Hey user_hidden, could you please point me to where I can find the tool you pictured in this post? Sorry if my Google skills are sub-par today. Thanks in advance. Cheers and Regards
Arguments of PidGenX2 in the Win8 DP pidgenx.dll: int __stdcall PidGenX2(int a1, const WCHAR *Buffer, unsigned __int16 *a3, int a4, int a5, wchar_t *a6, void *Dst, void *a8) Have fun...
Jachra thanks for trying to help but you have just posted IDA or ollydbg informations which I have seen before and they do not provide anything useful/new. Those two void arguments should be structures of DigitalProductId3 and 4 but they might have changed. PS. I have added Description feature just like the checker on d-fault.nl! Public release soon!
janek2012 I know, but I hardly can't post the whole routine here. But if CODYQX4 wants more info, he/she can ask. Here is somemore info on why invalid arguments are given: Code: if ( a6 || Dst || a8 ) { v11 = (int)a3; if ( !a3 || !*a3 ) goto LABEL_2; } else { v11 = (int)a3; } if ( v11 ) { v10 = sub_something((int)&v34, v11, 2147483647); v37 = v10; if ( v10 < 0 ) goto LABEL_5; if ( v34 != 5 ) { LABEL_2: v10 = -2147024809; v37 = -2147024809; v31 = -2147024809; LABEL_3: sub_something2(v31); goto LABEL_61; } ... more code removed LABEL_61: sub_something3(v10); if ( v9 ) { v29 = GetProcessHeap(); HeapFree(v29, 0, (LPVOID)v9); } if ( v8 ) LocalFree(v8); sub_something4((volatile LONG **)&v36); if ( v33 ) (*(void (__stdcall **)(int))(*(_DWORD *)v33 + 8))(v33); return v37; When a3 is not correct and you will get the error for invalid arguments. The actual subs are renamed by me. Btw, I like your PIDchecker. Keep up the good work.
@CODYQX4 If I have affended you with the he/she writing, then I am sorry. I wasn't sure, because I do not know you. I know the regcode is screwed up. I am trying to figure that one out too. It doesn't look like it is based on Base-24.
A few nights ago, I was wondering about this and thought that some file on the Win8 DP DVD should have the new range mentioned. So I started looking through some files on dvd and I found something in the winsetup.dll. That file has the range "23456789BCDFGHJKMNPQRTVWXYbcdfghjkmnpqrtvwxy" mentioned in it. This range has the letter 'N' and the number '5'. Adding two characters to the range is more logical than one. Now I have to figure if this range is used and how. By adding two characters, they could use Base-26, but efforts working with that met with no success thus far. I already tried reverse and different Base, but no success yet.
When I look through the winsetup.dll with Total Commander, I see it at &h000017B0 through &h00001807. When I decompile it with IDA, then it is also in the strings list. Btw, the file winsetup.dll seems to write the value of the key DigitalProductID.