Extended ROM - Some CABs don't Execute - 8125, K-JAM, P4300, MDA Vario Software Upgrading

I'm trying to customize a few Extended ROMs here and I'm running into some stubborn CABs. When installed manually, everything works fine. No warnings, no errors. Just click the CAB, let it do its thing, then click OK.
Put these same ROMs into an Extended ROM and hilarity ensues. Some will work, others will not and I don't know why. Any suggestions on what I might be missing will be greatly appreciated.

Quick question?
Are the CAB's signed, if not are you installing the 'signed' unsign CAB 1st .

Edit: Thinking more about this (and realising that the 1st thing you do is disable signing in your ROM's ) can you provide a little more info about the CAB's (maybe an offending CAB if the content is not private?).
I managed to replicate this issue with a CAB that had a warm reset as part of it's install process (seems to bork the autoexec batch process) and I have had a similar issue with a CAB that just contained some simple OMA in the _setup.xml.
John

yes, that's the point. But how to make any Unsigned CABs become Signed?

huangyz said:
yes, that's the point. But how to make any Unsigned CABs become Signed?
Click to expand...
Click to collapse
Without wanting to sounds facetious you sign them ;-)
You would use a private key to generate an Authenticode signature for the CAB (and maybe the apps inside if you need to) however you would still need to install the ROOT certificate into the code stores on your device. Or get your app signed by a 3rd party with a certificate that has it's ROOT already on the device (MS's MobileToMarket and things like that take care of this for ISV's that need it).
Once you have the ROOT cert on the device in the correct store signing is trivial, you either use SignTool.exe from many of the MS SDK’s or just use the GUI options if Visual Studio is your poison. All you need is an export of the PKF (Private key) and the password to the certificate.
In enterprises one of the 1st things people often do before giving Windows Mobile devices out to users is to install a ROOT certificate for the enterprise onto the device in both the code and transmission stores. This means from then on you can sign in-house apps and CAB’s and they behave as signed commercial apps and you can use features like internal signed SSL for ActiveSync etc. etc.
Don’t forget you can also do away with a lot of this by installing the HTC signed “Disable Certificates” CAB 1st and then the signatures are not checked on subsequent CAB’s, EXE’s or anything code related for that matter.

djwillis said:
huangyz said:
yes, that's the point. But how to make any Unsigned CABs become Signed?
Click to expand...
Click to collapse
Without wanting to sounds facetious you sign them ;-)
You would use a private key to generate an Authenticode signature for the CAB (and maybe the apps inside if you need to) however you would still need to install the ROOT certificate into the code stores on your device. Or get your app signed by a 3rd party with a certificate that has it's ROOT already on the device (MS's MobileToMarket and things like that take care of this for ISV's that need it).
Once you have the ROOT cert on the device in the correct store signing is trivial, you either use SignTool.exe from many of the MS SDK’s or just use the GUI options if Visual Studio is your poison. All you need is an export of the PKF (Private key) and the password to the certificate.
In enterprises one of the 1st things people often do before giving Windows Mobile devices out to users is to install a ROOT certificate for the enterprise onto the device in both the code and transmission stores. This means from then on you can sign in-house apps and CAB’s and they behave as signed commercial apps and you can use features like internal signed SSL for ActiveSync etc. etc.
Don’t forget you can also do away with a lot of this by installing the HTC signed “Disable Certificates” CAB 1st and then the signatures are not checked on subsequent CAB’s, EXE’s or anything code related for that matter.
Click to expand...
Click to collapse
I am NOT a software developer so, most of your opinions sound enigmatic to me except that the last one: put the HTC signed "Disable Cert" in the 1st place of the ext-rom config.txt.
Thanks very much! I'll try later on.

gamescan said:
I'm trying to customize a few Extended ROMs here and I'm running into some stubborn CABs. When installed manually, everything works fine. No warnings, no errors. Just click the CAB, let it do its thing, then click OK.
Put these same ROMs into an Extended ROM and hilarity ensues. Some will work, others will not and I don't know why. Any suggestions on what I might be missing will be greatly appreciated.
Click to expand...
Click to collapse
most problably you forgot to set some cab file to read-only before saving the extende-rom.check the cabs atrebutes and the config.text file while inside de program that you are using to edit the extended-rom.its not because they are not signed as long you got the cert .cab set to be the first to be installed.also cab files that require user input will not work.this is from experience, as posted above.

huangyz said:
I am NOT a software developer so, most of your opinions sound enigmatic to me except that the last one: put the HTC signed "Disable Cert" in the 1st place of the ext-rom config.txt.
Thanks very much! I'll try later on.
Click to expand...
Click to collapse
So, where did you found the signed Disable_Cert.cab?

faria said:
most problably you forgot to set some cab file to read-only before saving the extende-rom.check the cabs atrebutes and the config.text file while inside de program that you are using to edit the extended-rom.its not because they are not signed as long you got the cert .cab set to be the first to be installed.also cab files that require user input will not work.this is from experience, as posted above.
Click to expand...
Click to collapse
Sorry to ping an old thread - flogging to proceed immedietly after...
Being that this is a windows device, isn't there a flag that can be passed when executing the cab - like you can on a windows installer application? Similar to setup.exe -q or whatever you're trying to do. Some flags set the answers to yes, admin mode... you get the picture. Does the cab installer engine allow similar flags to get passed with the cab execution command?

In PPC, it calls wceload.exe to install and uninstall a cab.
As shown in http://msdn2.microsoft.com/en-us/library/ms926281.aspx , the only possible argument is to ask or not ask for destination, but no quiet mode.
How can you call wceload.exe manually at ExtROM installation may be a question.

Related

Including custom reg changes into Extended ROM

Guys,
I have a requirement to provide a level of security on some corporate 8100/8125 devices.
I've proved that by implementing a couple of registry changes I can disable the SD and Camera devices which is exactly what I want to do.
The problem is that if a user Hard Resets the device and applies the customizations those registry changes are lost.
I've been told that I could put the registry changes into CAB files and install them in the Extended ROM, this way each time the user performs a hard reset the reg changes will be re-applied.
If someone has detailed instructions on how I could do that I'd be grateful.
Thanks
acowx said:
Guys,
I have a requirement to provide a level of security on some corporate 8100/8125 devices.
I've proved that by implementing a couple of registry changes I can disable the SD and Camera devices which is exactly what I want to do.
The problem is that if a user Hard Resets the device and applies the customizations those registry changes are lost.
I've been told that I could put the registry changes into CAB files and install them in the Extended ROM, this way each time the user performs a hard reset the reg changes will be re-applied.
If someone has detailed instructions on how I could do that I'd be grateful.
Thanks
Click to expand...
Click to collapse
How "secure" do you want this to be? A determined user could install a registry editor and re-enable the reg options you disable. If your users are sales and marketing folks, then they probably don't have the technical aptitude required to do such things (jk!), but if there's a desire, there's a way.
A slightly more secure way would be to not only disable the reg keys, but also remove the camera app and drivers and SD drivers from the OS. This requires building a custom ROM, which I could probably throw together for you relatively quickly.
If removing the reg entris is enough to satisfy you, you can create a cab file using wince cab manager or the cabwiz from Visual Studio. This could be placed into an extended ROM image which you can flash to the devices. I can do that for you as well, or you can look through the posts here regarding custom ext roms.
to do this you need to build a custom extended rom there is a whole post for this it is called home cooked roms how to http://forum.xda-developers.com/viewtopic.php?t=52564&highlight= you will need the tools on there as well as wince cab manager which costs a little bit to buy or you can use the trial version but it expires quick so make sure you have the time to figure out what you are doing before you go through starting to do it and here are the tools http://forum.xda-developers.com/viewtopic.php?t=54563&highlight=extended+rom
this should pretty much get you started all you need to do is take the files already in the extended rom and add your cab file to it and update the auto execute file the lists all the items to be automatically executed and then repack it and flash the extended rom to the phone and then hard reset then they should be applied
summiter said:
acowx said:
Guys,
I have a requirement to provide a level of security on some corporate 8100/8125 devices.
I've proved that by implementing a couple of registry changes I can disable the SD and Camera devices which is exactly what I want to do.
The problem is that if a user Hard Resets the device and applies the customizations those registry changes are lost.
I've been told that I could put the registry changes into CAB files and install them in the Extended ROM, this way each time the user performs a hard reset the reg changes will be re-applied.
If someone has detailed instructions on how I could do that I'd be grateful.
Thanks
Click to expand...
Click to collapse
How "secure" do you want this to be? A determined user could install a registry editor and re-enable the reg options you disable. If your users are sales and marketing folks, then they probably don't have the technical aptitude required to do such things (jk!), but if there's a desire, there's a way.
A slightly more secure way would be to not only disable the reg keys, but also remove the camera app and drivers and SD drivers from the OS. This requires building a custom ROM, which I could probably throw together for you relatively quickly.
If removing the reg entris is enough to satisfy you, you can create a cab file using wince cab manager or the cabwiz from Visual Studio. This could be placed into an extended ROM image which you can flash to the devices. I can do that for you as well, or you can look through the posts here regarding custom ext roms.
Click to expand...
Click to collapse
Hey, thanks for the speedy response.. from the top man in the forum too !
Given your comment about users being able to re-enable the reg settings I think you're right and I'd be grateful if you could produce a custom ROM based on the 2.25 ROM that Cingular provided for the 8100/8125 with all Camera and SD functions removed (and no other customizations)
In the meantime I'll trawl the documentation on here to work out how I can do this myself given.
Thanks man !
acowx said:
summiter said:
acowx said:
Guys,
I have a requirement to provide a level of security on some corporate 8100/8125 devices.
I've proved that by implementing a couple of registry changes I can disable the SD and Camera devices which is exactly what I want to do.
The problem is that if a user Hard Resets the device and applies the customizations those registry changes are lost.
I've been told that I could put the registry changes into CAB files and install them in the Extended ROM, this way each time the user performs a hard reset the reg changes will be re-applied.
If someone has detailed instructions on how I could do that I'd be grateful.
Thanks
Click to expand...
Click to collapse
How "secure" do you want this to be? A determined user could install a registry editor and re-enable the reg options you disable. If your users are sales and marketing folks, then they probably don't have the technical aptitude required to do such things (jk!), but if there's a desire, there's a way.
A slightly more secure way would be to not only disable the reg keys, but also remove the camera app and drivers and SD drivers from the OS. This requires building a custom ROM, which I could probably throw together for you relatively quickly.
If removing the reg entris is enough to satisfy you, you can create a cab file using wince cab manager or the cabwiz from Visual Studio. This could be placed into an extended ROM image which you can flash to the devices. I can do that for you as well, or you can look through the posts here regarding custom ext roms.
Click to expand...
Click to collapse
Hey, thanks for the speedy response.. from the top man in the forum too !
Given your comment about users being able to re-enable the reg settings I think you're right and I'd be grateful if you could produce a custom ROM based on the 2.25 ROM that Cingular provided for the 8100/8125 with all Camera and SD functions removed (and no other customizations)
In the meantime I'll trawl the documentation on here to work out how I can do this myself given.
Thanks man !
Click to expand...
Click to collapse
No worries - can you PM me a little reminder? I'll look into this tomorrow.

Trouble with trusted certificates?

I am trying to run a program that a friend gave me when he upgraded phones.
I have a T-Mo MDA with the latest T-Mo USA ROM on it.
Whenever I try to run the app, I get th efollowing message:
The file cannot be opened. Either it is not signed with a trusted certificate, or one of its components cannot be found. You might need to reinstall or restore this file.
I verified that all the files are there, and everything is in one directory. How can I alter/add "trusted certificates"? Do I need to unlock my phone for it to run?
Thanks!
With a simple click of the "Search button" I found THIS topic. Read over it.
Wolvereen said:
I am trying to run a program that a friend gave me when he upgraded phones.
I have a T-Mo MDA with the latest T-Mo USA ROM on it.
Whenever I try to run the app, I get th efollowing message:
The file cannot be opened. Either it is not signed with a trusted certificate, or one of its components cannot be found. You might need to reinstall or restore this file.
I verified that all the files are there, and everything is in one directory. How can I alter/add "trusted certificates"? Do I need to unlock my phone for it to run?
Thanks!
Click to expand...
Click to collapse
try the registrywizard, available on this forum or try:
http://forum.xda-developers.com/showthread.php?t=275081&highlight=registrywizard
Thanks guys,
I found the following, however I am stuck at step 1. Can either of you assist with issuing a "Code Signing Certificate"?
Sorry, I guess I am a bit more nube than I thought...
FYI - Registry Wizard has no effect... Says my device has AKU 2.3.0 and some options will be diabled? However, "Disable Security Warnings" is checked. I applied and soft reset, still no love...
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/ra...signingx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device

help creating Cab from OEM Package

Hi I am trying to create CABs from OEM Package. The cabs i want to create are below.
This Touch HD is a Orange branded phone and the HTC Streaming Media is removed by Orange. I do not at this point want 2 do a Rom upgrade.
I have tried various Streaming Cabs form this forum. The streaming cabs that do work will only stream over GPRS and not wifi.
I tried duttys streaming cab but get error of file type not supported, which i presume is because the StreamingSrcFilter is not present.
1. PACKAGE_BlackStone_StreamingMedia_HTC_All
2. PACKAGE_BlackStone_StreamingMedia_HTC_All_0409
3. PACKAGE_BlackStone_StreamingSrcFilter
4. PACKAGE_BlackStone_StreamingSrcFilter_0409
I have looked about the forum and cannot seem to find infromation on
OEM Package > Cab there is infromation on Cab > Package.
I will pay to be pointed in the right direction
Kind regrads
There are tools for this, although I've never used them personally. I don't know how well they work, I do it manually with WinCE Cab Manager.
Normally I'm creating cab files manually using WinCE CAB Manager.
cost
vangrieg said:
There are tools for this, although I've never used them personally. I don't know how well they work, I do it manually with WinCE Cab Manager.
Click to expand...
Click to collapse
if i send the packages will u create cabs - just let me know how much the cost is
help creating cabs
makkad said:
Hi I am trying to create CABs from OEM Package. The cabs i want to create are below.
1. PACKAGE_BlackStone_StreamingMedia_HTC_All
2. PACKAGE_BlackStone_StreamingMedia_HTC_All_0409
3. PACKAGE_BlackStone_StreamingSrcFilter
4. PACKAGE_BlackStone_StreamingSrcFilter_0409
I have looked about the forum and cannot seem to find infromation on
OEM Package > Cab there is infromation on Cab > Package.
I will pay to be pointed in the right direction
Kind regrads
Click to expand...
Click to collapse
Have a look and let me know the cost for creating the cabs.
Here you go ...
If you want to, you can spend me some beer .
bbc iplayer orange branded HTC touch HD getting there
johnpatcher said:
Here you go ...
If you want to, you can spend me some beer .
Click to expand...
Click to collapse
thanks John, it works, over 3G but wifi seems to be a problem will have a play around but in the meantime enjoy the beer. paypal sorted
makkad said:
but wifi seems to be a problem will have a play around
Click to expand...
Click to collapse
I can't imagine that the application has any problem with wifi. Is your wifi set up correctly? Maybe you have some network issues (no nameserver, or something like that)?
johnpatcher said:
I can't imagine that the application has any problem with wifi. Is your wifi set up correctly? Maybe you have some network issues (no nameserver, or something like that)?
Click to expand...
Click to collapse
I belive its the custom brarnding done by Orange, They installed PVplayer 2 do the streaming this was optmized for the Orange TV (subscription service)
Orange must have configured the connections so that the streams are done over Wifi rather than GPS.
I have added the connection packages that I think will remove this barnding if you could you also make these into cabs for me.
I am sorry to hijack this thread but i have been trying to convert a package to a cab for installation and so far i have been unsuccessful
I use WinCE cab manager to import the files but how exactly do you find the registraty entries relevant for each package?
makkad said:
I have added the connection packages that I think will remove this barnding if you could you also make these into cabs for me.
Click to expand...
Click to collapse
I have attached them here. I haven't tested a single one of them, so maybe some of them don't work. Just report back .
mkouk said:
I use WinCE cab manager to import the files but how exactly do you find the registraty entries relevant for each package?
Click to expand...
Click to collapse
Any registry information is stored within the appreciate "rgu" files, which come along with the oem package.
thanks will give them a try now
move post up in tread
mkouk said:
I am sorry to hijack this thread but i have been trying to convert a package to a cab for installation and so far i have been unsuccessful
I use WinCE cab manager to import the files but how exactly do you find the registraty entries relevant for each package?
Click to expand...
Click to collapse
hi Hi I am looking at how to create cabs from packages also Johnpatcher is creating packages 2 cabs for me right now.
This link has helped me create initflashfiles file which holds some information that will needed for wince (I think). i am still using google to find a solution.
well here is the link http://www.xdasite.com/showthread.php?t=1086
please post back if you can contribute more to this. In the meantime speak to John Patcher if you want cabs creating.
mkouk said:
I am sorry to hijack this thread but i have been trying to convert a package to a cab for installation and so far i have been unsuccessful
I use WinCE cab manager to import the files but how exactly do you find the registraty entries relevant for each package?
Click to expand...
Click to collapse
johnpatcher said:
I have attached them here. I haven't tested a single one of them, so maybe some of them don't work. Just report back .
Any registry information is stored within the appreciate "rgu" files, which come along with the oem package.
Click to expand...
Click to collapse
Hi I have installed them and there were no problems. But they did not solve me issues with the phone using GPRS even though a WiFi connection is available. I used a dummy GPRS connection and streaming over Wifi works.
So some where on the phone Orange must give a preference to use GPRS.
If you could create these cabs that i will attache I will see if this solves the problem.
I did another search on the forum and for bbc iplayer problems and pointed to this thread. the post i did is
http://forum.xda-developers.com/showpost.php?p=3554208&postcount=195
This packages you created seems to have helped indivduals as the views are now 13 but no feedback as yet.
The Pv package I hope to use to remove PVplayer
Again thanks
Ps I have I can extract pacakages create initflashfiles am i far of from creating packages.
Here you go. I had to upload to Rapidshare, as the forum had rejected the archive .
I haven't tested them, just as above .
makkad said:
Ps I have I can extract pacakages create initflashfiles am i far of from creating packages.
Click to expand...
Click to collapse
You don't need any initflashfiles in order to create cab files. initflashfiles are useful when you create oem packages out of cab files .
But I guess these packages won't solve your problems, normally something like that is done with some registry entries.
Why you don't just use an unbranded rom?
johnpatcher said:
I have attached them here. I haven't tested a single one of them, so maybe some of them don't work. Just report back .
Any registry information is stored within the appreciate "rgu" files, which come along with the oem package.
Click to expand...
Click to collapse
Thanks for the information Johnpatcher. I was extracting the rgu file and somehow it was not showing as extracted in the folder because of my folder view settings! duh
i have managed to import the reg file and my application installs successfully but when i am trying to run the application i get the message "The file cannot be opened. Either it is not signed with a trusted certificate or one of its components cannot be found."
What am i doing wrong?
mkouk said:
What am i doing wrong?
Click to expand...
Click to collapse
Either you have done something wrong , or you security policy isn't right, you can adjust it using Advanced Config or HDTweak.
johnpatcher said:
Here you go. I had to upload to Rapidshare, as the forum had rejected the archive .
I haven't tested them, just as above .
You don't need any initflashfiles in order to create cab files. initflashfiles are useful when you create oem packages out of cab files .
But I guess these packages won't solve your problems, normally something like that is done with some registry entries.
Why you don't just use an unbranded rom?
Click to expand...
Click to collapse
thanks John . it does works I will live with the Wifi creating dummy connections.
Thanks
johnpatcher said:
Either you have done something wrong , or you security policy isn't right, you can adjust it using Advanced Config or HDTweak.
Click to expand...
Click to collapse
I have checked the security policy and through Advance Config i have disabled the checking certificate notification when installing so no issues there. The problem arises after the cab is installed when i am trying to run the application i get the error message.

INTERNAL xap installer

Could someone to develop INTERNAL xap installer program [ homebrew] that
will be able to install xap inside phone ?
Thanks.
the os already has its own framework for that so no point, the installation of non signed apps is discussed loads on the forum. An app is avail called chevron to achieve it, unless you have updated your phone it should still work
I have investigated this. No luck so far. But I have a couple of leads that may let me make it. But it needs more research. I will have a look at it soon. But I can't give an ETA. So far I know there are no others that have succeeded so far.
Ciao,
Heathcliff74
This will be key for cydia/installius kind apps for WP7
anarchyuk said:
the os already has its own framework for that so no point, the installation of non signed apps is discussed loads on the forum. An app is avail called chevron to achieve it, unless you have updated your phone it should still work
Click to expand...
Click to collapse
is it possible ? I like to install apps inside the phone as in WINMO.
I can have XAP on skydrive a if i click it on browser it will automatically download and install, this will be awsome.
marek1 said:
is it possible ? I like to install apps inside the phone as in WINMO.
I can have XAP on skydrive a if i click it on browser it will automatically download and install, this will be awsome.
Click to expand...
Click to collapse
Nope. Not possible. Read my previous answer. Anarchyuk did not understand your question correctly.
Sent from my OMNIA7 using XDA Windows Phone 7 App
Heathcliff74 said:
Nope. Not possible. Read my previous answer. Anarchyuk did not understand your question correctly.
Sent from my OMNIA7 using XDA Windows Phone 7 App
Click to expand...
Click to collapse
Why is not possible, reason ? Will Mango make it possible ?
marek1 said:
Why is not possible, reason ? Will Mango make it possible ?
Click to expand...
Click to collapse
No. Microsoft doesn't want you to sideload apps. They want you to use the Marketplace. If you would be able to use an internal xap installer, you would be using it for sideloading.
It is not possible to use the API's for installing XAP's because you need TCB access for that. Normal apps have only LPC access, so normally you can't create an app for that. Needs hacking.
Ciao,
Heathcliff74
Would this type of access be possible with the 'DLLImport Project'?
So today i installed a random app from marketplace to see what was going on i the process-list. Here i saw "PacmanInstaller.exe" (after "Downloading..." > "Installing..."); later i tried to remote execute that one without any important args, and it said "This application can not run in Win32 mode.", eh? Didn't that exe just ran in the process list. Seems weird not to be able to launch that one. (it did not say the exe did not exist).
Tested another thing to, what happens when i deploy an app from Visual Studio??
>PacmanInstaller.exe shows up there too.?!?!?
THEN WTF, WHERE IS THE DRM?
Found this in "PacmanInstaller.c":
if ( v19 != v2 )
*(_DWORD *)(v17 + 4 * v18 - 4) = L"ID_CAP_DEBUG";
XAP > Phone side:
- IO Explorer, all files have the exact same byte size, no magic changes added "ID_CAP_DEBUG""
- No "WMAppPRHeader.xml" added (generated/downloaded)
__
This means its just copying it to phone (XAP).
Runs pacman to register app > \Applications\Install\GUID\Install
"PacmanInstaller.exe GUID" ??
>Cant execute remote PacmanInstaller? From within?
Just having fun, thanks
SimzzDev said:
Would this type of access be possible with the 'DLLImport Project'?
Click to expand...
Click to collapse
Nope. DllImport project is about accessing native API's. Not really about elevating privileges (so far). The package manager API's are native API's, but they require elevated privileges too. For having higher privileges you need to hack the system...
fiinix said:
So today i installed a random app from marketplace to see what was going on i the process-list. Here i saw "PacmanInstaller.exe" (after "Downloading..." > "Installing..."); later i tried to remote execute that one without any important args, and it said "This application can not run in Win32 mode.", eh? Didn't that exe just ran in the process list. Seems weird not to be able to launch that one. (it did not say the exe did not exist).
Click to expand...
Click to collapse
"This application can not run in Win32 mode" is error 0xbf:
Error 0xbf: error_invalid_exe_signature
Description: Cannot run <application> in Windows NT mode
Or: Cannot run <application> in Win32 mode
This means that your executable is not properly signed / elevated to launch into the required account.
fiinix said:
This means its just copying it to phone (XAP).
Runs pacman to register app > \Applications\Install\GUID\Install
"PacmanInstaller.exe GUID" ??
>Cant execute remote PacmanInstaller? From within?
Just having fun, thanks
Click to expand...
Click to collapse
C'mon fiinix! You of all people should know!!
Code:
<!-- Rule loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(405,6) -->
<Rule PriorityCategoryId="PRIORITY_STANDARD" ResourceIri="/LOADERVERIFIER/ACCOUNT/(+)/ACCOUNT_CAN_LAUNCH/NONE/NONE/PRIMARY/WINDOWS/PACMANINSTALLER.EXE" SpeakerAccountId="S-1-5-112-0-0-1" Description="Only TCB can launch into this chamber">
<!-- Authorize loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(406,10) -->
<Authorize>
<!-- Match loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(407,14) -->
<Match AccountId="S-1-5-112-0-0-1" AuthorizationIds="LV_ACCESS_EXECUTE" />
</Authorize>
<!-- Stop loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(409,10) -->
<Stop>
<!-- Match loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(410,14) -->
<Match AccountId="S-1-5-112-0-0XFF" />
</Stop>
</Rule>
That's why you can't run it! So, not the right account to launch. Not even when you use the Samsung exploit. Because that uses "Elevated". Not "TCB".
The proper way to call PacmanInstaller.exe is:
Code:
pacmaninstaller.exe <int> <guid>
I'm not really sure, but the <int> is the type of operation. Possible values are between 1 and 7 if I recall correctly. The guid is the applicationid. So far I know, the PacmanInstaller looks in \Application Data\Phone Tools\10.0\Install. That is where the xap's are initially uploaded to the phone and extracted by the packagemanger.
Ciao,
Heathcliff74
PS. New version of WP7 Root Tools coming up....
"Not even when you use the Samsung exploit. Because that uses "Elevated". Not "TCB"."
> What about "\Windows\Startup\"
That one launch what ever lnk (exe pointer) listed under startup directory. Would be an opportunity to restart after installed all "cydia" apps on the phone.
Another small but interesting find:
>Checking the mail launches another "servicesd.exe".
All those exe's of multiple sessions like "udevice.exe" and "servicesd.exe" go with an arg, right? then what is put in? Maybe an dll as arg?
>Then again, the custom dll (VS2008 made) will not run due it does not have "LV_ACCESS_EXECUTE", so that locks TCB out for dll arg inject.
udevice.exe (Driver host, runs under "SYSTEM" level)
servicesd.exe (Ordinary exe for dll host)
So making custom drivers wont work... (probably),
to be middle hand for executing under SYSTEM.
edit:
haha post "404" (current post count)
>HTTP Not Found.
Heathcliff74 said:
No. Microsoft doesn't want you to sideload apps. They want you to use the Marketplace. If you would be able to use an internal xap installer, you would be using it for sideloading.
It is not possible to use the API's for installing XAP's because you need TCB access for that. Normal apps have only LPC access, so normally you can't create an app for that. Needs hacking.
Ciao,
Heathcliff74
Click to expand...
Click to collapse
OK,I know that MS don't want to allow but I want to to know if is possible to hack it and do the internal XAP installer ? That's why I am asking.
I think that everybody who have unlocked phone will appreciate it !!
As everyone already said.. CANNOT be done. There's no, "I want to know if someone can hack this". The people working to bring full file/registry access and a better experience to all phones are too busy to worry about trying to make an internal xap installer. Just hook the damn thing up to a computer and use the applications to push a xap to your phone and be happy. I'm no admin or anything, but please don't pester over something like this.

[Q] Interop-unlock Ativ S with latest software (8.1 Update 1 or later)?

Hi,
with all those Lumia posts I'm wondering if it is also possible to interop-unlock a Samsung Ativ S with the latest software (8.1 Update 1 or later) on it *without* a prior downgrade to 8.0 GDR2/GDR3. If it is possible please tell me how or where to find the answer (my search yielded no result so far).
With interop-unlock I mean accessing the 'full' file system and registry and having additional capabilities just like it was/is possible with 8.0 GDR2.
Thanks.
Unblock RPC (file called "Non-production errors.txt" in the Documents folder of the phone, if I recall correctly). There are now two options:
First option: use chamber hijacking.
* Move an app with ID_CAP_INTEROPSERVICES (I like to use HTC's silly "Converter" app; it should still be available on all devices, but other targets are more popular) to the SD card.
* Either sideload or unzip and copy the contents to the SD card an app that uses Samsung RPC to write to the registry. You may need to remove ID_CAP_INTEROPSERVICES from the app before sideloading.
* Use any of the several tools for app hijacking, or do it manually (remove the Hidden and System flags from D:\WPSystem, then rename D:\WPSystem\apps to something like D:\WPSystem\apps1, then delete the files from the install folder of the app that you're hijacking, then move or copy the files from the install folder of the app that uses RPC into the install folder of the app you're hijacking; don't forget to un-rename the apps folder afterward).
* Run the hijacked app; it should by the registry editor app you replaced it with instead, and you can now interop-unlock the phone.
Second option: Use @djamol's "Root Tool" app from the Store, or another app that can modify its own capabilities via SD card tricks.
* Install "Root Tool" from the store; it should show up in Search.
* Move it to the SD card if it wasn't installed there to start.
* Run the app, hit Help, and follow the instructions (several of them are similar to the manual instructions above, but at the end you have to move the app from SD back to Phone before the trick works).
Note that in either case, the EnableAllSideloading app won't work (technically BootstrapSamsung will, but you shouldn't use it since it assumes EnableAllSideloading will be used afterward). Microsoft basically removed the capability that EnableAllSideloading relies on.
Thanks for your reply! So basically the same way works with Ativ S that works with Lumia and you don't need the Samsung diagnosis tool anymore. You just need SamWP8 or a similar tool that uses Samsung RPC after unblocking RPC.
I'll give this a try on the next weekend(s). :good:
Yeah, basically just that. The diagnosis app no longer has the registry editor, and the steps needed to launch to a specific page in an app (such as the reg editor) are technically still possible but are identical to just installing an interop-based registry editor (via hacks), so do that instead.
GoodDayToDie said:
Yeah, basically just that. The diagnosis app no longer has the registry editor, and the steps needed to launch to a specific page in an app (such as the reg editor) are technically still possible but are identical to just installing an interop-based registry editor (via hacks), so do that instead.
Click to expand...
Click to collapse
But after is it possible to unlock all capabilities?
How to interop-unlock now?
Mattemoller90 said:
But after is it possible to unlock all capabilities?
Click to expand...
Click to collapse
I'm curious about that as well.
I tried the second option from (you) GoodDayToDie: It is not possible to use Samsungs Registry Editor component from Root Tool after following the instructions (moved app to SD, deleted the two files, moved stuff from HACK-subfolder to its parent, moved app to phone memory; file "Non-Production Errors.txt" exists in Phone\Documents -- BTW: Is the file name case-sensitive?). The general registry editor from Root Tool works, but with this one it is not possible to write several important keys (e. g. MaxUnsignedApps).
After this I tried the first option: I can successfully deploy CustomPFD (replacing Preview for Developers by hand or with CustomWPSystem). But what to do then?
I tried replacing Preview for Developers with SamWP8, but the app won't start then (getting "Loading ..." for about ten seconds then it closes); also tried commenting some capabilities of SamWP8 and repeating, but has no effect.
Deploying SamWP8 or IO Explorer using application deployment tool obviously fails because of missing interop capability.
This is a fresh and clean installation of WP 8.1 Update 2 now if it should matter.
Any further hints would be appreciated.
My Samsung died months ago (spontaneous hardware failure; I wasn't even hacking on it at the time) so I can't test Samsung-specific things anymore.
The steps as described (by both you and me* *should* work - I assume you rebooted the phone afterwards - so if it's not then I'm confused. The registry editor in Root Tool is mildly terrible and sometimes gives error messages when stuff actually works, but if it's really not working then I'm not sure what you do about that.
As for unlocking all capabilities, that's going to take a little work. The hack used by BootstrapSamsung unlocks one capability, and technically it could be applied to *all* the capabilities, but it changes the registry value type and loses a couple of NULL bytes at the end of the value every time you do it, which is potentially going to break things if you do it to all the capabilities / leave the capabilities in that state for long.
For what it's worth, if you're willing to hard-reset, the OemSettings.reg method mentioned in a few other threads should work too. It requires writing to a normally-unreachable part of the file system, but the Samsung RPCComponent class allows you to do this. I haven't tested it, though, and it does require a hard-reset.
Im interested in this too
If it does not work then what to do if im on 8.1 update already?
@up
AFAIK path is
Unblock RPC Functions proved easy. You just need to create an empty file:
Phone \ Data \ Users \ Public \ Documents \ Non-Production Errors.txt
Click to expand...
Click to collapse
Maybe that's why it didn't worked if you put it just in documents.
I just want to change black/white background-color and accent color in registry. That's all.
Regards
GoodDayToDie said:
My Samsung died months ago (spontaneous hardware failure; I wasn't even hacking on it at the time) so I can't test Samsung-specific things anymore.
Click to expand...
Click to collapse
Ouch, too bad. Would be really useful to have your helping hands on getting this done.
The steps as described (by both you and me* *should* work - I assume you rebooted the phone afterwards - so if it's not then I'm confused. The registry editor in Root Tool is mildly terrible and sometimes gives error messages when stuff actually works, but if it's really not working then I'm not sure what you do about that.
Click to expand...
Click to collapse
I did reboot.
Is there an app with a basic registry editor out there so I could at least change phone manufacturer like I could with Root Tool (Root Tool doesn't seem to be available in the store anymore)?
As for unlocking all capabilities, that's going to take a little work. The hack used by BootstrapSamsung unlocks one capability, and technically it could be applied to *all* the capabilities, but it changes the registry value type and loses a couple of NULL bytes at the end of the value every time you do it, which is potentially going to break things if you do it to all the capabilities / leave the capabilities in that state for long.
For what it's worth, if you're willing to hard-reset, the OemSettings.reg method mentioned in a few other threads should work too. It requires writing to a normally-unreachable part of the file system, but the Samsung RPCComponent class allows you to do this. I haven't tested it, though, and it does require a hard-reset.
Click to expand...
Click to collapse
I tried to use ROMRebuilder, but it just gave me "Failed " when tapping "Backup". But with full file system access I copied OEMSettings.reg zip-file out of the known C:\Windows subdir, extracted the .reg-file, appended all the unlock stuff, repacked and put it back to its original place overwriting the original file (with Root Tool, because in Windows Explorer I didn't have the right to write - Root Tool told me it was successful. I didn't double check ). But after resetting (About - Reset phone) no unlock or access to C:\ was there. Looks like the stock ROM. What went wrong..?
Edit: Used CustomPFD for registry access. Looking at "This PC\Samsung ATIV S\Phone\Windows\Packages\RegistryFiles\OEMSettings.reg" I can see that it is the original file, not my modified one. Is this file restored from somewhere upon reset or did my copy action fail?
Edit2: Tried using vcREG_1_2_BOOTSTRAP (replaced Extras & Info). It gives me an error about missing ID_CAP_INTEROPSERVICES, so it can't do anything.
And CustomPFD can't write MaxUnsignedApp. :-/
Not sure if ROMRebuilder is smart enough to use Samsung's RPC instead of Nokia's for moving the file into place, but regardless it requires interop itself (at least, I'm not sure how it could work otherwise). Root Tool definitely requires interop in order to overwrite Windows files, although it can do so. For the record, for stuff like just reading files or registry values, you can use the (normal-caps) version of my webserver; might be a bit easier.
vcREG should work, assuming it supports Samsung RPC - I think so, but I haven't checked - and you use the whole app hijacking thing correctly. Did you launch the hijacked app after the installation? Pretty sure Extras+Info has interop, so that *should* work.
EDIT: Assuming that the Samsung RPC service is working at all. I don't know of any easy way to test that short of just trying to do things with it, though. I don't think they "fixed" the RPC unblock, though...
GoodDayToDie said:
Not sure if ROMRebuilder is smart enough to use Samsung's RPC instead of Nokia's for moving the file into place, but regardless it requires interop itself (at least, I'm not sure how it could work otherwise). Root Tool definitely requires interop in order to overwrite Windows files, although it can do so. For the record, for stuff like just reading files or registry values, you can use the (normal-caps) version of my webserver; might be a bit easier.
Click to expand...
Click to collapse
Okay, so it probably didn't replace the file at all but only showed a success message. Grmbl. Which file manager would you recommend for moving the file to its place or in general?
vcREG should work, assuming it supports Samsung RPC - I think so, but I haven't checked - and you use the whole app hijacking thing correctly. Did you launch the hijacked app after the installation? Pretty sure Extras+Info has interop, so that *should* work.
Click to expand...
Click to collapse
Ohhh, you mean if I started the app that's about to be hijacked before actually hijacking it? No, I did not. (Not sure what Extras+Info would do on a Ativ S...)
But I do have to?
Edit: Removed Extras&Info (with dummy.xap), installed it again, started it (it actually works) and replaced it with vcREG_1_2_BOOTSTRAP.xap. Started vcREG, but it still gives me "error initializing. check if you have correct permissions (ID_CAP_INTEROPSERVICES). registry functions disabled".
I've also deployed CustomPFD and original preview for developers to sdcard. I have access to the registry but can't write values
Have you tried to hijack Extra+Info permissions with CustomPFD? It does not work with original PFD but it may work with Nokia one. I can't find Extra+Info xap to test, sorry.
Ok tried to deploy ROMRebuilder and hijack original PFD permissions. ROM Rebuilder just crashes on start (no message) WP 8.1 14157.
Installed ROMRebuilder with deleting Capabilities from xap and deployed it from deployment tool.
Manually removed PfD with SD hack and replaced it with ROMREbuilder.
It starts but when pushing "Backup" it says FAILED
Jesus im so tired with this phone...
ROM flasher does not work at 8.1 x64 even with test mode..
Ezio21 said:
Have you tried to hijack Extra+Info permissions with CustomPFD?
Click to expand...
Click to collapse
Yes I have. CustomPFD doesn't start in this case (it does when I'm replacing Preview for developers).
cerebos said:
Edit: Removed Extras&Info (with dummy.xap), installed it again, started it (it actually works) and replaced it with vcREG_1_2_BOOTSTRAP.xap. Started vcREG, but it still gives me "error initializing. check if you have correct permissions (ID_CAP_INTEROPSERVICES). registry functions disabled".
Click to expand...
Click to collapse
Your phone can't initialize Lumia RPC.
So what can we do?
What apps are there that use Samsung RPC to write to the registry? I know SamWP8 and IO Explorer. Any more?
@cerebos
Huh im sorry but it seems that only one way to get that Interop unlock is to flash GDR3
I flashed GDR3 but there is NO WAY to unlock your phone anymore. WP 8.0 developer registration is down. You can't install developer unlock helper and can't interop unlock your phone.
Also because of Samsung firmware update you can't install custom rom on wp8.0
How to interop unlock WP 8.0 without developer unlock? Any way? Or we're locked forever?
As far as I know you can still use beta apps on windows store. Is there anyone with personal developer account reading and could upload Interop_Unlock_Helper_Debug_ARM.xap as BETA to the store and send me the link? I would be very grateful (
@-W_O_L_F- maybe?
We're in very bad situation now. Thanks for any help or advices
Based on the Posting here (by @-W_O_L_F-) it looks like 8.1 Update 2 can't be interop-unlocked. So I'll need to downgrade first.
Edit: Assuming vcREG could write to Samsung Registry is only true for a small set of values, it is never true for interop-unlock. For this you need a registry editor with Samsung's RPC components.

Categories

Resources