[DISCUSSION] Windows 10 termsrv.dll Patching

Discussion in 'Windows 10' started by Mr Jinje, Oct 2, 2014.

  1. wyxchari

    wyxchari MDL Novice

    Aug 19, 2018
    13
    11
    0
    #261 wyxchari, May 31, 2020
    Last edited: May 31, 2020
    - termsrv.dll x64 v2004 10.0.19041.84 11.05.2020

    - Multiusuario: Permite conectarse remotamente con otro usuario sin cerrar la sesión local.
    DefPolicyOffset.x64 =17ED5
    DefPolicyCode.x64 =CDefPolicy_Query_eax_rcx B80001000089813806000090
    39813C0600000F84
    B80001000089813806000090
    File offset: 172D5h Write: B80001000089813806000090
    Verification: Ok.

    - Multisesión: Permite conectarse remotamente con el mismo usuario sin cerrar la sesión local.
    SingleUserOffset.x64 =0BF0C
    SingleUserCode.x64 =Zero
    EC2033DBC7400801000000 : 01 > 00
    File offset: B30Ch Write: 00
    Verification: FAIL <------------------------------------------------

    LocalOnlyOffset.x64 =87611
    LocalOnlyCode.x64 =jmpshort
    007444833D46BA070002 : 74 > EB
    File offset: 86A11h Write: EB
    Verification: FAIL <-----------------------------------------------
     
  2. Smile2020

    Smile2020 MDL Novice

    Mar 11, 2020
    7
    3
    0
    @Lucas Rey

    Hello Lucas, thanks for the instructions - I promise I will try next months - for now I would ask you for a patched termsrv file.

    Thanks a lot and greatings from italy
     
  3. Lucas Rey

    Lucas Rey MDL Member

    Feb 16, 2010
    124
    32
    10
    That's very strange, I don't think the string is related to language, my termsrv.dll is coming from Windows 10 Pro Italian. Could you please share your termsrv.dll? Out of curiosity.
     
  4. Lucas Rey

    Lucas Rey MDL Member

    Feb 16, 2010
    124
    32
    10
    I cannot share the dll since I don't know which version you have.
     
  5. Smile2020

    Smile2020 MDL Novice

    Mar 11, 2020
    7
    3
    0
    @Lucas Rey

    I have x64 19041.264, Education (Business)

    is that the reason, why I have problems with the codes? Thanks
     
  6. Lucas Rey

    Lucas Rey MDL Member

    Feb 16, 2010
    124
    32
    10
    Upload your dll
     
  7. Lucas Rey

    Lucas Rey MDL Member

    Feb 16, 2010
    124
    32
    10
  8. sebaxakerhtc

    sebaxakerhtc MDL Novice

    Nov 27, 2018
    38
    17
    0
    May be it have limitations like "Home" version, but first and second patches are the same.
     
  9. wyxchari

    wyxchari MDL Novice

    Aug 19, 2018
    13
    11
    0
    W10 Pro x64 19041.264
    termsrv.dll 19041.84 x64

    Multi-user Ok: 39813C0600000F84D9510100<=>B80001000089813806000090
    When starting remote desktop with a different user than the one already logged in, the session is opened and the one of the local machine is maintained.

    Multi-session Fail: 007444833D46BA<=>00EB44833D46BA
    Multi-session Fail: EC2033DBC7400801<=>EC2033DBC7400800
    When you start remote desktop with the same user who is already logged in, you are logged out and moved to the remote machine.
     
  10. sebaxakerhtc

    sebaxakerhtc MDL Novice

    Nov 27, 2018
    38
    17
    0
    Did you try a restart your PC after replacing the file?
    Not shutdown and poweron but restart
     
  11. RobrPatty

    RobrPatty MDL Addicted

    Jul 23, 2009
    546
    178
    30
    Will this work on 17763.1217 windows server 2019?
     
  12. sebaxakerhtc

    sebaxakerhtc MDL Novice

    Nov 27, 2018
    38
    17
    0
    Yes. Using patches or RDPWrapper Library.
     
  13. wyxchari

    wyxchari MDL Novice

    Aug 19, 2018
    13
    11
    0
    #276 wyxchari, Jun 1, 2020
    Last edited: Jun 1, 2020
    Yes, restart. It is a desktop computer. It does not matter to restart or turn off since it is not a laptop that can hibernate or suspend itself.

    Multi-user WORKS and multi-session does NOT work.

    The termsrv patch had always worked for me for years. It does not matter much either since what I usually use is multi-user. Multi-session I do not usually use it although it is rare that it does not work.

    The multi-session patch has changed since version 19041.84.
    Before it was in 18362.836: 58010000FF15F7 <=> 58000000FF15F7 (I have not found this string in 19041.84)
    and now in 19041.84: EC2033DBC7400801<=>EC2033DBC7400800
     
  14. Lucas Rey

    Lucas Rey MDL Member

    Feb 16, 2010
    124
    32
    10
  15. wyxchari

    wyxchari MDL Novice

    Aug 19, 2018
    13
    11
    0
  16. Lucas Rey

    Lucas Rey MDL Member

    Feb 16, 2010
    124
    32
    10
  17. Vladimir Bulgaru

    Vladimir Bulgaru MDL Novice

    May 29, 2020
    3
    0
    0
    If you were a user of RDP Wrapper, that was one of the cool features. Never used it, but still.
    On the other hand, the RDP Wrapper did not allow print forwarding, so there's always a catch.