找回密码
 注册
广告投放 虚位以待【阿里云】2核2G云新老同享 99元/年,续费同价做网站就用糖果主机-sugarhosts.comJtti.com-新加坡服务器,美国服务器,香港服务器
查看: 128|回复: 0

How to make a tcpip.sys patch without press F8

[复制链接]
发表于 2010 年 10 月 6 日 23:11:15 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?注册

×

本贴只为进阶用户演示如何为系统文件加数字签名。

菜鸟不用不要乱套用过程去做尝试!
How to make a tcpip.sys patch without press F8
A friend of mine asked me, how to make a Vista tcpip.sys File Patch not needing press F8 key.
This is not difficult, just sign tcpip.sys with a test signature.
More information about tcpip.sys File Patch, you can visit: TCP/IP Patcher Compare Technical Features.
http://deepxw.blogspot.com/2008/12/on-internet-there-are-all-kinds-of-tcp.html
Here is detail of patch tcpip.sys with test signature, perhaps these will help you.
1) All operation needs "Run as Administrator".
2) Set testsigning to on:
Bcdedit -set TESTSIGNING ON
All tcpip.sys File Patch must do this; otherwise, BSOD will occur after tcpip.sys has been modified.
After Testsigning on, "Test Mode" will dispaly in the 4 corners of desktop.
You can get rid of it through modify "user32.dll.mui". The string ID is 738 & 723.
3) Reboot, check if testsigning is on correctly. (This step is optional.)
You can check it by bcdedit, or check it in the registry.
4) Modify half open connection limited value in file "tcpip.sys".
First, make a temporary copy of tcpip.sys for modify.
You can disassemble tcpip.sys and get the limited offset.
In tcpip.sys, asm code like this:
NT5: mov     _ActiveOpenProgressThreshold, 0Ah
NT6: cmp     edx, 0Ah
NT5, you can set new value up to 0xFFFFFFFF.
NT6, new value is up to 0xFF! Only 1 byte available for use!
If you are a lazy guy, you can get these offset by the TCP-Z tool. In "patch" tab, you can get the limited offset.
Default, TCP-Z does not show the file offset.
But you can run tcpz.exe with argument: tcpz.exe -showoffset.
5) Re-Checksum tcpip.sys.
You can use setcsum.exe.
Or do it in your program by API CheckSumMappedFile().
6) Create a test certificate by the makecert.exe tool.
Makecert -r -pe -ss PrivateCertStore -n "CN=TcpipCert" tcpipcert.cer
7) Sign tcpip.sys with the signtool.exe.
signtool sign /a /s PrivateCertStore /n "TcpipCert" tcpip.sys
You can verify the signature of tcpip.sys:
signtool verify tcpip.sys
Because our signature is not a valid signature, so signtool will report "File not valid".
If returns "A certificate chain processed", it means the Test Signature is OK.
8) Now copy the temporary tcpip.sys to driver folder, overwrite the original tcpip.sys.
Before copy, takeown and icacls tcpip.sys is required.
9) All done, restart your computer to take effect!
(Reposted to other sites, please retain the original author information.)
Jgwy.Com - Free Web Hosting Guide & Directory In China since 2001! Jgwy.Net-Jglt.Net
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|金光论坛

GMT+8, 2025 年 2 月 2 日 21:53 , Processed in 0.026857 second(s), 19 queries .

Powered by Discuz! X3.5

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表