Final ESXi fixes 2.0.9

esxi-install.sh

@@ -9,10 +9,21 @@ echo Copyright: Dave Parsons 2011-17
 # Ensure we only use unmodified commands
 export PATH=/bin:/sbin:/usr/bin:/usr/sbin
 
-# Copy patch to local.sh
+VER=$(uname -r)
-echo Installing local.sh
+if [ "$VER" == "6.0.0" ]; then
-chmod +x local.sh
+   echo "Error - ESXi 6.0.0 is not supported!"
-cp local.sh /etc/rc.local.d/local.sh
+elif [ "$VER" == "6.5.0" ]; then
-python esxi-config.py insert
+    # Copy patch to local.sh
-backup.sh 0
+    echo Installing local.sh
-echo Success - please now restart the server!
+    chmod +x local.sh
+    cp local.sh /etc/rc.local.d/local.sh
+    python esxiconfig.py on
+    backup.sh 0
+    echo "Success - please now restart the server!"
+else
+   echo "Unknown ESXi version"
+fi
+
+
+
+

esxi-uninstall.sh

@@ -11,6 +11,6 @@ export PATH=/bin:/sbin:/usr/bin:/usr/sbin
 
 echo Uninstalling local.sh
 cp /etc/rc.local.d/.#local.sh /etc/rc.local.d/local.sh
-python esxi-config.py delete
+python esxiconfig.py off
 backup.sh 0
 echo Success - please now restart the server!

local.sh

@@ -123,13 +123,6 @@ if sys.platform == 'win32' \
     from _winreg import *
 
 
-def rot13(s):
-    chars = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz'
-    trans = chars[26:] + chars[:26]
-    rotchar = lambda c: trans[chars.find(c)] if chars.find(c) > -1 else c
-    return ''.join(rotchar(c) for c in s)
-
-
 def bytetohex(data):
     if sys.version_info > (3, 0):
         # Python 3 code in this block
@@ -139,8 +132,8 @@ def bytetohex(data):
         return "".join("{:02X} ".format(ord(c)) for c in data)
 
 
-def joinpath(folder, file):
+def joinpath(folder, filename):
-    return os.path.join(folder, file)
+    return os.path.join(folder, filename)
 
 
 def printkey(i, offset, smc_key, smc_data):
@@ -154,6 +147,18 @@ def printkey(i, offset, smc_key, smc_data):
           + ' ' + bytetohex(smc_data))
 
 
+def set_bit(value, bit):
+    return value | (1 << bit)
+
+
+def clear_bit(value, bit):
+    return value & ~(1 << bit)
+
+
+def test_bit(value, bit):
+    return value & bit
+
+
 E_CLASS64 = 2
 E_SHT_RELA = 4
 
@@ -181,7 +186,7 @@ def patchelf(f, oldoffset, newoffset):
     for i in range(0, e_shnum):
         f.seek(e_shoff + i * e_shentsize)
         e_sh = struct.unpack('=LLQQQQLLQQ', f.read(e_shentsize))
-        e_sh_name = e_sh[0]
+        # e_sh_name = e_sh[0]
         e_sh_type = e_sh[1]
         e_sh_offset = e_sh[4]
         e_sh_size = e_sh[5]
@@ -205,7 +210,7 @@ def patchelf(f, oldoffset, newoffset):
 def patchkeys(f, key):
     # Setup struct pack string
     key_pack = '=4sB4sB6xQ'
-    smc_old_memptr = 0
+    # smc_old_memptr = 0
     smc_new_memptr = 0
 
     # Do Until OSK1 read
@@ -231,7 +236,7 @@ def patchkeys(f, key):
             # Write new data routine pointer from +LKS
             print('OSK0 Key Before:')
             printkey(i, offset, smc_key, smc_data)
-            smc_old_memptr = smc_key[4]
+            # smc_old_memptr = smc_key[4]
             f.seek(offset)
             f.write(struct.pack(key_pack, smc_key[0], smc_key[1], smc_key[2], smc_key[3], smc_new_memptr))
             f.flush()
@@ -361,34 +366,33 @@ def patchbase(name):
     f = open(name, 'r+b')
 
     # Entry to search for in GOS table
+    # Should work for 12 & 14 of Workstation...
     darwin = (
         '\x10\x00\x00\x00\x10\x00\x00\x00'
         '\x02\x00\x00\x00\x00\x00\x00\x00'
         '\x00\x00\x00\x00\x00\x00\x00\x00'
         '\x00\x00\x00\x00\x00\x00\x00\x00'
-        '\xBE'
     )
 
     # Read file into string variable
     base = f.read()
 
-    # Loop thorugh each entry and set top bit
+    # Loop through each entry and set top bit
-    # 0xBE --> 0xBF
+    # 0xBE --> 0xBF (WKS 12)
+    # 0x3E --> 0x3F (WKS 14)
     offset = 0
     while offset < len(base):
         offset = base.find(darwin, offset)
         if offset == -1:
             break
         f.seek(offset + 32)
-        flag = f.read(1)
+        flag = ord(f.read(1))
-        if flag == '\xBE':
+        flag = set_bit(flag, 0)
+        flag = chr(flag)
         f.seek(offset + 32)
-            f.write('\xBF')
+        f.write(flag)
         print('GOS Patched flag @: ' + hex(offset))
-        else:
+        offset += 40
-            print('GOS Unknown flag @: ' + hex(offset) + '/' + hex(int(flag)))
-
-        offset += 33
 
     # Tidy up
     f.flush()
@@ -437,8 +441,7 @@ def main():
         vmx = joinpath(vmx_path, 'vmware-vmx')
         vmx_debug = joinpath(vmx_path, 'vmware-vmx-debug')
         vmx_stats = joinpath(vmx_path, 'vmware-vmx-stats')
-        vmx_version = subprocess.check_output(["vmplayer", "-v"])
+        if os.path.isfile('/usr/lib/vmware/lib/libvmwarebase.so/libvmwarebase.so'):
-        if vmx_version.startswith('VMware Player 12'):
             vmx_so = True
             vmwarebase = '/usr/lib/vmware/lib/libvmwarebase.so/libvmwarebase.so'
         else:

test-unlocker.py

@@ -1,8 +1,10 @@
 from __future__ import print_function
-import unlocker
+
-import dumpsmc
 import shutil
 
+import dumpsmc
+import unlocker
+
 
 def main():
     # Test Windows patching
@@ -48,6 +50,8 @@ def main():
     unlocker.patchvmkctl('./tests/esxi/esxi650/lib/libvmkctl.so')
     shutil.copyfile('./samples/esxi/esxi650/lib64/libvmkctl.so', './tests/esxi/esxi650/lib64/libvmkctl.so')
     unlocker.patchvmkctl('./tests/esxi/esxi650/lib64/libvmkctl.so')
+    shutil.copyfile('./samples/esxi/esxi650/config.xml', './tests/esxi/esxi650/config.xml')
+    esxiconfig.main('./tests/esxi/esxi650/config.xml')
 
 
 if __name__ == '__main__':

wip/esxiconfig.py

@@ -19,12 +19,12 @@ def testline(line, test):
         return False
 
 
-def main():
+def main(filename):
     vmsvc = '<vmsvc>\n'
     starttag = '<useVmxSandbox>'
     endtag = '</useVmxSandbox>'
 
-    with open('/etc/vmware/hostd/config.xml', 'r+') as f:
+    with open(filename, 'r+') as f:
         data = f.readlines()
 
         # Search for the relevant XML tags
@@ -58,11 +58,11 @@ def main():
 
         if sys.argv[1] == 'off':
             print('ESXi Config - useVmxSandbox off')
-            data.insert(vmsvcindex + 1, (" " * pad) + sandboxoff)
+            data.insert(vmsvcindex + 1, (" " * pad) + 'false')
 
         elif sys.argv[1] == 'on':
             print('ESXi Config - useVmxSandbox on')
-            data.insert(vmsvcindex + 1, (" " * pad) + sandboxon)
+            data.insert(vmsvcindex + 1, (" " * pad) + 'true')
 
         else:
             print('ESXi Config - Incorrect paramter passed')
@@ -80,7 +80,7 @@ if __name__ == '__main__':
 
     if len(sys.argv) == 1:
         sys.exit(1)
-    if main():
+    if main('/etc/vmware/hostd/config.xml'):
         sys.exit(0)
     else:
         sys.exit(1)