Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like


3,211 views
Beta ReleasePart 1Part 2  

This is part 3 of the TSAdminEx Features series. Today I will discuss the Process View. As usual we will start by comparing TSAdmin to TSAdminEx again. So let’s look at TSAdmin Process View:

TSAdminProcess

And the one from TSAdminEx:

TSAdminExProcessView

Read the rest of this entry »

2,231 views

Part1

Now that a TSAdminEx beta is ready I will be showing you some features. In this part I will show the Sessions View.

Let’s start again with a compare of TSAdmin and TSAdminEx:

TSAdminSessionView

TSAdminExSessionView

As you can see TSAdminEx shows more details, it shows the following extra columns:

Read the rest of this entry »

4,871 views

Part 2

Now that a TSAdminEx beta is ready I will be showing you some features. In this part 1 I will be comparing the Users view to TSAdmin.

Let’s start TSAdmin, this tool is present by default on Windows 2003. If you use Windows XP or Windows Vista you can get it by installing the Administration Pack. Please note that TSAdmin does not work on Vista RTM due to a bug that was corrected in Vista SP1 (TSAdminEx works fine on both RTM as well as SP1)

TSAdmin1

Now let’s open TSAdminEx and start comparing…

TSAdminEx1

Read the rest of this entry »

8,752 views

Over the last months I have been working hard on TSAdminEx and now, finally, I can now present a first beta release.

If you don’t know what TSAdminEx is let me briefly introduce it. TSAdminEx is a tool that combines functionality of several existing tools: it has the power of task manager combined with the details of Process Explorer and the Terminal Server support of TSAdmin. On top of that it fully supports remote systems out of the box without installing any agents or services. It also has some unique features that neither of the mentioned tools can do!

Several new features have been implemented since the last time I talked about TSAdminEx and I will show you the most exciting ones here:

Read the rest of this entry »

2,905 views

In part 1 I showed how to create and open objects in Terminal Server Sessions. However, these are not all of the possible places where you can place objects via documented kernel32.dll functions.

If we look into Winobj again, we notice, that every BaseNamedObjects directory has a subdirectory named Restricted. To be honest, I do not know why it’s created; it’s security allows object creation for LocalSystem and RESTRICTED special user (in windows 2000, Everyone can also create objects in it). So, we can use it as prefix for object creation, for example, Restricted\MyAppEvent: RestrictedObject

Of course, you can still use Global, Local, or Session links Read the rest of this entry »

10,174 views

As you know, many kernel32.dll functions, which are working with named objects, like OpenEvent, can be used to work with global and local objects. So what are global and local objects? Global objects are created in session 0 and are actually located in the \BaseNamedObjects directory, while local objects are created in the caller’s session (for example in the \Sessions\5\BaseNamedObjects directory (for session 0, global and local has no meaning since they point to the same object)). MSDN says that you can access only the objects in your own session(via the Local\ prefix) and in session 0 (via the Global\ prefix). But what if you need to access an object in another session? Read the rest of this entry »

15,538 views

In part 1 I’ve showed how to get rid of some terminal server restrictions on Windows xp x64. But there are still some problems:

1) You cannot connect to the localhost (127.0.0.1) (but can to 127.a.b.c, where a,b,c in [0..255] (except 127.0.0.0 and 127.255.255.255)).

When you’re connecting to remote server, Remote Desktop Connection (mstsc.exe) checks through mtscax.dll that you’re connecting to your own address, connections are only allowed and you’re in the server mode. If this is not true, the connection is denied, usually with this message: ConsoleFailed. The logic of checking is the same: call gethostbyname for server name and check if it’s not equal to 127.0.0.1. Read the rest of this entry »

2,098 views

This content is password protected. To view it please enter your password below:

  • Enter your password to view comments.
  • Filed under: Uncategorized
  • 10,660 views

    In part 1 I showed how winlogon.exe registers its process and main window handle.

    In the SasCreate function, winlogon.exe registers hotkeys like this:

    Did you notice the MOD_SAS constant? Read the rest of this entry »

    116,261 views

    Windows XP X64 shares the same binaries with Windows 2003 X64, but Terminal Server has some restrictions on XP. This article shows you how to get rid of them and is based on cw2k ideas from the original Windows XP Terminal Server patch.

    Version 1.1 contains bug#1 fix and is smaller (less bytes are changed).

    1) Winlogon.exe contains a function, called EnumerateMatchingUsers which in turn calls IsProfessionalTerminalServer function. We need to patch this function to return zero (false):

    .text:0000000100042F77 IsProfessionalTerminalServer proc near ; CODE XREF: EnumerateMatchingUsers:loc_10002B44Bp
    .text:0000000100042F77
    ; DATA XREF: .pdata:00000001000D01DCo …
    .text:0000000100042F77

    .text:0000000100042F77
    VersionInformation= _OSVERSIONINFOW ptr -138h
    .text:0000000100042F77
    var_20 = word ptr -20h
    .text:0000000100042F77
    var_ 1E = byte ptr -1Eh
    .text:0000000100042F77
    var_18 = qword ptr -18h
    .text:0000000100042F77

    .text:0000000100042F77 48 81 EC 58 01 00 00 sub rsp, 158h => 31 C0 C3 xor eax, eax; retn
    .text:0000000100042F7E 48 8B 05 F3 3A 08 00 mov rax, cs:__security_cookie
    .text:0000000100042F85 48 89 84 24 40 01 00 00 mov [rsp+158h+var_18], rax
    .text:0000000100042F8D 48 8D 4C 24 20 lea rcx, [rsp+158h+VersionInformation] ; void *
    .text:0000000100042F92 33 D2 xor edx, edx ; int

    Read the rest of this entry »

    Blogroll


    Categories


    Archives