Patch for new Advapi32 dll of Windows Server 2003 SP2

As for Windows XP SP3, Microsoft released through Windows Update a new version of Advapi32 for Windows Server 2003 SP2 with version number 5.2.3790.4455. Here is the corresponding patch:

• Advapi32 dll, version 5.2.3790.4455:
• At offset 0x11E3F : change 75 to 90
• At offset 0x11E40 : change 08 to 90
• At offset 0x11E47 : change 74 to EB

Advapi32 patch for Windows 7 RC

After the recent release of Windows 7 RC, here is the patch for developing and tesing CSPs under this new platform. Unlike previous Windows versions and because of internal changes on Advapi32, the patch applies this time to cryptsp.dll and not to advapi32.dll...so the title of this post is really just for historical reasons!! Here is the patch :

• Cryptsp dll, version 6.1.7100.0 :
• At offset 0x34CB : change 75 to 90
• At offset 0x34CC : change 10 to 90
• At offset 0x34D3 : change 75 to 90
• At offset 0x34D4 : change 08 to 90

The SHA-256 hash of the patched dll is in BASE64 encoding : 6bzJDA9IknZNgyO8sugtmLZxMfeVvZBToZQ82P8ahFI= This value is needed in order to update the manifest files associated with cryptsp.dll in the WINSXS directory.

Patch for new Advapi32.dll of Windows XP SP3

On February 9th 2009, Microsoft released through Windows Update a new version of Advapi32 for Windows XP SP3 with version number 5.1.2600.5755. Here is the corresponding patch:

• Advapi32 dll, version 5.1.2600.5755:
• At offset 0x175C1 : change 75 to 90
• At offset 0x175C2 : change 0C to 90
• At offset 0x175C9 : change 0F to 90
• At offset 0x175CA : change 84 to E9

How to export/import CSP session keys in clear

Sometimes, it's handy to export and import plain text CSP session keys without being obliged to wrap them using RSA keys. For that, one can use a specially crafted RSA keys that have their private and public exponents set to "1". Thus, the encryption and the decryption with them always leed to the clear value. You'll find in the following link an MSDN article that provides a sample code explaining how we can achieve that. http://support.microsoft.com/kb/228786

How to clear saved Windows networking passwords

I had a problem connecting to shared VPN network folder because I changed my password but Windows kept using the old one stored in its cache. There was no obvious way to tell Windows to prompt for a new password. After some googling, I found the following command line that displays a dialog showing all the stored credentials and that gives the possibility to delete them : rundll32.exe keymgr.dll, KRShowKeyMgr It saved my life!!!