soul

Ok, I've been taking a few notes about the new (post-2003 SP1) setupldr.bin format versus the old (pre-2003 SP1) one. So far, I've only found a few points of interest, which may or may not already be known: setupldr.bin is actually two parts. The first is the "boot image" (the correct term escapes me at the moment), and the second being a PE (exe) file. setupldr.bin and ntldr are identical up until a little ways into the PE header. If you strip off the first part, you can disassemble the remaining EXE portion with any disassembler. The checksum portion of the PE header isn't used, much less used to verify that the file has been modified. You can edit the first part without it throwing a "NTLDR is corrupt" message. Tested by editing only the three occurances of "NTLDR is corrupt". The third occurance of "NTLDR is corrupt" is the one that is actually printed when editing an occurance of "I386". I haven't tested editing each occurance of "i386", "I386", and "amd64", one at a time, to see if the other messages are used anywhere. I think the most important thing here is the separation of the two parts: the boot image that calls the setup loader, and the setup loader .exe itself. It's only logical that the checksum exists in the boot image portion, which is under 20kB in size, and is only a couple kB larger than the pre-2003 SP1's boot image portion. This is good, because it almost entirely rules out any "complex" integrity checking, which leaves the only viable option that comes to mind being CRC/CRC32. I've been known to get bored of projects and put them off indefinitely, so I figured I should dump my notes/thoughts here before that happens. I still have a few more ideas though, and I'll let you know if they turn up anything interesting.

Ahh, that one worked for me, thanks.

Are the download links in the first post broken, or is it just me? I'd like to look at the 2003 .bin, but the link isn't cooperating with me.

I've spent the past few days trying to figure out HOW to make XP with SP2 install unsigned drivers silently. Changing DriverSigningPolicy in winnt.sif still warned that the driver wasn't signed. Changing Driver Signing registry entries still warned that the driver wasn't signed. Nothing I tried would get rid of the prompt, so I finally decided to just create an AutoIt script to "Continue anyway". I've attached the script, the compiled exe, grep.exe and devcon.exe. All you have to do to use this method (I'm sure there are other methods, but this is how I use it): Download the attached .rar Extract devcon.exe and grep.exe to $OEM$\$$\system32, DriverInstall.exe to $OEM$\$1\Drivers In RunOnceEx.cmd, add driver checks such as: devcon hwids =Display | grep Name: | grep -i GeForce > NUL IF NOT ERRORLEVEL 1 ( ) Inside the IF ( ) block, invoke DriverInstaller with the relevant switches (for information about the switches that DriverInstaller supports, read about Commands for DevCon Operations), such as: %systemdrive%\Drivers\DriverInstall.exe update %systemdrive%\Drivers\002_graphics\NVIDIA\2KXP_INF\NV_OMEGA_DISP.INF PCI\VEN_10DE A brief breakdown about the DriverInstaller line above: %systemdrive%\Drivers\DriverInstall.exe: The path to DriverInstaller.exe update: Update the driver (as opposed to install, disable, enable, etc) %systemdrive%\Drivers\002_graphics\NVIDIA\2KXP_INF\NV_OMEGA_DISP.INF: Path to the .inf for the drivers you wish to update PCI\VEN_10DE: The hardware vendor ID. You must get this from inside the driver's .inf Completed, my RunOnceEx.cmd looks something like: devcon hwids =Display | grep Name: | grep -i GeForce > NUL IF NOT ERRORLEVEL 1 ( REG ADD %KEY%\325 /VE /D "NVIDIA ForceWare 56.72 video drivers" /f REG ADD %KEY%\325 /V 1 /D "%systemdrive%\Drivers\DriverInstall.exe update %systemdrive%\Drivers\002_graphics\NVIDIA\2KXP_INF\NV_OMEGA_DISP.INF PCI\VEN_10DE" /f ) I've tested this to work with signed drivers, unsigned drivers, drivers with multiple prompts, and it has worked each time. Any questions/comments, feel free to let me know. Hope this helps someone as much as it helped me. DriverInstall.rar