;
end;
EA.grfAccessPermissions := GENERIC_ALL;
EA.grfAccessMode := GRANT_ACCESS;
EA.grfInheritance := SUB_CONTAINERS_AND_OBJECTS_INHERIT;
EA.Trustee.pMultipleTrustee := nil;
EA.Trustee.MultipleTrusteeOperation := NO_MULTIPLE_TRUSTEE;
EA.Trustee.TrusteeForm := TRUSTEE_IS_SID;
EA.Trustee.TrusteeType := TRUSTEE_IS_WELL_KNOWN_GROUP;
EA.Trustee.ptstrName := p_SID;
Result := SetEntriesInAcl(1, @EA, nil, pDACL);
if Result = ERROR_SUCCESS then
begin
if SetNamedSecurityInfo(pchar(Path), SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, nil, nil, pDACL, nil) <> ERROR_SUCCESS then
begin
Code := GetLastError;
Writeln('[-] SetNamedSecurityInfo error (code ', Code, ').');
end;
LocalFree(Cardinal(pDACL));
end
else begin
Code := GetLastError;
Writeln('[-] SetEntriesInAcl error (code ', Code, ').');
end;
end;
procedure ExtractFiles; procedure ExtractFiles;
var var
RDPClipRes, RfxvmtRes, S: String; RDPClipRes, RfxvmtRes, S: String;
OnlineINI: TStringList; OnlineINI: TStringList;
begin begin
if not DirectoryExists(ExtractFilePath(ExpandPath(WrapPath))) then if not DirectoryExists(ExtractFilePath(ExpandPath(WrapPath))) then
if ForceDirectories(ExtractFilePath(ExpandPath(WrapPath))) then if ForceDirectories(ExtractFilePath(ExpandPath(WrapPath))) then begin
Writeln('[+] Folder created: ', ExtractFilePath(ExpandPath(WrapPath))) S := ExtractFilePath(ExpandPath(WrapPath));
Writeln('[+] Folder created: ', S);
GrantSidFullAccess(S, 'S-1-5-18'); // Local System account
GrantSidFullAccess(S, 'S-1-5-6'); // Service group
end
else begin else begin
Writeln('[-] ForceDirectories error.'); Writeln('[-] ForceDirectories error.');
Writeln('[*] Path: ', ExtractFilePath(ExpandPath(WrapPath))); Writeln('[*] Path: ', ExtractFilePath(ExpandPath(WrapPath)));
@ -978,8 +1028,10 @@ end;
procedure TSConfigFirewall(Enable: Boolean); procedure TSConfigFirewall(Enable: Boolean);
begin begin
if Enable then if Enable then
ExecWait('netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow') begin
else ExecWait('netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=tcp localport=3389 profile=any action=allow');
ExecWait('netsh advfirewall firewall add rule name="Remote Desktop" dir=in protocol=udp localport=3389 profile=any action=allow');
end else
ExecWait('netsh advfirewall firewall delete rule name="Remote Desktop"'); ExecWait('netsh advfirewall firewall delete rule name="Remote Desktop"');
end; end;
@ -1078,8 +1130,8 @@ var
I: Integer; I: Integer;
begin begin
Writeln('RDP Wrapper Library v1.6.2'); Writeln('RDP Wrapper Library v1.6.2');
Writeln('Installer v2.5'); Writeln('Installer v2.6');
Writeln('Copyright (C) Stas''M Corp. 2017'); Writeln('Copyright (C) Stas''M Corp. 2018');
Writeln(''); Writeln('');
if (ParamCount < 1) if (ParamCount < 1)

Binary file not shown.

View File

@ -127,7 +127,12 @@ DWORD INI_FILE::GetFileStringFromNum(DWORD StringNumber, char *RetString, DWORD
for (DWORD i = FileStringsMap[StringNumber]; i < FileSize; i++) for (DWORD i = FileStringsMap[StringNumber]; i < FileSize; i++)
{ {
if ((FileRaw[i] == '\r' && FileRaw[i + 1] == '\n') || i == (FileSize - 1)) if (i == (FileSize - 1))
{
EndStringPos = FileSize;
break;
}
if (FileRaw[i] == '\r' && FileRaw[i + 1] == '\n')
{ {
EndStringPos = i; EndStringPos = i;
break; break;

View File

@ -26,14 +26,14 @@ Terminal Services supported versions
6.1.7600.20661 (Windows 7 with KB951422) [todo] 6.1.7600.20661 (Windows 7 with KB951422) [todo]
6.1.7600.21085 (Windows 7 with KB951422 v2) [todo] 6.1.7600.21085 (Windows 7 with KB951422 v2) [todo]
6.1.7600.20621 (Windows 7 with KB979470) [todo] 6.1.7600.20621 (Windows 7 with KB979470) [todo]
6.1.7600.20890 (Windows 7 with KB2479710) [todo] 6.1.7600.20890 (Windows 7 with KB2479710) [policy hook + extended patch]
6.1.7600.21316 (Windows 7 with KB2750090) [todo] 6.1.7600.21316 (Windows 7 with KB2750090) [policy hook + extended patch]
6.1.7600.21420 (Windows 7 with KB2800789) [todo] 6.1.7600.21420 (Windows 7 with KB2800789) [todo]
6.1.7601.17514 (Windows 7 SP1) [policy hook + extended patch] 6.1.7601.17514 (Windows 7 SP1) [policy hook + extended patch]
6.1.7601.21855 (Windows 7 SP1 with KB951422 v2) [todo] 6.1.7601.21855 (Windows 7 SP1 with KB951422 v2) [todo]
6.1.7601.21650 (Windows 7 SP1 with KB2479710) [todo] 6.1.7601.21650 (Windows 7 SP1 with KB2479710) [policy hook + extended patch]
6.1.7601.21866 (Windows 7 SP1 with KB2647409) [todo] 6.1.7601.21866 (Windows 7 SP1 with KB2647409) [policy hook + extended patch]
6.1.7601.22104 (Windows 7 SP1 with KB2750090) [todo] 6.1.7601.22104 (Windows 7 SP1 with KB2750090) [policy hook + extended patch]
6.1.7601.22213 (Windows 7 SP1 with KB2800789) [todo] 6.1.7601.22213 (Windows 7 SP1 with KB2800789) [todo]
6.1.7601.22476 (Windows 7 SP1 with KB2870165) [todo] 6.1.7601.22476 (Windows 7 SP1 with KB2870165) [todo]
6.1.7601.22435 (Windows 7 SP1 with KB2878424) [todo] 6.1.7601.22435 (Windows 7 SP1 with KB2878424) [todo]
@ -43,6 +43,7 @@ Terminal Services supported versions
6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR) [policy hook + extended patch] 6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR) [policy hook + extended patch]
6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR) [policy hook + extended patch] 6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR) [policy hook + extended patch]
6.1.7601.23403 (Windows 7 SP1 with KB3125574) [policy hook + extended patch] 6.1.7601.23403 (Windows 7 SP1 with KB3125574) [policy hook + extended patch]
6.1.7601.24234 (Windows 7 SP1 with KB4462923) [policy hook + extended patch]
6.2.8102.0 (Windows 8 Developer Preview) [policy hook + extended patch] 6.2.8102.0 (Windows 8 Developer Preview) [policy hook + extended patch]
6.2.8250.0 (Windows 8 Consumer Preview) [policy hook + extended patch] 6.2.8250.0 (Windows 8 Consumer Preview) [policy hook + extended patch]
6.2.8400.0 (Windows 8 Release Preview) [policy hook + extended patch] 6.2.8400.0 (Windows 8 Release Preview) [policy hook + extended patch]
@ -55,6 +56,8 @@ Terminal Services supported versions
6.3.9600.17415 (Windows 8.1 with KB3000850) [init hook + extended patch] 6.3.9600.17415 (Windows 8.1 with KB3000850) [init hook + extended patch]
6.3.9600.18692 (Windows 8.1 with KB4022720) [init hook + extended patch] 6.3.9600.18692 (Windows 8.1 with KB4022720) [init hook + extended patch]
6.3.9600.18708 (Windows 8.1 with KB4025335) [init hook + extended patch] 6.3.9600.18708 (Windows 8.1 with KB4025335) [init hook + extended patch]
6.3.9600.18928 (Windows 8.1 with KB4088876) [init hook + extended patch]
6.3.9600.19093 (Windows 8.1 with KB4343891) [init hook + extended patch]
6.4.9841.0 (Windows 10 Technical Preview) [init hook + extended patch] 6.4.9841.0 (Windows 10 Technical Preview) [init hook + extended patch]
6.4.9860.0 (Windows 10 Technical Preview UP1) [init hook + extended patch] 6.4.9860.0 (Windows 10 Technical Preview UP1) [init hook + extended patch]
6.4.9879.0 (Windows 10 Technical Preview UP2) [init hook + extended patch] 6.4.9879.0 (Windows 10 Technical Preview UP2) [init hook + extended patch]
@ -90,6 +93,7 @@ Terminal Services supported versions
10.0.14393.0 (Windows 10 rs1_release.160715-1616) [init hook + extended patch] 10.0.14393.0 (Windows 10 rs1_release.160715-1616) [init hook + extended patch]
10.0.14393.1198 (Windows 10 rs1_release_sec.170427-1353) [init hook + extended patch] 10.0.14393.1198 (Windows 10 rs1_release_sec.170427-1353) [init hook + extended patch]
10.0.14393.1737 (Windows 10 rs1_release_inmarket.170914-1249) [init hook + extended patch] 10.0.14393.1737 (Windows 10 rs1_release_inmarket.170914-1249) [init hook + extended patch]
10.0.14393.2457 (Windows 10 rs1_release_inmarket.180822-1743) [init hook + extended patch]
10.0.14901.1000 (Windows 10 rs_prerelease.160805-1700) [init hook + extended patch] 10.0.14901.1000 (Windows 10 rs_prerelease.160805-1700) [init hook + extended patch]
10.0.14905.1000 (Windows 10 rs_prerelease.160811-1739) [init hook + extended patch] 10.0.14905.1000 (Windows 10 rs_prerelease.160811-1739) [init hook + extended patch]
10.0.14915.1000 (Windows 10 rs_prerelease.160826-1902) [init hook + extended patch] 10.0.14915.1000 (Windows 10 rs_prerelease.160826-1902) [init hook + extended patch]
@ -119,6 +123,8 @@ Terminal Services supported versions
10.0.15061.0 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.15061.0 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.15063.0 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.15063.0 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.15063.296 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.15063.296 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.15063.994 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.15063.1155 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.16179.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.16179.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.16184.1001 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.16184.1001 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.16199.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.16199.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
@ -149,9 +155,48 @@ Terminal Services supported versions
10.0.17040.1000 (Windows 10 WinBuild.160101.0800) [todo] 10.0.17040.1000 (Windows 10 WinBuild.160101.0800) [todo]
10.0.17046.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.17046.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17063.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch] 10.0.17063.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17074.1002 (Windows 10 WinBuild.160101.0800) [todo]
10.0.17083.1000 (Windows 10 WinBuild.160101.0800) [todo]
10.0.17115.1 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17128.1 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17133.1 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17134.1 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17723.1000 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
10.0.17763.1 (Windows 10 WinBuild.160101.0800) [init hook + extended patch]
Source code changelog (rdpwrap library): Source code changelog (rdpwrap library):
2018.10.10 :
- added support for termsrv.dll 6.1.7601.24234 x86
2018.10.04 :
- added support for termsrv.dll 10.0.14393.2457 x86
2018.10.03 :
- added support for termsrv.dll 6.1.7601.24234 x64
- added support for termsrv.dll 10.0.15063.994 x64
- added support for termsrv.dll 10.0.17723.1000 x64
- added support for termsrv.dll 10.0.17763.1
2018.09.10 :
- added support for termsrv.dll 6.1.7600.20890
- added support for termsrv.dll 6.1.7600.21316
- added support for termsrv.dll 6.1.7601.21650
- added support for termsrv.dll 6.1.7601.21866
- added support for termsrv.dll 6.1.7601.22104
- added support for termsrv.dll 6.3.9600.19093
- added support for termsrv.dll 10.0.14393.2457 x64
- added support for termsrv.dll 10.0.15063.1155 x64
2018.05.16 :
- added support for termsrv.dll 10.0.17115.1
- added support for termsrv.dll 10.0.17128.1
- added support for termsrv.dll 10.0.17133.1
- added support for termsrv.dll 10.0.17134.1
2018.03.26 :
- added support for termsrv.dll 6.3.9600.18928 by 1nd1g0
2017.12.27 : 2017.12.27 :
- added support for termsrv.dll 10.0.17017.1000 - added support for termsrv.dll 10.0.17017.1000
- added support for termsrv.dll 10.0.17025.1000 - added support for termsrv.dll 10.0.17025.1000