Jump to content











Photo

How to: Modify bootmgr of Windows 8


  • Please log in to reply
69 replies to this topic

#26 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13586 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 10 June 2013 - 02:53 PM

Hi all

 

Apologies for dragging this thread up but i'm at my wits end. Has anyone got a pre-compiled version of BMZip they can upload? I am having serious problems getting it to compile.

 

Thanks

Aren't the compiled version(s) available on Coderforlife's site working? :unsure:

http://www.coderforl...in7boot/extras/

http://www.coderforl...t/extras/#bmzip

 

:cheers:

Wonko



#27 coderforlife

coderforlife
  • Members
  • 9 posts
  •  
    United States

Posted 10 June 2013 - 11:36 PM

They should at least partially work for Windows 8. I haven't released the source for the complete bmzip - I don't think. I have released the mscompression and it has been updated a lot since this was published (bugs fixes and speed increases). Please tell me what you are looking for by emailing me and I will email you back.

#28 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13586 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 11 June 2013 - 03:06 PM

They should at least partially work for Windows 8. I haven't released the source for the complete bmzip - I don't think. I have released the mscompression and it has been updated a lot since this was published (bugs fixes and speed increases). Please tell me what you are looking for by emailing me and I will email you back.

If I may , wouldn't it be more logical to upload an updated source (if any) and have on your site the same version pre-built?

 

This way coders can have the source and "normal users" can have the pre-built app.

 

But, specifically, user city24 reported success with BMZIP built from source on 16 September 2012.

The built app on your site is " updated 2012-11-08", so, unless there is a "regression bug of some kind" the .exe should work :dubbio:

 

 

:cheers:

Wonko



#29 LeightonJames

LeightonJames
  • Members
  • 7 posts
  •  
    United Kingdom

Posted 12 June 2013 - 09:23 AM

When I tried the version from the coderforlife with a bootmgr file from a Windows 8 Professional 32 bit iso i get the following errors:

 

Warning: trying to read from beyond the beginning of the dictionary, will fill w
ith zeroes
Warning: flags is unexpected value: 4
Warning: flags is unexpected value: F
Warning: flags is unexpected value: D
Warning: flags is unexpected value: 0
Warning: flags is unexpected value: D
Warning: flags is unexpected value: 5
Warning: flags is unexpected value: A
Warning: flags is unexpected value: 3
Warning: flags is unexpected value: C
Warning: flags is unexpected value: 3
Warning: flags is unexpected value: 1
Warning: flags is unexpected value: A
Warning: flags is unexpected value: 8
Warning: flags is unexpected value: 3
Warning: flags is unexpected value: C
Warning: flags is unexpected value: 6
395565, 3354, 398156, 3
Could not decompress data: 13
 
 


#30 coderforlife

coderforlife
  • Members
  • 9 posts
  •  
    United States

Posted 16 June 2013 - 06:48 AM

Apparently the compiled version on my website does not support Windows 8 bootmgr. I am going to look back at the work and see where I was and try to get a working version for Windows 8 up.



#31 paraglider

paraglider

    Gold Member

  • .script developer
  • 1701 posts
  • Location:NC,USA
  •  
    United States

Posted 16 June 2013 - 12:53 PM

Here is the version that works for me:

 

http://www.paraglide...files/bmzip.zip



#32 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 16 June 2013 - 06:52 PM

Most likely a minor/silly bug in bmzip, as my tool that uses your library can decompress all fine, even latest Win8 version.



#33 paraglider

paraglider

    Gold Member

  • .script developer
  • 1701 posts
  • Location:NC,USA
  •  
    United States

Posted 17 June 2013 - 11:48 AM

Joakin,

 

Did you have an updated patch from the first post for the release version of bootmgr.exe ( 6.2.9200.16384 )?



#34 LeightonJames

LeightonJames
  • Members
  • 7 posts
  •  
    United Kingdom

Posted 02 July 2013 - 03:15 PM

Apparently the compiled version on my website does not support Windows 8 bootmgr. I am going to look back at the work and see where I was and try to get a working version for Windows 8 up.

I found the problem with source on the github site, line 92 of bmzip.cpp had an extra ; where it wasn't needed:

 

Version; v = GetBootmanagerVersion((void*)(bm_data+1));

 

removing the ; after Version allowed me to compile the exe and I now have a multiboot Winodws 7 and Windows 8 USB drive using install.wim files.

 

Thanks



#35 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13586 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 02 July 2013 - 04:40 PM

I found the problem with source on the github site, line 92 of bmzip.cpp had an extra ; where it wasn't needed:

 

Version; v = GetBootmanagerVersion((void*)(bm_data+1));

 

removing the ; after Version allowed me to compile the exe and I now have a multiboot Winodws 7 and Windows 8 USB drive using install.wim files.

 

Thanks

Can you post the now working compiled version (so other people may make use of that)?

 

:cheers:

Wonko



#36 LeightonJames

LeightonJames
  • Members
  • 7 posts
  •  
    United Kingdom

Posted 02 July 2013 - 07:49 PM

Here it is if it is ok with coderforlife. If not I will remove the file.

 

https://docs.google....dit?usp=sharing

 

Don't forget the mscompression.dll or this won't work.

 

Thanks



#37 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 03 July 2013 - 11:31 PM

Good you found it :)



#38 coderforlife

coderforlife
  • Members
  • 9 posts
  •  
    United States

Posted 07 July 2013 - 09:37 PM

Thanks! I have been super busy as I just had to move (a bit of a surprise to me, I was planning to move in September). Oddly, I cannot find that extra semi-colon in the source (not my local copies or the GitHub sources). The line you speak of is actually on line 90 not 92 in what I see. I am curious why there is a discrepancy in what we see.

 

You can keep the compiled version posted. Hopefully when a few things at work calm down and I am settled into my new place I will be able to focus more on this.

 

Thanks!



#39 Sergey.del

Sergey.del
  • Members
  • 4 posts
  •  
    Russian Federation

Posted 17 November 2013 - 08:35 AM

How I can change "boot" path to "8x64"?

Thanks.



#40 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 17 November 2013 - 04:31 PM

There's a string inside bootmgr.exe that needs to be changed. But first you need to remove the 16-bit stub and decompress the compressed bootmgr. Then you need to change the string. Then you need to patch it for integrity checks, unless you put TESTSIGNING and/or NOINTEGRITYCHECKS in your BCD entry for {BOOTMGR} (depending on what you patched or not). And then finally re-compress it, and then re-attach the 16-bit stub. 

 

This is probably not that straight forward.



#41 Sergey.del

Sergey.del
  • Members
  • 4 posts
  •  
    Russian Federation

Posted 18 November 2013 - 02:37 AM

Many thanks, Joakim.

And what changes need to be done with the BOOTMGR_Recompiler_v2.au3 file for automatic change of these lines?



#42 Sergey.del

Sergey.del
  • Members
  • 4 posts
  •  
    Russian Federation

Posted 18 November 2013 - 04:07 AM

I would alter a source code, but I do not know the AutoIt. I program on a C ++ and pascal.



#43 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 18 November 2013 - 04:11 PM

Many thanks, Joakim.

And what changes need to be done with the BOOTMGR_Recompiler_v2.au3 file for automatic change of these lines?

Well, as the name of the tool implies, it will recompile bootmgr when you are done editing. That means the tool will not decompile, nor patch anything inside bootmgr.exe (except updating the checksum in the pe header if incorrect). Use the bmzip linked to earlier in this thread to decompile it.



#44 Sergey.del

Sergey.del
  • Members
  • 4 posts
  •  
    Russian Federation

Posted 18 November 2013 - 04:27 PM

When I will be in Norway...  :cheers:



#45 CtrlSoft

CtrlSoft
  • Members
  • 2 posts
  •  
    Moldova

Posted 23 April 2014 - 06:46 PM

How about bootmgr.efi? 

 

Thx!



#46 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 24 April 2014 - 10:57 AM

The tool does not support it. And I have not yet looked at the efi version, so don't know much about it.

#47 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13586 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 18 August 2014 - 08:56 AM

I must have missed something somewhere in joakim's :thumbsup: posts which might be a sign that either the decompression method for the Windows 8 Bootmgr has not been explained in plain enough words :w00t: or that I am aging :ph34r:
 
However, facts:
  • the "old" lznt1 tools seemingly do not work on the windows 8 version (or it is not clear which part is needed to take off the bootmgr to have it decompressed).
  • the compiled bmzip on coderforlife's page does not work (as reported by LeightonJames)
  • the "compression tools" by joakim also don't work (or it is not clear which part is needed to take off the bootmgr to have it decompressed)
  • the version posted by paraglider is seemingly a stupid 64 bit version :frusty:
  • the version later posted by LeightonJames needs the compression.dll (which is inside joakim's compression tools) BUT also asked me for a MSVR100D.dll :( (now I could have gone ahead and find it , and possibly another zillion other stupid .dll's the .exe might need/want, but I have played this game so many times that I am tired of it)
  • coderforlife (hoping that he is well :) and the move went fine) has not had the time/will to update the compiled version on his page
Thank goodness JFX :worship: was kind enough to post here:
http://www.msfn.org/...tmgr-windows-8/
a working version of Bmzip.exe, including MSCompression.dll :), needing NOT any other stupid .dll (and also a copy of PEchecksum.exe) that works fine with a very complex command line ;), such as:
 
 

bmzip bootmgr bootmgr.exe
:yahoo:
 
I hope this post will help those that will be looking for a fast way to decompress the BOOTMGR, avoiding at least part of the wild goose chase I had to endure.
 
Seriously guys, I doubt that if someone wanted to intentionally make it difficult in order to discourage someone from decompressing the bootmgr could have had more success, I will bookmark this thread as an example of how all good guys :), and all with the best of the intentions, can somehow manage to make things more difficult than needed for the "common user".
 
:duff:
Wonko

#48 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 18 August 2014 - 11:25 PM

I don't think it was that hard, but maybe we made it too hard to understand.

 

Compression method in bootmgr in Windows 8 changed to XpressHuff (4). The 16-bit code at the beginning of the file was not compressed. However, maybe it was locating the compressed data that was tricky. The library works as before. In fact I wipped together an au3 script compiled it, which would require a double click to get it working. Choose library to use for decompression. As mentioned in readme, the option was added so user can verify that XpressHuff decompression is broken in the implementation in ntdll.dll (grab one from a Windows 8 machine). The attached mscompression dlls are still the same as uploaded earlier with the other tool.

 

Download: http://www.mediafire...otmgrDecomp.zip

 

Note, this tool probably only works for decompressing Windows 8 bootmgr's, as the signature was different in Windows 7 I believe. But can easily be changed.



#49 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 13586 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 19 August 2014 - 08:33 AM

Yep, and possibly I am missing something, but - set aside the mess with the non working builds and the unavailability of a compiled working version of the bmzip (luckily provided by JFX), I see a "link" in the chain missing.

 

In the "old" Windows 7 instructions say that the 16 bit stub is to be stripped and that after it and before the compressed MZ there is a three byte header that is to be left, i..e. what is "fed" to your tools is including the three bytes "header". (and everything works nicely)

 

The "new" Windows 8 instruction talk extensively about the new 16 byte "header", with the "ID" of "BMXH" and of the meaning of the following fields :thumbsup:, but do not clear what needs to be stripped (or what needs to be fed to the tool, and/or which tool is to be used).

 

And NOTHING that was posted or linked to in this thread worked (not feeding it the "whole" BOOTMGR, nor feeding it stripped of just the 16 bit stub (i.e. beginning with BMXH) nor feeding it the "raw" compressed data (i.e. beginning with the MZ).

 

Same goes for your newly posted tool Win8BootmgrDecomp (which seemingly does "nothing" :w00t: :ph34r:), I just tested the 32 bit version, I  see from the .au3 source that you are looking for the leading part of the "header" you found "424D5848" or "BMXH", which should mean that - just like the JFX build of bmzip - what you feed to it is the "whole" unmodified BOOTMGR, and I can confirm that the file I am feeding it does contain that, and it is at offset 0x68A0.  

 

Still once I have selected  the MScompression.dll and the BOOTMGR, and confirmed "type 4", NOTHING happens.

If i select instead the (copy of a Windows 8 one) ntdll.dll, after some mumbling, it exits with error RtlDecompressBufferEx:0xC000242. :frusty:

 

Can you re-check (or make a "debugging build" with some more messages in case of errors)? 

 

 

:duff:

Wonko



#50 joakim

joakim

    Silver Member

  • Team Reboot
  • 910 posts
  • Location:Bergen
  •  
    Norway

Posted 19 August 2014 - 10:01 AM

Weird as it worked yesterday. I'll re-ckeck.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users