Windows XP OEM "Loader" for VirtualPC 2007

Discussion in 'Virtualization' started by digitin, Oct 28, 2010.

  1. digitin

    digitin MDL Novice

    Aug 21, 2010
    19
    4
    0
    Very easy to do! No need to hack BIOS or to code anything. Insert any SLP 1.0 string you want!
     
  2. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,966
    1,821
    180
    ?????

    sebus
     
  3. digitin

    digitin MDL Novice

    Aug 21, 2010
    19
    4
    0
    Rom BIOS area starting from F0000 where SLP strings reside seems not to be write protected in VPC07. I used grub4dos and its "write" command to insert any SLP strings at any location within F0000 segment. BTW the same is true for some real MBs (GB G41M-ES2L). Proved it myself. So no more DMI editing ot reflash of hacked bios files. For VPC07 should be also possible to achieve SLIC 2.1 functionalty entire using only grub4dos "write" command. It's a bit work but should be possible
     
  4. FreeStyler

    FreeStyler MDL Guru

    Jun 23, 2007
    3,504
    3,621
    120
    @digitin
    Can you post a example?
     
  5. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,697
    15,686
    340
    Yap, I am also eagerly waiting......
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. digitin

    digitin MDL Novice

    Aug 21, 2010
    19
    4
    0
    There is nothing special in this method.

    1. Install grub4dos boot loader (grldr) either to MBR or start it from
    any already installed boot loader (XP, Vista, 7, Linux ...).
    See grub4dos Wiki how to do it.
    Edit the corresponding menu.lst and add in the section of the item you want to boot "write" commands like:

    write 0xfe838 0x6c6c6544
    write 0xfe83c 0x636e4920
    write 0xfe854 0x00747465
    write 0xfe850 0x6c776548

    In this case Dell anf HP SLP1.0 strings will be inserted.
    Chainload Win XP (Server03) and check with the oembios tool.

    I used following menu.lst item for prove of the concept:

    title SLP check
    write 0xfe838 0x6c6c6544
    write 0xfe83c 0x636e4920
    write 0xfe854 0x00747465
    write 0xfe850 0x6c776548
    map --mem (hd0,0)/winb98se.ima (fd0)
    map --hook
    map --floppies=1
    root (fd0)
    chainloader (fd0)+1

    It will memmap and chainload win98 bootable floppy disk image (winb98se.ima) which resides on the 1st VHD, first partition.

    This method should work for VPC07 and some MBs like GB G41M-ES2L.
     
  7. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,966
    1,821
    180
    As per your example, it would not be ANY, but some maybe

    You can not insert string in occupied space

    sebus
     
  8. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,697
    15,686
    340
    Can we expect a semi-working XP loader??? Just curious.... :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. 911medic

    911medic MDL Guru

    Aug 13, 2008
    5,778
    492
    180
    It takes more than just inputting SLP strings. There has to be a search for empty space in the address range for the SLP string (Similar to WOW loader). When found the string can be added to memory. Some should be easier than others..I feel the present methods are adequate, so I would not put time into it..MAybe one of the existing loader guys may do it (Hazaar or Daz). I can certainly see the advantage to the VM folks...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. digitin

    digitin MDL Novice

    Aug 21, 2010
    19
    4
    0
    @sebus
    Don't agree. In this case everything can be written anywhere in F0000 range.
    Another question is if it would corrupt the memory if written at wrong position.


    @Tito
    As I set in order to start you dont need to code any "loader"
    Just get grub4dos. Install it as you prefer.
    Check with SLIC ToolKit if your specific SLP1.0 string
    can be inserted in its position. Edit menu.lst and add the SLP1.0 string via
    "write" as in my exsample in a menu.lst item which will chainload WinXP. You can start with menu.lst supplied by grub4dos.

    @911medic
    I agree. The better way is to write an application which will automate the steps.
    But this must not be anything like WOW loader or modified grldr. One need just that somebody sits down and make a list of all good locations for all OEM strings (via SLIC ToolKit or just plain debug.exe) in VPC07. Then I can imagine a simple script which will update (or create) item in menu.lst according to the list of the "good" OEM strings. I guess SLIC2.1 coud be added the same way which will be equivalent to the dynamic method but i suspect that this will require quite long "write" section.
     
  11. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,697
    15,686
    340
    @digitin
    Actually, I wanna expect an automated tool for activating XP by the OEM:SLP method like a loader!!! 911medic's tool is awesome, but requires that user having proper slp string in its bios. So, I call it a "loader"......
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. sushil1576

    sushil1576 MDL Senior Member

    Jul 3, 2009
    336
    154
    10
    Hi,..this is a nice way of adding slp strings..But i was just curious why did you write the SLP strings from backwards...Let me tell you,i am very much new to this hex editing stuff,so i would be glad to learn this...
     
  13. 911medic

    911medic MDL Guru

    Aug 13, 2008
    5,778
    492
    180
    #13 911medic, Oct 30, 2010
    Last edited: Oct 30, 2010
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. sushil1576

    sushil1576 MDL Senior Member

    Jul 3, 2009
    336
    154
    10
    With write command you can edit any part of the BIOS not just F0000 range...thats really a good idea,but as you said first we have to search whether the valid range is free or not?...
     
  15. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,966
    1,821
    180
    VM folks... ????

    Just about every single one of the virtualization software has available BIOS adjusted (certainly for SLP, some have SLP for W2K3 already build in by default!)
    Ones that are easily done & already avilable: VPC 2007, VPC XPMode, Hyper-V (this one has it buit in for W2K3), Vmware (this one has it buit in for W2K3), Fusion, VMLite, Virtualbox (Freestyler's easy hex mod)
    Only one that gives problems is Parallels (for both PC & Mac with either SLP & SLIC21, as they do not really use proper BIOS modules, but its own code)

    sebus
     
  16. sushil1576

    sushil1576 MDL Senior Member

    Jul 3, 2009
    336
    154
    10
    @sebus

    I think with a little more effort from all the talented members out here,i think it is quite possible to utilise this feature of grub4dos to tatoo SLP Strings not only on VM but also on real motherboards..
     
  17. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,697
    15,686
    340
    Yap, let this project be true for real mobos... by our talented forum members....
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. digitin

    digitin MDL Novice

    Aug 21, 2010
    19
    4
    0
    @Tito
    This method is supposed to do just this: inserting any SLP1.0 string (if the memory location is free) in BIOS without the need of coding.
    So in some sense it is the missing part from the 911medic tool.
    It is possible to create a fully bloated "loader" to automate all steps but I think it is better to keep the dynamic BIOS patching which inserts SLP strings
    separate from the OEM patcher in XP.

    @sushil1576 "why did you write the SLP strings from backwards ..."
    I think something connected with little(big)-endian byte order... Not very sure ...
    Anyway the method requires that memory locations have to be filled from right to the left. And as I said in the 1st post the method works for real MB. As I said I see also potential for SLIC2.1. A bit of work though ...

    @sebus
    I agree there are lot of solutions for VPC07. but this method works for real MBs and does not need neither bios modding and reflashing nor modified proprietary boot loaders.
     
  19. 911medic

    911medic MDL Guru

    Aug 13, 2008
    5,778
    492
    180
    It would be a lot of work to make a tool to search memory for the valid addresses and indicate the strings available for use? This would be the best way IMO but seems like a ton of work. Maybe not asking which OEM to insert, but just adding one valid string for all manufacturers available.

    Probably not impossible, I would love to see someone do this..

    I mispoke my previous post..I meant not just for VM folks....oops...:eek:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  20. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,966
    1,821
    180
    But most (sure, not all) mobos can be easily tatooed.
    I do not see it a problem

    Give it a year (max 2) & nobody will want to be at XP level anyway

    You remember how quickly you diteched 98/Me (?) after XP SP1?

    sebus