Services & DLL's - Descriptions/Functionality - Windows Mobile Development and Hacking General

Many threads say you can just disable/enable services but don't get into enough detail.
Figured I'd try to start a nice thread on services/DLL's that are on devices.
Feel free to help out.
*Even asking about other services found on your device will even help.
Required - The service is required for common core functionality.
May Be Required - Should not effect basic device functionality, but necessary in some cases.
Not Required - Wont have a significant impact on device functionality.
==== SERVICES ====
SqmUpload/sqmsvc.dll - System Quality Metrics, not required. Used by Customer Experience functionality to monitor feedback. (Can be deleted with SQM disabled)
credsvc/credsvc.dll - Credential Manager Service, required for ActiveSync to sync properly.
LASSD/lassd.dll - Local Authentication Subsystem, required (GWES or SERVICES relies on it???)
DTPT/dtpt_srv.dll - Desktop Pass-through, may be required for ActiveSync. Allows ethernet access when connected via ActiveSync.
BTHIDSVC/bthidsvc.dll - Bluetooth Human Interface Service, may be required for connecting inout devices over Bluetooth.
OBEX/OBEXSrVr.dll - Object Exchange Server, may be required for IrDA/Bluetooth file transfering.
SNApi/regextdev.dll - State and Notification API, may be required for some applications monitoring devices states. ex: Incoming Calls, etc.
CERTENROLL/enrollsvc.dll - Unknown (Socket Certificate Enroll?), may be required for EAP-TLS Authetication.
BTAGSVC/kwag.Dll - Bluetooth Audio Gateway Service, may be required to activate Bluetooth and Audio over Bluetooth. (Some devices claimed to stream audio without)
BthAsPlugin/BthASPlugIn.dll - Bluetooth ActiveSync Plugin, only required for Syncing over a Bluetooth connection.
==== PROCESSES ====
filsys.exe - Internal Filesystem, required for basic operation. Manages registry and filesystem.
cprog.exe - Default Cellular Handler, required for basic phone operation.
device.exe - Device Handler, required for basic operation. Hooks system drivers and basic system functionality.
gwes.exe - Graphical Windowing and Event Subsystem, required for basic operation. Basically draws windows and controls.
shell32.exe- Windows Mobile Shell, required for basic operation. Basically creates the "desktop" and window functionality.
connmgr.exe - Connection Manager Application, required for basic network operation. Maintains a list of connections and profiles.
NK.exe - ??? Kernel, required for basic operation. Initilizes device and maintains system kernel.
poutlook.exe - Pocket Outlook ?Monitor?, may be required for some operation. May maintain connection to e-mail server.
==== DRIVERS ====
coming later

Nobody finds this the least bit useful?

I do! Give people a chance to reply, you posted late in the evening for Europe!
Thanks for the info.

I do too Maybe BTAGSVC means bluetooth audio gateway service?

MCSchermer correct
BTHIDSVC/bthidsvc.dll - Bluetooth Human Interface Service, required for connecting human interface devices over bluetooth (mice, keyboards and such)
BTAGSVC/btagsvc.dll - Bluetooth Audio Gateway Service, required to transfer audio over bluetooth.

thanks
good work
BR

Thanks Allot
as a Noob chef, I totally find this useful.. this isn't around anywere i've seen. Thanks allot sir!!

Thanks for the explaination. Should be a sticky thread IMO.

Very helpful. Thanks!

Tahnks a lot mate...A good effort. Share some more...

Very useful stuff
Great for building ROM's and speeding up the device by disabling some services.
You should post this on WIKI great info.

xplode said:
MCSchermer correct
BTHIDSVC/bthidsvc.dll - Bluetooth Human Interface Service, required for connecting human interface devices over bluetooth (mice, keyboards and such)
BTAGSVC/btagsvc.dll - Bluetooth Audio Gateway Service, required to transfer audio over bluetooth.
Click to expand...
Click to collapse
Thank you very much sir.
I kept thinking...HID...HID...what would a mobile device use HIDs for?
Basically exactly what an HID is, rather stupid to have it enabled by default...but makes sense.
If anyone can find out if device hotkeys (like headsets, etc) work with BTHIDSVC disabled, that would be great.
*Also could use assistance in determining core nature of poutlook.exe
Thanks

I found this lying around the internet. I don't have time to translate it, maybe someone does. I'll just post it here and hope You find it useful.
EDIT: Adding some keywords to make it googleable WM6 windows mobile Exe dll file description documentation

Dude, this is freakin' awesome! Thanks, bro

Thanks! Very useful information.

Nobody gonna help?

Nobody's gonna help until You very clearly state what is the problem. Currently You have one rhetorical question pending. Nobody has time to answer rhetorical questions.

Cool info
thanks for the info man.this will be a nice help for rom cookers.
btw, i'm not sure though, but is'nt poutlook.exe related to contacts or messaging for communicating to outlook on pc thru active sync?

I don't really know, I haven't flashed anything in my life except a router and CD-ROM Ant these were far more easy to flash than a PPC it seems.

Thanks, Great info..

Related

Sniffing bluetooth traffic

I want to search around me for ppl with bluetooth phones or PDA's. Is there any good program for that? It should work with pocket pc 2003.
Have a nive day.
Let's see:
1) First post
2) Looking for sniffer software to detect people using bluetooth around you.
I'm thinking you're in the wrong place unless you can come up with a good reason to want to do this.
db
blutooth sniffing / packet insertion / snarfing.
Bluesnarf will compile and run if used with the litmus toolkit..
bluesnarf
cool, but where do u get the prog from?
mate,
try this out; app is called "meeting point". i copied and pasted the details from the web; as seen below:
===================================
Description:
This application is designed to search for -and to communicate with- other instances of itself running on other devices using Bluetooth.
When two or more MeetingPoints are within Bluetooth working distance, they will automatically exchange messages.
Meeting somebody for the first time and worried if you could identify the right person?
Need to meet a client on airport, bar, or another crowded place?
Just "tune" the same channel and it will fire an audible alarm when both meeting parties are close enough.
Do you want to exchange messages with anybody on working range? Just select the PUBLIC broadcast channel.
MeetingPoint works on many Operating Systems / platforms, such as PalmOS, Windows Mobile 2003, Windows 9x/NT/2000/XP and smartphones Symbian Series 60.
Every time a Bluetooth device is found, MeetingPoint communicates with it and attempts to perform a handshake. If the contacted device is also running MeetingPoint, and is "tuned" in the same channel, they will exchange messages and its users will hear an alarm notifying of the arrival of a new message.
MeetingPoint uses Bricenter's FDE (Fast Discovery Engine). FDE algorithm is based on statistical probabilities, and works well in the real world.
In a real situation, devices launch MeetingPoint at a random time and far away from the actual meeting place. When they enter the "meeting zone", their Bluetooth states are "shuffled" enough and, according to statistical probabilities, the "contact time" should be minimal. This is a critical feature designed specially for cases were people are moving.
MeetingPoint will redefine "bluetoothing" to a new level.
===================
cheers
robson
bluesnarf
ok thats cool, but what about the forced entry abilities that 'snarf claims to have? i think the only way to protect myself from it is to understand how it works.
Smiley
Re: bluesnarf
smiley_thing69 said:
i think the only way to protect myself from it is to understand how it works.
Click to expand...
Click to collapse
How about turning off Bluetooth?! :lol:
No, seriously..
I don't consider bluesnarfing and bluejacking such a big deal, but it would be fun to try it..
Lemme know it you find "bluesnarf1.0_ARM.cab" or something..

Video data transfer from PPC to Desktop

Hi everybody.
I just wonder how I can estabilish a remote connection between my pocket pc a nd the desktop pc, for video and camera capture still image.
Shall I have to use Winsocket or there is another way, maybe using Activesync manager?
Thank you very much in advance.
Visit www.ateksoft.com
Did you mean with an existing app or by code?
In the first case you should follow Chatty's suggestion and look at CoolCamera.
If you want to write something of your own, communication method depends on who initiates the connection.
If it is the device than winsock is the way to go, but if it is the PC you should look in to CeRapiInvoke function which allows you to extend activesync functionality with your own DLLs.
There is an option for block and stream data transfer with CeRapiInvoke and your custom functions.
levenum said:
Did you mean with an existing app or by code?
In the first case you should follow Chatty's suggestion and look at CoolCamera.
If you want to write something of your own, communication method depends on who initiates the connection.
If it is the device than winsock is the way to go, but if it is the PC you should look in to CeRapiInvoke function which allows you to extend activesync functionality with your own DLLs.
There is an option for block and stream data transfer with CeRapiInvoke and your custom functions.
Click to expand...
Click to collapse
Exactly: I would like to implement it by my own.
I don't know exactly if the communication should begin from ppc or pc: there could be both scenarious.
Thank you very much for your suggestions.
Another (perhaps stupid) question: in WM5 is there a way to host a WCF service (webservice), like in WInfx 3.0? Perhaps exists a Compact Winfx3.0? I should stop my imagination ... ;-)

Handy Sniffer v2.0

Hi IT people,
Handy Sniffer v2.0 has been released! It is cardinally altered.
11 protocol parsers are included and now anybody can develop new packet analyzers (.dll).
Unregistered version has a little restrictions but has no trial period.
You can find the program and module sample on our site.
http://winm-soft.atspace.com
Good Luck!
Great Release
Congratulations Alex, you managed to make cellular trafic capture, it's great news! Sorry that i didn't replyed to you about 1.6 but I had some personal problems that time. Anyway when we might expect WM5/6 version?
HS2 is specially designed for WM2003, WM5, WM6 and maybe smartphones (not tested). If there are some artifacts, ect. write me about it. I have WM5 and WM6 devices and HS2 and EDh work well. Play it! It is very great If anybody makes some additional protocol parser. Any ideas? Maybe some Instant Messenger protocol?
One more sample module
This is a sample module that can process each packet captured by sniffer. It replaces the main program module ("modules\hs_ether.dll") and calculates some Rx statistics. Maybe its source can be interested for somebody.
The link not work, now!
I clicked the previous link and all is ok. Copy is here.
Greetings AlexB,
I downloaded your program which sounds great. I installed the SDK certs and tried to get hsniffer running but it fails with an error message:
"Cannot activate the driver!" and then quits.
I'm using a HTC Kaiser with the latest official WM6 ROM from HTC.
If I start the program a second time, it starts without this error and if I click File->Tools->Adapters I get my adapters listed. Trying to start a capture generates the following error message: "Cannot get adapters list!"
Any hints? Did I miss something?
Hi c0rnholio,
I do not know why on some devices the sniffer cannot load the driver module (Windows\hsdriver.dll). The error 2 happens (ActivateDeviceEx, GetLastError, ERROR_FILE_NOT_FOUND) and next you see "Cannot activate the driver!". After this message the program works (you can open sample files) but cannot perform sniffing functions those need driver functionality. I think after this message the main window was behind and after next run you simply bring program window to top.
If anybody knows what causes such driver loading error I will be grateful for help. The program and driver are signed with SDK privileged certificate and it unfortunately does not help... **** happens.
Fixed it. The problem was that a GPRS connection was already established. After closing the existing connection the driver could be loaded and everything is working fine.
It is VERY strange! OK, if anybody ask me why HS does not work I'll say ask c0rnholio how need to do...
Hi,
i'm trying the new Handy sniffer into my TouchHD (Blackstone) but i can only get ARP packets (which are broadcasted). I also installed sdkcert as site advice, but nothing changes.
Alex, can you write down a list of devices which can capture in promiscuous mode?
In particular, how about Trinity and Blackstone?
Thanks!
sorry for my ignorance but what is the purpose of this? can i connect using gprs for free?
No, it's not for that purpose.
Handy Sniffer "Sniffs" (listen to) the traffic into a network. If working in "promiscuous mode" it can track down (and show to user) all the traffic (data in form of TCP packets) inside that network.
What's is supposed to?
There are many uses for this kind of tool, some legal and some ... "not legit".
While "sniffing" traffic of a given network, you can detect if someone is doing a unrightful use of the network, if an intrusion is being made, but also you can see passwords and other sensible data (like personal data).
It's like having a big hear cabable of listening network traffic. By itself, it can do nothing. It's up to the user to be capable of understanding packets of captured traffic.
So, forget a "stole the passwords" button. You'll not find it
woring with the HD2?
Hi, I have the HTC HD2, and I want to know if it was working with my phone?
I have actualy tried it, but the result was not good... (I only get ARP...).
thanks for any help
good for you guys, with my the HTC Kaiser I don't get anything...how do you do/set up the program
Thanks,
DOMy

Project Location Based Reminder for Mobile

Greetings,
i have started the project "Location Based Reminder for Mobile" which i will work on during my free time.
the Application will work like the Built in Tasks of Windows, but reminders are based on a Location Instead of Date/Time.
LBRM V0.1:
- Detecting the Cell ID and displaying it on the screen.
- Creating Tasks in the Default Tasks Application with Own Tags.
Next :
- Add Recoding Cell IDs to a Location Category Functionality.
- Add Reminding Functionality.
This Application Requires Microsoft .Net Compact Framework 3.5 to be installed.
Note: This Application is still under development and it is not functional at all.
Please don't attempt to install on your device if not participating in testing.
Warning: This application is provided as is, no warranties or support. i take no responsibility of anything or any damage done by this software or any part of it.
This is a wonderful idea. if it can work with the default tasks application.. and maybe, if you can talk to s.l.i to integrate it with Thumbcal, it will make a FINE tool i'm sure.
I would definitely use such a tool as most of my tasks are based on location rather on time.
by the way, as a reference, you can look for rk-Locswitch which is an application which does the same thing... but is meant to be a complete app with a whole lot of additional features, some of them.. not needed by some people.
Actually, i'm preparing the beta version to be released soon,
but the application will have it's own interface and store the tasks in the windows tasks application
i don't know if it is possible to add this functionality to the existing tasks plus it might be complicated.
let's see how we can improve it, but first i'm willing to release a beta.
I'm looking for similar program quite long time but without success. Hope you will finish your GOOD idea. On my SE X1 it has detected the Cell ID and displayed it on the screen. Looking forward next release.
May the Lord bless your efforts. I've been searching forEVER for an app. I will test this with Gusto!
Hmm...OK...sorry, thought this was GPS. Good Luck anyways, fine sir.
Still working on this? I've been looking for an app that would do location reminders based on outlook tasks. I want to enable the following use case:
1.Remember to do something at home while at work.
2.Create a task in outlook and categorize as "Todo @Home"
3.Phone syncs task.
4.When I go home, the application monitoring my location sees that I'm there and scans my tasks for any active tasks with the @Home category.
5.My phone reminds me of the task.
Any chance of doing that?
is it possible to get somwhere the regionaldata (like gps) of a cellID... maybe some opendatabase. THAT would be great... pointing somewhere in google maps (or equivalent), quering cellID<->geodata server... assigning cellID towers.. DONE .
Thanks for this, can't wait to try it...

[Q] Help disabling features on Windows Mobile 6.5 Professional

I am using a phone that has a Windows 6.5 operating system on it.
I wish to disable all the features on my phone other than GPRS connectivity,Wifi connectivity and Camera features.i.e.I shouldnt be able to make or receive calls,text anyone,play games,or use any other default feature.
Either it must be completely disabled or i should be able to give so kind of password protection to these features.
Please help me at the earliest,i require it for a project completion,and i am not able to figure it out as how this can be done.
Thank You in advance
i dont know whether this is the right place to post as i am a new user,so i am extremely sorry if i have made a mistake.
You should get a SIM card that only supports data access for your project. This will prevent any circuit switched (i.e. voice) features and linked services like SMS. There are also options to activate call barring features for a normal SIM (so you can steer what is allowed or not) - but his is then again part of the SIM card subscription (and can be used on any phone likewise).
There are no default options which could cripple your device in such way as you have asked for.
How to make changes in security policy of Windows Mobile 6.5 Professional?
i was browsing through the net and i found this matter:
4102
Unsigned Applications Policy
SECPOLICY_UNSIGNEDAPPS
This setting indicates whether unsigned applications are allowed to run on Windows Mobile devices. If a signed application does not have a matching root certificate in the Privileged Execution Trust Authorities or the Unprivileged Execution Trust Authorities certificate store, the application is unsigned.
You should always use SECPOLICY_UNSIGNEDCABS together with SECPOLICY_UNSIGNEDAPPS policy. This means that when you block unsigned applications from running, you should also block unsigned cab files from getting installed on the device.
Default value is 1 for Windows Mobile.
The following list shows the possible values:
0 indicates that unsigned applications are not allowed to run on the device.
1 indicates that unsigned applications are allowed to run on the device.
Any value other than 1 is treated as 0.
The required role to modify this policy is SECROLE_MANAGER.
i think this will help me as i can make the applications that i dont need as unsigned applications and then make it 0 which will serve my purpose...but i have no clue how to make these changes in my mobile..
Can u please help me with this???
the solution that is given wont work for me because if anyone changes the sim then the settings i require will change and thus the solution is not full proof. i also dont know i will get any sim dat only offers data transfer.
thank you for the quick reply and i am expecting the same in future too!!
Thanks in advance
Regards,
Sneha
Let me write you this last reply to your query, please do not expect any further from my side.
This forum deals with understanding restrictions and enabling previously hidden or restricted functions mainly - learning from each other's experience.
The subforum you have chosen (chef central) deals with understanding how the Operating System is constructed from packages and how these can be recombined to new (cooked) ROMs.
There is no intention to cripple the existing functions of the operating system itself or to restrict the Radio part of it in any way.
You may think that the snippet you took from a MSDN page delivers something you could use for your purpose (which you have not outlined) without understanding the security concept of Windows Mobile. This is quite complex and often (for simplicity) simply disabled completely on several levels - so no security either for whatever you want to do.
The existing packages of the OS do not have separate components that you could omit to disable your desired functions.
Even if so, these core packages of the OS are usually delivered as modules (another special concept of Windows CE/Mobile) that do not need any security or signing - so they run anyway without restrictions.
So finally good luck with whatever you want to do, but I believe that you cannot achieve this with a crippled Windows Mobile - at least not fool proof.
Hello Sneha,
Welcome to the forums.
Unsigned Applications Policy is totally different then what you are looking for. More info here. When enabled, you will be allowed to install or run unsigned aka untrusted apps.
But the inside apps or features are already signed so you cannot stop them from running by enabling or disabling Unsigned Applications Policy.
The really thing you need is to make a custom ROM, remove all the unnecessary things and flash it to your device(s). That means you should change/modify the built in OS (in a simple word) but you cannot do within the device
However, its not a day, week or even a month task. It takes many months to learn things and then you can finally do it. I'm 99% sure that all of your needs can be fully filled but :
1. Takes many months to learn.
2. You need to get the stock ROM, Modify and flash to the device.
BTW; which device you really have?
Thanks...
Best Regards
Closed environment is something that should be done in bsp: kernel to be precise. Also it is possible via custom certmod.dll.
BUT. Little problems:
1) no bsp sources unless you're OEM
2) no certmod.dll sources.
Please look at the initial request on the restriction of radio features. This is handled in the radio layer and this cannot be cut in pieces. So there are no components to sign/restrict/omit for that query.
Cooking can do a lot, but it does not go inside one component.
Cutting all other things may be feasible - but not for radio relevant parts imho.
tobbbie said:
Please look at the initial request on the restriction of radio features. This is handled in the radio layer and this cannot be cut in pieces. So there are no components to sign/restrict/omit for that query.
Cooking can do a lot, but it does not go inside one component.
Cutting all other things may be feasible - but not for radio relevant parts imho.
Click to expand...
Click to collapse
Of courses its a lot of work but its possible. Within the OS functions. Radio thing is just for input and output but the way its handled is under OS itself. Am I right or wrong? Think of removing packages depending to what you don't want.
i.e to disable messaging, Remove all things which are related to it. I'm sure you know it.
Though its a plenty of work and have to be expert so not messing around things.
ultrashot is right but if we had the source, every thing would have been different and even easy.
Radio is special and never dealt with in cooking. The Radio lower layers are treated with code in a dedicated partition (GSM) and accessed via an interface Layer (RIL = Radio Interface Layer) from the OS.
On top of that are applications like messaging or MMS - these can be cut.
I see no option to prevent e.g. only speech calls but allow data calls. On RIL level these are just different GSMBCIE elements (look up the relevent 3gpp specs). Of course you could find dirty ways to cut off e.g. the GSM speech codecs, but this would possibly not prevent to set up a call - creating cost but not having success when connected.
Tweaking these parts has not been of anyone's interest and thus "in theory" possible but hardly practically feasible.
How can i make changes on the OS?
Thanx a lot Cracing for the positive advice.I was planning to consult the OEM to make changes in the security policies.
I am working with the Synqe device .My main aim is barcode scanning and sending the data via GPRS or Wifi.and at the same time i want that all others connectivities and applications are to be deactivated.
Moreover i wish to restrict the usage of GPRS strictly for my application.
As u mentioned that i will have to make changes in the OS,will the OEM be able to do that for me or should i consult a good Mobile OS developer?
sneha6689 said:
Thanx a lot Cracing for the positive advice.I was planning to consult the OEM to make changes in the security policies.
I am working with the Synqe device .My main aim is barcode scanning and sending the data via GPRS or Wifi.and at the same time i want that all others connectivities and applications are to be deactivated.
Moreover i wish to restrict the usage of GPRS strictly for my application.
As u mentioned that i will have to make changes in the OS,will the OEM be able to do that for me or should i consult a good Mobile OS developer?
Click to expand...
Click to collapse
I see
Going with OEM should be better idea. They have the sources to do anything. Its not so easy for 3rd party Mobile OS developers (i.e here ). Need things and takes long enough to R&D and finish the project.
Hope you will find a good solution for your project soon.
Thanks...
Best Regards

Categories

Resources