Winpe FullFlat: for what? for whom?
I've already written about it in another "post. But I have to make some corrections.
I fished out of pride. A pride misplaced mainly in computer science.
Assuming Wonko was going to find my perfect documentation. And would stop any activity to immediately do a test. I hope it will not hold me against it.
In addition, the few people who had downloaded the first documentation containing an error said to themselves: "His thing doesn't work! he's a novice."
They're right. At the last minute, by rereading the "erroneous" version, I corrected the value of the SetupType setting by checking in an "active winpe". What a rookie mistake!
2-The origin of "FullFlat":
I am not the originator of this environment. I am not the creator.
I use the information I found on the sites a few years ago that I do not find now.
In these sites, there was no name to describe the topic of discussion. Maybe 'ramos' but I'm not sure, it's too old.
Why the name "Winpe FullFlat"?
I haven't found a term that already exists and describes this "environment/tool."
And I wanted to use a name to differentiate this "environment/tool" from other notions that I never understood (because of my lack of skills!):
- "RamOs" described on Chinese sites
- "RamOs" used with WinBuilder in an "other" site.
All this led me to choose this name of "Winpe FullFlat"
3-What is that 'Winpe FullFlat'?
It is an environment for carrying out intestigations, researches around internal mechanisms of 'wninpe'.
It has no other use.
4- How is it built?
It is a complete installation of W10 "downgrade" in Winpe.
The use of a VHD allows you to benefit from the persistence of the files. And speeds up the changes.
A complete W10 installation: It's a long time! But all the files are present, the hives are complete.
5-The change to demote:
I describe it with some details in the attached file but it is very easy and carries on:
SAM, SECURITY, BCD, some files
Software and system: a little longer but not complex
In my opinion, the population of winpe users is divided into several families:
- users who need an efficient, fast product, adapted to their job or their need to carry out maintenance operations
- the designers of these ready-to-use "winpe", the people who develop the scripts for WinBuilder or an equivalent
- "players" with no other purpose than to want to understand how to add an absent winpe feature (often unnecessary addition)
There is no hierarchy in this classification.
This is of course the few "players" who may find a relative interest in this test environment.
7-What's the point for me?
- identify the complexity of a potential addition to winpe
After building a "Winpe FullFlat," I quickly see features that will work in "Winpe" or that will be "easily" added (for example, those that are banned by an indicator like "SystemSetupInProgress")
This lets you know what "energy" you will need to deploy to try to achieve an addition.
For example, answering the following question:
Is it easy to add printers, the audio microphone with the generic drivers, bluetooth (in part)?
Since these features are operational in "Winpe FullFlat," then injecting them into winpe only requires time and patience.
We will simply have to identify the right elements. But there will be no software development as for "SendMessage 05BAh" or "WPD/MTP" or "lsm" (by NyaMisty in github.com/NyaMisty/PELSMHooker)
- perform the research by comparing/cutting/moving pieces of the OS
Once you know that a feature is operational in "Winpe FullFlat," you need to look for useful items (files, registries) and add to "Winpe"
To do this, you sometimes have to copy sets of keys and files from one environment to another.
It is possible to make these copies from a Windows10. But it is difficult to do the reverse test.
8-Is it useful? Can't we "work" differently and use the elements (files, hives) of windows10 normal?
Yes of course. But the security environment requires more competence than mine.
I have been using this environment/investigative method for years.
It seems easier to me not to have to look at whether the impossibility of an addition comes from the contexts "METRO/UWP" or from "Winpe's special security".
9-Is it easy to move items between "Winpe FullFlat" and "Winpe"?
There are a lot of pitfalls. Many BSODs occur if you are not a little used to juggling "necessary" or "mortal" drivers depending on the environment.
It was while playing with "Winpe FullFlat" that I found how to use the printers, the bluetooth (partly!), the microphone (generic MS driver on compatible hardware)
I'm not trying to convince. It's just a sharing.
In the joinded file , i explain how to build it and 2 samples where i use it
Ps: I only use Sysinternals or MS softwares, procmon, bcdedit, dism, windbg, etc., or PS scripts written as needed