Jump to content











Photo
- - - - -

[WIP] GetDeps


  • Please log in to reply
12 replies to this topic

#1 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 12 September 2016 - 11:03 PM

Hello team, over the weekend while working on another project, I had an idea for resolving all the various dependencies in WinPE when it comes to implementing various features, or just trying to get something to run, and this is what i came up with...

-Run ProcMon in the background.
-Capture ProcMon's output in realtime.

-Copy files from the windows source into our PE at runtime.
-Copy those files to another directory for later sort/inject into next PE image.

 

Instructions:
-Extract install.wim, or mount install.wim to .\Source

-Add Filters as necessary in .\Data\Filters.ini (for excluding files/data)


Download Lastest Version Here.

ScreenShot:

GetDeps.gif


Edited by Biatu, 12 September 2016 - 11:45 PM.

  • RoyM likes this

#2 TheHive

TheHive

    Platinum Member

  • .script developer
  • 4137 posts

Posted 13 September 2016 - 07:32 AM

Very nice. The screenshot explains what 

GetDeps

does. :fine:



#3 TheHive

TheHive

    Platinum Member

  • .script developer
  • 4137 posts

Posted 13 September 2016 - 07:38 AM

.../Pub/Dev/2016.09.12,%202119-%20GetDeps.7z  
Server Error
404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

 

 


#4 Atari800XL

Atari800XL

    Member

  • Members
  • 74 posts
  •  
    Netherlands

Posted 13 September 2016 - 10:32 AM

"Me too"...

 

(1) Nice tool, (2) Great gif, (3) Download failed.

 

(4) Thanks


  • Tripredacus likes this

#5 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 13 September 2016 - 12:32 PM

sorry for broken link guys, working on it.
 

Edit: ok, should be good now, new to IIS


Edited by Biatu, 13 September 2016 - 12:38 PM.


#6 Atari800XL

Atari800XL

    Member

  • Members
  • 74 posts
  •  
    Netherlands

Posted 14 September 2016 - 07:01 AM

So you're not sharing the source code anymore?

Too bad... but of course it's your decision to make.



#7 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 14 September 2016 - 01:14 PM

I will share the source when the code is more mature. if u want the first two revisions, goto http://reboot.pro/to...winpe-10014393/


Edited by Biatu, 14 September 2016 - 01:16 PM.


#8 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 15 September 2016 - 05:54 AM

  • Source is now available 
  • The GetDeps.WIP.7z at my server will be updated automatically as I develop the project. Don't be surprised if its buggy, just let me know if something unexpected happens.
  • Did a complete rewrite of the script.
  • Regsvr32 after copy
  • Check PE Exports before RegSvr32 to check if PE even has RegisterDllServer
  • Much more responsive, and less CPU intensive

Other features still in the works, like:

  • File/Registry Filters
  • Registry
  • WBScript|AutoIt|Batch Generation
  • PE Import checking
  • Configurable options

Edited by Biatu, 15 September 2016 - 06:12 AM.

  • Atari800XL likes this

#9 Atari800XL

Atari800XL

    Member

  • Members
  • 74 posts
  •  
    Netherlands

Posted 15 September 2016 - 07:23 AM

Thanks! Couldn't download the source (yet), though...



#10 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 15 September 2016 - 02:55 PM

edit: Nvr mind.


Edited by Biatu, 15 September 2016 - 03:00 PM.


#11 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 15 September 2016 - 08:32 PM

Implemented:

  • PE Import checking
  • Configurable options


#12 TheHive

TheHive

    Platinum Member

  • .script developer
  • 4137 posts

Posted 16 September 2016 - 03:28 AM

Suggestion: upload zipped files in similar fashion as when you first  posted.

2016.09.12, 2119- GetDeps.7z

2016.09.13, 1336- GetDeps.7z

2016.09.15 GetDeps.WIP .7z


  • Biatu likes this

#13 Biatu

Biatu

    Member

  • Members
  • 55 posts
  •  
    United Kingdom

Posted 16 September 2016 - 07:30 PM

Implimented:

  • Event Filtering
  • Copy Mirroring
  • Regsvr32 DllInstall

Bug Fixes

  • ProcMon events not captured properly
  • ProcMon events not being cleared after 200,000





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users