Jump to content

WinPeShl.exe,WpeInit.exe,WpeUtil.Dll


Kullenen_Ask

Recommended Posts

I found this source code when i was surfing in a chineese forum. Maybe it can be usefull for add/change something. To make a loader. We can run more services and load much drivers with custom WinPeShl.exe. I do not have coding knowledge. Ideas wellcome.

WinPeShl.exe,WpeInit.exe,WpeUtil.Dll:


------------------------------------------------------------------------------------------------------------
WinPeShl.exe:
wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nShowCmd)
{

if ( QueryRegValue(HKEY_LOCAL_MACHINE, L"SOFTWARE\\microsoft\\windows nt\\currentversion\\WinPE", L"ShellLogPath") )

CreateLogFile( );
else
CreateLogFile(L"winpeshl.log");

Message("Windows PE Shell beginning execution");
SetCursors();
InitSys();
LoadExec(L"%SystemRoot%\\system32\\winpeshl.ini")

}
InitSys()
{

LoadLocalFonts();

QueryRegValue(HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows NT\\CurrentVersion\\WinPE", L"CustomBackground") )

SystemParametersInfoW();
WpeInstallServicePrivileges();

WpeInstallServicesSecurityTemplate();

hObject = CreateEventW((LPSECURITY_ATTRIBUTES)v9, 1, v9, L"Global\\EVENT_WINPE_REMSTOR");
hHandle = CreateThread((LPSECURITY_ATTRIBUTES)v9, v9, StartAddress, (LPVOID)v9, v9, &ThreadId);
result = (void *)QueryRegValue01(
HKEY_LOCAL_MACHINE,
L"SYSTEM\\CurrentControlSet\\Control\\WMI\\Autologger\\WinPEFileTrace",
L"Start");
if ( result )
{
v30 = v9;
sub_1006847(67108864, L"Profiling is enabled; initializing run-time profiler.", ST18_4_0);
result = CreateThread((LPSECURITY_ATTRIBUTES)v9, v9, SerializeAppProfile, (LPVOID)v9, v9, &v30);
dword_100B040 = (int)result;
}

}
-----------------------------------------------------------------------------------------------------------------------
WpeInit.exe:
int wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nShowCmd)
{

if ( lpCmdLine )
UnattendFindFileFromCmdLine();
else
{
wttime = GetTickCount();
WpeWaitForRemovableStorage();
Waitime = GetTickCount() - wttime;
hLogFile = XLOG(L"wpeinit.log");
if (UnattendFindAnswerFile()){
//Checkit;
}

else
WriteLog(hLogFile,"No unattend file was found; WPEINIT is using default settings to initialize WinPE" );

if ( Waitime )
WriteLog(hLogFile, "Spent Waitime%ums initializing removable media before unattend search" );
}
result = WpeActuateUnattendSettings();
//CleanUp
return result;
}
-----------------------------------------------------------------------------------------------------------------------
WpeUtil.Dll:
WpeActuateUnattendSettings()
{
UnattendDisplay();

UnattendCompterName();

UnattendPageFile();

UnattendOC();

UnattendNet();

UnattendFireWall();

UnattendRunSynchronous();

UnattendRunASyncs();

UnattendRestart();
}

UnattendNet()
{
if(NetNotEnable == WpeQueryNetworkStatus()

MyInitNetWork();
}
MyInitNetWork()
{


WpeInitializeNetworkComponents();

WpeInitializeNetworkDrivers();

}

WpeInitializeNetworkComponents()
{
Install MS_MSCLIENT
Install MS_NETBIOS
Install MS_SMB
Install MS_TCPIP6
Install MS_TCPIP
StartService dhcp
StartService lmhosts
StartService ikeext
StartService mpssvc
//lanmanStation...
}
WpeInitializeNetworkDrivers()
{
WpeInitializeDriversOfClass();
}
WpeInitializeDriversOfClass(int a1, int a2)
{
//EnumDevice then DiInstallDevice();
}

Edited by Kullenen_Ask
Link to comment
Share on other sites


Hello Vvurat & Joakim ;)

Vvurat, can you give your chineses source ?

This wpeinit can also to be use in the goal to use original shutdown button startmenu (pecmd can...) ?

Link to comment
Share on other sites


http://bbs.wuyou.com/redirect.php?fid=39&tid=116948&goto=nextoldset

Probably it works like tracking if the user clicked on shutdown button or not. It works same way with the ReBootTrace.exe,ReBoot.dll dll that i shared in my topic. If you read pecmd manual you can see that. There is source code of ReBootTrace.exe,ReBoot.dll in my topic if not deleted. If you want to use shutdown button, autologin as administrator rights user. You will have that functionality without using a third-party software.

Edited by Kullenen_Ask
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...