Внимание! Речь не о TCP/IP соединениях, а о сервисах.
Ограничение присутствует физически в файлах, а не в реестре:
srv.sys::SrvNetServerSetInfo
По материалам talks.guns.ru
файлы любезно предоставлены alexis.oasis (skype)
Ограничение присутствует физически в файлах, а не в реестре:
- Home - 5
- Pro - 10
Windows LanServer Connectionlimit patchsrvsvc.dll::SsLoadConfigurationParameters
=======================================
Removes the allowed LanConnections:
In WinXP Home the limit was 5 and in
In WinXP Pro 10 connections allowed.
Only the files with WinXP SP2
(Compare Versioninfo of file if you're unsure
different version might work too but if you get
and error keep in mind)
Copy/overwrite with your systemfiles - be careful
the windows system file protection might restore
the original files in background and so undo the patch ...
Techdata
patched:
srvsvc.dll::SsLoadConfigurationParameters
srv.sys::SrvNetServerSetInfo
75098BF9 8BFF MOV EDI, EDI 75098BFB 55 PUSH EBP 75098BFC 8BEC MOV EBP, ESP 75098BFE 51 PUSH ECX 75098BFF E8 D40A0000 CALL LoadSizeParameter 75098C04 85C0 TEST EAX, EAX 75098C06 8945 FC MOV [EBP-4], EAX 75098C09 75 1E JNZ SHORT 75098C29 75098C0B 68 28800975 PUSH 75098028 "LanmanServer\AutotunedParameters" 75098C10 E8 DC000000 CALL LoadParameters 75098C15 85C0 TEST EAX, EAX 75098C17 8945 FC MOV [EBP-4], EAX 75098C1A 75 0D JNZ SHORT 75098C29 75098C1C 68 64610975 PUSH 75096164 "LanmanServer\Parameters" 75098C21 E8 CB000000 CALL LoadParameters 75098C26 8945 FC MOV [EBP-4], EAX 75098C29 A1 40300A75 MOV EAX, [750A3040] 75098C2E 3905 40310A75 CMP [750A3140], EAX 75098C34 0F83 21320000 JNB 7509BE5B 75098C3A 833D 94310A75 0>CMP [DWORD 750A3194], 0 75098C41 0F85 1E320000 JNZ 7509BE65 75098C47 53 PUSH EBX 75098C48 56 PUSH ESI 75098C49 E9 89000000 JMP 75098CD7 <-PATCH!!! 75098C4E FFFF ??? 75098C50 85C0 TEST EAX, EAX 75098C52 0F85 86000000 JNZ 75098CDE 75098C58 833D 1C310A75 0>CMP [DWORD 750A311C], 1 75098C5F 6A 05 PUSH 5 75098C61 5E POP ESI 75098C62 6A 0A PUSH 0A 75098C64 5B POP EBX 75098C65 75 5E JNZ SHORT 75098CC5 75098C67 68 00020000 PUSH 200 75098C6C E8 5DF6FFFF CALL IsSuiteVersion 75098C71 85C0 TEST EAX, EAX 75098C73 0F85 FB310000 JNZ 7509BE74 75098C79 803D 1C4E0A75 0>CMP [BYTE ExtendedLicensing], 0 75098C80 0F85 2F320000 JNZ 7509BEB5 75098C86 391D 18300A75 CMP [750A3018], EBX 75098C8C 72 06 JB SHORT 75098C94 75098C8E 891D 18300A75 MOV [750A3018], EBX 75098C94 6A 40 PUSH 40 75098C96 58 POP EAX 75098C97 3905 48300A75 CMP [750A3048], EAX 75098C9D 0F83 08320000 JNB 7509BEAB 75098CA3 891D B4300A75 MOV [750A30B4], EBX 75098CA9 3935 18310A75 CMP [750A3118], ESI 75098CAF 72 06 JB SHORT 75098CB7 75098CB1 8935 18310A75 MOV [750A3118], ESI 75098CB7 8325 44310A75 0>AND [DWORD 750A3144], 0 75098CBE 8325 D0300A75 0>AND [DWORD 750A30D0], 0 75098CC5 68 00040000 PUSH 400 75098CCA E8 FFF5FFFF CALL IsSuiteVersion 75098CCF 85C0 TEST EAX, EAX 75098CD1 0F85 F3310000 JNZ 7509BECA 75098CD7 8B45 FC MOV EAX, [EBP-4] 75098CDA 5E POP ESI 75098CDB 5B POP EBX 75098CDC C9 LEAVE 75098CDD C3 RETN 75098CDE 833D 18300A75 0>CMP [DWORD 750A3018], 0A 75098CE5 ^ 75 F0 JNZ SHORT 75098CD7 75098CE7 E9 13320000 JMP 7509BEFF 75098CEC 90 NOP 75098CED 90 NOP 75098CEE 90 NOP 75098CEF 90 NOP
srv.sys::SrvNetServerSetInfo
0002B4D4 E8 495DFFFF CALL SecondsToTime 0002B4D9 A3 F0F80100 MOV [SrvLinkInfoValidTime], EAX 0002B4DE 8915 F4F80100 MOV [1F8F4], EDX 0002B4E4 8B83 0C010000 MOV EAX, [EBX+10C] 0002B4EA 33D2 XOR EDX, EDX 0002B4EC F7B3 A0000000 DIV [DWORD EBX+A0] 0002B4F2 A3 F8F80100 MOV [SrvScavengerUpdateQosCount], EA> 0002B4F7 B8 FFFF0000 MOV EAX, 0FFFF <-Patch!!! 0002B4FC EB 5C JMP SHORT 0002B55A <-Patch!!! 0002B4FE FFFF ??? ; Unknown command 0002B500 85C0 TEST EAX, EAX 0002B502 75 44 JNZ SHORT 0002B548 0002B504 3805 F2F70100 CMP [SrvProductTypeServer], AL 0002B50A 75 2A JNZ SHORT 0002B536 0002B50C 68 00020000 PUSH 200 0002B511 E8 7DECFFFF CALL IsSuiteVersion 0002B516 85C0 TEST EAX, EAX 0002B518 0F85 F8720000 JNZ 00032816 0002B51E 893D 58F90100 MOV [SrvCachedOpenLimit], EDI 0002B524 893D 2C0D0200 MOV [SrvMaxCachedDirectory], EDI 0002B52A 893D 8CF80100 MOV [SrvMaxFreeRfcbs], EDI 0002B530 893D 90F80100 MOV [SrvMaxFreeMfcbs], EDI 0002B536 68 00040000 PUSH 400 0002B53B E8 53ECFFFF CALL IsSuiteVersion 0002B540 85C0 TEST EAX, EAX 0002B542 0F85 06730000 JNZ 0003284E 0002B548 833D B8F80100 F>CMP [DWORD SrvMaxUsers], -1 0002B54F 73 0E JNB SHORT 0002B55F 0002B551 393D B8F80100 CMP [SrvMaxUsers], EDI 0002B557 76 06 JBE SHORT 0002B55F !002B559 FFA3 B8F80100 JMP [EBX+SrvMaxUsers] ^^<- Patch 0002B55A A3 B8F80100 MOV [SrvMaxUsers], EAX 0002B55F FF35 08F80100 PUSH [DWORD SrvMaxReceiveWorkItemCoun> 0002B565 E8 74000000 CALL MultipleOfProcessors 0002B56A A3 08F80100 MOV [SrvMaxReceiveWorkItemCount], EA> 0002B56F FF35 04F80100 PUSH [DWORD SrvInitialReceiveWorkItem> 0002B575 E8 64000000 CALL MultipleOfProcessors 0002B57A A3 04F80100 MOV [SrvInitialReceiveWorkItemCount]> 0002B57F FF35 84F80100 PUSH [DWORD SrvMinReceiveQueueLength] 0002B585 E8 54000000 CALL MultipleOfProcessors 0002B58A A3 84F80100 MOV [SrvMinReceiveQueueLength], EAX 0002B58F FF35 10F80100 PUSH [DWORD SrvMaxRawModeWorkItemCoun> 0002B595 E8 44000000 CALL MultipleOfProcessors 0002B59A A3 10F80100 MOV [SrvMaxRawModeWorkItemCount], EA> 0002B59F FF35 0CF80100 PUSH [DWORD SrvInitialRawModeWorkItem> 0002B5A5 E8 34000000 CALL MultipleOfProcessors 0002B5AA A3 0CF80100 MOV [SrvInitialRawModeWorkItemCount]> 0002B5AF 33F6 XOR ESI, ESI 0002B5B1 8975 D4 MOV [EBP-2C], ESI 0002B5B4 834D FC FF OR [DWORD EBP-4], FFFFFFFF 0002B5B8 B9 ACFA0100 MOV ECX, SrvConfigurationLock 0002B5BD FF15 00D80100 CALL [_imp_] ; SRV2SY~1.0004C398 0002B5C3 8BC6 MOV EAX, ESI 0002B5C5 E8 A651FEFF CALL _SEH_epilog 0002B5CA C2 0C00 RETN 0C unpachted.... 0002B4F2 A3 F8F80100 MOV [SrvScavengerUpdateQosCount], EA> 0002B4F7 64:40 INC EAX ; Superfluous prefix 0002B4F9 5E POP ESI 0002B4FA 56 PUSH ESI ; /Arg1 0002B4FB E8 93ECFFFF CALL IsSuiteVersion ; \IsSuiteVersion 0002B500 85C0 TEST EAX, EAX 0002B502 75 44 JNZ SHORT 0002B548 0002B504 3805 F2F70100 CMP [SrvProductTypeServer], AL 0002B50A 75 2A JNZ SHORT 0002B536 0002B50C 68 00020000 PUSH 200 ; /Arg1 = 00000200 0002B511 E8 7DECFFFF CALL IsSuiteVersion ; \IsSuiteVersion 0002B516 85C0 TEST EAX, EAX 0002B518 0F85 F8720000 JNZ 00032816 0002B51E 893D 58F90100 MOV [SrvCachedOpenLimit], EDI 0002B524 893D 2C0D0200 MOV [SrvMaxCachedDirectory], EDI 0002B52A 893D 8CF80100 MOV [SrvMaxFreeRfcbs], EDI 0002B530 893D 90F80100 MOV [SrvMaxFreeMfcbs], EDI 0002B536 68 00040000 PUSH 400 ; /Arg1 = 00000400 0002B53B E8 53ECFFFF CALL IsSuiteVersion ; \IsSuiteVersion 0002B540 85C0 TEST EAX, EAX 0002B542 0F85 06730000 JNZ 0003284E 0002B548 833D B8F80100>CMP [DWORD SrvMaxUsers], -1 0002B54F 73 0E JNB SHORT 0002B55F 0002B551 393D B8F80100 CMP [SrvMaxUsers], EDI 0002B557 76 06 JBE SHORT 0002B55F 0002B559 FF05 B8F80100 INC [DWORD SrvMaxUsers] 0002B55F FF35 08F80100 PUSH [DWORD SrvMaxReceiveWorkItemCoun>; /Arg1 = 00000000
Ссылки:
- srvsvc.dll SsLoadConfigurationParameters
- srv.sys SrvNetServerSetInfo
Копировать нужно в Safe Mode:
- srvsvc.dll в %windir%\system32
- srv.sys в %windir%\system32\drivers
и ими же перезаписать кэш-длл SVC в %windir%\system32\dllcache
файлы любезно предоставлены alexis.oasis (skype)
Немає коментарів:
Дописати коментар