Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


blackwingcat

KernelEx for Win2000

Recommended Posts

@blackwingcat There are some more problems with exkernel v30e slipstreamed into w2k with hfslip. Registry acl get buggy, Subinacl has to be used. But for "restricted" in german we have to use "Eingeschränkter Zugriff" in additional.cmd - file. This will not work because of "ä". It produces Error (chcp standard - 850).

For examination, I copied exkernel files into a w2k machine (not slipstreamed). I did "cmd" and wrote "ä". It displays "ä" .

clip_image1.jpg.c8aa786c8b872c9049c5c39b17298dbc.jpg

Then I tried with a .cmd text file (notepad font is lucida console, script in german "Westlich" (western europe, no.1):

clip_image2.jpg.3530fa94967614079339141abaaef525.jpg

If I execute the .cmd - file, it comes out as something else: o with "tilde":

clip_image3.jpg.61aac775e29e139d73388817ce2d4b57.jpg

This error is an old one. It is also present with exkernel versions kernel32.dll v5.0.2195.7254 in year 2018. I did not notice, because I did not use .cmd files too often.

Suspicious files (examined with process explorer:

advapi32, cmd, gdi32, kernel32, msvcrt, ntdll, rpcrt4, user32.

ctype.nls, locale.nls, sortkey.nls, unicode.nls are original w2k DEU source dated 20.06.2003.

I also changed advapi32, explorer.exe, cmd.exe, ntdll.dll, rpcrt4.dll and user32 to original w2k DEU. No effect, the error remains (and more errors come up, as expected). I could not change kernel32 to original -> BSOD. So most suspicious is kernel32.dll.

Could you have a look on it?

Greetings Joe

PS: Thank you for giving new advice for localizing kernel32 in 2019!

 

Edited by JosefReisinger

Share this post


Link to post
Share on other sites

@blackwingcat: I apologize. "ä" - cmd problem is not a problem of exkernel. It also exists in wxp32 and 64, and also in win7.  Is it a microsoft bug? I tried a workaround:

funny1.jpg.b97ceab9cc5c022fb7b36e16d60c5824.jpg

Result:

funny2.jpg.e3effac015fc7d745a1325d035b92f4f.jpg

As you can see, all of the characters are displayed wrong. Furthermore, ">" is displayed "1>". But the result seems to be OK. I can use it to get the "Eingeschränkter Zugriff" done. Anyone knows a better solution?

Greetings Joe

 

Edited by JosefReisinger

Share this post


Link to post
Share on other sites

Hi blackwingcat,

 

I'm tried to run Process Explorer v16.30. There's some missing API

procexp.exe ->NTDLL.DLL:

NtResumeProcess

NtSuspendProcess

 

procexp.sys ->NTOSKRNL.EXE:

ObCloseHandle

Share this post


Link to post
Share on other sites
18 hours ago, piotrhn said:

EXPLORER

Please update explorer.exe to version: 5.0.3900.6920 from: Windows2000-KB324446-x86-JPN.exe

download here

https://mega.nz/#F!2lBVBBLI!WqmqhpxuX0qyCY1LiX4-gw?HlADUKib

 

 

https://twilczynski.com/windows/updates/

Hi.

KB3244476/KB324446(5.0.3900.xxxx) based on Windows 2000 "SP5".

It breaks some compatibility. So, I does not recommended to use it.

Share this post


Link to post
Share on other sites
On 11/17/2019 at 10:32 PM, JosefReisinger said:

@blackwingcat: I apologize. "ä" - cmd problem is not a problem of exkernel. It also exists in wxp32 and 64, and also in win7.  Is it a microsoft bug? I tried a workaround:

funny1.jpg.b97ceab9cc5c022fb7b36e16d60c5824.jpg

Result:

funny2.jpg.e3effac015fc7d745a1325d035b92f4f.jpg

As you can see, all of the characters are displayed wrong. Furthermore, ">" is displayed "1>". But the result seems to be OK. I can use it to get the "Eingeschränkter Zugriff" done. Anyone knows a better solution?

Greetings Joe

 

On 11/17/2019 at 10:32 PM, JosefReisinger said:

@blackwingcat: I apologize. "ä" - cmd problem is not a problem of exkernel. It also exists in wxp32 and 64, and also in win7.  Is it a microsoft bug? I tried a workaround:

funny1.jpg.b97ceab9cc5c022fb7b36e16d60c5824.jpg

Result:

funny2.jpg.e3effac015fc7d745a1325d035b92f4f.jpg

As you can see, all of the characters are displayed wrong. Furthermore, ">" is displayed "1>". But the result seems to be OK. I can use it to get the "Eingeschränkter Zugriff" done. Anyone knows a better solution?

Greetings Joe

 

 

 

On 11/12/2019 at 10:12 AM, JosefReisinger said:

@blackwingcat There are some more problems with exkernel v30e slipstreamed into w2k with hfslip. Registry acl get buggy, Subinacl has to be used. But for "restricted" in german we have to use "Eingeschränkter Zugriff" in additional.cmd - file. This will not work because of "ä". It produces Error (chcp standard - 850).

For examination, I copied exkernel files into a w2k machine (not slipstreamed). I did "cmd" and wrote "ä". It displays "ä" .

clip_image1.jpg.c8aa786c8b872c9049c5c39b17298dbc.jpg

Then I tried with a .cmd text file (notepad font is lucida console, script in german "Westlich" (western europe, no.1):

clip_image2.jpg.3530fa94967614079339141abaaef525.jpg

If I execute the .cmd - file, it comes out as something else: o with "tilde":

clip_image3.jpg.61aac775e29e139d73388817ce2d4b57.jpg

This error is an old one. It is also present with exkernel versions kernel32.dll v5.0.2195.7254 in year 2018. I did not notice, because I did not use .cmd files too often.

Suspicious files (examined with process explorer:

advapi32, cmd, gdi32, kernel32, msvcrt, ntdll, rpcrt4, user32.

ctype.nls, locale.nls, sortkey.nls, unicode.nls are original w2k DEU source dated 20.06.2003.

I also changed advapi32, explorer.exe, cmd.exe, ntdll.dll, rpcrt4.dll and user32 to original w2k DEU. No effect, the error remains (and more errors come up, as expected). I could not change kernel32 to original -> BSOD. So most suspicious is kernel32.dll.

Could you have a look on it?

Greetings Joe

PS: Thank you for giving new advice for localizing kernel32 in 2019!

 

Hi.

So, the extended kernel version cmd.exe was customized from XP version :3

Share this post


Link to post
Share on other sites
On 11/12/2019 at 10:12 AM, JosefReisinger said:

@blackwingcat There are some more problems with exkernel v30e slipstreamed into w2k with hfslip. Registry acl get buggy, Subinacl has to be used. But for "restricted" in german we have to use "Eingeschränkter Zugriff" in additional.cmd - file. This will not work because of "ä". It produces Error (chcp standard - 850).

For examination, I copied exkernel files into a w2k machine (not slipstreamed). I did "cmd" and wrote "ä". It displays "ä" .

clip_image1.jpg.c8aa786c8b872c9049c5c39b17298dbc.jpg

Then I tried with a .cmd text file (notepad font is lucida console, script in german "Westlich" (western europe, no.1):

clip_image2.jpg.3530fa94967614079339141abaaef525.jpg

If I execute the .cmd - file, it comes out as something else: o with "tilde":

clip_image3.jpg.61aac775e29e139d73388817ce2d4b57.jpg

This error is an old one. It is also present with exkernel versions kernel32.dll v5.0.2195.7254 in year 2018. I did not notice, because I did not use .cmd files too often.

Suspicious files (examined with process explorer:

advapi32, cmd, gdi32, kernel32, msvcrt, ntdll, rpcrt4, user32.

ctype.nls, locale.nls, sortkey.nls, unicode.nls are original w2k DEU source dated 20.06.2003.

I also changed advapi32, explorer.exe, cmd.exe, ntdll.dll, rpcrt4.dll and user32 to original w2k DEU. No effect, the error remains (and more errors come up, as expected). I could not change kernel32 to original -> BSOD. So most suspicious is kernel32.dll.

Could you have a look on it?

Greetings Joe

PS: Thank you for giving new advice for localizing kernel32 in 2019!

 

I described about it.

http://blog.livedoor.jp/blackwingcat/archives/1990650.html

 

Share this post


Link to post
Share on other sites

NETAPI32 from XP:

If you replace netapi32 to XP version, we have 2 missing APIS in samlib.dll ->SamGetCompatibilityMode; SamRidToSid

SAMLIB from 2k3 have all functions, should be compatible... :rolleyes:

 

ESET SMART SECURITY v8.0.319 v2015:

I succesfuly installed this version from 2015, but there's 1 missing API in ADVAPI32.DLL:

eComServer.exe->advapi32->RegSetKeyValueW

RegSetKeyValue its easy to implement. Add this from VISTA 4051

 

Quote

 RegSetKeyValueA:
          push    ebp
          mov    ebp,esp
          mov    eax,[ebp+0Ch]
          push    ebx
          push    esi
          xor    ebx,ebx
          xor    esi,esi
          cmp    eax,ebx
          jz     L77DBEE70
          cmp    [eax],bl
          jz     L77DBEE70
          push    ebx
          lea    ecx,[ebp+0Ch]
          push    ecx
          push    ebx
          push    00000002h
          push    ebx
          push    ebx
          push    ebx
          push    eax
          push    [ebp+08h]
          call    RegCreateKeyExA
          mov    esi,eax
          jmp    L77DBEE76
 L77DBEE70:
          mov    eax,[ebp+08h]
          mov    [ebp+0Ch],eax
 L77DBEE76:
          cmp    esi,ebx
          jnz    L77DBEE9F
          push    [ebp+1Ch]
          push    [ebp+18h]
          push    [ebp+14h]
          push    ebx
          push    [ebp+10h]
          push    [ebp+0Ch]
          call    RegSetValueExA
          mov    esi,eax
          mov    eax,[ebp+0Ch]
          cmp    eax,[ebp+08h]
          jz     L77DBEE9F
          push    eax
          call    RegCloseKey
 L77DBEE9F:
          mov    eax,esi
          pop    esi
          pop    ebx
          pop    ebp
          retn    0018h
;------------------------------------------------------------------------------
 RegSetKeyValueW:
          push    ebp
          mov    ebp,esp
          mov    eax,[ebp+0Ch]
          push    esi
          push    edi
          xor    esi,esi
          xor    edi,edi
          cmp    eax,esi
          jz     L77DBEED4
          cmp    [eax],si
          jz     L77DBEED4
          push    esi
          lea    ecx,[ebp+0Ch]
          push    ecx
          push    esi
          push    00000002h
          push    esi
          push    esi
          push    esi
          push    eax
          push    [ebp+08h]
          call    RegCreateKeyExW
          mov    edi,eax
          jmp    L77DBEEDA
 L77DBEED4:
          mov    eax,[ebp+08h]
          mov    [ebp+0Ch],eax
 L77DBEEDA:
          cmp    edi,esi
          jnz    L77DBEF03
          push    [ebp+1Ch]
          push    [ebp+18h]
          push    [ebp+14h]
          push    esi
          push    [ebp+10h]
          push    [ebp+0Ch]
          call    RegSetValueExW
          mov    edi,eax
          mov    eax,[ebp+0Ch]
          cmp    eax,[ebp+08h]
          jz     L77DBEF03
          push    eax
          call    RegCloseKey
 L77DBEF03:
          mov    eax,edi
          pop    edi
          pop    esi
          pop    ebp
          retn    0018h

 

Edited by piotrhn
...

Share this post


Link to post
Share on other sites
3 hours ago, JosefReisinger said:

@blackwingcat Thank you for Explanation. How can we provide loading ttf font in cmd with hfslip Installation?

Greetings Joe

 

I made a .reg file for it.  I think best place is HFSVCPACK.

Greetings

font.reg

Share this post


Link to post
Share on other sites
On 11/21/2019 at 1:26 AM, piotrhn said:

NETAPI32 from XP:

If you replace netapi32 to XP version, we have 2 missing APIS in samlib.dll ->SamGetCompatibilityMode; SamRidToSid

SAMLIB from 2k3 have all functions, should be compatible... :rolleyes:

 

ESET SMART SECURITY v8.0.319 v2015:

I succesfuly installed this version from 2015, but there's 1 missing API in ADVAPI32.DLL:

eComServer.exe->advapi32->RegSetKeyValueW

RegSetKeyValue its easy to implement. Add this from VISTA 4051

 

 

I just described the article http://blog.livedoor.jp/blackwingcat/archives/1990724.html

It had any problems on Cygwin. :3

 

Share this post


Link to post
Share on other sites

@blackwingcat "Microsoft and the codepage": This is Windows 10 german with exact the same error like w2k, xp and win 7: with ttf font lucida console ">" is displayed "1>" ::-(

No error with ä ö ü any longer. 

funny.jpg.09784b8957098a71482b730145510489.jpg

Greetings Joe

 

Edited by JosefReisinger

Share this post


Link to post
Share on other sites
22 hours ago, caliber said:

is it possible to run NET 4.5 on XP ?

The installation is possible, but it does not work at all.

.Net 4.5 Binaries were made for Windows 7.

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...