WindSLIC UEFI SLIC injector

Discussion in 'MDL Projects and Applications' started by nononsence, Oct 16, 2011.

  1. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
  2. P3N3TRAT10N

    P3N3TRAT10N MDL Junior Member

    Nov 11, 2009
    62
    25
    0
    Glad I could contribute in any way possible to this forum. I have been rewarded by the work of its members on different projects that they freely provide. I came across that program whenever I was searching for methods to add TPM which adhered to the TCG standards on system boards which did not have this feature. It's my belief that because of the soon to be released Windows OS, that it would be costly to the OEM for Microsoft to require all of their products to have hardware based TPM implemented in their activation process without alternative means to the same activation process on similar hardware used. I don't believe that the OEM and/or Microsoft would warrant the millions of extra expense just for activation purposes without passing this on to the consumer in higher priced products. I'm thinking that people purchase more technology, mostly used for entertainment, as new features are added to something similar they already own at about the same price they purchased their old unit for or at a lower price. How many fewer people will make this spontaneous purchase for a consumer product which is now noticeably higher than what they purchased it at a year ago? I believe that manufacturers of these products profit from the continual obsession of people to have the latest models of whatever device but only when they believe that the cost of their previous unit has been decreased tremendously in value in a short period of time by what is being offered, especially if the "Price is Right". I couldn't resist adding that tidbit. ;-) Also, I believe this because most, if not all, of the OEM consumer personal computer motherboards are a variation of a retail model. I've only seen a few out of the hundreds which are currently offered that have the circuit for the hardware module to be added as an additional feature but at a much higher cost. Many manufacturers will test a new feature for quite a few months or years to ensure that it will not cause a malfunction which will be even more costly for them to repair/recall. This among many more ideas that I have to support this belief. Of course, this is just a quick rant and I could easily be wrong with this assumption.
     
  3. supertron421

    supertron421 MDL Novice

    Jan 14, 2012
    1
    0
    0
    I get failed to mount efi partition :(
     
  4. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    #85 nononsence, Jan 15, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
    try this command from an elevated command prompt.
    Code:
    mountvol V: /S
    
    if you get "parameter is incorrect"
    Windows is not installed as EFI.

    .
     
  5. P3N3TRAT10N

    P3N3TRAT10N MDL Junior Member

    Nov 11, 2009
    62
    25
    0
    @nononsence

    That's a nice additional feature of adding it to the firmware boot manager configuration. Any chance of an uninstall script to revert back to the previous configuration?
    Also, I noticed that you had removed the MSDM table. Any reason, other than it didn't serve a purpose, as of now?
    Let me know if you need a tester for an EFI TPM driver model.
    Thanks again for your contributions.
     
  6. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    #87 nononsence, Jan 18, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
    I don't think I could parse the output of the BCD command well enough to remove it with a script.
    If someone wanted to remove the WindSLIC entry from the firmware boot manager they would
    first have to get the GUID for the WindSLIC entry by running.
    Code:
    bcdedit /enum firmware
    
    find the identifier for the WindSLIC entry
    and then delete the entry with the following command
    Code:
    bcdedit /delete {identifier}
    

    EDIT:
    I was able to get an uninstall script working, which can be found in today's release (01-18-2012) attached to the first post.


    the MSDM table is only useful to individuals researching the details of the next OS activation scheme, so I don't
    include it in the releases for the general public, but it is included in the source and can be added by
    defining MSDM_INJECT as 1 and then compiling.

    .
     
  7. P3N3TRAT10N

    P3N3TRAT10N MDL Junior Member

    Nov 11, 2009
    62
    25
    0
    @nononsence

    Thanks for the uninstall batch file. The part of the script which fails is when mounting the EFI partition to remove the directory. The removal of the boot configuration for the SLIC entry works. It does not appear to be any different from the install script for searching for a free drive and mounting the EFI partition which also fails. I don't have the previous script which worked from a couple of versions ago. If you have it, what changed?

    UPDATE: I attempted to mount the EFI partition to each drive letter and then moved to the non-boot partitions to examine any errors. I noticed that each time I attempted to mount the EFI partition to my ISO drive in UltraISO the drive would disappear and become unusable. Apparently this drive letter is not being detected as occupied and was attempting to mount the EFI partition from the script. Once I disabled the ISO drive freeing up the drive letter then the script worked just fine. I do know that Windows Disk Management does not show the drive letter for the virtual drive but when the OS assigns a drive letter to a new storage device it will not use the ISO drive letter.
     
  8. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    @P3N3TRAT10N

    can you test the attached .exe, too see if you experience the same problem?

    it mounts the EFI partition, then waits for the ENTER key, then unmounts the EFI partition and quits.
     
  9. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    #90 nononsence, Jan 21, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
    @P3N3TRAT10N

    also could you run this test script, to see if it detects your UltraISO drives?

    Code:
    @ECHO OFF
    SET FREEDRIVELETTER=0
    ::
    ECHO finding free drive letter.
    FOR %%p IN (D E F G H I J K L M N O P Q R S T U V W X Y Z B) DO (
    MOUNTVOL | FINDSTR /R /C:".*EFI.*%%p:." >nul
    IF NOT ERRORLEVEL==1 SET FREEDRIVELETTER=%%p & ECHO EFI partition mounted at %%p: & GOTO :NEXT
    )
    FOR %%p IN (D E F G H I J K L M N O P Q R S T U V W X Y Z B) DO (
    MOUNTVOL | FINDSTR /C:"        %%p:\\" >nul
    IF ERRORLEVEL==1 NET USE | FINDSTR /C:" %%p:  " >nul
    IF ERRORLEVEL==1 SET FREEDRIVELETTER=%%p & GOTO :NEXT
    )
    ECHO could not find free drive letter & PAUSE & EXIT
    :NEXT
    SET FREEDRIVELETTER=%FREEDRIVELETTER: =%
    ECHO %FREEDRIVELETTER%:
    PAUSE
    
     
  10. P3N3TRAT10N

    P3N3TRAT10N MDL Junior Member

    Nov 11, 2009
    62
    25
    0
    @nononsence

    I just checked the program and it worked without any noticeable problems. My ISO drive was assigned J: and an external USB drive at K: The EFI partition was mounted at L:. Let me know if there is any other testing that I can help you with.

    UPDATE: The script found a free drive letter that was assigned to the ISO drive at J:.
     
  11. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    #92 nononsence, Jan 21, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
    can you try this one ?
    Code:
    @ECHO OFF
    SET FREEDRIVELETTER=0
    ::
    ECHO finding free drive letter.
    FOR %%p IN (D E F G H I J K L M N O P Q R S T U V W X Y Z B) DO (
    MOUNTVOL | FINDSTR /R /C:".*EFI.*%%p:." >nul
    IF NOT ERRORLEVEL==1 SET FREEDRIVELETTER=%%p & ECHO EFI partition mounted at %%p: & GOTO :NEXT
    )
    ::
    FOR %%p IN (D E F G H I J K L M N O P Q R S T U V W X Y Z B) DO (
    FSUTIL FSINFO DRIVES | FINDSTR /C:" %%p:\\ " >nul
    IF ERRORLEVEL==1 SET FREEDRIVELETTER=%%p & GOTO :NEXT
    )
    ECHO could not find free drive letter & PAUSE & EXIT
    :NEXT
    SET FREEDRIVELETTER=%FREEDRIVELETTER: =%
    ECHO %FREEDRIVELETTER%:
    PAUSE
    
     
  12. P3N3TRAT10N

    P3N3TRAT10N MDL Junior Member

    Nov 11, 2009
    62
    25
    0
    @nononsence

    That script found the first free drive letter which wasn't assigned to a device. Any other testing, besides adding this function in the uninstall script?
     
  13. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    Thanks, that's all I need will be posting the revised install/uninstall scripts in a few min.
     
  14. blackmail

    blackmail MDL Novice

    Jun 5, 2009
    7
    1
    0
    #96 blackmail, Jan 24, 2012
    Last edited by a moderator: Apr 20, 2017
    Code:
    // decrypt SLIC
    for(i = 0; i < sizeof(key); i++)
    key ^= 0xFF;
    for(i = 0; i < sizeof(SLIC); i++) {
    SLIC ^= key[pos];
    pos--;
    if (pos == -1) {
    pos = sizeof(key)-1;
    }
    }
    


    can be optimized to this:

    Code:
    #define KEY_SIZE_DECRYPT 16
    unsigned char key[KEY_SIZE_DECRYPT] = {0xD9,0x89,0xA1,0xA7,0x9B,0x91,0xAD,0xA7,0xC1,0xCB,0x89,0x90,0xCC,0x93,0xC2,0xBA};
    
    // decrypt SLIC
    for(i = 0; i < sizeof(key); i++)
    key ^= 0xFF;
    for(i = 0; i < sizeof(SLIC); i++) {
    SLIC ^= key[i % KEY_SIZE_DECRYPT];
    }
    


    or if you don't want to rotate key buffer

    Code:
    // decrypt SLIC
    for(i = 0; i < sizeof(key); i++)
    key ^= 0xFF;
    for(i = 0; i < sizeof(SLIC); i++) {
    SLIC ^= key[KEY_SIZE_DECRYPT - (i % KEY_SIZE_DECRYPT) - 1];
    }
    
     
  15. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    #97 nononsence, Jan 31, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
  16. Leolo

    Leolo MDL Member

    Jan 23, 2010
    149
    34
    10
    nononsence,

    Maybe this is a stupid question but, do you know how does the bcdedit.exe tool interact with the mainboard's firmware??

    This command can only be executed on Windows 7 x64 when in UEFI mode:

    bcdedit.exe /set {FWbootmgr} displayorder {Bootmgr} /addfirst

    But, how does it work? Does it send a special message to the mainboard??
     
  17. nononsence

    nononsence MDL Addicted

    Aug 18, 2009
    809
    810
    30
    #99 nononsence, Feb 5, 2012
    Last edited by a moderator: Apr 20, 2017
    (OP)
  18. xilix

    xilix MDL Novice

    Feb 10, 2012
    1
    1
    0
    Dude, I don't know how, but this WORKED! Thank you so much. I've been trying to find a way to activate this 64bit Windows 7 since I built this 2500k rig, and nothing worked. I tried every loader I could find, and finally ended up here after about 2 months. All the other loaders would puke because of my GPT partition or not finding my SLIC or something, but this injector+My Digital Activator worked. You rock dude! :worthy: