Jump to content











Photo
- - - - -

Booting from VHD in Grub4DOS


  • Please log in to reply
94 replies to this topic

#76 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13644 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 08 June 2015 - 01:58 PM

UNless some USB device is involved the USB (upper and lower, and also middle) filters are totally irrelevant.

As well there is no need to disable "many" services.

 

Traditionally (but I cannot recall the details) I seem to remember that Firadisk gave better results with map --mem RAW images whilst Winvblock gave good results with both --mem and direct map of the RAW image (or fixed VHD).

 

Also you don't really-really need a VM, you can use the first part of this:

http://reboot.pro/to...be-for-you-too/

to directly install the XP to the image directly mapped through grub4dos and Winvblock.

 

:duff:

Wonko



#77 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 09 June 2015 - 01:02 AM

[mount.cmd]
select vdisk file=C:\7E64.vhd
attach vdisk
diskpart /s mount.cmd

[mount1.cmd]
select vdisk file=C:\7E64.vhd
attach vdisk
diskpart /s mount1.cmd
rename F:\Windows\System32\drivers\firadisk.sy_ firadisk.sys
unmount.cmd

[mount2.cmd]
select vdisk file=C:\7E64.vhd
attach vdisk
diskpart /s mount2.cmd
rename F:\Windows\System32\drivers\firadisk.sys firadisk.sy_
unmount.cmd

[unmount.cmd]
select vdisk file=C:\7E64.vhd
detach vdisk
diskpart /s unmount.cmd

[Win7 Home Premium x64 Services]
[ACPI]
[AcpiPmi]
[AsyncMac]
[atapi]
[athr]
[AudioEndpointBuilder]
[Audiosrv]
[blbdrive]
[BTHMODEM]
[cdfs]
[cdrom]
[cmdide]
[CNG]
[CompositeBus]
[crcdisk]
[DcomLaunch]
[discache]
[disk]
[dmvsc]
[drmkaud]
[DXGKrnl]
[FiraDisk]
[FltMgr]
[FsDepends]
[Fs_Rec]
[HdAudAddService]
[HDAudBus]
[hidserv]
[HidUsb]
[hwpolicy]
[i8042prt]
[iaStorV]
[igfx]
[intelide]
[intelppm]
[isapnp]
[iScsiPrt]
[ISCT]
[iusb3hub]
[iusb3xhc]
[kbdclass]
[kbdhid]
[KSecDD]
[KSecPkg]
[ksthunk]
[ldap]
[luafv]
[MEIx64]
[MMCSS]
[monitor]
[mouclass]
[mouhid]
[mountmgr]
[mpio]
[msahci]
[msdsm]
[Msfs]
[mshidkmdf]
[msisadrv]
[MsRPC]
[mssmbios]
[MTConfig]
[NDIS]
[Ndisuio]
[Npfs]
[nsiproxy]
[Ntfs]
[Null]
[Parport]
[partmgr]
[pci]
[pciide]
[PEAUTH]
[PlugPlay]
[Power]
[Processor]
[ProfSvc]
[pwdrvio]
[pwdspio]
[rdbss]
[rdyboost]
[RpcEptMapper]
[RpcSs]
[rspndr]
[RTL8167]
[SamSs]
[sbp2port]
[Serenum]
[Serial]
[ShellHWDetection]
[spldr]
[SPVDPort]
[SPVVEngine]
[storflt]
[storvsc]
[swenum]
[Themes]
[THREADORDER]
[TSDDD]
[udfs]
[umbus]
[UmPass]
[usbccgp]
[usbcir]
[usbehci]
[usbhub]
[usbohci]
[usbprint]
[USBSTOR]
[usbuhci]
[UxSms]
[vdrvroot]
[vga]
[VgaSave]
[vhdmp]
[volmgr]
[volmgrx]
[volsnap]
[Wd]
[Wdf01000]
[WfpLwf]
[WudfPf]
[WUDFRd]
[wudfsvc]
 



#78 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 10 June 2015 - 11:03 AM

Anyone know how to surgically remove rdyboost (not disable, remooooove) ?



#79 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 08 July 2015 - 12:37 AM

In my tinkering i have changed the mechanism mistakenly that windows uses to check the validity & components, after gruelling rechecking i have concluded that slc.dll queries;
    
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ProductOptions]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\ProductOptions]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ProductOptions]

And reports this to SystemLicenseClient & passes validity of component.

SystemLicenseClient queries SLGetWindowsInformationDWORD.

I have not been able to repeat this anomally, but if one where to modify the dll to query [HKEY_LOCAL_MACHINE\FAKEHIVE\CurrentControlSet\ProductOptions], then any version of Win7 is then VHD bootable.

 

Or if one where to modify this key from WIM & make it readonly, and stop SYSTEM from modifying.

I leave this information to you!


Edited by DoleBludger, 08 July 2015 - 12:40 AM.


#80 Zoso

Zoso

    Silver Member

  • Advanced user
  • 640 posts
  •  
    Isle of Man

Posted 08 July 2015 - 01:29 AM

In my tinkering i have changed the mechanism mistakenly that windows uses to check the validity & components, after gruelling rechecking i have concluded that slc.dll queries;

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ProductOptions]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\ProductOptions]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ProductOptions]

And reports this to SystemLicenseClient & passes validity of component.

SystemLicenseClient queries SLGetWindowsInformationDWORD.

I have not been able to repeat this anomally, but if one where to modify the dll to query [HKEY_LOCAL_MACHINE\FAKEHIVE\CurrentControlSet\ProductOptions], then any version of Win7 is then VHD bootable.

Or if one where to modify this key from WIM & make it readonly, and stop SYSTEM from modifying.

I leave this information to you!


hi DoleBludger,

that could be very useful info! thanks for sharing it here.

#81 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 08 July 2015 - 11:35 AM

:1st: :cheerleader: :clap:

Winlogon calls Slui.exe

Slui.exe calls Slc.dll

Slc.dll checks registry & or tokens.dat

 

I was pointed to http://antiwpa.plane.../vista/oldstuff where there are files with slc already patched, albeit for vista, they work!

 

:bounce8:

I have booted Starter, HomePremium, HomePro x86 & x64 today from vhd on disk & vhd in ram :good:

 

Thankyou to the author of these files.

 

Be fast as the site is sometimes down :cold:



#82 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 08 July 2015 - 11:43 AM

:dubbio: If i can just get my dual core 98' to boot from VHD :beer:



#83 erwan.l

erwan.l

    Gold Member

  • Developer
  • 1920 posts
  • Location:Nantes - France
  •  
    France

Posted 08 July 2015 - 04:53 PM

:1st: :cheerleader: :clap:

Winlogon calls Slui.exe

Slui.exe calls Slc.dll

Slc.dll checks registry & or tokens.dat

 

I was pointed to http://antiwpa.plane.../vista/oldstuff where there are files with slc already patched, albeit for vista, they work!

 

:bounce8:

I have booted Starter, HomePremium, HomePro x86 & x64 today from vhd on disk & vhd in ram :good:

 

Thankyou to the author of these files.

 

Be fast as the site is sometimes down :cold:

 

Do you mean you had to patch some files in your vhd system in order to use the native vhd boot feature on a non enterprise windows version?

Can you describe the approach?

 

Did you try by just modifying the registry offline?

The files you mentionned are called rather later in the booting process and I kind of remember the error message appears quite early when attempting to vhd boot a non enterprise windows.



#84 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 08 July 2015 - 06:05 PM

 

The files you mentionned are called rather later in the booting process and I kind of remember the error message appears quite early when attempting to vhd boot a non enterprise windows

SLC.Dll is in anyone of the packages obtained from the link provided. You can replace in wim, during install or after the error. Anyone of the packages has a readme too.



#85 erwan.l

erwan.l

    Gold Member

  • Developer
  • 1920 posts
  • Location:Nantes - France
  •  
    France

Posted 08 July 2015 - 06:47 PM

SLC.Dll is in anyone of the packages obtained from the link provided. You can replace in wim, during install or after the error. Anyone of the packages has a readme too.

 

so you just replaced slc.dll? no other dll? no modification to the registry?

a full description would be nice.

 

also, you do mean native vhd boot right (i.e not using g4dos) ? using a windows version different than pro or enterprise?



#86 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 09 July 2015 - 07:35 AM

Yes, replaced SLC.DLL

Yes, no other dll

Yes, no modification to the registry

Yes, not using g4dos

Yes, using a windows version different than pro or enterprise



#87 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 10 July 2015 - 08:55 AM

Not much to describe :lamo:

 

Win7 to VHD until (Can't boot VHD)

Mount image in Host & replace slc.dll

Boot vhd with bcd.

 

:beer:

 

1 Slight frustration  :chair: no system properties from my computer :(


Edited by DoleBludger, 10 July 2015 - 08:57 AM.


#88 alacran

alacran

    Frequent Member

  • Advanced user
  • 473 posts
  •  
    Mexico

Posted 10 July 2015 - 08:58 AM

On Win7x64 ultimate:

slc.dll located in System32 is 30720 bytes

slc.dll located in sysWOW64 is 27132 bytes

 

on x64 systems Wich one did you replace? Did you replace both?

 

I know Win7x64 ultimate can natively boot from VHD, but other x64 versions as Pro or home can't.



#89 F...youidontcareanymore

F...youidontcareanymore

    Member

  • Members
  • 82 posts
  • Location:Adelaide
  •  
    Australia

Posted 13 July 2015 - 10:08 AM

I typed.......then i erased, it took 5 minutes!



#90 erwan.l

erwan.l

    Gold Member

  • Developer
  • 1920 posts
  • Location:Nantes - France
  •  
    France

Posted 14 July 2015 - 10:45 AM

Note for the dev guys out there ...

 

About the SLC.DLL patch, it patches SLGetWindowsInformationDWORD so that it returns always 1 (true).

This can have some impact on some calls which expect a value different than 1 so I would not do this on a production machine.

 

The same (safer) trick is used with some applications checking the windows version :

 

-check the imports and verify that slc.SLGetWindowsInformationDWORD  is called

-create a dummy slc.dll with one function named SLGetWindowsInformationDWORD  returning 1

-place it in the application folder

-application should no longer complain about a wrong windows version

 

Note that SLGetWindowsInformationDWORD seems to call ntdll.NtQueryLicenseValue .

And ultimately the information is stored in the registry (HKLM\System\CurrentControlSet\Control\ProductOptions) so modifying the right bit (kernel-nativevhdboot policy) in the registry sounds to me a safer approach.

 

In the screeshot below, my windows support native vhd boot (value=1).

Hexa : 4b,00,65,00,72,00,6e,00,65,00,6c,00,2d,00,4e,00,61,00,74,00,69,00,76,00,65,00,56,00,48,00,44,00,42,00,6f,00,6f,00,74,00,01

 

This approach sounds too "easy" as I am surprised came yet with an offline product policy editor (you cant edit it online) which would be a convenient and powerful tool to change windows features...

If somebody cares to try this theory, I could make such an editor (I would create a new thread on reboot.pro then...).

 

dHKGPKS.png

 

Note that the above may apply to windows prior to Windows 8 only (as it seems to get more complex starting with win8).



#91 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13644 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 14 July 2015 - 12:04 PM

Cannot an off-line registry file be modified by using the offline-registry editor that someone ;) already wrote? :unsure: 

:duff:
Wonko



#92 erwan.l

erwan.l

    Gold Member

  • Developer
  • 1920 posts
  • Location:Nantes - France
  •  
    France

Posted 14 July 2015 - 12:11 PM

Cannot an off-line registry file be modified by using the offline-registry editor that someone ;) already wrote? :unsure: 

:duff:
Wonko

 

You read my mind :)

 

But I am stuck with windows 7 integral versions over here.

 

I'd like to assert the following :

 

1-boot windows 7 pro, check kernel-nativevhdboot=0

2-modify this policy to 1 using an offline registry editor

3-boot windows 7 pro, check kernel-nativevhdboot=1 : idea here is to check that windows still boots ok and that it did not revert the policy

4-vhd boot windows 7 pro with kernel-nativevhdboot=1 modified in step 2

 

But I cannot imagine that to be so easy since this vhd boot feature has been discussed on so many places on the internet (and reboot.pro) .



#93 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13644 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 14 July 2015 - 03:06 PM

But I cannot imagine that to be so easy since this vhd boot feature has been discussed on so many places on the internet (and reboot.pro) .

Well, not really discussed that much.

Discussions on VHD boot there are plenty, but this is specific about circumventing a license limitation in order to have VHD boot working in versions that are not licensed for it, it's dangerously near the border, actually at least a few inches beyond the border, as I see it.

 

So all in all a series of off topic posts with also a direct link to an activation workaround that resulted being useful to workaround another license limitation. :dubbio:

 

:duff:

Wonko



#94 erwan.l

erwan.l

    Gold Member

  • Developer
  • 1920 posts
  • Location:Nantes - France
  •  
    France

Posted 14 July 2015 - 04:45 PM

Well, not really discussed that much.

Discussions on VHD boot there are plenty, but this is specific about circumventing a license limitation in order to have VHD boot working in versions that are not licensed for it, it's dangerously near the border, actually at least a few inches beyond the border, as I see it.

 

So all in all a series of off topic posts with also a direct link to an activation workaround that resulted being useful to workaround another license limitation. :dubbio:

 

:duff:

Wonko

 

Indeed, the border between reverse engineering and hacking is very thin.

The first is driven by knowledge, the second is driven by escaping license costs.

 

Although the word hacking there may be incorrect/disputed and many could give another definition.



#95 erwan.l

erwan.l

    Gold Member

  • Developer
  • 1920 posts
  • Location:Nantes - France
  •  
    France

Posted 14 July 2015 - 07:32 PM

Using useful informations found here, I did the below viewer.

Note that I am only reading (not writing) the online registry and I am not using any windows API.

 

A future version could write to the registry as well and/or perform read/write offline.

 

UH3CSP8.png

Attached Files


  • vvurat likes this




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users