joakim

These days it does not cost much, as nearly all cards support monitor mode on new linux kernel. Can also be done on Windows, by running linux iso inside vmware player (no need for a dedicated linux install).

The switch issue is only a lan issue (ie not wlan). Since you are the master of the house/network, then you already have the network key, and should be able to decrypt a capture of the wlan traffic. The traffic analysis is not always so easy, so maybe you are better off taking some smart parent/child chats instead... Joakim

Like already mentioned, it highly depends on wether you have access to the system in a running state. There are more ways to "circumvent" such if you can get access to the running system. Last year I posted a video about how one can remove McAfee Endpoint Encryption without the Authorisation Code and without the Windows password, by using MetaSploit remotely (given some assumptions); http://sanbarrow.com/phpBB2/viewtopic.php?t=1671 But, in a fully patched and locked down environment, this should not be possible (unless you can exploit the OS).. Joakim

2 more errors were also fixed.

Does this work; Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout] "Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,29,00,0F,00,00,00,00,00

You should be able to boot from a virtual drive, but it must be done in a virtual environment (ie virtualization software installed). Apart from that maybe pxe booting is an option (needs at least one more machine as server). Do you have a floppy drive? Joakim

If it actually is a software bug, like suggested, then try to uninstall the IR driver for the device in the device manager (assuming you don't need the device). The machine will then not see any IR device it can connect to. Just a thought.. Joakim

I suspect it is an "issue" of the session 0 vs session 1; http://www.microsoft.com/whdc/system/sysinternals/Session0Changes.mspx However, I'm not sure if it applies to PE (as user=system). How about adding a dummy account with password to the administrators localgroup, and connect to that? Joakim

What is the exact vmrun command you are running? The user/password might be a pain. Have you tried adding the system account to the administrators group prior to changing the password? If all fails, there might still be a (alternative and definately unsupported) way of executing commands from host to guest, by injecting "key strokes". I experimented with this Autoit code a few days ago; If $cmdline[0] = 1 Then $cmd = $cmdline[1] Else $cmd = InputBox("Type preferred command", "It will be executed inside your chosen guest VM", "ping localhost", "") EndIf $title = WinGetTitle("[CLASS:VMUIFrame]") If WinActivate($title, "") Then Send("{CTRLDOWN}{g}" & "{LCTRL up}" & "{LWINDOWN}{r}" & "{LWIN up}") Sleep(100) Send($cmd & "{ENTER}") Else MsgBox( 0, "Error", "Are you sure VMware is running?") EndIf This sample depends on the WinKey+r emulation in the guest (to launch "run" and inject commands to it). Since "run" most likely is not available in your winpe, you may want to substitute it with something else.. This way you don't need a user/password to run programs inside the guest. Of course, using vmrun.exe should be the preferred way if possible. Joakim

With how much ram installed ?

New version; http://www.mediafire.com/file/dyqnzzmj4mt/xml2reg_v3.zip Fixed some rather unusual values found in the bluetooth package. Beware that the string "$(runtime.system32)" is replaced with a hardcoding of "C:\\WINDOWS\\System32\" to make a valid REG_SZ key. @Kullenen_Ask Only the corporate version has the Bitlocker and Bitlocker to Go packages, which I don't have. But anybody with those packages should be able to generate a reg file with this tool. Sorry, can't help you. Joakim

Nothing left to solve seems like a close to complete PE build. Sorry I don't know about the shutdown button or autologon admin. Do you really have all system services running correctly? Impressive. Joakim

@Kullenen_Ask The tool is to be run from command line or batch. If you did not do so or did not supply any input file, then that message will be thrown to you. That was a small error in the code (an If statement on the wrong line) that is now fixed. For example lets say you want to investigate what VSS has for relevant registry keys set. First unpack two packages; WinEmb-VSS-Foundation.cab WinEmb-VSS-Service.cab Run the tool against the manifests inside each of the two folders and collect your newly generated registry files. This is what the complete VSS package got (when merging the reg files); http://www.mediafire.com/file/2q2jmnfmmnq/vss_win7.reg Far more easy to read than the xml styled manifests.. Note: I did not say this is the complete PE answer. I said it may help solving some missing links. @wimb I have not done "universal" stuff lately, so I really don't currently know. Where can I read about how you implement/solved the: Any PE use readonly registry, so we must save changes on the volatile hive (in memory) to disk. Then mount the SOFTWARE/SYSTEM hive and import the changes, and finally unload the hive. Of course the tricky part is to know what to import and what not to import... Maybe only software related and other non-hardware settings.. Anyways, new improved xml2reg version; http://www.mediafire.com/file/jhynzzymxyk/xml2reg_v2.zip Joakim

I think you misunderstood a little. xml2reg was not itself meant for running in a PE. It may help you while developing stuff for PE. The manifest files that it should be run against, is the ones found inside the component packages that are shipped with Windows 7 Embedded. And target WinPE version, would thus be the newest (3.0), which is also based on Windows 7. In the example batch in first post, you would first need to unpack the file WinEmb-FS-SMB.cab, before running the batch. It is inside this cab the manifests are found. The tool is not meant for the manifests found in the winsxs subfolders (it is different). I only tested the tool on an XP host (I also only run the Embedded 7 development inside a xp vm because it's faster (although not supported)). I will test the tool on a nt6.x system, to see if that is where the error is triggered. Joakim

http://www.mediafire.com/file/dyqnzzmj4mt/xml2reg_v3.zip As most people know by now, Windows 7 Embedded is the componentized version of Windows 7. Ie, it built up of many packages or feature packs as they call them, and these packages can be installed/uninstalled with dism.exe. Inside these packages (.cab) all necessary files are bundled along with manifest files. These manifests contain, along with much else, the necessary registry information for each specific package. Usually 1 manifest accompanies each binary. The registry information is located inside; <registryKeys> and </registryKeys> The point is that this may be of great help when developing stuff for WinPE. That's why it's posted in this section. The manifests are xml structured, and the tool does what the title says. It converts the registry information into a valid registry file (.reg), more easily read. Since there exist a lot of manifests inside these packages, it is probably smartest to run this from a batch; for %%i in ("I:\iso\packages(win7)\x86~winemb-fs-smb~~~~6.1.7600.16385~1.0\WinEmb-FS-SMB\*.manifest") do xml2reg.exe %%i Joakim

Seems like you guys have come far with this already. Keep up good work. In case you did not know, the new Windows 7 Embedded is a Windows 7 broken down into many components/packages that can be added or removed. By looking inside these packages (.cab) there are much valuable information found that can be used for PE creation and evelopment. In particular, the manifest files which also contains all registry information tied to any file in that specific package, can help spotting the missing links. I use an xml2reg tool that is helpful with this, as it converts the manifests into valid registry files. Joakim

I thought it was possible to chainload grub via its bootsector (in file form) directly from bootmgr, and cut the chain by at least one step.. Joakim

You got me a litle curious about the vss bit, as I only ever managed to get that service running correctly on a 2003 based PE. Can you verify the output of "vssadmin list writers" from within PE? Keep up good work.. Joakim

Looks interesting, but was a little bit hard to understand everything. I assume you've merged stuff from newest Windows 7 Embedded (2011)..? I had the dotnet framework working on RC1, but something changed in rtm, and it broke. Do you have dotnet working 100%? How about vss? Would be nice to see some batches and registry files when you re finished with your project. Btw, what language is your win? Joakim

I gave up hardware profiles for Vista as the goal could be achieved in an other way. Patch winload.exe and include alternative sets of the SYSTEM hive. Differentiate these in the BCD store, pointing the path to different winload.exe. This way it was possible to include all available ramdisk sizes (32, 64, 128, 256, 512) as a boot option, adding roughly 10 Mb to the build on WinPE 3.0. Joakim

I know this excellent feature was partly removed on Vista, and later completely removed on Windows 7. However, it is still possible to create your own custom profiles, by writing them directly into the registry. The profiles will then also be visible when you try to configure "logon" inside services.msc, and you can also configure each service with these profiles. But how, if possible, can we interact with these profiles at boot time? Btw, my final goal is to create profiles that will let you choose the size of your ramdisk (WinPECacheThreshold) at boot time. Just like what is possible on XP were hardware profiles work great. Joakim

It was more like a combined offer/question, as I have a dotnet 2 solution working for RC1.. And I don't want to waste my time if a solution for RTM is already there.. Joakim

I have a dotnet 2 package compatible with Windows 7 RC1 and thought about an update to support latest RTM.. Unless this is already available..? (yeah I know it's large but what the h...) Btw, this is lodr (Load On Demand Ready), addable after bootup. Joakim

I don't know what your friend sent you, but on my xp machines (32-bit norwegian and english) bcdedit.exe works fine.. Joakim

You can do this on xp without any trouble. Just grab bcdedit.exe from any nt6.x source, and modify your BCD store directly. Follow the instructions earlier in this thread. Last time I checked there was a limit on 13 entries in the BCD that bootmgr could show. Btw, when I pxe boot the Active Boot Disk (wim), I need to copy the license file to the root of the second image inside that wim. Not sure if that applies to cd/dvd booting. I also run erd6.0, erd6.5 and lots of other stuff from the same bcd. AS long as they are nt6.x based, their respective bcd entries are very similar, only distinguished by guid, description, device and osdevice. Joakim