[C#] Reset Windows 7 Rearm Count (Need Testers)

Discussion in 'Mixed Languages' started by SS111, Sep 4, 2011.

  1. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,161
    120
    #41 Josh Cell, Sep 5, 2011
    Last edited: Sep 5, 2011
    After SLUI Restart, the WPA Default keys automatically is replaced on empty reg.keys, as IR5 Rearm Concept ...

    Restoring the default rearms [ 3 / 4 ]
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. timesurfer

    timesurfer MDL Developer

    Nov 22, 2009
    8,527
    4,103
    270
    But is does screw trusted store?

    And why run out rearms hence you need task trigger at 30 days

    I would strive to stay within 30 days and never use any other rearms like IORRT/AR does hence work 1 rearm with little or no reboots

    Hence I still think getting WPA delete past service and trusted store is way to go and what I would do as a IR5 future solution

    Nice want to be credited co-dev for new IR5 :worthy:...lol
     
  3. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #43 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  4. timesurfer

    timesurfer MDL Developer

    Nov 22, 2009
    8,527
    4,103
    270
    Whichever does not need reboot is ideal to me :ninja_hide:

    But simple restart without Re visit is fine...lol
     
  5. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #45 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  6. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,161
    120
    This is method works flawless without restart, the changes is directly connected into Kernel Protection, this is crashed with injection, and enabled after SLUI restart, restoring the Registry Keys...

    Basically it's instantly reset concept, the system becomes to 30 days if have trial key installed;

    I've tested with W7SP1 and become's 30 days + 4 rearms without reboot ~3 Seconds.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. timesurfer

    timesurfer MDL Developer

    Nov 22, 2009
    8,527
    4,103
    270
    #47 timesurfer, Sep 5, 2011
    Last edited: Sep 5, 2011
    And to reiterate PMR needed simple non-RE restart to fix trusted store?

    Impressive :worthy:

    You did it :eek:...lol
     
  8. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #48 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  9. timesurfer

    timesurfer MDL Developer

    Nov 22, 2009
    8,527
    4,103
    270
    #49 timesurfer, Sep 5, 2011
    Last edited: Sep 5, 2011
    Well I'd like to be co-dev on this so should we all 3 do this although I'd like to see it in .cmd unless the code would be MS safer if in encrypted .exe

    I'm in if I can be a part of this however ;)

    Great job's guys

    This just opened up W8 ideas as well and is still not hardware dependent I believe

    Might be the coolest new rearm/reset type solution ever

    Awesome JC :D
     
  10. SS111

    SS111 MDL Novice

    Jul 19, 2011
    30
    2
    0
    Ahh, that error.
    The pesky files are being used by another process after a certain method.
    (I think it's File.Copy();)

    I'll work on fixing that.
     
  11. SS111

    SS111 MDL Novice

    Jul 19, 2011
    30
    2
    0
    If you can get me a C# version of HAL., I'll take a look at it :)
     
  12. SS111

    SS111 MDL Novice

    Jul 19, 2011
    30
    2
    0
    So you guys did it!
    I knew you could.

    If there is any way I could help, (like compiling the new method in a C# program), or anything, I would love to help.
     
  13. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #53 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  14. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,161
    120
    Please add Uppercase letters detection :eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #55 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  16. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,161
    120
    The biggest problem is the null'ing "R" string offsets with no total crash on slui, slui must return an specific error running the normal module, not a total crash, if this, not work in the part of restricted memory access, the rest is not hard ...

    Also in sync injection at the exact moment the module that is running ...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #57 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  18. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,161
    120
    Converting the "R" as hexadecimal = "52" to replace as "00" offset in the memory without total-crashing the app, becomes the initial point of adress running patched in the memory with success ...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. CODYQX4

    CODYQX4 MDL Developer

    Sep 4, 2009
    4,814
    45,769
    150
    #59 CODYQX4, Sep 5, 2011
    Last edited: Apr 15, 2019
    .
     
  20. Josh Cell

    Josh Cell MDL Developer

    Jan 8, 2011
    3,515
    7,161
    120
    I've implanted dll injection to MBR Regenerator, for SFC restore at reboot and force repair SLUI MUI Files, using other method of dll offset replacement / injection, doesn't compatible with SLUI ...

    Not only SLUI, has several other files that can be crash the Kernel Protection ..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...