Jump to content











Photo
* * * * * 1 votes

H7PluginBuilder


  • Please log in to reply
259 replies to this topic

#126 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 07 March 2007 - 11:04 PM

More about %11% in standard .inf files you can read here

:P Exist those ocx files on a XPSP2 system? They do not on my XPSP1 one.

#127 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 07 March 2007 - 11:11 PM

yes i have one of it in my system32 directory


%11%\comctl32.ocx=2,,4 do you mean this :P

#128 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 08 March 2007 - 12:33 AM

yes i have one of it in my system32 directory

If %11% is really the value that psc suggests. All 3 files would have to exist on the system the file is running from. Else it would make no sense having those entries.
I could only find them in the subfolder of UBCD that i posted.

If i'm right the files need to be encoded into the script and you can forget %11%.
If psc is right all 3 files would be on every computer and you need to replace %11% by %windir%\system32.

%11%\comctl32.ocx=2,,4 do you mean this :P

Sorry, i don't understand. What do you wanna tell me by this?

:P

#129 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 08 March 2007 - 04:15 AM

If %11% is really the value that psc suggests. All 3 files would have to exist on the system the file is running from. Else it would make no sense having those entries.
I could only find them in the subfolder of UBCD that i posted.

If i'm right the files need to be encoded into the script and you can forget %11%.
If psc is right all 3 files would be on every computer and you need to replace %11% by %windir%\system32.



we are talking about the right way to convert this pebuilder plugin to script format,
so it dosn't matter if these exist on the user pc who's running the script or not ..
the only thing h7pluginbuilder should care about when converting .inf files to .script format is to make the plugin works the same way in both pebuilder and winbuilder .. right ?

%11% according to the msdn article are pointing to system32 directory on the pc which running the inf file .. so in script format this should look or converted like this %
WindowsDir%\System32

%11%\comctl32.ocx=2,,4
Sorry, i don't understand. What do you wanna tell me by this?


just want to tell you that you mixed betwean Directory Id and Attributes
you highlighted 4 not 2
4 is the attribute and 2 is the directory id (System32)

or i misunderstand you :P

:P

#130 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 08 March 2007 - 07:33 AM

%11% according to the msdn article are pointing to system32 directory on the pc which running the inf file .. so in script format this should look or converted like this %

To make the confusion complete:
'on the pc which running the inf file' is theoretically wrong:
When you are installing something (e.g. a driver) from an .inf file:
During install
  • Some files are copied from a floppy, CD, ... to your PC.
  • AND some registry entries are made to your PC about the copied files, using the %11%
When converting from BartPE, all files are not necessarily on your PC!

Peter


#131 MedEvil

MedEvil

    Platinum Member

  • .script developer
  • 7771 posts

Posted 08 March 2007 - 07:41 PM

we are talking about the right way to convert this pebuilder plugin to script format,
so it dosn't matter if these exist on the user pc who's running the script or not ..
the only thing h7pluginbuilder should care about when converting .inf files to .script format is to make the plugin works the same way in both pebuilder and winbuilder .. right ?

And for the plugin to work right you will need those files!

just want to tell you that you mixed betwean Directory Id and Attributes
you highlighted 4 not 2
4 is the attribute and 2 is the directory id (System32)

No, you did get me right, i just thought the 2 is the action and the 4 is the folder. Guess i confused it with something else.

@psc
What do you mean, the files don't have to exist?
The inf file is run during build and then %11% points to %windir%\system32 of the machine you build BPE on. :P

;cheers:

#132 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 09 March 2007 - 02:31 PM

Updated

#133 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 15 May 2007 - 04:40 PM

program updated

small fix's and some basic support to nsiscripts


http://h7se.boot-lan...ilder(v1.1).rar

#134 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 16 May 2007 - 11:14 PM

hi guys

i need some help to improve the capture registry command

please if anyone can convert this c++ code to vb,masm or any working clr code .. this will help a lot

http://www.codeguru....dll/LoadDll.zip

thanks

#135 Nuno Brito

Nuno Brito

    Platinum Member

  • .script developer
  • 10562 posts
  • Location:boot.wim
  • Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
  •  
    European Union

Posted 17 May 2007 - 09:00 AM

I'm a delphi coder myself, but what will that code do?

:confused1:

#136 Alexei

Alexei

    Silver Member

  • .script developer
  • 664 posts

Posted 17 May 2007 - 01:14 PM

I'm a delphi coder myself, but what will that code do?

:confused1:

As I understand, It hacks other process by injecting DLL into it.
That's common trick to trace Win activity.
Though I think, the better way is to use RegMon's driver.
You can find Regmon source code on the web.
I'm not sure of a legal status of the code that, I believe, used to be publicly available, but then was removed from original site.
However, it seems that reading this code to obtain knowledge can not be illegal. Please check your local law.
:confused1:
Alexei

Edit:
I googled for registry monitoring delphi
The first hit was http://delphi.about....l/aa052003a.htm
There are many more there :confused1:

#137 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 17 May 2007 - 05:11 PM

I'm a delphi coder myself, but what will that code do?

:confused1:



This sample will inject dll into some process then invoke function from the injected dll

i'm using similar code to inject OPK dll file into desired process to capture registry change's
but i couldn't code the part that call specifiec function from the injected dll .. so i placed the
code which redirect registry change's into DllEntry>>DLL_PROCESS_ATTACH .. that way when inject the dll it will work .. but also will capture needless regstiry value's


Though I think, the better way is to use RegMon's driver.
You can find Regmon source code on the web.
I'm not sure of a legal status of the code that, I believe, used to be publicly available, but then was removed from original site.
However, it seems that reading this code to obtain knowledge can not be illegal. Please check your local law.


i agree .. and already have it's source code :confused1:

but the same problem i don't know that much in c++ :confused1:


Thanks

#138 Nuno Brito

Nuno Brito

    Platinum Member

  • .script developer
  • 10562 posts
  • Location:boot.wim
  • Interests:I'm just a quiet simple person with a very quiet simple life living one day at a time..
  •  
    European Union

Posted 17 May 2007 - 06:24 PM

Wish I could help more - Alexei's link is very instructive (thanks!)

And now I understand what you need - you already know how to intercept the registry changes, but there is a lot of captured data which is redundant and not related to the application you're tracking, right?

Your idea is pretty good - this would ultimately become an "universal" way to know which registry keys are added in automatic fashion and would even allow your tool to "learn" which other keys get written while using the targeted application for a while (saving custom settings and such)

Sorry, I can't help you much on this area (no experience at all) but I wish you good luck - this is a good concept! :confused1:


btw: If you don't manage to port the code - why not compiling it as is and adapt to use along with your tool? Might be an easier alternative or perhaps switching to another code language, in either cases hope you can suceed.

:confused1:

#139 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 17 May 2007 - 11:06 PM

And now I understand what you need - you already know how to intercept the registry changes, but there is a lot of captured data which is redundant and not related to the application you're tracking, right?


Yes

--------

Thanks Nuno,Alexei

:confused1:

#140 Alexei

Alexei

    Silver Member

  • .script developer
  • 664 posts

Posted 18 May 2007 - 03:22 AM

i agree .. and already have it's source code :confused1:

but the same problem i don't know that much in c++ :confused1:
Thanks

You don't need to know much :confused1:
Program calls driver via Win32 DeviceControl passing handle to the "device", IOCTL code, and some other stuff.
Look for IOCTL in Regmon's driver code (what they do) and in GUI code (how to call).
With some minimal experimenting you'll get it :confused1:
You may find useful to start with calling DeviceControl for other devices, for ex. IOCTL_DISK_GET_DRIVE_GEOMETRY for disk drives.
It's fun :confused1:
:confused1:
Alexei

PS
There is also a tracker with detailed description
http://www.cs.berkel.../~lorch/vtrace/
http://www.cs.berkel.../vtrace/source/
http://www.eecs.berk...CSD-00-1093.pdf

#141 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 18 May 2007 - 02:48 PM

Thanks Alexei

#142 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 19 May 2007 - 10:49 AM

Hi

in case i go offline for a while new file "wb.xml" will act as syntax guide to the program ..

program updated

#143 TheHive

TheHive

    Platinum Member

  • .script developer
  • 4172 posts

Posted 19 May 2007 - 11:10 PM

Thanks. Hope you dont go offline to long.
Is the update posted in the first post. It still has the same version number.

#144 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 20 May 2007 - 01:43 AM

Thanks. Hope you dont go offline to long.


Thanks


Is the update posted in the first post. It still has the same version number.


Yes .. you can find the last updated vedsion here http://h7se.boot-land.net/

:confused1:

#145 TheHive

TheHive

    Platinum Member

  • .script developer
  • 4172 posts

Posted 20 May 2007 - 07:19 AM

Thanks!
Suggestion: Add link to your signature.

#146 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 20 May 2007 - 09:33 AM

Suggestion: Add link to your signature.

Thanks!


add config.xml where program setting is saved and where you can add file's and registry keys to ignore while capturing installation's


program updated

#147 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 24 May 2007 - 10:21 PM

Program updated (must redownload)

#148 parker

parker

    Newbie

  • Members
  • 11 posts
  •  
    Afghanistan

Posted 04 June 2007 - 10:57 AM

i found a bug , when converting a bartpe plugin with XPE shortcuts that create a subfolder
for example
0x2,"Sherpya\XPEinit\Programs","Sysinfo & Benchmark\CPU-Z","%Systemdrive%\Programs\cpu-z\cpuz.cmd"
then the shortcut created by the plugin builder is
Run,%BuildModelScript%,Add-Shortcut,"SM","#$pSystemDrive#$p\Programs\cpuz\cpuz.cmd","SysInfo & Benchmark\CPU-Z"
, this does not work and theres errors regarding shortcutWinExp.exe when building the project , thats because the subfolder needs to be after the SM and not in the name,like this
Run,%BuildModelScript%,Add-Shortcut,"SM/SysInfo & Benchmark","#$pSystemDrive#$p\Programs\cpuz\cpuz.cmd","CPU-Z"


#149 pscEx

pscEx

    Platinum Member

  • Team Reboot
  • 12707 posts
  • Location:Korschenbroich, Germany
  • Interests:What somebody else cannot do.
  •  
    European Union

Posted 04 June 2007 - 11:31 AM

i found a bug , when converting a bartpe plugin with XPE shortcuts that create a subfolder
for example

0x2,"Sherpya\XPEinit\Programs","Sysinfo & Benchmark\CPU-Z","%Systemdrive%\Programs\cpu-z\cpuz.cmd"
then the shortcut created by the plugin builder is
Run,%BuildModelScript%,Add-Shortcut,"SM","#$pSystemDrive#$p\Programs\cpuz\cpuz.cmd","SysInfo & Benchmark\CPU-Z"
, this does not work and theres errors regarding shortcutWinExp.exe when building the project , thats because the subfolder needs to be after the SM and not in the name,like this
Run,%BuildModelScript%,Add-Shortcut,"SM/SysInfo & Benchmark","#$pSystemDrive#$p\Programs\cpuz\cpuz.cmd","CPU-Z"

@h7se
As an addon:
If you change the program, please add the following:
Replace the hardcoded 'Programs' by something like:

IniRead,"%ProjectInfo%","TargetStrings","sProgram_Files",%WorkDir%
...
Run,%BuildModelScript%,Add-Shortcut,"SM","#$pSystemDrive#$p\%WorkDir%\cpuz\cpuz.cmd", ...


Peter

#150 h7se

h7se

    Frequent Member

  • Developer
  • 264 posts
  •  
    Palestine

Posted 04 June 2007 - 01:24 PM

i found a bug , when converting a bartpe plugin with XPE shortcuts that create a subfolder
for example

0x2,"Sherpya\XPEinit\Programs","Sysinfo & Benchmark\CPU-Z","%Systemdrive%\Programs\cpu-z\cpuz.cmd"
then the shortcut created by the plugin builder is
Run,%BuildModelScript%,Add-Shortcut,"SM","#$pSystemDrive#$p\Programs\cpuz\cpuz.cmd","SysInfo & Benchmark\CPU-Z"
, this does not work and theres errors regarding shortcutWinExp.exe when building the project , thats because the subfolder needs to be after the SM and not in the name,like this
Run,%BuildModelScript%,Add-Shortcut,"SM/SysInfo & Benchmark","#$pSystemDrive#$p\Programs\cpuz\cpuz.cmd","CPU-Z"


Is it "SM/SysInfo & Benchmark" OR "SM\SysInfo & Benchmark" ?

Thanks .. bug fixed


As an addon:
Replace the hardcoded 'Programs' by something like:
Peter


Done ..

program updated .. same link




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users