Windows Update with online proxy (my method) explained

[ItCoder]

In this post I'll explain how my method to restore Windows Update functionality works.

First of all, I'll do a recap on what Windows Update does by default:
When you start a new detection, it will:
1) Download wuredir.cab from a hardcoded URL and extract wuredir.xml (which contains URLs for wuident.cab, client.asmx, updateregulation.asmx and stat2fe)
2) Download wuident.cab from wuredir URL and extract wuident.txt
3) Look into wuident.txt to build an URL for selfupdate (for every Windows build there is a part of the URL that gets built togheter, the /SKIP means "do not selfupdate")
4) If selfupdate is to be done, download wsus3setup.cab and extract wsus3setup.inf (if 2000, XP or Server 2003) or *.cab files (Vista, 7 and Server 2008)
5) Check in wsus3setup.inf if every file version is correct and download and replace it in case (or check if *.cab files are installed)
6) Scan for updates using client.asmx and updateregulation.asmx URLs

Using the website this is a little different: wuident.cab URL is hardcoded and step 2-5 gets done before getting to the homepage.

The problem is that URLs in wuredir.xml for client.asmx and updateregulation.asmx are now non-functional and also https connections (client.asmx and wuident.cab) use a TLS1.2 certificate.
To restore functionality my proxy server:
1) Handles any HTTPS request with ProxHTTPSProxy v1.3a to ship a TLS1.0 certificate (supported on these OS).
2) Redirects any request made to fe2.update.microsoft.com and www.update.microsoft.com to Requestly (another proxy software)
3) Redirects www.update.microsoft.com/v6/ClientWebService/client.asmx (in wuredir.xml, not working) to fe2.update.microsoft.com/v6/ClientWebService/client.asmx (working)
4) Redirects www.update.microsoft.com/v6/UpdateRegulation/updateregulation.asmx (in wuredir.xml, not working) to fe2.update.microsoft.com/v6/UpdateRegulation/updateregulation.asmx (working)
This make Windows Update work well on every agent version (v3) except for the latest (7.6.7600.256) which blocks any non-Microsoft https connection. This is bypassed avoiding selfupdate:
5) Redirects any requests to /wuident.cab to a web.archive.org URL that contains a wuident.cab from 2006 (designed to work with agent 1 and 2) and add headers (required by Windows Update) content-length and last-modified (web.archive.org doesn't provide these). This wuident.cab doesn't contain any URL for agent v3 so selfupdate gets skipped (sometimes with 0x000000 code)

Now what the installer does:
1) On 2000, installs MSXML 4.0 (required to set the proxy)
2) On 2000, copies winhttp.dll to winhttp5.dll (in system32) to fix a bug with MSXML 4.0
3) On 2000, copies msxml3.dll to system32 (a bug in wusetup)
4) Installs Windows Update Agent 7.4.7600.226 (with WUForce to rollback on XP)
5) Copies Windows Update and Microsoft Update websites links on the desktop (they require ?g_sconsumersite=1)
6) Registers wuweb.dll (only on NT6.x) and muweb.dll
7) On 2000, updates root certificates
8) Imports ProxHTTPSProxy's CA (with updroots -l)
9) Adds some registry keys (to enable TLS1.0, HTTP1.1 and the proxy on IE)
10) Enables the proxy system-wide (proxycfg or netsh winhttp set proxy)
11) On Vista and 7, restarts the system (required)

The fix for Vista and 7 simply runs wusetup /uninstall to rollback the agent.