Author Archives: dw5304

windows 8/server 2012 unsigned driver hell no more.

Posted on by
4

So I have this nice new computer that I built with a asus p9x79 motherboard. I wanted it to become a 2012 server for some stuff. After loading the OS I found out that the nic is “incompatible” seeing intel thinks that its a desktop board and should not be used in a server. I went looking though the inf file and found out that it was ignoring the hardware id’s.

[ControlFlags]
ExcludeFromSelect = \
PCI\VEN_8086&DEV_1502,\
PCI\VEN_8086&DEV_1503

Well this sucks…. lets fix it.

I then removed the exludefromselect and the two lines fallowing it.

went to install the modified driver and ended up with image

well at least I know its ok :). Now lets fix the catalog’s hash.

A hunt on google told me I needed inf2cat so lets download it here.

inf2cat /driver:”C:\Driver” /os:8_X64

My new catalog was created :).
went and tried installing my new driver once again and Damm :(… digital signature is missing wtf???? how the hell am I going to fix that I thought.

A little more searching found out we can make a self signed cert and attach it to a driver “he he”…. nice try Microsoft…..

So lets get this sucker signed. download here

makecert -r -n "CN=Intelnic" -pe -ss MyCertStore -sr LocalMachine

Now I needed to export this cert with its private key so we can import it into “Trusted Root CAs” and “Trusted Publishers” on my local machine I was creating the driver and also on the target machine I wanted to install my driver at :).

Now that we have it imported lets sign this sucker.
signtool sign /s MyCertStore /n "Intelnic" /t http://timestamp.verisign.com/scripts/timestamp.dll "C:\Driver\e1c63x64.cat"

Went back to my server installed the cert int trusted root cas and trusted publishers hey look my nic now works :).

it works

Thanks Microsoft for making a “secure” os that has to have drivers that are signed … but wait…. I just made it my self o well there went that idea….

bucketworks PA project

Posted on by
Reply

Earlier last week I ended up making a new pa system for Bucketworks. Now what most people will not realize is everything at Bucketworks is hacked to gather and this is no different. I was asked to make a low power radio system for notifying people within Bucketworks for people at the door and other uses, seeing we would need to file for an fcc licence i decided to go another route and the Bucketworks pa project was born.

during our wondering around at Bucketworks we (paul,eli,and I) have come across manly things one of them things was an old pa speaker and I got to thinking does it still work? I ended up wiring one up to an amp, we found in the basement along with a old audio mixer seen below after finding out we had a bad 1/4″ cable.

and low and behold it worked.
https://www.youtube.com/embed/Lehy4tTpVCg

The next step was to figure out where all the rest of the speakers were located and where to run the wires back to the server room where we were going to store the audio equipment. we ended up finding a total of 5 speakers wired them in and played some Pandora over the new pa system. I had to modify a cable to go from the “server” to the audio board.

I then set to making the Bucketworks pa bot. This bot is a windows client that logs in into an irc channel and organically just sent text to a text to speech function over the sound board. I expanded it to authenticate, noaa weather warnings, play music, tell the time and a few other functions.

After showing it to a few guys we ended up hearing this and we all started laughing.

and the Bucketworks pa project was complete.
If there is any interest i will upload the code if it is wanted.

Hyper-v User rights assignment

Posted on by
Reply

So if your like most admin’s you and have a bunch of Support staff some times its just easier to give them access to hyper-v then to have them wait for the admin to complete a simple task (ex.make a snapshot). The only issue with this is the fact they can do things we don’t want… for instance turn a machine off reboot change settings like nics along w/ creating new machines. So i went looking and apparently there is a way to restrict this so this post goes to show how we can.

Assigning Rights to hyper-v
Open mmc.exe

Click file then add/remote snap-in

Select authorization manager and hit add and ok

Then right click on Open Authorization Store….

Select XML file then hit browse

Goto \\Server_name\c$\ProgramData\Microsoft\Windows\Hyper-V\ and select InitialStore.xml

Then hit ok


Role Assignments
Select the Role we want to assign in this case its Administrator

Right click and click assign User and Groups then select from Windows and Active Directory…

Enter username you want to assign rights to. And hit ok

That user will now have admin rights.

Creating New Role Definitions
(what rights does this group have?)
Expand intialstore.xml -> Hyper-v services ->Definitions ->Role Definitions

Right click Role definitions and click new role Definitions

Then enter a name and click add…

Select Operations tab

Then add what rights you want that role to have by checking the checkbox and hitting ok, ok.

Now that we have a new role definitions created now we need to create role assignments see role assignments Section.

Role Assignments
Right click create new role assignment

Select what role that’s been defined

And hit ok

Now we need to add user into this group see Role Assignments

WDS Mananger on windows 8

Posted on by
Reply

Apparently Microsoft did not include WDS manager with there server 2012 RSAT (Remote Server Administration Tools) once again…
to enable remote wds control place the fallowing script in a batchfile and run batchfile.bat wdsservername

copy \\%1\c$\windows\system32\WdsMgmt.msc c:\windows\system32\WdsMgmt.msc
copy \\%1\c$\windows\system32\en-US\WdsMgmt.msc c:\windows\system32\en-US\WdsMgmt.msc
copy \\%1\c$\windows\system32\wdsmgmt.dll c:\windows\system32\wdsmgmt.dll
copy \\%1\c$\windows\system32\en-US\wdsmgmt.dll.mui c:\windows\system32\en-US\wdsmgmt.dll.mui
copy \\%1\c$\windows\system32\WdsImage.dll c:\windows\system32\WdsImage.dll
copy \\%1\c$\windows\system32\en-US\WdsImage.dll.mui c:\windows\system32\en-US\WdsImage.dll.mui
copy \\%1\c$\windows\system32\wdscsl.dll c:\windows\system32\wdscsl.dll
copy \\%1\c$\windows\system32\wdstptc.dll c:\windows\system32\wdstptc.dll
copy \\%1\c$\windows\system32\WdsTptMgmt.dll c:\windows\system32\WdsTptMgmt.dll
copy \\%1\c$\windows\system32\en-US\WdsTptMgmt.dll.mui c:\windows\system32\en-US\WdsTptMgmt.dll.mui
copy \\%1\c$\windows\system32\wdsmmc.dll c:\windows\system32\wdsmmc.dll
copy \\%1\c$\windows\system32\en-US\wdsmmc.dll.mui c:\windows\system32\en-US\wdsmmc.dll.mui
regsvr32 WdsMgmt.dll
regsvr32 WdsTptMgmt.dll
regsvr32 WdsMmc.dll

once you do its now possible to remotely manage wds servers in your network by typing WdsMgmt.msc in search.

bucketwork.org build health event.

Posted on by
Reply

For 28 hours, from April 14-15, experts from the health care field will collaborate with hackers to solve relevant health care problems. Local health care experts will present contemporary health care challenges. Additionally, participants may present a health care challenge or solution. Participants will self-assemble around the problem or proposed solution they find most interesting and creatively problem solve, creating a working proof of concept to present to the judges. Solutions need not be software; they can be other instruments of social change.

Food, internet, and plenty of rest and work areas will be provided along with fabulous prizes!

Please visit BuildHealth.org for more info and to register.

 

make sure u register if ur coming 🙂 u will need a ticket to get in.

Rdp 6.2.8250 for windows 7

Posted on by
5

So i went looking for a way to use the new rdp 6.2 in windows 7 and was unable to find an installer on microsoft website so i decieded to see if i could copy the files and get rdp to work. After several tries i was finaly able to get it to work :).

I included the files below.

rdp6-win7

on a vaild windows 8 machine:

create a new folder for files someone usb drive is a good palce,
inside this new folder make a folder called en-us and wbem

inside wbem create a folder called en-US (its important u have US captilized)

open Driveroot:\system32\

copy mstsc.exe,mstscav.dll in to the new folder on the usb

copy mstsc.exe.mui and mstscax.dll.mui from Driveroot:\system32\en-us to new folder\en-us

copy mstsc.mof and mstscax.mof from driveroot:\system32\wbem\ to new folder\wbem\

copy mstsc.mfl and mstscax.mof from driveroot:\system32\wbem\en-US\ to new folder\wbem\en-US

 

and u should be good to go.

 

rootkit hidden in millions of cellphones

Posted on by
1

Another email just surfaced …

rootkit hidden in millions of cellphones

Rootkit found in Android, Symbian, BlackBerry, webOS and even iOS handsets …. but not windows phone’s

The rootkit belongs to a company called Carrier IQ and it seems that it has low-level access to the system that allows it to spy on pretty much everything that you do with your handset. This, on the face of it, seems like an extremely serious breach of security, privacy and trust.

The capabilities of the rootkit were first discovered by 25-year-old Trevor Eckhart.

Here’s a video showing how everything, including text messages and encrypted web searches, are being logged. It’s truly horrifying.

NOTE: At this point there is no evidence to suggest that keystroke data is being transmitted from the handset.

According to Carrier IQ the company is ‘not recording keystrokes or providing tracking tools.’ The video above seems to suggest otherwise.

When Eckhart initially labeled the software as a rootkit, Carrier IQ threatened him with legal action. Only when the Electronic Frontier Foundation stepped in did the company back off from this threat.

“Every button you press in the dialer before you call,” Eckhart says on the video, “it already gets sent off to the IQ application.”

Like I said earlier, there’s a version of Carrier IQ on Apple’s iOS, but it doesn’t seem to be quite the same and doesn’t seem to access as much information. Also, if you want to disable Carrier IQ on your iOS 5 device, turning off Diagnostics and Usage under Settings seems to be enough.

You might have noticed that I didn’t list Windows Phone 7 OS earlier. That’s because it seems that Windows Phone handsets don’t have Carrier IQ installed.

Here’s a video that explains some more about Carrier IQ. This video also contains a clip from a video by Carrier IQ’s vice president of marketing explaining how the company sees this as being completely legal.

 

[UPDATE: According to a statement from Apple to AllThingsD, Apple stopped supporting Carrier IQ with iOS 5.0:

“We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.”

When begs the question … what’s collecting all the information on the iPhone? Is this a mechanism developed by Apple for Apple?]

Bit shocked that your iPhone has that Carrier IQ logging feature built into the OS? You can switch it off … in fact, I’ve shown you how to do this before!

Here’s how!

Buried in the Settings menu is an option to choose not to send what Apple calls ‘diagnostic and usage data.’ This option is buried real deep:

Settings > General About Diagnostics & Usage

Here’s the screen you’re looking for:

Set this to Don’t Send and you can stop worrying about where your data is going and who’s looking at it.

Note that this feature is only present on handsets running iOS 5.0 or later (so the iPhone 4S and upgraded iPhone 4 and 3GS handsets.