OK, I have it working. The problem of course was the ini file. I have used a lot of programs that have line numbers in the ini files and so it didn't surprise me that yours contained line numbers. What did surprise me is that by clicking on the "Raw" button on your web page I was presented with another line number free image of the ini file. I still was unable to replace the older ini file without booting into WinPE. It would be very helpful if you could spell out a procedure to over-write the ini file or release an update to you program that contained the latest file. All that said I have to tip my hat to you and admit that you have developed a very clever tool that I am sure will be of great use to many. Thank You!
Hey Guys, it's been a while coming to this Thread, my RDP on Win 8.1 Pro 64 bit works fine with 3-4 login to Main/server pc using Thin Client and windows RDP. But lately I notice there's an update for my 8.1 pro 64 bit. after update RDP is not working anymore, not even to the log on screen which the host pc has a pop up windows saying other user would like to connect. Any latest Termserv.dll for this 8.1 pro 64 bit, I read few pages back there's RDP wrapper? appreciate any help
Hello! The problem, as in kriscahya post. Have a laptop with windows 8.1 pro with all the latest updates. Everything found on the Internet did not help. Subject died?
Need help patching a termsrv.dll, Windows 7, 6.1.7601.22843. RDPwrap does have this termsrv.dll patched, but I do not use RDPwrap due to massive stability and reliability issues that have in the past cost me a datacenter run. When the termsrv.dll patch fails I can still login but when RDPwrap fails, it can deny connections even if you want to use it without multiuser. Anyways, I have attached what RDPwrap uses to "fix" RDP. Can binary patches be developed easily from this information or is working knowledge of IDA needed? [6.1.7601.22843] SingleUserPatch.x86=1 SingleUserOffset.x86=1A655 SingleUserCode.x86=nop SingleUserPatch.x64=1 SingleUserOffset.x64=17F96 SingleUserCode.x64=Zero DefPolicyPatch.x86=1 DefPolicyOffset.x86=19E25 DefPolicyCode.x86=CDefPolicy_Query_eax_esi DefPolicyPatch.x64=1 DefPolicyOffset.x64=17D6E DefPolicyCode.x64=CDefPolicy_Query_eax_rdi [6.1.7601.22843] ; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled ; Imagebase: 6F2E0000 ; .text:6F2FA64F lea eax, [ebp+VersionInformation] ; .text:6F2FA655 inc ebx <- nop ; .text:6F2FA656 push eax ; lpVersionInformation ; .text:6F2FA657 mov [ebp+VersionInformation.dwOSVersionInfoSize], 11Ch ; .text:6F2FA661 mov [esi], ebx ; .text:6F2FA663 call ds:__imp__GetVersionExW@4 ; GetVersionExW(x) SingleUserPatch.x86=1 SingleUserOffset.x86=1A655 SingleUserCode.x86=nop ; Imagebase: 7FF75A80000 ; .text:000007FF75A97F90 lea rcx, [rsp+198h+VersionInformation] ; lpVersionInformation ; .text:000007FF75A97F95 mov ebx, 1 <- 0 ; .text:000007FF75A97F9A mov [rsp+198h+VersionInformation.dwOSVersionInfoSize], 11Ch ; .text:000007FF75A97FA2 mov [rdi], ebx ; .text:000007FF75A97FA4 call cs:__imp_GetVersionExW SingleUserPatch.x64=1 SingleUserOffset.x64=17F96 SingleUserCode.x64=Zero ; Patch CDefPolicy::Query ; Original ; .text:6F2F9E25 cmp eax, [esi+320h] ; .text:6F2F9E2B jz loc_6F30B6D6 ; Changed ; .text:6F2F9E25 mov eax, 100h ; .text:6F2F9E2A mov [esi+320h], eax ; .text:6F2F9E30 nop DefPolicyPatch.x86=1 DefPolicyOffset.x86=19E25 DefPolicyCode.x86=CDefPolicy_Query_eax_esi ; Original ; .text:000007FF75A97D6E cmp [rdi+63Ch], eax ; .text:000007FF75A97D74 jz loc_7FF75AA4182 ; Changed ; .text:000007FF75A97D6E mov eax, 100h ; .text:000007FF75A97D73 mov [rdi+638h], eax ; .text:000007FF75A97D79 nop DefPolicyPatch.x64=1 DefPolicyOffset.x64=17D6E DefPolicyCode.x64=CDefPolicy_Query_eax_rdi
I've found RDP wrapper of late to be rubbish (crashy and or leading to the inability to RDP). I wish they would provide the necessary patch hints along with their stuff.
Man, it must be you being rubbish, or your setup! You have it all in plain text. Feel free you butcher the dll yourself
I dont mind butchering the DLL from whatever information is in RDP wrap. I got locked out of a machine remotely already two times at different patch levels and I would prefer to butcher the DLL and have an upate replace termsrv - I can still get in remotely. When RDP wrap fails, RDP is toast. You can do remote surgery but without RDP its painful. So if anyone has a howto take rdpwraps information and butcher the DLL, please let me know and Ill do it myself.
So, still nobody wrote about Win 8.1 x86 termsrv 6.3.17415 full patch. Let me be the first one 3B81200300000F842AD50000 B80001000089812003000090 837DF8007419 837DF800EB19 8D44242843 8D44242890 Enjoy!
@avengermsoft Microsoft patch KB4022720 for Windows 8.1 broke the previous termsrv.dll concurrent patch. The previous version of termsrv.dll was 6.3.9600.17415. The new version after KB4022720 is 6.3.9600.18692. Interesting that the patch for 6.3.9600.17415 still works for 6.3.9600.18692. The patch just needs to be applied at a different location. I assume you know how to stop termservice, take ownership of termsrv.dll, make a backup copy of termsrv.dll, and use a hex editor. The following is for Windows 8.1 PRO x64. termsrv.dll versions 6.3.9600.17415 and 6.3.9600.18692. It has been tested by me to work on both versions. Search for: 39 81 3C 06 00 00 0F 84 D3 1E 02 00 and replace with: B8 00 01 00 00 89 81 38 06 00 00 90 The following is for Windows 8.1 PRO x86. termsrv.dll versions 6.3.9600.17415 and 6.3.9600.18692. It has NOT been tested by me. Search for: 3B 81 20 03 00 00 0F 84 2A D5 00 00 and replace with: B8 00 01 00 00 89 81 20 03 00 00 90 As a side note, the open source utility RDPWrap has been updated to also support termsrv.dll 6.3.9600.18692 for Windows 8.1. For Windows 10 users, it appears that the new Creators build has broken RDPWrap for Windows 10 Home edition. It still works for Windows 10 PRO to enable multiple concurrent RDP sessions. No word yet if the developer is going to find a solution to the changes the Creators build introduced in Home edition. It may be that Microsoft is putting an end to Home users being able to RDP into their computers. Hex patching may also no longer be feasible for Windows 10 Home Creators build and beyond. Credit for the patch code belongs to contributors on "www mysysadmintips com" and "forums mydigitallife net" . Thanks to anyone and everyone who has helped identify and share termsrv.dll patches to all of us over the years.
@mickrussom I too prefer to patch than use RDPWrap and as long as new patches are created and shared I will continue to use them. I don't see anything wrong with RDPWrap after reviewing the source code, but I have never actually used it. I just prefer to keep things simple and keep things as vanilla as possible. I looked at the RDPWrap.ini file to see if there was a way to translate the RDPWrap patch code to a simple hex patch. But since RDPWrap appears to be an interface to termsrv.dll and not a patcher for termsrv.dll I'm not sure it is possible to create a hex patch from the RDPWrap patch codes. It uses a different approach than just patching code. At least for me I decided it was not worth the effort to pursue further. But if you figure out a way to create hex patches from the RDPWrap patch codes I hope you will share it with the rest of us.
I'm not going to argue about this. I prefer a simple hex patch on an original MS DL. you prefer installing a program, modifying the registry so the service Terminal Services actually calls rdpwrap.dll instead of termsrv.dll, and etc., etc., etc. There are usually mutiliple ways to get things done. Doesn't mean only one way is right and all the other ways are wrong. Different people have different preferences and opinions on the best way for them. It's nothing to argue about or fight over.
I also prefer to patch the DLL manually. The x64 codes shown below worked for me. I would also like to report that the same substitution also works for version 18708. To explicitly summarize in the format of the original post below: Microsoft Patch KB4025335 (or KB4034681) for Windows 8.1 broke the previous termsrv.dll concurrent patch. The previous version of termsrv.dll was 6.3.9600.18692. The new version after KB4022720 is 6.3.9600.18708. The following is for Windows 8.1 PRO x64. termsrv.dll versions 6.3.9600.18708. It has been tested by me to work. Search for: 39 81 3C 06 00 00 0F 84 D3 1E 02 00 and replace with: B8 00 01 00 00 89 81 38 06 00 00 90 I have not tried or verified x86, so I will not include the text below here. Thanks!
For 6.3.9600.18923 x64 version search and replace "39 81 3C 06 00 00 0F 84 23 23 02 00" with "B8 00 01 00 00 89 81 38 06 00 00 90".