Hi,
We have a provisioning website where a user logs in, enters the device IMEI #, phone # and submits. Now, this site will generate a unique CAB file on the fly for this individual and push it to his/her device. This CAB will will have a _setup.xml file which modifies a registry entry on the device. However, this will be unique to this device only, and hence should run only if the IMEI # matches.
Question 1 - Is it possible for a CAB file to check phone's IMEI # before installing the CAB (Windows mobile 6)?
Answer: Looks like it is using SETUP.DLL file link
Question 2 - How can I pass the IMEI # this individual submitted in the form as a parameter to SETUP.DLL so that SETUP.DLL can read the device IMEI and compare it to this one? Is it possible to add it to _setup.xml?
Answer: ??
The goal is to create a CAB file that can be installed on one device only (I believe IMEI will be the best thing to restrict it to one device)
Thanks in advanced..
you know the code right? use a script or something (i'm not a winmo coder kinda guy or even a coder, but i'll try my best)
if IMEI=XXXXXXXXXXXXXXX
then run XXXXX.cab
else exit
thats how good i am at code (not good)
I need to house everything inside one CAB on the fly. Also, I have modified my op.. so please check it. I found the answer to the first question - SETUP.DLL can make the check and run _setup.xml only if it meets the criteria.
Now, I don't know how to pass the IMEI # the user put in the webform as a parameter to this SETUP.DLL when I creating this custom CAB on the fly.
is it absolutely 100% necessary to have a cab file as the end user solution? An executable could run the code and the run a cab file that is inside the executable. I'm pretty sure this is possible
Unfortunately, it has to be a CAB file since it is seamless. The user get's a SMS with a link to his/her unique CAB on the device.. clicks on it.. and installs it.
Easy workaround for "end user": extract the CAB on the PC...
Rather the main app EXE should check its validity, not the CAB file.
do not use cab, use application (executable) you can easy use this logic
if IMEI#=XXXXXXXXXXXXX (the IMEI that should be)
then modify registry this way (and add the needed changes)
if IMEI# not equal
bring error message
you can not make the cab to perform tasks before running it
or maybe there is something you can do in setup.dll
so the prosedure will be
run cab instalation setup.dll checks if imei = _setup.xml given imei then proceed with instalation if it is not equal then fail instalation
i am not programmer too but it seems that these are the 2 variants, sorry i can not give you any technical tips about this (like sample code)
Related
I want to deny or restrain installation of applications on the fly as an service/process or by making changes in the registry on WM5 devices. Any ideas? The app preferely in C++/C#
CAB files are installed by wceload.exe in the windows directory.
You can overwrite this file with a blank exe, or remove the CAB extension reference to it in registry under HKEY_CLASSES_ROOT.
Deny or restrain inst. of apps
Thanks, yes I've thought about this - but this isn't a very dynamic solution. When a person run a CAB I want to check if app is okay to install from a "List" - then show a popup with a message saying something like "Sorry, you are not allowed to install this application. Please contact your company IT Admin for more info".
Is the .CAB association in HKEY_CLASSES_ROOT linked to wceload - so I could run an app to validate CAB, and if ok execute wceload..?
levenum said:
CAB files are installed by wceload.exe in the windows directory.
You can overwrite this file with a blank exe, or remove the CAB extension reference to it in registry under HKEY_CLASSES_ROOT.
Click to expand...
Click to collapse
Write up a registry entry in HKEY_CLASSES_ROOT to associate .CAB files with your custom file. Then, when the user taps on a CAB file, your program reads it, compares it against its list and, if it's approved, calls WceLoad with the appropriate parameters.
The key would probably look something like this:
HKCR\cabfile\shell\open\command
(default) = "<path to your app>" "%1"
(%1 will be replaced with the path to the CAB file).
Then, if the CAB was approved, call WceLoad with the following parameters:
\windows\wceload.exe "<path to cab file>" /nodelete
Note that some apps, may call wceload.exe directly. I am not sure if Activesync does it, but I know a couple of custom installers that do.
If you really want to secure the device against unothorized software do the following:
Rename wceload.exe to something else like wceload1.exe.
Create you own wceload.exe, but make sure you capture and preserve all command line parameters in case you need to transfer them to the original file for proper installation.
This way you can be sure no one will install anything without your permission.
Olso, keep in mind wceload is used to switch themes as well. (It handles *.tsk files).
Very much..
Thank You all!!
Intro
Lately I've seen a lot of posts by people who are trying to replace WM internal or driver DLLs, either for hacking/testing or to release. Aside from the possibility they are just doing something that won't work in the first place, I've seen failure a lot of times because files aren't properly signed, or if they are, the certificate in question not being in the right certificate stores for it to have any effect. On some ROMs it will still work due to patched NK.EXE, on others it won't, its just not very reliable.
So, I present you with the correct way of doing this by means of a small tool that will do this for you: DriverWiz. It will take care of most of the stuff, and leave you room for additions. You will however still need some basic knowledge of the command line, if you don't have that, you have no business doing anything like this anyways.
Background
I use this technique myself all the time. When just hacking away, replacing system DLLs to trace calls, etc. It's also the same method used for the HTC-CA drivers and the ICS installer. This method works on most stock ROMs as well, though not on all of them (in rare cases some security policies are set that will prevent CAB installation)
Usage
It's fairly simple to use. Just extract the attached zip file somewhere, open the command promt, and change directory to where the zip was extracted. That's the installation part.
Now when you actually want to build a CAB file from a DLL, you use the DriverWiz.bat file.
DriverWiz v1.0 by Chainfire
Usage:
DriverWiz.bat "Description" "CAB-name" "DLL-name-1" ["DLL-name-2" ...]
Examples:
DriverWiz.bat "New DDI" "ddi.cab" "ddi.dll"
DriverWiz.bat "Two DDIs" "ddi.cab" "ddi.dll" "ddiaux.dll"
Click to expand...
Click to collapse
DriverWiz will take care of signing the DLLs, inserting the certificate, etc, and you will end up with a proper CAB file for this kind of thing. Just copy it to your device and run it to install.
#1. You need to put the DLL files in the same folder as DriverWiz. Do NOT include paths in your DLL names
#2. Include the quotes in the command like in the examples!
#3. The first time you install a CAB made by DriverWiz, your phone may still give you a certificate warning. This is normal, don't worry about it.
Caveats
While this method has never failed me yet, it is possible that some files cannot be replaced this way. Just a disclaimer
Modifying
DriverWiz bases the inf file it will create to build a CAB from on DriverWiz.tpl. If you need to add registry entries to your CAB file, modify DriverWiz.tpl before you run the batch file. You can make other modifications too, add files, etc. Just take care that you don't break it
You can use your own certificates as well, instead of the supplied "Dummy" certificate that comes with DriverWiz. The files you will want to modify/replace are DriverWiz.pfx (used for signing) and DriverWiz.xml (used for injecting the certificate). I'll see about finding a reference for how to do that online and posting the URL here (someday). Creating a new certificate from scratch can be a frustrating effort - make sure you got openssl handy
Changelog
19.03.2009 - 1.1 - Added some file exists checks and attribute changes
Download
Temporary PlaceHolder for more Info.
Whoo this is hot from the plate, looks very promising!
Driver testing withoud cooking! joohie
Well if you replace the wrong files you're still going to need to hard-reset to boot. I advise KITL before you do
Works flawless. You tha man.
Didn't work for me trying to cab up No2Chems Fast Charge battery divers.
ruskiyab said:
Didn't work for me trying to cab up No2Chems Fast Charge battery divers.
Click to expand...
Click to collapse
What exactly happened? Attach the files and such
It made the cab and all, but when I went to install it, the unsigned error message popped up just like when I tried it with WinCE cab manager.
That is perfectly normal behavior. The first time you install a CAB with this certificate it will not know the certificate. However, once you install it, the certificate will be injected in the right place, and the files signed with the certificate (the driver files in the CAB) will be allowed to be run.
It won't happen the second time you try it
So if I try to install it again, it'll work fine? is there aa soft reset required in between? I can replace these drivers manually by renaming the old ones and copying them over, the whole reason I want a cab in the first place is to facilitate the UC process when I flash a different rom
ruskiyab said:
So if I try to install it again, it'll work fine? is there aa soft reset required in between? I can replace these drivers manually by renaming the old ones and copying them over, the whole reason I want a cab in the first place is to facilitate the UC process when I flash a different rom
Click to expand...
Click to collapse
Actually it should just work the first time. Just click OK when the certificate error appears.
Nice nice nice work!
error message
I got error messages when creating a cab from a rilphone.dll. Does it mean anything, or are these errors okay? I guess I'm specifically wondering about the SignTool error. If its okay, then my cab should be good.
EDIT: I think I found the problem. I didn't have UAC disabled in Windows 7. I tried it again, after disabling it, and it works fine now. Thanks for the easy to use tool!
syntax for registry entries?
I was experimenting with creating a cab for the Rogers folks who need a specific rilphone for their Caller ID to work. There are some registry entries associated with this feature, so I was wondering what the correct syntax is for putting the registry entries into the .tpl file. I've tried a few different ways, and I've either a gotten a 'Registry section is empty' message, or a 'Registry has an unsupported registry root key' error. I'm sure its something really simple I'm missing, so any help you can offer is appreciated.
It just seems that since we now have this easy method to sign these dlls, so that they can be used in any ROM, that the Rogers people shouldn't have to jump through so many hoops to get it to work.
EDIT: Nevermind. I'm an idiot that didn't do a little bit of research. All is well now.
Excellent stuff, Microsoft may rant about this way of distributing signtool and cabwiz though.
Chainfire said:
You can use your own certificates as well, instead of the supplied "Dummy" certificate that comes with DriverWiz. The files you will want to modify/replace are DriverWiz.pfx (used for signing) and DriverWiz.xml (used for injecting the certificate). I'll see about finding a reference for how to do that online and posting the URL here (someday). Creating a new certificate from scratch can be a frustrating effort - make sure you got openssl handy
Click to expand...
Click to collapse
Here's an intro to cert stores for WM:
http://msdn.microsoft.com/en-us/library/aa458010.aspx
pfx generation is a 2-liner with openssl:
# Generate a CA certificate
openssl req -new -nodes -x509 -days 9999 -newkey rsa:1024 -md5 -keyout cert.key -out cert.cer -subj "/CN=DriverWiz"
# Convert to pkcs12/PFX format
openssl pkcs12 -export -in cert.cer -out cert.pfx -inkey cert.key
got error messages under vista sp2, any ideas?
I also get an error saying that the latest version of CAPICOM.dll is missing. The ones I can find for download from the internet are version 2.0.0, and the tool requires 2.1.0.1 or later.
Does anyone have the needed version of the dll?
EDIT: Found it, 2.1.0.2 version of the dll is in the attachment.
Time Saver !
Many thanks; DriverWiz /w the CAPICOM.DLL saved me about an hour of troubleshooting.
Cheers,
Thanks for the capicom.dll Even after disabling UAC in W7Rc1 it wouldn't go, so great to have it posted to.
Chainfire, which format should the Reg's be added?
I tried the default .reg formating just under:
[Registry]
[HKEY_CURRENT_USER\ControlPanel\Profiles]
@=""
"ActiveProfile"="Normal"
?
Scrap that i found the .inf format
[AddRegistry]
HKCU,"New Key","",0x00010001,1
Many thanks for this, i'll try to Point Driver replacing Sinners from now on to here.
Well INF files are a regular female dog.
If you rather use WinCE CAB Manager, the trick is easily done as well. I do not have it handy right here (I'm not at dev box), but it goes like this.
Put the DLL's and EXE's that need to go in the CAB into the same folder as DriverWiz
Execute the following command from the command prompt in the DriverWiz folder: signtool sign /f DriverWiz.pfx *.exe *.dll
Open your WCM/CAB with CM
Somewhere is an option for "Pre XML" (main screen IIRC).. click to add/edit, and load the DriverWiz.xml file
Save
signtool sign /f DriverWiz.pfx *.cab
Et voila. I should really make an update to DriverWiz to include CAPICOM and write a proper guide on how to do all this manually (including making your own certificates and such). It's easy if you know how
If you could insert another empty post for me at the top, that'd be great.
Hi,
I'm currently working on a few tools, and want to know what features would be liked by cooks/users or anyone really.
The first tool is an exe generator for hot fixes. Simply put, you plug some files into it, and it generates an exe that can be run on the target device which will do all the hot fixes.
The advantages it gives:
No more cabs!
Can use a custom icon for the exe if desired
Things like messing around with setup.dll files doesn't need to happen, and an application can be launched after install if wanted
Files can be deleted
File properties can be changed
Can use XMLs
Can edit registry
Can install files
Since it's written in native C++, it should run without a hitch on WM5+ devices, whether or not they have .Net whatever...
The second tool is an AutoRun/UC/whatever like system that simply searches through a folder, finds all cabs/xmls/provxmls and then installs them. This means there's no reliance on autorun for parsing config files, or any other requirements. Again, it's written in native C++ so is better
Any suggestions/ideas would be welcome!
Oh, and once I've got slightly further, both these will be released as open source. Probably.
l3v5y said:
Hi,
I'm currently working on a few tools, and want to know what features would be liked by cooks/users or anyone really.
The first tool is an exe generator for hot fixes. Simply put, you plug some files into it, and it generates an exe that can be run on the target device which will do all the hot fixes.
The advantages it gives:
No more cabs!
Can use a custom icon for the exe if desired
Things like messing around with setup.dll files doesn't need to happen, and an application can be launched after install if wanted
Files can be deleted
File properties can be changed
Can use XMLs
Can edit registry
Can install files
Since it's written in native C++, it should run without a hitch on WM5+ devices, whether or not they have .Net whatever...
The second tool is an AutoRun/UC/whatever like system that simply searches through a folder, finds all cabs/xmls/provxmls and then installs them. This means there's no reliance on autorun for parsing config files, or any other requirements. Again, it's written in native C++ so is better
Any suggestions/ideas would be welcome!
Oh, and once I've got slightly further, both these will be released as open source. Probably.
Click to expand...
Click to collapse
Wow, this sounds very very promising. Can't wait!
dwizzy130
yeah some user friendly and easy to understand specialy editing the rom or making add/remove programs EASILY is the best specialy to noobs like me when cooking ROMS all in one tool with advance AI for error checking
Sounds very attractive. go on my friend.....
Sounds good mate
I'm looking for a tool to easily make a setup.dll. Like setup.dll maker/generator/wizard.
Seems the only tools I can ever found is from e-pocketsetup, but that company was sold to another company and the product was never available since then.
I know cooks hate a cabs with a setup.dll. But seems without setup.dll a cab installer can not execute some little complicated actions. And it is impossible to make a setup.dll without grasp a computer language like c++.
Edit: Found another one: setupdllcreator , but it's not strong enough and not freeware.
Edit: If these can be realized, a setup.dll maker is much less needed:
No more cabs!
Can use a custom icon for the exe if desired
Things like messing around with setup.dll files doesn't need to happen, and an application can be launched after install if wanted
Files can be deleted
File properties can be changed
Can use XMLs
Can edit registry
Can install files
Click to expand...
Click to collapse
But we need above mentioned fubctionalities to be DYNAMIC, like:
Can detect availability of certain reg entries or installed apps, base on the result to decide which variants of install files to be installed, or whether some supporting apps like netcf or mortscript to be installed. Or can detect device id, resolutions, drivers to decide what to do.
Otherwise it still can not completely replace setup.dll.
But if dynamic actions can be executed, wow that's a dream of developers & hackers and even common users can benefit from that, a real revolution !
woww can wait for realese
l3v5y said:
Any suggestions/ideas would be welcome!
Click to expand...
Click to collapse
So I'm posting my requests again, the idea is this: It will be much helpful if I can know what is happening/changed in the registry after I did anything to my WM devices. So maybe you can develop a tool to monitor & log the real-time changes of registry. Or at least we can have a registry-comparision tool on ppc.
Another thing is it seems we don't have a file structure viewer on ppc, not the stuff like total commander etc., want to export the file structure to a file like .txt or .jpg.
Update: Now my idea is clearer for this, what I suggest would be a System Snopshot program to realize this:
Can make a system snapshot to record the registry content, file structure, ram usage etc.
The snapshot can be initialized in the similiar way of CapSure screen capture program, i.e., a hardwre button, a fixed time, a screen tap, a program launch, etc., defined by user.
Can choose a full system snapshot or only on selected part of registr, file system etc.
Can generate a file containing the recorded system condition.
Can compare any two system snapshot result and generate a comparision chart/change log.
So I've posted my requests as per your request, whether or not you'll do it is not my business lol.
Update: Found SK Tracker, cost EUR9.95, so forget this one. Why I did not know it in the past?!
I try to create a program which consists of
.asx files (to show online tv channels),
.lnk files (shorcuts to the .asx files) and
a .dll file which contains only some .ico files (icons of the tv channels).
I added all these files to a cab using WinCE Cab Manager and tried to install it on my ppc. So far so good. The problem occurred when the message “The program can not be installed. Choose another location” appeared during installation, just after the process bar was filled.
Although I have no idea about computer programming, I have created many cab’s with WinCE Cab Manager for skins I have created for several programs. Anyway, I realized that the problem occurred due to the .dll file, since this is the first time I add such a file in a .cab.
I created my .dll file using a .dll from another program which had only icons in it, as well. I deleted them using Restorator 2007 and I had an “empty” .dll sized 4KB. Then I added my icon files using XN Resource Editor.
I searched the Internet to see what might be the problem with the .dll and I found out that I have to “register” my .dll file. I really have no idea what this means but it needs to be done. I also found an option in WinCE Cab Manager for “self-registering” file, but it didn’t work either.
So, the question to you dev guys is how can I register my .dll file, or should I create it from the beginning with another way?
Please help! Thanks in advance!
sorry to repost but it seems that posts keep coming in this forum and this thread is already in the second page and I'm afraid that noone will see it and reply to it. By the way, is there any special sub-forum for such questions?
This may help. I use his instructions to edit existing DLL's
http://www.modaco.com/content/i9x0-...88904/lisbian-taskbars-for-i910/#entry1023568
It will unsign the dll which will probably fail on your custom dll but it should sign it when you are done editing.
NilsP
Many thanks for your suggestion but unfortunately it didn't work for me.
As you said, this is mainly for resigning already signed .dll files.
Any other help will be appreciated. I can attach it here if anypne is willing to help. Or just tell me the way. Thanks!
I deploy a few dll's with my app, without any problem. If the installer complains about the location, what did you specify where it should go?
There are 2 approaches to solve this problem:
1.) If you have a private key to match a certificate in the device's certificate store, sign the .dll and .cab with this private key and it will be installed with elevated privledges, and be successful. To facilitate this you can install the "SDK Certificates" - and sign with the matching private key (you should be able to find these on a search, term "SDKCerts" or similar)
2.) Look for an "Application Unlocker" or other security reduction tool, run it, and you should be able to install the cab. On this note, if you check here, it will give you a more technical overview of the security policies. You want to change 4101 / 0x1005 to "SECROLE_MANAGER" (8) - which tells the system to install it with elevated privledges. Also make sure 4102 / 0x1006 is set to 1 to allow unsigned applications.
6Fg8
I don't believe that is the location I specified that causes the problem because when I deleted the .dll file from the .cab, it was installed properly. How do you create your dll files? With programming or you just edit existing files? If I send you my .ico files, will you be able to create the .dll file for me?
Da_G
Thanks but both approaches seem very complicated for me!
So, will I need Visual Basic in order to do this or is there any easier way? Can anyone sign the dll for me?
angelos_cy said:
6Fg8
How do you create your dll files? With programming or you just edit existing files? If I send you my .ico files, will you be able to create the .dll file for me?
Click to expand...
Click to collapse
Yes with programming, C++ or .net. Never had any issue with signing. I can try to make a dll if you send me the icons (or post them here if they aren't too secret ).
6Fg8 said:
I can try to make a dll if you send me the icons (or post them here if they aren't too secret ).
Click to expand...
Click to collapse
I have sent them to you by pm. They are not secret at all but I will create a "program" (wannabe ) with that dll and I want that program to be a surprise for users of the forum where I'll post it. I may post it on xda too, but it's nothing important.
Many thanks!
angelos_cy said:
The problem occurred when the message “The program can not be installed. Choose another location” appeared during installation, just after the process bar was filled.
Click to expand...
Click to collapse
This happens because you've changed resources in signed file, which changed file checksum and invalidated it's signature, and Windows installer refuses to install file with invalid signature. But it won't refuse to install this file WITHOUT signature at all - so use unsigner (search for it on XDA) to remove signature completely; if you encounter error, try to remove signature from original (unmodified) file, and then change resources in it...
6Fg8
the_ozyrys
Thanks to both of you!
6Fg8 has created and signed the dll for me and it finally worked, but I also tried the_ozyrys' method and it also worked.
So thanks to baniaczek too, since he created the unsigner.exe.
Everything worked fine with the dll. Now the cab is installed properly.
However, I have another problem. Just after the installation of the cab on my ppc, it seems that the device freezes for about a minute. This is propably because my cab contains a lot of shortcuts (.lnk files) that go under Programs folder.
So, I would like to ask for another favour, if it's possible. As I said I intend to give this cab to others too. Since this delay can make them believe that my program has freezed their device, I would like to make the cab restart the device just after installation and after uninstallation as well. I think this is made with the "Setup.dll" which I don't know how to create.
If anyone knows how to do this and has the time for it, could you please create this setup.dll for me. If the cab is needed to do this, just tell me to send it to you.
Thanks in advance!
Anyone? Plzzzzzzz!
If you want to sign .dll or .exe u can use the apps posted in the two posts below
http://forum.xda-developers.com/showthread.php?t=432041
or
http://forum.xda-developers.com/showpost.php?p=3530246&postcount=18
raykisi
Thanks for your answer but 6Fg8 and the_ozyrys already helped me on that.
My question now is how to create a setup.dll in order to make my .cab to prompt the user to restart the device after installation and uninstallation. If anyone can do it for me, I can send you the .cab which I alreday created and you can add the setup.dll with those functions.
Hi, i have an Herald with the original windows mobile 6 executable i downloaded on a website and i extracted the RUU_signed.nbh, then i used Hypercore to get the OS.nb and then i got the OEM and SYS folders to start building my ROM the way i like it. First i thought about including my own registry modifications and i know those modification have to be installed in the device at the end of everything to over write the default that get install first so in the OEM folder i created a sub folder i called zzz_My_registry_OEM. As you can see, my attempt there is to put the .rgu file in there and because the name of the folder start by zzz, it will obviously be installed at the end. Is that right? Because if i'm wrong please tell me, i never did that before, its my first time cooking a ROM. Then, i face a new problem. I have the complete list of all the registry tweak i want to put in the .rgu file, i know i have to begin the file by REGEDIT4, the lines starting by ";" are not recognise so i can put a note of what the registry is for (for personnal reminder), then at the end of all my registry tweaks, i have to leave a blank line but... I just dont know how to write the lines properly because i know its some sort of code and i have to write in code. I'll show you precisely what i mean. Here i have a tweak to change the temp file to the storage card and it goes like this:
HKEY_LOCAL_MACHINE\System\FileSys
edit temp path key \Storage card\Volatile
Here an other one to change the language of the slide out keyboard to US:
HKEY_CURRENT_USER\ControlPanel\Keybd
create a new string
Name: Locale
Value: 0409
The problem as you can see, that is good if i tweak the registry of my already installed ROM from a registry editor, thats not valid for a .rgu file while cooking a ROM. But i have no idea how to write those codes properly and i found absolutely no instruction no where. And i have a lot more tweaks like that that i want to do. Is there any one here willing to link me to a detailed and intelligent tutorial or to translate my reg tweaks for me so i can finally nail that once for all? I thank you all in advance for your help. Anything could help because even if you dont have a complete answer, i'll do the job of reading the post and take all the bits together and figure it out. Some of you know a little bit that will complete some that an other one know to finally form the big picture.