Jump to content

KernelEx for Win2000


Recommended Posts

@blackwingcat There are some more problems with exkernel v30e slipstreamed into w2k with hfslip. Registry acl get buggy, Subinacl has to be used. But for "restricted" in german we have to use "Eingeschränkter Zugriff" in additional.cmd - file. This will not work because of "ä". It produces Error (chcp standard - 850).

For examination, I copied exkernel files into a w2k machine (not slipstreamed). I did "cmd" and wrote "ä". It displays "ä" .

clip_image1.jpg.c8aa786c8b872c9049c5c39b17298dbc.jpg

Then I tried with a .cmd text file (notepad font is lucida console, script in german "Westlich" (western europe, no.1):

clip_image2.jpg.3530fa94967614079339141abaaef525.jpg

If I execute the .cmd - file, it comes out as something else: o with "tilde":

clip_image3.jpg.61aac775e29e139d73388817ce2d4b57.jpg

This error is an old one. It is also present with exkernel versions kernel32.dll v5.0.2195.7254 in year 2018. I did not notice, because I did not use .cmd files too often.

Suspicious files (examined with process explorer:

advapi32, cmd, gdi32, kernel32, msvcrt, ntdll, rpcrt4, user32.

ctype.nls, locale.nls, sortkey.nls, unicode.nls are original w2k DEU source dated 20.06.2003.

I also changed advapi32, explorer.exe, cmd.exe, ntdll.dll, rpcrt4.dll and user32 to original w2k DEU. No effect, the error remains (and more errors come up, as expected). I could not change kernel32 to original -> BSOD. So most suspicious is kernel32.dll.

Could you have a look on it?

Greetings Joe

PS: Thank you for giving new advice for localizing kernel32 in 2019!

 

Edited by JosefReisinger
Link to comment
Share on other sites


@blackwingcat: I apologize. "ä" - cmd problem is not a problem of exkernel. It also exists in wxp32 and 64, and also in win7.  Is it a microsoft bug? I tried a workaround:

funny1.jpg.b97ceab9cc5c022fb7b36e16d60c5824.jpg

Result:

funny2.jpg.e3effac015fc7d745a1325d035b92f4f.jpg

As you can see, all of the characters are displayed wrong. Furthermore, ">" is displayed "1>". But the result seems to be OK. I can use it to get the "Eingeschränkter Zugriff" done. Anyone knows a better solution?

Greetings Joe

 

Edited by JosefReisinger
Link to comment
Share on other sites

18 hours ago, piotrhn said:

EXPLORER

Please update explorer.exe to version: 5.0.3900.6920 from: Windows2000-KB324446-x86-JPN.exe

download here

https://mega.nz/#F!2lBVBBLI!WqmqhpxuX0qyCY1LiX4-gw?HlADUKib

 

 

https://twilczynski.com/windows/updates/

Hi.

KB3244476/KB324446(5.0.3900.xxxx) based on Windows 2000 "SP5".

It breaks some compatibility. So, I does not recommended to use it.

Link to comment
Share on other sites

On 11/17/2019 at 10:32 PM, JosefReisinger said:

@blackwingcat: I apologize. "ä" - cmd problem is not a problem of exkernel. It also exists in wxp32 and 64, and also in win7.  Is it a microsoft bug? I tried a workaround:

funny1.jpg.b97ceab9cc5c022fb7b36e16d60c5824.jpg

Result:

funny2.jpg.e3effac015fc7d745a1325d035b92f4f.jpg

As you can see, all of the characters are displayed wrong. Furthermore, ">" is displayed "1>". But the result seems to be OK. I can use it to get the "Eingeschränkter Zugriff" done. Anyone knows a better solution?

Greetings Joe

 

On 11/17/2019 at 10:32 PM, JosefReisinger said:

@blackwingcat: I apologize. "ä" - cmd problem is not a problem of exkernel. It also exists in wxp32 and 64, and also in win7.  Is it a microsoft bug? I tried a workaround:

funny1.jpg.b97ceab9cc5c022fb7b36e16d60c5824.jpg

Result:

funny2.jpg.e3effac015fc7d745a1325d035b92f4f.jpg

As you can see, all of the characters are displayed wrong. Furthermore, ">" is displayed "1>". But the result seems to be OK. I can use it to get the "Eingeschränkter Zugriff" done. Anyone knows a better solution?

Greetings Joe

 

 

 

On 11/12/2019 at 10:12 AM, JosefReisinger said:

@blackwingcat There are some more problems with exkernel v30e slipstreamed into w2k with hfslip. Registry acl get buggy, Subinacl has to be used. But for "restricted" in german we have to use "Eingeschränkter Zugriff" in additional.cmd - file. This will not work because of "ä". It produces Error (chcp standard - 850).

For examination, I copied exkernel files into a w2k machine (not slipstreamed). I did "cmd" and wrote "ä". It displays "ä" .

clip_image1.jpg.c8aa786c8b872c9049c5c39b17298dbc.jpg

Then I tried with a .cmd text file (notepad font is lucida console, script in german "Westlich" (western europe, no.1):

clip_image2.jpg.3530fa94967614079339141abaaef525.jpg

If I execute the .cmd - file, it comes out as something else: o with "tilde":

clip_image3.jpg.61aac775e29e139d73388817ce2d4b57.jpg

This error is an old one. It is also present with exkernel versions kernel32.dll v5.0.2195.7254 in year 2018. I did not notice, because I did not use .cmd files too often.

Suspicious files (examined with process explorer:

advapi32, cmd, gdi32, kernel32, msvcrt, ntdll, rpcrt4, user32.

ctype.nls, locale.nls, sortkey.nls, unicode.nls are original w2k DEU source dated 20.06.2003.

I also changed advapi32, explorer.exe, cmd.exe, ntdll.dll, rpcrt4.dll and user32 to original w2k DEU. No effect, the error remains (and more errors come up, as expected). I could not change kernel32 to original -> BSOD. So most suspicious is kernel32.dll.

Could you have a look on it?

Greetings Joe

PS: Thank you for giving new advice for localizing kernel32 in 2019!

 

Hi.

So, the extended kernel version cmd.exe was customized from XP version :3

Link to comment
Share on other sites

On 11/12/2019 at 10:12 AM, JosefReisinger said:

@blackwingcat There are some more problems with exkernel v30e slipstreamed into w2k with hfslip. Registry acl get buggy, Subinacl has to be used. But for "restricted" in german we have to use "Eingeschränkter Zugriff" in additional.cmd - file. This will not work because of "ä". It produces Error (chcp standard - 850).

For examination, I copied exkernel files into a w2k machine (not slipstreamed). I did "cmd" and wrote "ä". It displays "ä" .

clip_image1.jpg.c8aa786c8b872c9049c5c39b17298dbc.jpg

Then I tried with a .cmd text file (notepad font is lucida console, script in german "Westlich" (western europe, no.1):

clip_image2.jpg.3530fa94967614079339141abaaef525.jpg

If I execute the .cmd - file, it comes out as something else: o with "tilde":

clip_image3.jpg.61aac775e29e139d73388817ce2d4b57.jpg

This error is an old one. It is also present with exkernel versions kernel32.dll v5.0.2195.7254 in year 2018. I did not notice, because I did not use .cmd files too often.

Suspicious files (examined with process explorer:

advapi32, cmd, gdi32, kernel32, msvcrt, ntdll, rpcrt4, user32.

ctype.nls, locale.nls, sortkey.nls, unicode.nls are original w2k DEU source dated 20.06.2003.

I also changed advapi32, explorer.exe, cmd.exe, ntdll.dll, rpcrt4.dll and user32 to original w2k DEU. No effect, the error remains (and more errors come up, as expected). I could not change kernel32 to original -> BSOD. So most suspicious is kernel32.dll.

Could you have a look on it?

Greetings Joe

PS: Thank you for giving new advice for localizing kernel32 in 2019!

 

I described about it.

http://blog.livedoor.jp/blackwingcat/archives/1990650.html

 

Link to comment
Share on other sites

NETAPI32 from XP:

If you replace netapi32 to XP version, we have 2 missing APIS in samlib.dll ->SamGetCompatibilityMode; SamRidToSid

SAMLIB from 2k3 have all functions, should be compatible... :rolleyes:

 

ESET SMART SECURITY v8.0.319 v2015:

I succesfuly installed this version from 2015, but there's 1 missing API in ADVAPI32.DLL:

eComServer.exe->advapi32->RegSetKeyValueW

RegSetKeyValue its easy to implement. Add this from VISTA 4051

 

Quote

 RegSetKeyValueA:
          push    ebp
          mov    ebp,esp
          mov    eax,[ebp+0Ch]
          push    ebx
          push    esi
          xor    ebx,ebx
          xor    esi,esi
          cmp    eax,ebx
          jz     L77DBEE70
          cmp    [eax],bl
          jz     L77DBEE70
          push    ebx
          lea    ecx,[ebp+0Ch]
          push    ecx
          push    ebx
          push    00000002h
          push    ebx
          push    ebx
          push    ebx
          push    eax
          push    [ebp+08h]
          call    RegCreateKeyExA
          mov    esi,eax
          jmp    L77DBEE76
 L77DBEE70:
          mov    eax,[ebp+08h]
          mov    [ebp+0Ch],eax
 L77DBEE76:
          cmp    esi,ebx
          jnz    L77DBEE9F
          push    [ebp+1Ch]
          push    [ebp+18h]
          push    [ebp+14h]
          push    ebx
          push    [ebp+10h]
          push    [ebp+0Ch]
          call    RegSetValueExA
          mov    esi,eax
          mov    eax,[ebp+0Ch]
          cmp    eax,[ebp+08h]
          jz     L77DBEE9F
          push    eax
          call    RegCloseKey
 L77DBEE9F:
          mov    eax,esi
          pop    esi
          pop    ebx
          pop    ebp
          retn    0018h
;------------------------------------------------------------------------------
 RegSetKeyValueW:
          push    ebp
          mov    ebp,esp
          mov    eax,[ebp+0Ch]
          push    esi
          push    edi
          xor    esi,esi
          xor    edi,edi
          cmp    eax,esi
          jz     L77DBEED4
          cmp    [eax],si
          jz     L77DBEED4
          push    esi
          lea    ecx,[ebp+0Ch]
          push    ecx
          push    esi
          push    00000002h
          push    esi
          push    esi
          push    esi
          push    eax
          push    [ebp+08h]
          call    RegCreateKeyExW
          mov    edi,eax
          jmp    L77DBEEDA
 L77DBEED4:
          mov    eax,[ebp+08h]
          mov    [ebp+0Ch],eax
 L77DBEEDA:
          cmp    edi,esi
          jnz    L77DBEF03
          push    [ebp+1Ch]
          push    [ebp+18h]
          push    [ebp+14h]
          push    esi
          push    [ebp+10h]
          push    [ebp+0Ch]
          call    RegSetValueExW
          mov    edi,eax
          mov    eax,[ebp+0Ch]
          cmp    eax,[ebp+08h]
          jz     L77DBEF03
          push    eax
          call    RegCloseKey
 L77DBEF03:
          mov    eax,edi
          pop    edi
          pop    esi
          pop    ebp
          retn    0018h

 

Edited by piotrhn
...
Link to comment
Share on other sites

On 11/21/2019 at 1:26 AM, piotrhn said:

NETAPI32 from XP:

If you replace netapi32 to XP version, we have 2 missing APIS in samlib.dll ->SamGetCompatibilityMode; SamRidToSid

SAMLIB from 2k3 have all functions, should be compatible... :rolleyes:

 

ESET SMART SECURITY v8.0.319 v2015:

I succesfuly installed this version from 2015, but there's 1 missing API in ADVAPI32.DLL:

eComServer.exe->advapi32->RegSetKeyValueW

RegSetKeyValue its easy to implement. Add this from VISTA 4051

 

 

I just described the article http://blog.livedoor.jp/blackwingcat/archives/1990724.html

It had any problems on Cygwin. :3

 

Link to comment
Share on other sites

@blackwingcat "Microsoft and the codepage": This is Windows 10 german with exact the same error like w2k, xp and win 7: with ttf font lucida console ">" is displayed "1>" ::-(

No error with ä ö ü any longer. 

funny.jpg.09784b8957098a71482b730145510489.jpg

Greetings Joe

 

Edited by JosefReisinger
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...