Joshua's Win7peldr
#51
Posted 15 July 2009 - 02:53 PM
#52
Posted 15 July 2009 - 03:40 PM
All my winpe cd's works only max for one month!I wish someone would explain to me, why anyone would want to have an expire function on his PE, especialy since it is soooooooooooo easy to circumvent!
This is because if i lost or forget it, and someone found it, it is not so easy to use it.
My expire function is not so easy to circumvent because for example if you set:
from: 07/01/2009 to 07/10/2009 you have only a time window from 10 days to set the correct day for your windows clock!
If you don't know the correct expire distance, you have a long play time!
Joshua
#53
Posted 15 July 2009 - 04:17 PM
basicly with a little knowledge about (imagex, recreation iso's,..) it's very easy to bypass the password+expire function.
i have edit the prelogon.ini.
PreLogonPasswd=
PreLogonPasswdHardDisk=
PreLogonCryptedExpirationDateStart=
PreLogonCryptedExpirationDateEnd=
every entry to zero, and the function was disabled
--------------------------------------------------------------------------------------------------------------------------------------------------
May it's a good possibility trying to work in future with encrypted Contains like "Truecrypt".
so there is a known linux project: "Ubuntu Privacy Remix" for example.
it's possible to use an specified Truecrypt boot-loader for example (but i didn't tested it until now)
it sound interesting to use first an Truecrypt loader, and after the Truecrypt loader the Grubloader
so primary i don't know about legitimation if the Win7Pe for example is fully encrypted. ;(
regards
steel
#54
Posted 15 July 2009 - 05:00 PM
I can easily change this, to made it more difficult, but a person capable to do this, what you call 'with a little knowledge',basicly with a little knowledge about (imagex, recreation iso's,..) it's very easy to bypass the password+expire function.
every entry to zero, and the function was disabled
was also capable to build his own pe!
Joshua
#55
Posted 15 July 2009 - 05:35 PM
yes this is right.
but it was only a mind-feedback from my side, don't understand wrong
if you could make this little more secure, so then also smart guys has to spent more time to bypass functions
Regards
Steel
#56
Posted 15 July 2009 - 06:06 PM
For example, in delphi it's possible to specify a set of bytes that will be placed on the compiled binary.
To make things difficult, plant an array of given bytes that could later be retrieved with a byte signature.
Whenever the user sets the password and expire, write the respective MD5 checksum of the configuration file on the reserved array of bytes inside the executable and then place both on the boot disk folder.
This way nobody tampers with the configuration file unless he also knows where to edit the MD5 checksum. If it's too easy to spot the location of the MD5 signature, then add some spice and merge the result with a small formula using some value that is specific inside the configuration file like the month of the expire date.
To workaround these security measures would require a lot more work and even more complex measures could be applied..
Definitively easier to just rebuild a new project.
#57
Posted 15 July 2009 - 06:39 PM
I wish someone would explain to me, why anyone would want to have an expire function on his PE, especialy since it is soooooooooooo easy to circumvent!
I can think of one reason offhand. a IT company may want to expire the PE cd after a period of time to make sure their techs are using the latest builds and can't use them after they quit/are fired/etc. password protection won't work in these cases, as obviously the tech knows the password. IMHO passwords are only good to protect against leaving the cd in a customers drive accidentally.
#58
Posted 15 July 2009 - 07:04 PM
I may be wrong though
#59
Posted 15 July 2009 - 09:19 PM
your thinking about the24hr time limit. this is about setting an expiration date that the cd will stop working upon reaching. it is implemented by joshua's winpe7loaderI thought the expiry was part of the licence agreement for us using PE? so hacking about and disabling it will break the terms of use?
I may be wrong though
#60
Posted 15 July 2009 - 09:58 PM
oh right, that will teach me for not reading back and thus completely missing the point!!!!your thinking about the24hr time limit. this is about setting an expiration date that the cd will stop working upon reaching. it is implemented by joshua's winpe7loader
#61
Posted 16 July 2009 - 10:15 AM
New version is ready!basicly with a little knowledge about (imagex, recreation iso's,..) it's very easy to bypass the password+expire function.
i have edit the prelogon.ini.
PreLogonPasswd=
PreLogonPasswdHardDisk=
PreLogonCryptedExpirationDateStart=
PreLogonCryptedExpirationDateEnd=
every entry to zero, and the function was disabled
Zero entries are not supported!
If you edit the prelogin.ini, and set entry(s) to zero, system will reset!
PreLogonConfig was tested on windows7-rc1 also.
Joshua
#62
Posted 17 July 2009 - 10:51 AM
so as i could see you changed the PreLogon to force configure the Expiration date+password function right?
so may it's possible to have the old function to choose password/expire yes or no. And in combination to avoid Zero lines in the PreLogon.ini.?
so in the last script the activation where lines with encryption entrys. and with function deactivated the lines where blank.
so my mind is now, may it's possible to make a function choose, and equal if the user is saying yes or no (or mark, unmark) the lines will be encrypted?
Regards
Steel
#63
Posted 17 July 2009 - 11:00 AM
If you don't want, that the password expire, set expiration date end to year 2099!so may it's possible to have the old function to choose password/expire yes or no.
I think that is long enough!
Joshua
#64
Posted 17 July 2009 - 11:16 AM
Do you know the script of Max_Real_Qnx "ComBo_Box v5 scv.30 For VistaPE 11 & 12 RC1, April 12th 2009 Final version" with the Protection code feature (VPE logon) and VPE lock ?
It's a very good feature, with a beautiful login screen ...
Can you seen the VPE Logon feature in the goal to integrate in Win7PE...
I have seen but it's complicate (It's a Auto-IT script)...
thanks joshua for your good work
Combo Box
#65
Posted 17 July 2009 - 12:47 PM
I don't know about the script.Do you know the script of Max_Real_Qnx "ComBo_Box v5 scv.30 For VistaPE 11 & 12 RC1, April 12th 2009 Final version" with the Protection code feature (VPE logon) and VPE lock ?
I will look at it in the evening, and will give feedback!
I see no problems, to convert Auto-IT code to VB6, because Auto-IT code is similar to VB6 code.
Joshua
#66
Posted 17 July 2009 - 01:04 PM
If you don't want, that the password expire, set expiration date end to year 2099!
I think that is long enough!
Joshua
I presume that 22nd century archeologists finding this thingy won't be happy at all.
jaclaz
#67
Posted 17 July 2009 - 01:56 PM
I presume that 22nd century archeologists finding this thingy won't be happy at all.
Joshua
#68
Posted 20 July 2009 - 01:41 PM
Have you seen the combo box script ?
#69
Posted 21 July 2009 - 08:48 AM
#70
Posted 21 July 2009 - 09:29 AM
Did you use newest version? Did you disable shortcut plugin ?It works fine when with CD, but when I try to make win7pe usb drive, it does not create shortcuts. What can be wrong?
Joshua
#71
Posted 21 July 2009 - 10:06 AM
#72
Posted 23 July 2009 - 04:07 PM
Have you some news about the combo box script ?
#73
Posted 23 July 2009 - 04:12 PM
1. In the moment it will not work under win7pe.Have you some news about the combo box script ?
2. I like my password screen!
Joshua
#74
Posted 23 July 2009 - 04:48 PM
#75
Posted 23 July 2009 - 07:11 PM
This is the next thing on my todo list, and nearly ready!perhaps a script option to hide the progress window on start up would be a solution for people like yahooUK who don't like seeing a progress screen.
I am currently thinking about my own win7pe project ?!
Joshua
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users