Patch to allow Windows 7 install without the hidden partition.

Discussion in 'MDL Projects and Applications' started by nononsence, Sep 17, 2009.

  1. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    #1 nononsence, Sep 17, 2009
    Last edited: Jun 30, 2011
  2. dumppq

    dumppq MDL Junior Member

    Mar 3, 2008
    95
    0
    0
    Wow, seems like everybody is taking the hard routes instead of learning to use diskpart!
     
  3. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    #3 nononsence, Sep 17, 2009
    Last edited: Sep 17, 2009
    (OP)
    bootcode mod

    if anyone wants to try and install grldr with an $OEM$ folder
    here are the modifications for winsetup.dll to make Setup install
    the bootcode.

    ==========================================================

    bootcode mod

    32 bit

    Comparing files orig_winsetup.dll and mod_winsetup.dll

    00184589: 47 42
    0018458A: 52 4F
    0018458B: 4C 4F
    0018458C: 44 54
    0018458D: 52 4D
    0018458E: 20 47
    0018458F: 20 52

    001845CE: 20 42
    001845CF: 47 4F
    001845D0: 52 4F
    001845D1: 4C 54
    001845D2: 44 4D
    001845D3: 52 47
    001845D4: 20 52

    00184BC1: 47 42
    00184BC2: 52 4F
    00184BC3: 4C 4F
    00184BC4: 44 54
    00184BC5: 52 4D
    00184BC6: 20 47
    00184BC7: 20 52

    00184BCE: 20 42
    00184BCF: 47 4F
    00184BD0: 52 4F
    00184BD1: 4C 54
    00184BD2: 44 4D
    00184BD3: 52 47
    00184BD4: 20 52

    00184E7C: 47 4E
    00184E7E: 52 54

    00184FD2: 5A 00
    00184FD6: 5C 02
    00184FE8: 00 5A
    00184FEC: 02 5C

    ==========================================================

    64 bit

    Comparing files orig_winsetup.dll and mod_winsetup.dll

    001EBEE9: 47 42
    001EBEEA: 52 4F
    001EBEEB: 4C 4F
    001EBEEC: 44 54
    001EBEED: 52 4D
    001EBEEE: 20 47
    001EBEEF: 20 52

    001EBF2E: 20 42
    001EBF2F: 47 4F
    001EBF30: 52 4F
    001EBF31: 4C 54
    001EBF32: 44 4D
    001EBF33: 52 47
    001EBF34: 20 52

    001EC521: 47 42
    001EC522: 52 4F
    001EC523: 4C 4F
    001EC524: 44 54
    001EC525: 52 4D
    001EC526: 20 47
    001EC527: 20 52

    001EC52E: 20 42
    001EC52F: 47 4F
    001EC530: 52 4F
    001EC531: 4C 54
    001EC532: 44 4D
    001EC533: 52 47
    001EC534: 20 52

    001EC7DC: 47 4E
    001EC7DE: 52 54

    001EC932: 5A 00
    001EC936: 5C 02
    001EC948: 00 5A
    001EC94C: 02 5C
     
  4. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    no fun in that:)
     
  5. skycn123

    skycn123 MDL Novice

    Feb 21, 2009
    35
    19
    0
    sounds good.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. msr

    msr MDL Senior Member

    Dec 27, 2007
    414
    55
    10
    But thats one of the great things about the net, people have guides for practically every scenario in computers.

    Let them do all the guides they can i say, more for everyone. Pooling the intelligence of people all around the world, to solve all our minor computer problems, whats wrong with that.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    #7 Mr Jinje, Sep 17, 2009
    Last edited: Sep 17, 2009
    Cool, now people can build a DVD that is fully unattend and not have to care about this anymore.

    Did you see the 35 paragraph method on how to safely delete 100mb partition, this way looks easier (even for new guys)

    I believe the argument was that F10/diskpart was too complicated for the average reader.


    Is this working on R2 ?
     
  8. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    #8 Mr Jinje, Sep 17, 2009
    Last edited: Sep 17, 2009
    So if I control my hardware environment and only install to a single blank HDD, is this still needed if there is no Hidden Partition

    Wouldn't just using the $OEM$\$1 folder work to push GRLDR to root of C: and replace the bootsect.exe with the hacked version work too.
     
  9. Daz

    Daz MDL Developer / Admin
    Staff Member

    Jul 31, 2009
    9,435
    66,409
    300
    In fact this is actually a neat patch, I'm going to PM you :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    setup installs the bootcode without the asistance of any other executables.
    I tried what you suggested and discovered this.
     
  11. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    the super easy way would be to use a Vista boot.wim:)
     
  12. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    Maybe, but the diskpart in that boot.wim cannot create or mount VHD files, which is one of the better features of W7.

    Are you mean that winsetup.dll performs the nt60 command from within itself, or could it be another copy of bootsect inside boot.wim
     
  13. Alphawaves

    Alphawaves Super Moderator/Developer
    Staff Member

    Aug 11, 2008
    5,884
    20,225
    180
    nononsence cool, this will help out a lot of people.:)

    Alfa:);)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    #14 nononsence, Sep 17, 2009
    Last edited: Sep 17, 2009
    (OP)
    the bootcode inside of winsetup.dll is the code that gets written to the
    disk durring install.

    EDIT:

    I just tested using the $OEM$ folder to install GRLDR... Works!!
    probably wont work if you choose the default partition layout
    by choosing next at the "where do you want to install windows"
    screen.. Ill work on this.
     
  15. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    How you figure all this stuff out, IDA 4.9
     
  16. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    IDA 5.2, winhex, Google for assembly language to hex hints.
     
  17. murdercitydevil

    murdercitydevil MDL Member

    Sep 7, 2009
    116
    4
    10
    and if the patch fails, you have my guide to help you!

    j/k no one cares about my guide lol
     
  18. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    Better idea.

    What about renaming GRLDR to "GR" and place in the PCAT folder. That way it will get pushed into the Boot folder during install. (hidden partition or not)

    Then need to edit winsetup.dll to point the bootsector to "BOOT\GR", GR should open and find the bootmgr on the root.

    In theory this will work even if they change the bootmgr after SP1, and doesn't require any setupcomplete.cmd fumblings. (DISM for product key and $OEM$ for cert)
     
  19. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    802
    30
    I tried this first but couldnt find away to modify the bootcode to look inside
    a directory, someone with more know how could get this to work.

    I think I found a way to map $OEM$\$1 to the hidden partition. gotta test the
    edits first and then do the x64 DLL.
     
  20. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,080
    60
    #20 Mr Jinje, Sep 17, 2009
    Last edited: Sep 17, 2009
    So this mean bootsect.exe cannot be made to look inside a directory either :mad: