tyler.durden
/
unlocker
mirror of https://github.com/paolo-projects/unlocker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Another set of changes 2.0.9.

This commit is contained in:
David Parsons 2017-10-05 08:26:04 +01:00
parent e16c05ca81
commit 949c13d9a5
15 changed files with 100 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
esxi-config.py
View File

@ -24,8 +24,7 @@ def main():
starttag = '<useVmxSandbox>'
endtag = '</useVmxSandbox>'
# with open('/etc/vmware/hostd/config.xml', 'r+') as f:
with open('samples/config.xml', 'r+') as f:
with open('/etc/vmware/hostd/config.xml', 'r+') as f:
data = f.readlines()
# Search for the relevant XML tags

2
esxi-install.sh
View File

@ -4,7 +4,7 @@ set -e
echo VMware Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
esxi-uninstall.sh
View File

@ -4,7 +4,7 @@ set -e
echo VMware Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
lnx-install.sh
View File

@ -3,7 +3,7 @@ set -e
echo VMware Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
lnx-uninstall.sh
View File

@ -3,7 +3,7 @@ set -e
echo VMware Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
local-prefix.sh
View File

@ -4,7 +4,7 @@ set -x
echo VMware ESXi 6.x Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
local.sh
View File

@ -4,7 +4,7 @@ set -x
echo VMware ESXi 6.x Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
osx-install.sh
View File

@ -3,7 +3,7 @@ set -e
echo VMware Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

2
osx-uninstall.sh
View File

@ -3,7 +3,7 @@ set -e
echo VMware Unlocker 2.0.9
echo ===============================
echo Copyright: Dave Parsons 2011-16
echo Copyright: Dave Parsons 2011-17
# Ensure we only use unmodified commands
export PATH=/bin:/sbin:/usr/bin:/usr/sbin

14
readme.txt
View File

@ -1,5 +1,5 @@
Mac OS X Unlocker for VMware V2.0
=================================
macOS Unlocker for VMware V2.0
==============================
+-----------------------------------------------------------------------------+
| IMPORTANT: |
@ -13,7 +13,8 @@ Mac OS X Unlocker for VMware V2.0
1. Introduction
---------------
Unlocker 2 is designed for Workstation 11/12, Player 7/12, ESXi 6 and Fusion 7/8.
Unlocker 2 is designed for Workstation 11/12/14, Player 7/12/14, ESXi 6.5
and Fusion 7/8/10.
If you are using an earlier product please continue using Unlocker 1
@ -162,9 +163,8 @@ History
- Get latest VMware tools command
- Removed firmware files
- Moved to PyInstaller 3.0
29/12/16 2.0.9 - New version to support ESXi 6.5
- Disable new hostd VMX sandbox
- Fix ESXI 6.5 libvmkctl.so patching for 32 and 64-bit versions
05/10/17 2.0.9 - New version to support ESXi 6.5, Workstation/Player 14 and Fusion 10
- Removed support for ESXi 6.0
- Added ESXi boot option to disable unlocker (nounlocker)
(c) 2011-2016 Dave Parsons
(c) 2011-2017 Dave Parsons

54
test-unlocker.py Normal file
View File

@ -0,0 +1,54 @@
from __future__ import print_function
import unlocker
import dumpsmc
import shutil
def main():
# Test Windows patching
shutil.copyfile('./samples/windows/wks12/vmware-vmx.exe', './tests/windows/wks12/vmware-vmx.exe')
unlocker.patchsmc('./tests/windows/wks12/vmware-vmx.exe', False)
dumpsmc.dumpsmc('./tests/windows/wks12/vmware-vmx.exe')
shutil.copyfile('./samples/windows/wks14/vmware-vmx.exe', './tests/windows/wks12/vmware-vmx.exe')
dumpsmc.dumpsmc('./tests/windows/wks14/vmware-vmx.exe')
unlocker.patchsmc('./tests/windows/wks14/vmware-vmx.exe', False)
shutil.copyfile('./samples/windows/wks12/vmwarebase.dll', './tests/windows/wks12/vmwarebase.dll')
unlocker.patchbase('./tests/windows/wks12/vmwarebase.dll')
shutil.copyfile('./samples/windows/wks14/vmwarebase.dll', './tests/windows/wks14/vmwarebase.dll')
unlocker.patchbase('./tests/windows/wks14/vmwarebase.dll')
# Test Linux patching
shutil.copyfile('./samples/linux/wks12/vmware-vmx', './tests/linux/wks12/vmware-vmx')
dumpsmc.dumpsmc('./tests/linux/wks12/vmware-vmx')
unlocker.patchsmc('./tests/linux/wks12/vmware-vmx', True)
shutil.copyfile('./samples/linux/wks14/vmware-vmx', './tests/linux/wks14/vmware-vmx')
dumpsmc.dumpsmc('./tests/linux/wks14/vmware-vmx')
unlocker.patchsmc('./tests/linux/wks14/vmware-vmx', True)
shutil.copyfile('./samples/linux/wks12/libvmwarebase.so', './tests/linux/wks12/libvmwarebase.so')
unlocker.patchbase('./tests/linux/wks12/libvmwarebase.so')
shutil.copyfile('./samples/linux/wks14/libvmwarebase.so', './tests/linux/wks14/libvmwarebase.so')
unlocker.patchbase('./tests/linux/wks14/libvmwarebase.so')
# Test macOS patching
shutil.copyfile('./samples/macos/fus8/vmware-vmx', './tests/macos/fus8/vmware-vmx')
unlocker.patchsmc('./tests/macos/fus8/vmware-vmx', False)
shutil.copyfile('./samples/macos/fus10/vmware-vmx', './tests/macos/fus10/vmware-vmx')
unlocker.patchsmc('./tests/macos/fus10/vmware-vmx', False)
# Test ESXi patching
shutil.copyfile('./samples/esxi/esxi600/vmx', './tests/esxi/esxi600/vmx')
dumpsmc.dumpsmc('./tests/esxi/esxi600/vmx')
unlocker.patchsmc('./tests/esxi/esxi600/vmx', True)
shutil.copyfile('./samples/esxi/esxi650/vmx', './tests/esxi/esxi650/vmx')
dumpsmc.dumpsmc('./tests/esxi/esxi600/vmx')
unlocker.patchsmc('./tests/esxi/esxi650/vmx', True)
shutil.copyfile('./samples/esxi/esxi600/libvmkctl.so', './tests/esxi/esxi600/libvmkctl.so')
unlocker.patchvmkctl('./tests/esxi/esxi600/libvmkctl.so')
shutil.copyfile('./samples/esxi/esxi650/lib/libvmkctl.so', './tests/esxi/esxi650/lib/libvmkctl.so')
unlocker.patchvmkctl('./tests/esxi/esxi650/lib/libvmkctl.so')
shutil.copyfile('./samples/esxi/esxi650/lib64/libvmkctl.so', './tests/esxi/esxi650/lib64/libvmkctl.so')
unlocker.patchvmkctl('./tests/esxi/esxi650/lib64/libvmkctl.so')
if __name__ == '__main__':
main()

50
unlocker.py
View File

@ -58,13 +58,6 @@ if sys.platform == 'win32' \
from _winreg import *
def rot13(s):
chars = 'AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz'
trans = chars[26:] + chars[:26]
rotchar = lambda c: trans[chars.find(c)] if chars.find(c) > -1 else c
return ''.join(rotchar(c) for c in s)
def bytetohex(data):
if sys.version_info > (3, 0):
# Python 3 code in this block
@ -74,8 +67,8 @@ def bytetohex(data):
return "".join("{:02X} ".format(ord(c)) for c in data)
def joinpath(folder, file):
return os.path.join(folder, file)
def joinpath(folder, filename):
return os.path.join(folder, filename)
def printkey(i, offset, smc_key, smc_data):
@ -89,6 +82,18 @@ def printkey(i, offset, smc_key, smc_data):
+ ' ' + bytetohex(smc_data))
def set_bit(value, bit):
return value | (1 << bit)
def clear_bit(value, bit):
return value & ~(1 << bit)
def test_bit(value, bit):
return value & bit
E_CLASS64 = 2
E_SHT_RELA = 4
@ -116,7 +121,7 @@ def patchelf(f, oldoffset, newoffset):
for i in range(0, e_shnum):
f.seek(e_shoff + i * e_shentsize)
e_sh = struct.unpack('=LLQQQQLLQQ', f.read(e_shentsize))
e_sh_name = e_sh[0]
# e_sh_name = e_sh[0]
e_sh_type = e_sh[1]
e_sh_offset = e_sh[4]
e_sh_size = e_sh[5]
@ -140,7 +145,7 @@ def patchelf(f, oldoffset, newoffset):
def patchkeys(f, key):
# Setup struct pack string
key_pack = '=4sB4sB6xQ'
smc_old_memptr = 0
# smc_old_memptr = 0
smc_new_memptr = 0
# Do Until OSK1 read
@ -166,7 +171,7 @@ def patchkeys(f, key):
# Write new data routine pointer from +LKS
print('OSK0 Key Before:')
printkey(i, offset, smc_key, smc_data)
smc_old_memptr = smc_key[4]
# smc_old_memptr = smc_key[4]
f.seek(offset)
f.write(struct.pack(key_pack, smc_key[0], smc_key[1], smc_key[2], smc_key[3], smc_new_memptr))
f.flush()
@ -296,33 +301,32 @@ def patchbase(name):
f = open(name, 'r+b')
# Entry to search for in GOS table
# Should work for 12 & 14 of Workstation...
darwin = (
'\x10\x00\x00\x00\x10\x00\x00\x00'
'\x02\x00\x00\x00\x00\x00\x00\x00'
'\x00\x00\x00\x00\x00\x00\x00\x00'
'\x00\x00\x00\x00\x00\x00\x00\x00'
'\xBE'
)
# Read file into string variable
base = f.read()
# Loop thorugh each entry and set top bit
# 0xBE --> 0xBF
# Loop through each entry and set top bit
# 0xBE --> 0xBF (WKS 12)
# 0x3E --> 0x3F (WKS 14)
offset = 0
while offset < len(base):
offset = base.find(darwin, offset)
if offset == -1:
break
f.seek(offset + 32)
flag = f.read(1)
if flag == '\xBE':
f.seek(offset + 32)
f.write('\xBF')
print('GOS Patched flag @: ' + hex(offset))
else:
print('GOS Unknown flag @: ' + hex(offset) + '/' + hex(int(flag)))
flag = ord(f.read(1))
flag = set_bit(flag, 0)
flag = chr(flag)
f.seek(offset + 31)
f.write(flag)
print('GOS Patched flag @: ' + hex(offset))
offset += 33
# Tidy up

2
win-install.cmd
View File

@ -2,7 +2,7 @@
setlocal ENABLEEXTENSIONS
echo VMware Unlocker 2.0.9
echo ========================
echo (c) Dave Parsons 2011-16
echo (c) Dave Parsons 2011-17
net session >NUL 2>&1
if %errorlevel% neq 0 (

2
win-test-install.cmd
View File

@ -2,7 +2,7 @@
setlocal ENABLEEXTENSIONS
echo VMware Unlocker 2.0.9
echo ========================
echo (c) Dave Parsons 2011-16
echo (c) Dave Parsons 2011-17
net session >NUL 2>&1
if %errorlevel% neq 0 (

2
win-uninstall.cmd
View File

@ -2,7 +2,7 @@
setlocal ENABLEEXTENSIONS
echo VMware Unlocker 2.0.9
echo ========================
echo (c) Dave Parsons 2011-16
echo (c) Dave Parsons 2011-17
net session >NUL 2>&1
if %errorlevel% neq 0 (