OPENGATES README FILE VERSION 0.2.1 Table of contents 0.0 Author and license stuff 1.0 What is OpenGates? - A short description 2.0 A deeper view of things 2.1 Enabling legacy IDE support 2.2 Resetting user account passwords 2.3 Removing probably annoying drivers 2.4 Determining used HAL 2.5 AntiWPA 3.0 How to compile OpenGates 4.0 OpenGates usage instructions 5.0 Adding OpenGates to BartPE 6.0 Bugs 0.0 Author and license stuff OpenGates Copyright (c) 2009 by Gillen Daniel This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . 1.0 What is OpenGates? - A short description OpenGates is a small tool written in C that will "open" the hardware limitation "gates" of Windows installations. All current Windows versions (up to and including Windows 7) are too stupid to boot after the hardware to which the root disk is connected to has changed. This happens for example if you try to boot a raw copy of a Windows installation in a virtual machine like VirtualBox or VMWare or if you try to use your old Windows installation on a new PC. You will certainly end up with a BSOD telling you Windows can't access his boot device (Error code 0x0000007B). It should be possible to solve this by recovering Windows using the original installation medium but as one does not always has it, I wrote OpenGates. It will enable Windows's legacy IDE drivers so Windows is able to access his boot device again. In addition, OpenGates can also remove installed Windows drivers that could cause problems, reset account passwords, determine used HAL and copy AntiWPA to disk so you aren't required to activate Windows again. 2.0 A deeper view of things 2.1 Enabling legacy IDE support This is a rather tricky task OpenGates has to perform as it isn't documented anywhere by Microsoft. Luckily, the german computer magazine C't did some research on this. They published a reg file that can be applied to the current registry in order to be able to port that Windows installation to another computer afterwards. OpenGates dynamically generates a simillar file that will be applied to an offline Windows registry hive. 2.2 Resetting user account passwords An even trickier task than the legacy IDE support consists in blanking Windows user accounts. Fortunately, a tool called pwdump exists whose source was extremely helpful in figuring out how to achieve this task. If you want to know how it works, check the source code as it is far to complex to explain here. 2.3 Removing probably annoying drivers This is mainly needed when you want to boot your Windows installation in VirtualBox. VirtualBox's HOWTO on migrating existing Windows installations to VirtualBox (http://www.virtualbox.org/wiki/Migrate_Windows) states that there are some drivers that will cause a system freeze. Therefore OpenGates allows you to delete those. 2.4 Determining used HAL (Hardware Abstraction Layer) Microsoft's HAL is a big problem when migrating to new hardware. When installing Windows, it chooses the HAL to be used depending on the current hardware and it can only be changed by doing a repair install. Luckily, it is possible to determine which HAL was choosen by checking the internal name of the file Hal.dll. OpenGates will determine the used version and inform you about how to configure VirtualBox to be able to boot Windows. If you aren't migrating Windows to a virtual machine, you probably have to do a repair install to fix this. 2.5 AntiWPA After massive hardware changes, some Windows versions need to be reactivated before you are able to use them again. But as this is not always possible, I added an option to OpenGates to copy AntiWPA to the root disk. After installation, AntiWPA hooks into some of winlogon.exe's function calls simulating an activated copy of Windows. AntiWPA should only be used to analyse Windows installations. If you're migrating your old Windows installation to your new PC, please consider reactivating it! To enable AntiWPA, you have to boot into safe mode, log in as administrator and run the command "%SystemDrive%\AntiWPA\AntiWPA3.cmd". Warning: Most antivirus softwares aren't really amused about the presence of AntiWPA and especially my packaged version of it. See http://www.virustotal.com/analisis/528879cc929bfd6527fd09b217849e29 for a list of possible alerts. I just repackaged the original version (http://antiwpa11.tk) to include all files in a subfolder named AntiWPA and made a selfextracting zip archive out of it using Info-ZIP (http://www.info-zip.org/). But to be sure, you should perhaps grep the source of AntiWPA, analyse it and compile your own dll's ;) Warning: The use of AntiWPA or even the posession of it may be illegal in your country! If you're not working for a law enforcement agency or if in doubt, consider deleting the file AntiWPA.exe and not using this feature of OpenGates. 3.0 How to compile OpenGates Compiling OpenGates should be a rather easy task. Just grab a copy of MinGW (http://www.mingw.org/) and install it. Extract the OpenGates source archive, cd to the newly created folder and run $ gcc -o opengates.exe pwdump_lib.c opengates.c -lversion 4.0 OpenGates usage instructions As OpenGates only allows you to patch offline Windows installations (You won't be able to patch a currently running Windows installation), you have to attach your Windows installation somehow to a second Windows installation. The easiest way to achieve this is using a BartPE boot disk including OpenGates. Other possibilities are to attach the root disk to another PC or installing a second copy of Windows to it. OpenGates itself should be pretty self explaining. As a hint, all prompts include a default answer in brackets (for ex. [y]) that can be activated by simply pressing the return key. 5.0 Adding OpenGates to BartPE This is the easiest way of using OpenGates. Just follow these steps to build your own customized BartPE including OpenGates: * Download PE Builder from "http://nu2.nu/pebuilder/#download" * Get a Windows XP installation disk * Install PE Builder to "C:\pebuilder" * After installation, open the folder "C:\pebuilder\plugin" in file explorer * Extract the file opengates-X.Y.Z-bartpe.zip to this folder (Replace X.Y.Z with the current OpenGates version number). This will create a subfolder named OpenGates. * Now start BartPE and specify the path to your Windows installation files (Drive containing the Windows XP installation CD) under Builder -> Source * Make sure you are building an ISO image (Media output -> Create ISO image) * Click on "Plugins" * Make sure the plugin list contains OpenGates and it is enabled. OpenGates depends on the Startup Group plugin, so make sure this plugin is present and enabled too. If you want to build a really minimalistic BartPE to only run OpenGates, I would recommend enabling the following plugins and disabling all others: - A43 File Management Utility - Boot Fix - Customize - Keyboard Layout - Nu2Menu - Nu2Shell - OpenGates - RAMDisk - Serial Mouse - Startup Group * Close the plugin window and click on "Build" You should now have a BartPE ISO image containing OpenGates. Just use this ISO to boot and follow OpenGates's onscreen instructions. 6.0 Bugs As OpenGates uses highly experimental and undocumented techniques and I can't test them with every possible software combination, you may encounter bugs. If so, please take the time to report them to EOF