Q: Possible DISM.exe - bypass Signature check (update.cat)?

Discussion in 'Windows 8' started by KNARZ, Oct 23, 2013.

  1. KNARZ

    KNARZ MDL Addicted

    Oct 9, 2012
    879
    457
    30
    I'm currently working on some project... and it looks pretty good so far (more info when ready). But than I had another idea while messing around with the System and this Idea fails on the cat file check with DISM.

    I want to import some packaga: 1 Cab file but without any certificat / cat file. Has someone already done some research in how dism checks the cat file within the regular packages?

    I already did little hack with a DISM provider in the past but I only had the idea and someone with knowledge how to debug a process did the real work (1 Byte change). - Maybe it's the same weak check and it can be bypassed pretty easy?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. KNARZ

    KNARZ MDL Addicted

    Oct 9, 2012
    879
    457
    30
    #2 KNARZ, Oct 24, 2013
    Last edited: Oct 24, 2013
    (OP)
    btw: does some kind of *.cat viewer tool exist?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,695
    15,679
    340
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. KNARZ

    KNARZ MDL Addicted

    Oct 9, 2012
    879
    457
    30
    Some background information but nothing that I'm looking for. unfortunatly.
    Does someone know how to manually 'stage'/'unstage' a package? (not removing - and it's not a feature)
    Or how to declare a package also as a feature?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Mr Jinje

    Mr Jinje MDL Expert

    Aug 19, 2009
    1,773
    1,089
    60
    #5 Mr Jinje, Oct 27, 2013
    Last edited: Oct 27, 2013
    If you are a member over at MSFN

     
  6. KNARZ

    KNARZ MDL Addicted

    Oct 9, 2012
    879
    457
    30
    #6 KNARZ, Oct 27, 2013
    Last edited: Oct 27, 2013
    (OP)
    What I found out so far is that there is one reg-key HKLM\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackagDetect\microsoft-Windows-Foundation-Package~31bf....-x86~~0.0.0.0 that indexes (all) or at least all <selectable> MUM files that are located in Windows\Servicing\Packages folder. If one within Foundation Key indexed MUM is missing. DISM and OptionalFeatures.exe will fail. The entry references to other entries of the packages and so on... I'm not aware of the whole references referring stuff.

    It would be necessary to create/modify the MUM file and manually add them to the foundation key.

    And as MUM files can't be edited in the first place it has to be done afterwards and this will be much more work. Therefore it would be pretty handy to modify DISM to add packages without certificat. ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...