| 2013-01-08 08:56:25 |
Mantas Kriaučiūnas |
description |
Binary package hint: chntpw
New upstream release [1] for chntpw.
[1] http://pogostick.net/~pnh/ntpasswd/HISTORY.txt |
Binary package hint: chntpw
There are 2 new upstream releases (2011-05 and 2010-06) for chntpw, see http://pogostick.net/~pnh/ntpasswd/HISTORY.txt
I'm pasting main improvements since current Ubuntu 13.04 package (0.99.6-2, released on 2008)
* v 0.99.6 110511
regedit library (chntpw and reged uses it):
- Hive expansion! Library now does hive file expansion by default! (but you can turn it off, safe mode). If expansion occured, you will get a warning when saving the hive.
- There were a lot of goofs by me in the add/delete key and value handling, which made windows complain and lose data. Hope I managed to fix them.
- Also, found out more about how Windows does things, for example:
- Empty name (default) value, flag field is 0 (not 1 as usual)
- Values with data size 0 to 4 the value data itself is stored in the data pointer field, typical for DWORD (this I knew a long time ago), sign bit of data size field is then set. BUT..
- In a lot of cases in SAM, for null name values, size is 0 with sign set. In that case, the data dword is stored in the TYPE field, and the rest is unused. This saves a few bytes of course.. but why?
- Large values (seems to be from around 16k) are split internally in several parts. Sounds smart. But it goes via 2 (two) separate data structures that has to be allocated.
For regular small values the data pointer simply points to the data itself. For this split large value it points to a "db" struct.
Pseudo: vk.ofs_data -> db.list -> list[n] -> raw data block n The last raw data block always allocates the whole hbin (usually 16k) it is in, even if all of it is not needed.
reged:
- On popular demand: .reg file import!! (-I)
- Will read files from regedit.exe in most cases (UTF-16) but can miss on some international characters. Also reads "latin" (8 bit) files.
- Did quite a lot of testing by importing for example the SOFTWARE\Classes tree with regedit.exe and importing it again into the DEFAULT hive with my tool, then ask windows to "Load hive" (in regedit.exe).
- -N and -E options for safe mode edit (no alloc and no expand hive)
- Importing (-I) and then into edit (-e) before save possible, by specifying both options.
- -I and -C (-IC) will import and auto-save, use this in scripts.
chntpw:
- This version has no significant changes in the password (reset) handling part of the tools.
* v 0.99.6 100627
chntpw:
- Syskey not visible in menu anymore, but is still selectable as # 2
This because too many people just went ahead without understanding its purpose, and the emailed me when things went as expected, that is it went *boom*
- Interactive menu adapts to show most relevant selections based on what is loaded
reged:
- Patches from Frediano Ziglio adding or fixing:
buffer overflow in export_subkey printing keyname some quoting error (name and string values must be quoted)
missing support for wide character encoding in keys and value names
regedit library (chntpw and reged uses it):
- New function from Aleksander Wojdyga: dpi, to decode product IDs
Can be used on for example \Microsoft\Windows NT\CurrentVersion\DigitalProductId
to find the systems product ID in cleartext.
Now as command in registry editor, but may be moved to chnpw menu later. |
|
| 2014-08-27 21:20:46 |
Mantas Kriaučiūnas |
description |
Binary package hint: chntpw
There are 2 new upstream releases (2011-05 and 2010-06) for chntpw, see http://pogostick.net/~pnh/ntpasswd/HISTORY.txt
I'm pasting main improvements since current Ubuntu 13.04 package (0.99.6-2, released on 2008)
* v 0.99.6 110511
regedit library (chntpw and reged uses it):
- Hive expansion! Library now does hive file expansion by default! (but you can turn it off, safe mode). If expansion occured, you will get a warning when saving the hive.
- There were a lot of goofs by me in the add/delete key and value handling, which made windows complain and lose data. Hope I managed to fix them.
- Also, found out more about how Windows does things, for example:
- Empty name (default) value, flag field is 0 (not 1 as usual)
- Values with data size 0 to 4 the value data itself is stored in the data pointer field, typical for DWORD (this I knew a long time ago), sign bit of data size field is then set. BUT..
- In a lot of cases in SAM, for null name values, size is 0 with sign set. In that case, the data dword is stored in the TYPE field, and the rest is unused. This saves a few bytes of course.. but why?
- Large values (seems to be from around 16k) are split internally in several parts. Sounds smart. But it goes via 2 (two) separate data structures that has to be allocated.
For regular small values the data pointer simply points to the data itself. For this split large value it points to a "db" struct.
Pseudo: vk.ofs_data -> db.list -> list[n] -> raw data block n The last raw data block always allocates the whole hbin (usually 16k) it is in, even if all of it is not needed.
reged:
- On popular demand: .reg file import!! (-I)
- Will read files from regedit.exe in most cases (UTF-16) but can miss on some international characters. Also reads "latin" (8 bit) files.
- Did quite a lot of testing by importing for example the SOFTWARE\Classes tree with regedit.exe and importing it again into the DEFAULT hive with my tool, then ask windows to "Load hive" (in regedit.exe).
- -N and -E options for safe mode edit (no alloc and no expand hive)
- Importing (-I) and then into edit (-e) before save possible, by specifying both options.
- -I and -C (-IC) will import and auto-save, use this in scripts.
chntpw:
- This version has no significant changes in the password (reset) handling part of the tools.
* v 0.99.6 100627
chntpw:
- Syskey not visible in menu anymore, but is still selectable as # 2
This because too many people just went ahead without understanding its purpose, and the emailed me when things went as expected, that is it went *boom*
- Interactive menu adapts to show most relevant selections based on what is loaded
reged:
- Patches from Frediano Ziglio adding or fixing:
buffer overflow in export_subkey printing keyname some quoting error (name and string values must be quoted)
missing support for wide character encoding in keys and value names
regedit library (chntpw and reged uses it):
- New function from Aleksander Wojdyga: dpi, to decode product IDs
Can be used on for example \Microsoft\Windows NT\CurrentVersion\DigitalProductId
to find the systems product ID in cleartext.
Now as command in registry editor, but may be moved to chnpw menu later. |
Binary package hint: chntpw
There are new upstream release (1.00 2014-02) for chntpw, see http://pogostick.net/~pnh/ntpasswd/HISTORY.txt
I'm pasting debian/changelog and main improvements since current Ubuntu 14.04 package (0.99.6.1, released on 2011)
chntpw (1.0-1) unstable; urgency=low
* Update to latest upstream release, published in 2014-02-01
* debian/rules: Provide also the other binaries built in the sources:
reged (Simple Registry Edit Utility for Windows registry hives),
sampasswd (SAM database, add or remove user in a group),
samusrgrp (SAM database, add or remove user in a group)
* debian/samusrgrp.8 debian/reged.8 debian/sampasswd.8: Write manpages
for all of the other programs built and included now in the package
* debian/chntpw.8: Update the manpage contents based on the program's
current -h output.
* debian/patches/01_port_to_gcrypt.patch:
Update patch since in this release upstream author uses a new define
(DOCRYPTO) that enables cryptographic code. This code, that enabled
users to change the password, is not enabled by default anymore since
it does not work with Windows XP (and later) systems.
* debian/patches/11_improve_documentation:
Add a new patch to improve the English (by a non-native speaker
oh! the irony!) of the HISTORY.txt and MANUAL.txt files, fixing
grammar and spelling mistakes, as well as some typos.
* debian/changelog: Fix typo and add reference to Ubuntu closed bug
* debian/control:
- Require debhelp version 5, as per debian/compat
* debian/rules:
- Update definitions to adapt to this version and upstream's numbering
(140201)
* Lintian fixes:
- Remove statically compiled files from sources (Fixes: source-is-missing)
- debian/copyright: point to the versioned license files, not the
symlinks since the source does not allow the use of later GPL
versions (Fixes: copyright-refers-to-versionless-license-file)
- debian/chntpw.8: Fix manpage error (Fixes:
manpage-has-errors-from-man)
- debian/rules:
+ Added missing targets build-indep and build-arch (fixes:
debian-rules-missing-recommended-target)
+ Include buildflags.mk provided by dpkg-dev (fixes:
hardening-no-relro)
- debian/control:
+ Added ${misc:Depends} (fixes: debhelper-but-no-misc-depends)
+ Use UTF-8 version of maintainer's second surname (i.e. 'ñ' instead
of 'n~') this prevents tools from thinking the uploads are a NMU
when they are not (fixes: changelog-should-mention-nmu)
+ Update Standards Version to 3.9.5, no changes needed (fixes:
ancient-standards-version)
- debian/docs: Remove HISTORY.txt, it is included as a changelog already
(fixes: duplicate-changelog-files)
-- Javier Fernández-Sanguino Peña <jfs@debian.org> Wed, 06 Aug 2014 22:23:44 +0200
* v 1.00 140201 (beta releases to some people dated 1308xx)
samlib:
new library, contains functions for user and group
manipulation and low level SID functions. Main features:
- add user to local group
- remove user from local group
- reset user password
- list users and groups, with memberships etc
- SID handling routines (binary to/from string etc) required by
group/user edit functions
- updates both group and user correctly, thus finally user "promotion" works!
regedit library:
- Enter buil-in buffer debugger only if in trace mode, else return error or abort()
- Fixed critical bug in del_value which could
thrash the hive when removing value in bottom of key.
- And a pointer not reinitialized when buffer reallocated in some cases, fixed.
Thanks to Jacky To for reporting those two.
- Some minor adjustments for compiler. A few more utility functions.
sampasswd:
new command line utility
- Can be used to reset users passwords from scripts (non interactive)
- Also a few list options, also can supply parsable output
samusrgrp:
new command line utility
- edit group memberships (non interactive)
- some list functions, parsable
chntpw:
- Now dedicated to interactive edits
- Now supports full local group membership edits, finally working promotion!
- A lot of users complained about user select being difficult to exit
(not understanding to use ! to quit), so after user edit, return
is to main menu or program exit (if not -i option)
- User edit (reset, promote etc) now loops instead until q for quit
* v 0.99.6 110511
regedit library (chntpw and reged uses it):
- Hive expansion! Library now does hive file expansion by default! (but you can turn it off, safe mode). If expansion occured, you will get a warning when saving the hive.
- There were a lot of goofs by me in the add/delete key and value handling, which made windows complain and lose data. Hope I managed to fix them.
- Also, found out more about how Windows does things, for example:
- Empty name (default) value, flag field is 0 (not 1 as usual)
- Values with data size 0 to 4 the value data itself is stored in the data pointer field, typical for DWORD (this I knew a long time ago), sign bit of data size field is then set. BUT..
- In a lot of cases in SAM, for null name values, size is 0 with sign set. In that case, the data dword is stored in the TYPE field, and the rest is unused. This saves a few bytes of course.. but why?
- Large values (seems to be from around 16k) are split internally in several parts. Sounds smart. But it goes via 2 (two) separate data structures that has to be allocated.
For regular small values the data pointer simply points to the data itself. For this split large value it points to a "db" struct.
Pseudo: vk.ofs_data -> db.list -> list[n] -> raw data block n The last raw data block always allocates the whole hbin (usually 16k) it is in, even if all of it is not needed.
reged:
- On popular demand: .reg file import!! (-I)
- Will read files from regedit.exe in most cases (UTF-16) but can miss on some international characters. Also reads "latin" (8 bit) files.
- Did quite a lot of testing by importing for example the SOFTWARE\Classes tree with regedit.exe and importing it again into the DEFAULT hive with my tool, then ask windows to "Load hive" (in regedit.exe).
- -N and -E options for safe mode edit (no alloc and no expand hive)
- Importing (-I) and then into edit (-e) before save possible, by specifying both options.
- -I and -C (-IC) will import and auto-save, use this in scripts.
chntpw:
- This version has no significant changes in the password (reset) handling part of the tools. |
|
