Aaron Posted September 13, 2003 Share Posted September 13, 2003 Just heard from a source that the process to add your own hacked files into a compressed cab file (EX_, DL_ and such) and getting past the digital signature protection can be done using the CAB SDK from Microsoft. More info soon!Edit: hmm, the only page I could find: http://msdn.microsoft.com/library/default..../html/cabdl.asp I'll be surprised if an app from 1997 works for creating CAB files for XP Link to comment Share on other sites More sharing options...
miso1391 Posted September 13, 2003 Author Share Posted September 13, 2003 HiAaronXPPlease don't trust your source ! hint :Click me hard Link to comment Share on other sites More sharing options...
Aaron Posted September 13, 2003 Share Posted September 13, 2003 What's special about Cabpack that allows Windows Setup to continue without error? Or did you make extra modifications to the UXTheme.dll file itself to bypass the Digital Signature? Link to comment Share on other sites More sharing options...
Yazoo Posted September 13, 2003 Share Posted September 13, 2003 I haven't got the UXTheme.dll to work yet, my last attempt failed at the GUI with an internal structure error. Also I am tired of erasing and then burning to CDR-W. I'm gonna get Virtual PC and then start again.@AaronXP: I guess the way to find out is to compress the DLL with Cabpack and see if the installer excepts it. I will give this a go later today after I get VPC. Link to comment Share on other sites More sharing options...
GreenMachine Posted September 13, 2003 Share Posted September 13, 2003 I am a little confused here. Setup does notice that the UXTHEME.DL_ and SFC_OS.DL_ are "incorrect", and reports so in the setuperr.log. This in itself does not seem to cause any errors ( ... on my system ... ). Does replacing a file with an "incorrect", yet working version generally cause an error, or stop setup? Otherwise, isn't there an OEM setting to allow OEM files to overwrite windows system files? Is the issue really with the compressor: why would CabPack be any better than MS's CabArc? Thanks for any light you can shed on this. Link to comment Share on other sites More sharing options...
Screemer Posted September 13, 2003 Share Posted September 13, 2003 I have a tip for you guys that want to add the hacked uxtheme.dll to a installed xp at least..This might have been discussed here but I am posting this anyhow.1. unpack the zip file. you'll get a uxtheme.dl_2. expand the uxtheme.dl_ using expand uxtheme.dl_ uxtheme.dll3. copy uxtheme.dll to c:\4. reboot into failsafe with command prompt5. cd %windir%\system32\6. rename uxtheme.dll uxtheme.dll.old7. cd\8. copy uxtheme.dll c:\%windir%\system32\uxtheme.dll9. reboot back into regular XPall done..I have used this method on 3 workstations and they all had fileprotection still enabled.. I LOVE THIS hacked version of uxtheme.dll.. Link to comment Share on other sites More sharing options...
miso1391 Posted September 13, 2003 Author Share Posted September 13, 2003 HiAaronXPI told you don't trust your source ( There is no Digital Signature )Last hint : If you click me I will kill you ! Link to comment Share on other sites More sharing options...
Yazoo Posted September 13, 2003 Share Posted September 13, 2003 Why don't you just come out and tell us what you did? I don't see the point in keeping this to yourself :/ Link to comment Share on other sites More sharing options...
Aaron Posted September 13, 2003 Share Posted September 13, 2003 Here's the setuperr.log I got when I used the hacked UXTHEME.DL_ and Metapad compressed into NOTEPAD.EX_:Error:D:\i386\NOTEPAD.EX_ was not copied to C:\WINDOWS\NOTEPAD.EXE because of the following error:No signature was present in the subject.***Error:Setup detected that the system file named [c:\windows\system32\uxtheme.dll] is not signed properlyby Microsoft. This file could not be restored to the correct Microsoft version.Use the SFC utility to verify the integrity of the file.***Still works fine though, Setup did not abort or show any screens to say one of the files failed to copy. Even if it did, it may have automatically proceeded. Notepad isn't present in the Windows or dllcache folder but its in System32. Link to comment Share on other sites More sharing options...
Yazoo Posted September 13, 2003 Share Posted September 13, 2003 I think makecab compressed the file to MSZIP format whereas CabPack allows the LZW compression. I think the setup checks for LZW somehow. God this is addictive wish I was home now and I would check it out. Link to comment Share on other sites More sharing options...
Aaron Posted September 13, 2003 Share Posted September 13, 2003 You are right, it seems miso1391's hacked UXTHEME.DL_ was made using LZX compression at a value of 21, and the byte size matches my created UXTHEME.DL_ (using cabpack) with miso1931's.Further tests shows that compressing UXTheme.dll with Windows XP's built-in makecab utility will cause setup to halt. Also, I'm testing the modified notepad.exe with LZX compression, to see if it actually copies to three different folders rather than one (not important, but willing to see the difference )Edit: no difference on notepad.exe whether its compressed with Windows XP's Makecab or Cabpack's LZX compression.I've noticed that miso1931's uxtheme.dll md5 sum is different to a hacked copy that I've had since SP1 came out, even though they carry the same byte size. The answer lies in that file rather than the compression used. Link to comment Share on other sites More sharing options...
Paul 365 Posted September 13, 2003 Share Posted September 13, 2003 It does have a different md5, but i did a BC of it the other day and it is only 2 bytes that are different. Hardly a lot but who knows....Edit - Unless that little change causes it to match the sig or md5 of the correct file.... Is that even possible? Link to comment Share on other sites More sharing options...
Aaron Posted September 13, 2003 Share Posted September 13, 2003 miso's uxtheme.dll needs to be hex-compared with vorte[x]'s hacked uxtheme.dll to see the slight different. (Vorte[x] was the source of the hacked uxtheme files for XP and XP SP1) Link to comment Share on other sites More sharing options...
Paul 365 Posted September 13, 2003 Share Posted September 13, 2003 Thats what i did, using Beyond compare. Link to comment Share on other sites More sharing options...
Aaron Posted September 13, 2003 Share Posted September 13, 2003 Thats what i did, using Beyond compare.Did it tell you what value was changed at what offset? I would like to try hex-editing vorte[x]'s hacked uxtheme.dll file to force Setup to allow this to go through. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now