Add support for 10.0.10041.0

Author: binarymaster

res/rdpwrap.ini

@@ -2,7 +2,7 @@
 ; Do not modify without special knowledge
 
 [Main]
-Updated=2015-01-26
+Updated=2015-03-23
 LogFile=\rdpwrap.txt
 SLPolicyHookNT60=1
 SLPolicyHookNT61=1
@@ -1320,6 +1320,71 @@ SLInitHook.x64=1
 SLInitOffset.x64=24EC0
 SLInitFunc.x64=New_CSLQuery_Initialize
 
+[10.0.10041.0]
+; Patch CEnforcementCore::GetInstanceOfTSLicense
+; .text:100A9D7B          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SGJAAU_GUID@@PAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:100A9D80          test    eax, eax
+; .text:100A9D82          js      short loc_100A9D9F
+; .text:100A9D84          cmp     [ebp+var_C], 0
+; .text:100A9D88          jz      short loc_100A9D9F <- jmp
+LocalOnlyPatch.x86=1
+LocalOnlyOffset.x86=A9D88
+LocalOnlyCode.x86=jmpshort
+; .text:0000000180097133          call    ?IsLicenseTypeLocalOnly@CSLQuery@@SAJAEAU_GUID@@PEAH@Z ; CSLQuery::IsLicenseTypeLocalOnly(_GUID &,int *)
+; .text:0000000180097138          test    eax, eax
+; .text:000000018009713A          js      short loc_18009715B
+; .text:000000018009713C          cmp     [rsp+58h+arg_18], 0
+; .text:0000000180097141          jz      short loc_18009715B <- jmp
+LocalOnlyPatch.x64=1
+LocalOnlyOffset.x64=97141
+LocalOnlyCode.x64=jmpshort
+; Patch CSessionArbitrationHelper::IsSingleSessionPerUserEnabled
+; .text:10032211          lea     eax, [esp+150h+VersionInformation]
+; .text:10032215          inc     ebx            <- nop
+; .text:10032216          mov     [edi], ebx
+; .text:10032218          push    eax             ; lpVersionInformation
+; .text:10032219          call    ds:__imp__GetVersionExW@4 ; GetVersionExW(x)
+SingleUserPatch.x86=1
+SingleUserOffset.x86=32215
+SingleUserCode.x86=nop
+; .text:0000000180015C5E          call    memset_0
+; .text:0000000180015C63          mov     ebx, 1     <- 0
+; .text:0000000180015C68          mov     [rsp+190h+VersionInformation.dwOSVersionInfoSize], 11Ch
+; .text:0000000180015C70          lea     rcx, [rsp+190h+VersionInformation] ; lpVersionInformation
+; .text:0000000180015C75          mov     [rdi], ebx
+; .text:0000000180015C77          call    cs:__imp_GetVersionExW
+SingleUserPatch.x64=1
+SingleUserOffset.x64=15C64
+SingleUserCode.x64=Zero
+; Patch CDefPolicy::Query
+; Original
+; .text:1002DFC9          cmp     eax, [ecx+320h]
+; .text:1002DFCF          jz      loc_10056550
+; Changed
+; .text:1002DFC9          mov     eax, 100h
+; .text:1002DFCE          mov     [ecx+320h], eax
+; .text:1002DFD4          nop
+DefPolicyPatch.x86=1
+DefPolicyOffset.x86=2DFC9
+DefPolicyCode.x86=CDefPolicy_Query_eax_ecx
+; Original
+; .text:000000018000B795          cmp     [rcx+63Ch], eax
+; .text:000000018000B79B          jz      sub_18003A79A
+; Changed
+; .text:000000018000B795          mov     eax, 100h
+; .text:000000018000B79A          mov     [rcx+638h], eax
+; .text:000000018000B7A0          nop
+DefPolicyPatch.x64=1
+DefPolicyOffset.x64=B795
+DefPolicyCode.x64=CDefPolicy_Query_eax_rcx
+; Hook CSLQuery::Initialize
+SLInitHook.x86=1
+SLInitOffset.x86=46960
+SLInitFunc.x86=New_CSLQuery_Initialize
+SLInitHook.x64=1
+SLInitOffset.x64=22E40
+SLInitFunc.x64=New_CSLQuery_Initialize
+
 [SLInit]
 bServerSku=1
 bRemoteConnAllowed=1
@@ -1481,3 +1546,22 @@ bMultimonAllowed.x64  =EEC00
 bServerSku.x64        =EEC04
 ulMaxDebugSessions.x64=EEC08
 bRemoteConnAllowed.x64=EEC0C
+
+[10.0.10041.0-SLInit]
+bFUSEnabled.x86       =C5F60
+lMaxUserSessions.x86  =C5F64
+bAppServerAllowed.x86 =C5F68
+bInitialized.x86      =C5F6C
+bMultimonAllowed.x86  =C5F70
+bServerSku.x86        =C5F74
+ulMaxDebugSessions.x86=C5F78
+bRemoteConnAllowed.x86=C5F7C
+
+bFUSEnabled.x64       =F3448
+lMaxUserSessions.x64  =F344C
+bAppServerAllowed.x64 =F3450
+bInitialized.x64      =F3454
+bMultimonAllowed.x64  =F3458
+bServerSku.x64        =F345C
+ulMaxDebugSessions.x64=F3460
+bRemoteConnAllowed.x64=F3464

technical.txt

@@ -56,25 +56,29 @@ Terminal Services supported versions
 6.4.9860.0     (Windows 10 Technical Preview UP1)      [init hook + extended patch]
 6.4.9879.0     (Windows 10 Technical Preview UP2)      [init hook + extended patch]
 10.0.9926.0    (Windows 10 Pro Technical Preview)      [init hook + extended patch]
-10.0.10041.0   (Windows 10 Pro Technical Preview UP1)  [!todo]
+10.0.10041.0   (Windows 10 Pro Technical Preview UP1)  [init hook + extended patch]
 
 Known failures
 6.0.6000.16386 (Windows Vista RTM x86, crashes on logon attempt)
 
 Source code changelog (rdpwrap library):
 
+2015.03.23 :
+- researching Windows 10 Pro Technical Preview UP1
+- added support for termsrv.dll 10.0.10041.0
+
 2015.03.20 :
-- New build 10.0.10041.0 was released, obtaining files...
+- new build 10.0.10041.0 was released, obtaining files...
 
 2015.01.26 :
-- Researching Windows 10 Pro Technical Preview (10.0.9926.0 x86)
+- researching Windows 10 Pro Technical Preview (10.0.9926.0 x86)
 - added support for termsrv.dll 10.0.9926.0 (x86)
 
 2015.01.22 :
 - v-yadli contributed offsets for version 10.0.9926.0 (x64)
 
 2014.12.13 :
-- Added more policy values to INI file
+- added more policy values to INI file
 
 2014.12.10 :
 - C++ version seems to work well now!