forked from edtrejo/rdpwrap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
technical.txt
353 lines (290 loc) · 14.9 KB
/
technical.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
RDP Wrapper Library project by Stas'M
Terminal Services supported versions
6.0.X.X (Windows Vista, any) [policy hook only]
6.0.6000.16386 (Windows Vista) [policy hook + extended patch]
6.0.6000.20723 (Windows Vista with KB944917) [todo]
6.0.6001.18000 (Windows Vista SP1) [policy hook + extended patch]
6.0.6001.22286 (Windows Vista SP1 with KB958612) [todo]
6.0.6001.22357 (Windows Vista SP1 with KB958612 v2) [todo]
6.0.6001.22323 (Windows Vista SP1 with KB960742) [todo]
6.0.6001.22392 (Windows Vista SP1 with KB968680) [todo]
6.0.6001.22565 (Windows Vista SP1 with KB977541) [todo]
6.0.6001.22635 (Windows Vista SP1 with KB970911) [todo]
6.0.6001.22801 (Windows Vista SP1 with KB2381675) [todo]
6.0.6002.18005 (Windows Vista SP2) [policy hook + extended patch]
6.0.6002.22269 (Windows Vista SP2 with KB977541) [todo]
6.0.6002.22340 (Windows Vista SP2 with KB970911) [todo]
6.0.6002.22515 (Windows Vista SP2 with KB2381675) [todo]
6.0.6002.22641 (Windows Vista SP2 with KB2523307) [todo]
6.0.6002.22790 (Windows Vista SP2 with KB2672601) [todo]
6.0.6002.19214 (Windows Vista SP2 with KB3003743 GDR) [policy hook + extended patch]
6.0.6002.23521 (Windows Vista SP2 with KB3003743 LDR) [policy hook + extended patch]
6.1.X.X (Windows 7, any) [policy hook only]
6.1.7100.0 (Windows 7 Release Candidate) [todo]
6.1.7600.16385 (Windows 7) [policy hook + extended patch]
6.1.7600.20661 (Windows 7 with KB951422) [todo]
6.1.7600.21085 (Windows 7 with KB951422 v2) [todo]
6.1.7600.20621 (Windows 7 with KB979470) [todo]
6.1.7600.20890 (Windows 7 with KB2479710) [todo]
6.1.7600.21316 (Windows 7 with KB2750090) [todo]
6.1.7600.21420 (Windows 7 with KB2800789) [todo]
6.1.7601.17514 (Windows 7 SP1) [policy hook + extended patch]
6.1.7601.21855 (Windows 7 SP1 with KB951422 v2) [todo]
6.1.7601.21650 (Windows 7 SP1 with KB2479710) [todo]
6.1.7601.21866 (Windows 7 SP1 with KB2647409) [todo]
6.1.7601.22104 (Windows 7 SP1 with KB2750090) [todo]
6.1.7601.22213 (Windows 7 SP1 with KB2800789) [todo]
6.1.7601.22476 (Windows 7 SP1 with KB2870165) [todo]
6.1.7601.22435 (Windows 7 SP1 with KB2878424) [todo]
6.1.7601.22477 (Windows 7 SP1 with KB2896256) [todo]
6.1.7601.18540 (Windows 7 SP1 with KB2984972 GDR) [policy hook + extended patch]
6.1.7601.22750 (Windows 7 SP1 with KB2984972 LDR) [policy hook + extended patch]
6.1.7601.18637 (Windows 7 SP1 with KB3003743 GDR) [policy hook + extended patch]
6.1.7601.22843 (Windows 7 SP1 with KB3003743 LDR) [policy hook + extended patch]
6.1.7601.23403 (Windows 7 SP1 with KB3125574) [policy hook + extended patch]
6.2.8102.0 (Windows 8 Developer Preview) [policy hook + extended patch]
6.2.8250.0 (Windows 8 Consumer Preview) [policy hook + extended patch]
6.2.8400.0 (Windows 8 Release Preview) [policy hook + extended patch]
6.2.9200.16384 (Windows 8) [policy hook + extended patch]
6.2.9200.17048 (Windows 8 with KB2973501 GDR) [policy hook + extended patch]
6.2.9200.21166 (Windows 8 with KB2973501 LDR) [policy hook + extended patch]
6.3.9431.0 (Windows 8.1 Preview) [init hook + extended patch]
6.3.9600.16384 (Windows 8.1) [init hook + extended patch]
6.3.9600.17095 (Windows 8.1 with KB2959626) [init hook + extended patch]
6.3.9600.17415 (Windows 8.1 with KB3000850) [init hook + extended patch]
6.4.9841.0 (Windows 10 Technical Preview) [init hook + extended patch]
6.4.9860.0 (Windows 10 Technical Preview UP1) [init hook + extended patch]
6.4.9879.0 (Windows 10 Technical Preview UP2) [init hook + extended patch]
10.0.9926.0 (Windows 10 Pro Technical Preview) [init hook + extended patch]
10.0.10041.0 (Windows 10 Pro Technical Preview UP1) [init hook + extended patch]
10.0.10049.0 (Windows 10 Pro Technical Preview UP2) [todo]
10.0.10061.0 (Windows 10 Pro Technical Preview UP3) [todo]
10.0.10240.16384 (Windows 10 RTM) [init hook + extended patch]
10.0.10525.0 (Windows 10 th2_release.150812-1658) [todo]
10.0.10532.0 (Windows 10 th2_release.150822-1406) [todo]
10.0.10547.0 (Windows 10 th2_release.150913-1511) [todo]
10.0.10586.0 (Windows 10 th2_release.151029-1700) [init hook + extended patch]
10.0.10586.589 (Windows 10 th2_release.160906-1759) [init hook + extended patch]
10.0.11082.1000 (Windows 10 rs1_release.151210-2021) [init hook + extended patch]
10.0.11102.1000 (Windows 10 rs1_release.160113-1800) [init hook + extended patch]
10.0.14251.1000 (Windows 10 rs1_release.160124-1059) [init hook + extended patch]
10.0.14271.1000 (Windows 10 rs1_release.160218-2310) [init hook + extended patch]
10.0.14279.1000 (Windows 10 rs1_release.160229-1700) [init hook + extended patch]
10.0.14295.1000 (Windows 10 rs1_release.160318-1628) [init hook + extended patch]
10.0.14300.1000 (Windows Server 2016 Technical Preview 5) [init hook + extended patch]
10.0.14316.1000 (Windows 10 rs1_release.160402-2227) [init hook + extended patch]
10.0.14328.1000 (Windows 10 rs1_release.160418-1609) [init hook + extended patch]
10.0.14332.1001 (Windows 10 rs1_release.160422-1940) [init hook + extended patch]
10.0.14342.1000 (Windows 10 rs1_release.160506-1708) [init hook + extended patch]
10.0.14352.1002 (Windows 10 rs1_release.160522-1930) [init hook + extended patch]
10.0.14366.0 (Windows 10 rs1_release.160610-1700) [init hook + extended patch]
10.0.14367.0 (Windows 10 rs1_release.160613-1700) [init hook + extended patch]
10.0.14372.0 (Windows 10 rs1_release.160620-2342) [init hook + extended patch]
10.0.14379.0 (Windows 10 rs1_release.160627-1607) [init hook + extended patch]
10.0.14383.0 (Windows 10 rs1_release.160701-1839) [init hook + extended patch]
10.0.14385.0 (Windows 10 rs1_release.160706-1700) [init hook + extended patch]
10.0.14388.0 (Windows 10 rs1_release.160709-1635) [init hook + extended patch]
10.0.14393.0 (Windows 10 rs1_release.160715-1616) [init hook + extended patch]
10.0.14901.1000 (Windows 10 rs_prerelease.160805-1700) [init hook + extended patch]
10.0.14905.1000 (Windows 10 rs_prerelease.160811-1739) [init hook + extended patch]
10.0.14915.1000 (Windows 10 rs_prerelease.160826-1902) [init hook + extended patch]
10.0.14926.1000 (Windows 10 rs_prerelease.160910-1529) [init hook + extended patch]
10.0.14931.1000 (Windows 10 rs_prerelease.160916-1700) [init hook + extended patch]
10.0.14936.1000 (Windows 10 rs_prerelease.160923-1700) [init hook + extended patch]
10.0.14942.1000 (Windows 10 rs_prerelease.161003-1929) [init hook + extended patch]
10.0.14946.1000 (Windows 10 rs_prerelease.161007-1700) [init hook + extended patch]
10.0.14951.1000 (Windows 10 rs_prerelease.161014-1700) [init hook + extended patch]
Source code changelog (rdpwrap library):
2016.10.21 :
- added support for termsrv.dll 10.0.14951.1000
2016.10.19 :
- added support for termsrv.dll 10.0.14946.1000
2016.10.08 :
- added support for termsrv.dll 10.0.14942.1000
2016.09.30 :
- added support for termsrv.dll 10.0.14936.1000
2016.09.27 :
- added support for termsrv.dll 10.0.14931.1000
2016.09.15 :
- added support for termsrv.dll 10.0.14926.1000
2016.09.14 :
- added support for termsrv.dll 10.0.10586.589
2016.09.03 :
- added support for termsrv.dll 10.0.14915.1000
2016.08.28 :
- added support for termsrv.dll 6.1.7601.23403
- added support for termsrv.dll 10.0.14901.1000
- added support for termsrv.dll 10.0.14905.1000
2016.08.12 :
- added support for termsrv.dll 10.0.14385.0
2016.08.01 :
- preparing the release
2016.07.23 :
- added online install mode to installer
- added feature to keep settings on uninstall
- fixed update firewall rule on port change in config tool
- added feature to hide users on logon
2016.07.22 :
- added support for termsrv.dll 10.0.14393.0
2016.07.15 :
- added support for termsrv.dll 10.0.14383.0
- added support for termsrv.dll 10.0.14388.0
2016.07.06 :
- added support for termsrv.dll 10.0.14379.0
2016.06.27 :
- added support for termsrv.dll 10.0.14372.0 x86
2016.06.26 :
- added support for termsrv.dll 10.0.14372.0 x64 by kbmorris
2016.06.17 :
- fixed issue with termsrv.dll 10.0.14352.1002
- added support for termsrv.dll 10.0.14366.0
- added support for termsrv.dll 10.0.14367.0
2016.05.30 :
- added support for termsrv.dll 10.0.14352.1002
2016.05.14 :
- added support for termsrv.dll 10.0.14342.1000
2016.05.08 :
- added support for termsrv.dll 10.0.14300.1000 x64
- added support for termsrv.dll 10.0.14328.1000
2016.04.29 :
- added support for termsrv.dll 10.0.14332.1001 by maxpiva
2016.04.14 :
- added support for termsrv.dll 10.0.14316.1000
2016.04.06 :
- added support for termsrv.dll 10.0.14295.1000
2016.03.07 :
- added experimental codes for ARMv7 architecture (see rdpwrap-arm-kb.ini)
- Windows RT / termsrv.dll 6.2.9200.16384
- Windows RT 8.1 / termsrv.dll 6.3.9600.16384
- Windows RT 8.1 / termsrv.dll 6.3.9600.17095
2016.03.06 :
- added support for termsrv.dll 10.0.14279.1000
2016.02.29 :
- added support for termsrv.dll 10.0.14271.1000
2016.01.28 :
- added support for termsrv.dll 10.0.14251.1000
2016.01.26 :
- added support for termsrv.dll 10.0.11102.1000
2016.01.15 :
- updated messages in the installer
- added support for termsrv.dll 10.0.11082.1000
2015.11.14 :
- added support for termsrv.dll 10.0.10586.0
2015.08.11 :
- embed new rdpclip versions in the installer (for NT 6.0 and 6.1)
- preparing the release
2015.08.07 :
- added INI update feature to installer
2015.07.30 :
- fixed issue with Windows 10 Home x86 (wrong LocalOnly offset was specified in INI file)
2015.07.17 :
- added support for termsrv.dll 10.0.10240.16384
- added HOW TO hints to KB (so other reverse engineers can do this hard work more easier)
2015.07.16 :
- moved all comments from INI file to Knowledge Base text file
- now INI file have smaller size
- updated RDP checker: changed IP Address to 127.0.0.2 (sometimes client doesn't want to connect .1), updated text message
- updated RDP config: list all possible shadowing modes, also write group policy
- updated installer: added workaround for 1056 error
- updated copyright years in source code
- obtained files from build 10.0.10240.16384
- researching Windows 10 RTM
2015.03.23 :
- researching Windows 10 Pro Technical Preview UP1
- added support for termsrv.dll 10.0.10041.0
2015.03.20 :
- new build 10.0.10041.0 was released, obtaining files...
2015.01.26 :
- researching Windows 10 Pro Technical Preview (10.0.9926.0 x86)
- added support for termsrv.dll 10.0.9926.0 (x86)
2015.01.22 :
- v-yadli contributed offsets for version 10.0.9926.0 (x64)
2014.12.13 :
- added more policy values to INI file
2014.12.10 :
- C++ version seems to work well now!
- added support for termsrv.dll 6.4.9879.0
- preparing the new release
2014.12.09 :
- many bug fixes in C++ version, you can track it in the git history :)
- it can be compiled now :D
- we are getting closer to the finish line!
2014.12.03 :
- added INI reader by Fusix for C++ version
- asulwer also helped with the development
2014.11.25 :
- corrected some typos in INI file
- added EasyPrint policy value
2014.11.24 :
- added support for termsrv.dll 6.3.9600.17415
2014.11.21 :
- new LiteINI module to read INI files
- added support to store patch settings in INI file
- version support can be extended without recompilation
- C++ version needs to be updated
2014.11.20 :
- improved comments
- researching KB3000850
- found required files
- improving RDPWrap...
- placing signatures, offsets, values, etc in separate config file
- working with code
2014.11.13 :
- researching KB3003743
- added support for version 6.0.6002.19214
- added support for version 6.0.6002.23521
- added support for version 6.1.7601.18637
- added support for version 6.1.7601.22843
2014.11.02 :
- researching termsrv.dll 6.4.9860.0
- done
2014.10.19 :
- added support for version 6.0.6000.16386 (x64)
- added support for version 6.0.6001.18000 (x64)
- added support for version 6.1.7600.16385
2014.10.18 :
- corrected some typos in source
- simplified signature constants
- added support for version 6.0.6000.16386 (x86)
- added support for version 6.0.6001.18000 (x86)
- added support for version 6.0.6002.18005
- added support for version 6.1.7601.17514
- added support for version 6.1.7601.18540
- added support for version 6.1.7601.22750
- added support for version 6.2.9200.17048
- added support for version 6.2.9200.21166
2014.10.17 :
- collecting information about all versions of Terminal Services beginning from Vista
- added [todo] to the versions list
2014.10.16 :
- got new updates: KB2984972 for Win 7 (still works with 2 concurrent users) and KB2973501 for Win 8 (doesn't work)
2014.10.02 :
- researching Windows 10 TP Remote Desktop
- done! even without debugging symbols ^^)
2014.07.20 :
- added support for Windows 8 Release Preview
- added support for Windows 8 Consumer Preview
- added support for Windows 8 Developer Preview
2014.07.19 :
- improved patching of Windows 8
- added policy patches
- will patch CDefPolicy::Query
- will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
2014.07.18 :
- researched patched files from MDL forum
- CSLQuery::GetMaxSessions requires no patching
- it's better to change the default policy, so...
- will patch CDefPolicy::Query
- will patch CEnforcementCore::GetInstanceOfTSLicense
- will patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
- the function CSLQuery::Initialize is hooked correctly
2014.07.17 :
- will hook only CSLQuery::Initialize function
- CSLQuery::GetMaxSessions will be patched
- added x86 signatures for 6.3.9431.0 (Windows 8.1 Preview)
2014.07.16 :
- changing asm opcodes is bad, will hook CSL functions
2014.07.15 :
- added x86 signatures for 6.3.9600.16384 (Windows 8.1)
2014.07.15 :
- added x86 signatures for 6.3.9600.17095 (Windows 8.1 with KB2959626)