Question

Fake having installed another SP

Asked by: AmigoJack

Hi, my question is quite specific.

I have wondered for years now how windows knows which service pack is installed. As a programmer I know I can call GetVersionEx() and check the string of OSVERSIONINFO.szCSDVersion[] for a textual entry. But how does the function gather this information?

Now I want it backwards: somehow it must be possible to alter this info. But how? I think a pure hook on the function itself (so that I can control what it returns) will not suffice - all areas of the system must get aware of the version I want to tell them. But where does this info reside?

So my questions are as followed:
- Do you know how to manually change this?
- Do you know a hack/tool that can afford this?
- Can the MSI (Microsoft Installer) be tricked regarding SP infos?
- If not, I am thankful to every information to track this issue down.

Last words:
- I know what I'm doing.
- I will not install SP1/SP2 and/or consider system restore points to "solve" the issue.
- No illegality is involved. I want to install a program which states to need SP2, but I think only for few features which I would not use at all. In fact it is most interesting to see how the program behaves on SP1 only.


Thx. May the profession be with you ;-)

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2006-09-30 at 12:27:20ID22008667
Tags

fake

,

getversionex

Topics

Windows XP Operating System

,

Windows Installer

Participating Experts
3
Points
400
Comments
18

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. MSI package
    How do I create an MSI package? Is it possible to do without purchasing InstallSheild or another program like that? Thanks!
  2. People with Fake MCSE'S
    Hi fellow experts, I was just wondering how many of you have taken any of the mcse2003 exams?. I got my NT4...BACK IN 1998 and I was to busy setting up and supporting win2k domains to go and actually sit any of the MCSE exams. I have been laid off and although I have a few...
  3. Fake Id email address
    Can you use an fake email from an application server that uses SMTP? Is there a way to use a fake email address to send email to exchange users using SMTP in IIS? Or do I need an account setup in order for it to authenticate and to be valid. Anybody have similar experiences?
  4. world of warcraft-fake servers
    hi i heard u could get pathes n make changes to wow to play on fake servers using freee account.can anyone help me out on how to do this. thanx
  5. MSSQL Illegal Characters
    I am extracting content from document and inputing it into my database, the problem is there can be a lot of illegal characters to escape. My question is, what characters are illegal and how do I escape them?
  6. Fake Antivirus
    How to prevent or uninstall Fake antivirus software (e.g. Bestseller Antivirus)?

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: davexnetPosted on 2006-09-30 at 15:41:42ID: 17636277

Have a look at this registry key... Much of the version info is there.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

Good luck with the rest of your endeavors.  Hope you make a good backup first...
Dave

 

by: AmigoJackPosted on 2006-09-30 at 18:24:09ID: 17636551

Thanks mate, but I already scanned the whole registry for "service pack" and "SP1" without any (useful) results.

 

by: venom96737Posted on 2006-09-30 at 18:48:39ID: 17636584

well there are alot of things that change including system files themselves in the system32 folder can you fool this operation no probably not the info is held in the registry under HKEY\Local_machine\System\CurrentControlSet\Control\windows

in the CSDVersion key sp2 is 200 but the files in system32 will not be altered and the system "probably" wont boot up.

 

by: jkrPosted on 2006-09-30 at 20:44:50ID: 17636779

>>As a programmer I know I can call GetVersionEx()

... and as a programmer, you also know that you can intercept the call on a global level and change the results to what you want it to be *g*

http://www.codeproject.com/system/hooksys.asp ("API hooking revealed")

 

by: AmigoJackPosted on 2006-10-01 at 05:40:50ID: 17637480

venom96737:
I don't understand what you clearly. I never planned on changing files by installing the Service Pack 2 and then switch between installations. Where is the "CSDVersion key sp2" you are speaking of?

jkr:
Thanks, I will try that at least, but I doubt only hooking that function will not do the whole trick. I already said that within my question.

 

by: davexnetPosted on 2006-10-01 at 09:56:30ID: 17638515

Hello, aren't you familiar with Regedit?
From the RUN box type REGEDIT and press enter.
Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Make sure "currentversion" is highlighted.
look at the items on the right side of the screen.
In mine I see:
item-CSDVersion  value - Service Pack 2
Also:
item-BuildLab value-2600.xpsp_sp2_gdr.050301-1519

Dave

 

by: AmigoJackPosted on 2006-10-01 at 12:27:28ID: 17638953

davexnet:
No, I am.

There is no item named "CSDVersion". The ZString of "BuildLab" has the value "2600.xpclient.010817-1148" - I hope you will now believe me that I haven't found anything. Maybe the Service Pack is determined by the datetime in the text. I wonder how it looks like on a windows without any SP.

I bet you also have another Explorer.exe - could you please look it up? Mine has the version number "6.00.2600.0000 (xpclient.010817-1148)" and a filedate of 2001-08-23, 12:00 UTC. Thanks.

 

by: davexnetPosted on 2006-10-01 at 17:46:12ID: 17640275

Hello,
my exeplorer.exe file version is 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Date August 04, 2004


I think yours is the base install - not even SP1 ?

 

by: venom96737Posted on 2006-10-01 at 20:54:15ID: 17640879

As I stated in my original post System files will be different for the service packs explorer is different the kernal is different and a whole list of other files.  Thats what I was saying by just a registry tweak or trying to fool it into thinking it has something it does not will not work.  The CSD version that dave indicated in his post goes back to the one that I stated in my post.  I was saying that the value for the CSDVersion that represents service pack 2 is 200 in the location that I specified just to clear it up.  

 

by: venom96737Posted on 2006-10-01 at 21:01:12ID: 17640901

Also yes that does represent a base system with no service packs installed at all 6.00.2600.0000 is base .1106 is sp 1 and .2180 is sp2

 

by: AmigoJackPosted on 2006-10-02 at 04:32:07ID: 17642514

davexnet:
Thanks for the info. At least it is very interesting when it comes down to determine unknown installations.

venom96737:
I understand that a couple of files will be different due to Service Packs - it's their sense to patch and extend the system of course. Years ago I also underestimated how much "tweaks" can do, e.g. NT5 professional and server are nearly identical and can be switched vice versa. Thanks for the version build numbers.

both:
You are both right, I don't even have SP1. That's a bit surprising to me - must have forgotten about it with my last install on april 2003. It's even more impressing that everything works without any SP. I thank you both so far for giving me all the information. If nobody else comes in and knows where the system precisely determines the installed SP I will try jkrs codehook and after that split the points amongst you three, ok?

 

by: venom96737Posted on 2006-10-03 at 21:05:45ID: 17656842

Amigo right now you are on a very dangerous system that is so so very easy to hack its not even funny.  Its so easy even a remote desktop simulating program can hack your system right now you really need to upgrade i remember when xp first came out i used to play with the remote desktop exploit and mess with my friends taking control of thier systems, but to have it this day in age is really not needed an update is vital in your sense and yes alot of files are changed and will the reg tweaks work probalbly not to tell you the truth.

 

by: AmigoJackPosted on 2006-10-04 at 02:12:57ID: 17657829

Venom96737:
Sorry, I somehow awaited such an answer. Nothing is fully unintrudable but my system has always been secure: no needless services, no needless accounts, always an overview about my NIC activity, desktop firewall with process creation restrictions, downshifted policies, renamed administrator account, no ActiveX, true registry backups, downshifted write permissions on files/folders/registry keys and for extreme situations always an antivirus guard. Due to my NIC overview, I always know if some upload occurs which I didn't initiate (and such a case never happened). I have a handful of tools for process analyzation, handle listing, streams listing, rootkit revealation. And last but not least: I don't behave like a berzerk. My system also runs stable, reboots occur only when I shut the machine down - a BSoD happens very seldom and can be totally associated with one application.

Hmm... I think I know much about Windows to use it properly. Much enough to not be illusioned that Service Packs alone will do the thinking for me. Believe it or not :) My system is and stays uninfected. If it happens, I know what to do (and I don't mean a reinstall).

 

by: venom96737Posted on 2006-10-04 at 02:46:27ID: 17657955

HAHAHAH I wasnt speaking of virus's at all your computer is so wide open to hackers its not even funny even a rookie could crack and take your system.  If I was running a scanner (which i dont anymore) I would have a hayday on your system antivirus and all.

 

by: AmigoJackPosted on 2006-10-04 at 03:50:02ID: 17658247

Do you want to try to "take" my system? I'm always willing be proven better :)

 

by: venom96737Posted on 2006-10-05 at 21:19:39ID: 17674002

HAHA that might be fun

 

by: AmigoJackPosted on 2006-10-19 at 10:32:26ID: 17767844

I would like to split points amongst you. Everybody tried to help and gave me some info. However, as I suspected nobody really hit the point. jkrs hook example is the closest one, but also only an introduction. If you all agree, I'll do it this way:

125pts davexnet
125pts venom96737
150pts jkr (accept, B)

 

by: AmigoJackPosted on 2006-10-25 at 06:28:49ID: 17803116

no further comment,
no disagree,
no hacking attempt... ;-)

thanks ppl

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...