Cracking the D-Link settings file

The following is my description of how I figured out how to decode the D-Link settings file (aka decrypt gws). If you don’t care how I figured it out, skip to the end for VB.Net code samples and an executable.

I have a DIR-628 wireless router that is having issues. There is a firmware update available, but my issue is not mentioned in the readme for the firmware.
Normally when I upgrade the firmware, I will dump out a settings file, perform the upgrade, reload the settings file, and rejoice in the time saved not having to reconfigure. This time, though, I think I would like to have a clean slate – but there are some options that include passwords I don’t recall offhand, so I figure I can just dump out the settings file, and take a look at it to get all that info…

Wrong. The settings file is binary gobbledeygook.
The default file name is gateway_settings.gws, and the file is about 175k.

I gave Google a thorough searching, and had no luck – it looks like other people are searching for GWS format, or GWS file, but there were no meaningful pages that I could find.
Next I downloaded trid_w32 – a neat little utility for identifying file types. I thought maybe it was compressed or something…
No dice.

So I decided to use the reverse engineering method – make some changes, and observe the result in the file.
I created a firewall rule named “AAAAAAAAAAAA”, and saved the settings; then renamed the rule to “BBBBBBBBBBBB”, and use a nice binary comparison tool (HexCmp in this case) to see what my changes did.

The A’s within the file had become “78 79 7A 7B 7C 7D 7E…” – they were shifted, but that offset increased by 1 for each character. This I can fix!

I then decoded the character before the first A – it was a “>”. Could it be? Could this file really be XML??
Worked backwards a couple more characters and had “name>AAAA…” – yes indeed! The decoded file will be XML!!

The next question was where to begin – what will be the shift of the first character? If the file is xml, I can be pretty sure the first character is a “<” – and this is the first character of the .gws file.

After much fooling around in VB.net, and battling with modulus math, I had the encoder formula:
encodedByte = (positionNbr + CharacterCode) mod 256

Decoding was a bit trickier, because as long as (position mod 256) + characterCode is less than 256, you can just subtract. If it is greater than 256, you have to work a bit harder. If I had more time, I bet there is a way to write a single formula to restore the character code, but I was able to do it with an IF statement.

Here is the VB.net function for decoding a byte array containing the .gws file

  Function decodeGWS(ByRef encodedGWS As Byte()) As String
    Dim chrMax As UInteger
    Dim decodedGWS As Char()
    chrMax = encodedGWS.GetUpperBound(0)
    ReDim decodedGWS(chrMax)

    For i As UInteger = 0 To chrMax
      If encodedGWS(i) < (i Mod 256) Then
        decodedGWS(i) = Chr((256 + encodedGWS(i)) - (i Mod 256))
      Else
        decodedGWS(i) = Chr(encodedGWS(i) - (i Mod 256))
      End If
    Next i

    Return decodedGWS
  End Function

And it works like a charm. The file is actually a great big XML containing all the available options.

Here is the little utility I wrote to decode the file:
GWS Decoder Utility

For completeness sake, I included encoder functionality, and I have verified that the output is identical to the original file when no changes are made to the xml file, but I really don’t know what would happen if you tried to make changes to the XML and load it back onto your router. If you want to try it, don’t come crying to me when your router gives up it’s magic smoke, or your house burns down.

Hopefully somebody finds this helpful!

Update 9/22/2010
There are a couple comments from people saying the utility doesn’t work with some different routers. The only way I could even try to fix it is to get sample files. Nobody has responded to my requests for samples yet.

Update 6/2/2011
A user has commented that Norton is reporting the file as containing malware. I checked the file on virustotal.com as well as virusscan.jotti.org and it came back 100% clean. When I can find the source I will try to rewrite it in C# (for self respect purposes) but until then if you don’t trust me, you can feel free to decompile the contained executable – or check it yourself with multiple scanners.

A better ALPS touchpad driver

If you have a dell inspiron 1545 like I do, you might be happy with your laptop. Happy with everything except this godawful excuse for a touchpad! (and the missing bluetooth, and wireless-N – but these can be resolved)

ALPS touchpads suck. They are jumpy, at the same time unresponsive and too responsive, the scroll feature never seems to work right the first time… so yeah. I don’t like it.

Turns out some of the issues can be mitigated by using Acer drivers. They are less customized, and include newer versions of various components. The scrolling is more reliable, and they don’t freeze up under load like the Dell drivers.

I used the drivers from here:
http://drivers.softpedia.com/get/KEYBOARD-and-MOUSE/OTHERS/Acer-Aspire-3810TZ-Notebook-ALPS-Touchpad-Driver-752021101-for-Vista.shtml

or search for Acer aspire ALPS drivers on google.

Hope this helps!

Essential Business Server 2008 .NET Framework 3.5 sp1 install fails

After getting all three servers up to date when installing EBS 2008, you will likely find one update that refuses to install – .NET Framework 3.5 sp1.

The EBS Team blog has a nice Powershell script that *should* fix it, but there’s a bug in the script.
Microsoft .NET Framework 3.5 SP1 (KB951847) Fails to install on EBS Servers

At least, there is a bug when you try to run it after updating everything else (including the server to sp2).

at the line that looks like :

$goodvalue = $badvalue.$frameworkguid -replace ("D\?\\", "C\?\\")

The replacement string should be “C?\”. The search string requires the question mark and slash to be escaped, but the replacement string does not. It is supposed to replace “D?\” with “C?\”, but instead it replaces it with “C\?\\” — which exists even less than the original path!

I have created two helpful scripts.

First, if you have not already run the script from the EBS Blog, use this one instead:
dotnetfixup_fixed.ps1

If you have used the bugged version of the script use this script to fix it. You will now be able to install the .NET updates.
repair_bugged_fixup.ps1

These are run from an elevated powershell prompt, not a command prompt.

Good luck!

Visual Studio 2008 ISO md5 checksum

I had to recover some files from a messed up hard drive – one of those being my ISO for Visual Studio 2008 as downloaded from Microsoft Volume licensing / Software assurance.

The file is nearly 4-gigs – I didn’t want to re-download, but Microsoft neglected to share any sort of file hash (like they do on technet downloads)

So I started the download using the Download Manager hoping a checksum would be available in the interface. No dice.

After digging around my hard drive, I found the info file for the download manager at:

C:\Users\\AppData\Roaming\Download Manager\blahblah.dmc
It’s your standard microsoft style config with the heading “DLM Recovery Info” (I’d like to point out that this page will soon be the only instance of this phrase on the internets)

And what do you know, it contains a line:
md5=uhuhpt3QyTRBFTr56Tp7Ig==

Now were I more encoding savvy I would have instantly recognized the double equals at the end as a base64 encoded string, but alas, I did not know about this. I converted from base64 -> ascii -> hex, and finally had the good old md5 hash we know and love 🙂

So here it is:

File name: SW_DVD9_Visual_Studio_Pro_2008_English_Core_MLF_X14-26326.ISO
md5 hash: ba1ba1a6ddd0c93441153af9e93a7b22

Maybe there is some other soul out there with a possible corrupt file who can benefit from this hash. Ok probably not, considering VS 2010 is around the corner, and nobody had posted it before.

Fixing lost data in a data bound control that causes an exception

Vusual Basic .NET 2008 is wonderful. It makes working with databases a breeze (sort of…) Using datasets and databindings, you can create a data driven application with very little hand-written code.

Recently, a user of one of my apps encountered an unhandled error (yeah I know. Whoops.) “The value violates the MaxLength limit of this column” and was allowed to continue or quit. He chose continue, clicked save again, and even though it appeared to save, nothing actually saved.

The exception happened when bindingsource.EndEdit() was called on the table containing the undersized field. Debugging showed that after the error occurs, the underlying datarow is reverted to the pre-modified state.

It doesn’t make sense – it might be simple to fix, it might be (probably is) my fault, but nonetheless the internet failed me in finding a solution, so I made one up.

The values that the user had spent hours working on are still in the controls, but the underlying binding source has changed. If we push the changes from all the controls back out to the datarow, saving again will create the error again – as it should.

You push the changes back by calling the WriteValue() function on the data binding for a data bound control ( dataTextBox.DataBindings(0).WriteValue() ). Because I didn’t want to hard code anything, I looped through all the controls on the form.

Here is the semi-pseudocode I cludged together to get the app working. Please let me know if there is a better way.

Sub commitChanges()
  Try
    myBindingSource.EndEdit

  Catch ex as Exception
    msgbox(ex.message)
    updateAllBindings()
  End try
End Sub

Sub updateAllBindings()
  For Each contr As Control In Me.Controls
    For Each cbind as Binding in contr.DataBindings
      cbind.WriteValue()
    Next cbind
  Next contr
End Sub

Note: if you use any containers (tabs, panels, flowlayout) you will probably have to create a separate loop for each subcontainer.

Ideally, the app would warn the user when control is validated, but I guess dataset field restrictions are not pushed to the control (and I’m too lazy to hand update each and every one).

Once again, I find it hard to believe I’m the first person to have this problem…

Boldly going where no one has gone before

I’m testing the process of migration Windows Small Business Server 2003 ( SBS 2003 ) to Windows Essential Business Server 2008 (EBS 2008). While this is a supported process according to MS, “supported” means you can pay MS big money to help you fix your problems. Normally, because Microsoft products are so widely used, the community (aka Google) is of the utmost assistance.

So I’m installing, and I hit an error message. Here, have a screenshot:

DCPromo Error

Inside that log file, we find the following “the directory services safe mode password does not meet the minimum…” which google was able to help with just fine as it relates to SBS 2008: the domain admin password is not complex enough.

Now why in the name of all that is Holy doesn’t it just say that? And why didn’t Microsoft think – “hey, maybe people’s server 2003 password doesn’t meet the STRICTER server 2008 password requirements, and we should let them know BEFORE THEY WASTE AN HOUR INSTALLING just to get an erro and have to start over”

When you click cancel, you get a nice error message that tells you:

Really Cancel

Essentially, if I click yes, I am going to have to start over from scratch installing the Management server. If I click no, I have the option of rebooting, and the installer should restart.

I’m not messing around with this, time to ask google!

Google Doesnt Know

I search for “Essential Business Server” “installation tasks have failed”. No results.

I try ebs “installation tasks have failed”. Same.

So am I really the first person to have an error while installing this thing? Why doesn’t Microsoft at least have some mention of the phrase?

I am going to have to change the domain admin password, then start over from scratch. This is stupid. If they did any user testing they should have seen this coming and accounted for it.

I swear, Microsoft software only pretends to be easy to use. 1 little error, and GAME OVER, YOU LOSE, NO CONTINUES. It’s like a freaking LJN game.


GAAAAAAAHHH!!!

Several hours later, I make it through almost everything, then the installer for system center essentials fails. At thins point, I should just be able to rerun the SCE installer, right? Right??? NO. No, it is going to make me start over… from the beginning. I WAS ON THE LAST STEP!!! Literally. The next step is “Final verification”

Seriously, I’m going to find out who is responsible for this and send him/her a dead fish.

Next time I’m taking a VM snapshot before the SCE installer.

Hyper-V Server 2008 is teh sux

I have spent countless hours over the last week trying to get an image of a small business server 2003 installing working in a virtula environment. I have tried VirtualBox on my laptop. Too crashy. Then I tried vmware workstation on the laptop. Close, but too slow (cpu and disk).

I needed more horsepower and disk throughput, so my PC turned into a dedicated server. First I thought I’d give Vmware ESXi a go, since I’ve seen it do miracles at work.

Wrong. It pretty much only supports 3 network cards, and if it can’t find a network card the installer crashes was a totally nonsensical error.

On to hyper-v server 2008 r2. Considering the bloat, this must support the network card… Well, not out of the box, but I got it working.

Finally, I am on the path to success. I have networking, and get the VMs working, all is going great, until I try to setup internet access for the VM… it doesn’t work. After some research, it sounds like Hyper-V prefers the VMs to use a separate NIC. So I go digging, and find a compatible card. Hyper-V Server finds it and installs it.

I go to bind this NIC with an external network and… lose connectivity. On both NICs. A reboot later, and the new NIC is missing.

Now if I could open network settings, I coudl easily fix this. If I could get into device manager, I could fix it too.

But wait, Hyper-V server 2008 doesn’t have device manager, and you cannot access netowrk settings apart from ipconfig. Crap.

One other person (that I can find) has had this problem, and the MS support people copied and pasted some useless info that would work… if I wasn’t running server core.

Server core is a great idea, but the implementation sucks. Only a very few things can be properly remotely managed, and remote management is a nightmare if you are not in a domain. The command line facilities are overly complex (lookup “winrm”… what a godawful mess), and have no standards. You think linux is bad? Linux is a breeze compared to this.

My only solution is going to be to install server 2008 standard, and deal with the overhead. I’m not happy about it but I have no choice. (I’d REALLY rather use ESXi, but I’m not buying some archaic network card because vmware is too lazy to bundle more than 4 NIC drivers)

I should have been spending this time working on testing the migration from SBS 2003 to EBS 2008. Instead, I have been wrestling with virtualization solutions.

You CAN install Vista, or server 2008 from a hard disk

The internets seem to think that the only way to install Vista or Windows Server 2008 when you don’t have a DVD drive is to use a USB hard / flash drive. Even Microsoft seems to think so.

Thankfully, there is one site that has some directions that work! http://1.11011.net/archives/000673.html

I am going to paraphrase based on my experience.

1. Format the hard disk as NTFS.
2. Copy the complete content of the windows install DVD to the hard disk.
3. Start an Elevated command prompt (if you are doing this in vista+), change to the DVD drive (NOT the hard drive as the directions state), and run the folowing:
Note: d: is the DVD drive; x: is the hard drive from which you are planning to install.

d:
cd /boot
bootsect /nt60 x:

You should not get any errors.

(For good measure, I also used diskpart to set the partition as active. bootsect may do the same thing…)

4. Your prep work on the drive is done. Go throw it into the target machine, make sure it is the boot drive, and fire it up! It will boot into the installer. DO NOT go through with the installer – apparently it doesn’t work.

5. Choose the repair option, skip the partition selection, and choose command prompt.

Type the following:

c:
cd /boot
move bcd bcd.bak
bcdedit /createstore
cd ../sources
setup

The installer will start up again, over top of the already running installer. This is OK.

6. Go through the installer as normal, with the following notes:
a. After pressing the first Next button, it may hang for a short while – again, this is ok, it will continue.
b. If you get a weird error message while trying to select a destination drive, make sure you partition it first. This should fix the problem.

If you are lucky, you can remove the install drive, and everything will work. If you are like me, windows placed the boot loader on the D: drive instead of the C: drive, so you will get the dreaded “BOOTMGR is missing” error, or simply an error saying that there is no bootable disk. Here’s what to do:

Fixing the boot steps (incomplete)

Note: this assumes that your install drive is D:, your destination drive is C:, and that the boot loader was installed on D:

1. Boot into your freshly installed windows.
2. Flag partition as active (this may not be necessary):
a. open an elevated command prompt
b. Run “diskpart”
c. Type “list disk” to get a list of drives
d. Look for the drive that matches the parameters of the C: drive. In my case, it was disk 0, so I typed “sel disk 0”
e. type “list part” to list the partitions. in my case there was only 1, numbered 0, so
f. type “sel part 0”
g. type “active” to flag the partition as bootable
h. type exit to leave
3. Setup boot partition

d:
cd /boot
bootsect /nt60 c:

You will receive an error about locking, but it should be ok.
4. copy over bootmgr

d:
cd \
xcopy /h bootmgr c:\

5. Copy all the unlocked contents of d:\boot to c:\boot

robocopy d:\boot c:\boot /mir /r:0

6. Export the BCD file to the c: drive

bcdedit /export c:\boot\BCD

7. Look through the BCD for any references to D:
This command lists out the boot settings.

bcdedit /store C:\boot\BCD /enum all /v

In my case, three headings were pointing to D: (Windows Boot Manager,Windows Memory Tester, and Windows Legacy OS Loader)
Use the value of the identifier field (yours may be the same) in the following commands to change the copied BCD to point to the C: drive.

bcdedit /store C:\boot\BCD /set {9dea862c-5cdd-4e70-acc1-f32b344d4795} device partition=c:
bcdedit /store C:\boot\BCD /set {b2721d73-1db4-4c62-bf78-c548a880142d} device partition=c:
bcdedit /store C:\boot\BCD /set {466f5a88-0af2-4f76-9038-095b170dc21c} device partition=c:

Note: You may have to replace the value between the curly braces.

You are done. You can now safely remove the install disk, and windows server 2008 (this will also work for Vista, but there are much easier ways to do so there) will boot from your C: drive without the D: drive present.

I used the following post, as well as the poster’s resources to come up with this solution: http://forums.techarena.in/vista-help/1026425.htm

Google jumps headfirst onto the hype bandwagon

Google updated it’s logo today to commemorate the fact that scientists today are claiming to have found the missing link.
null

Included in this logo is a picture of the fossil Ida – the same picture everybody else is using, of a creatue with a long tail that appears to be standing up. (The fossil was named Darwinius masillae … because obviously it is scientific to name it after a guy, rather than the animal species it appears to be [hype])

There are some problems with these claims, and I would have expected Google to be a bit more responsible about it:
1. It’s a single fossil.
Some amateur archeologists found one single fossil, and the entire scientific community goes nuts. All of the claims being made contradict the fact that they only have one. If it were a transitional species, there would be more than one.

2. It it the size and shape of a lemur.
Most of the photos have the animal appearing to stand upright and with no scale. The thing would have looked like a big rat. There are existing species of animal that appear more transitional.

3. The link is a matter of semantics.
This “missing link” is really the answer to a debate among evolutionary biologists as to where exactly primates developed. The actual science involved is rather complicated and mundane. Instead of spreading facts, the PR machine spreads things like “a discovery that changes everything!,” or “finally the missing link is found!”. Well, no; no it is not.

Scientists found a single specimen of a fossil that looks like a deformed lemur, and immediately jumped to the conclusion that it not only represents an entire species, but that it is the evolutionary precursor to primates (and therefore humans). Google usually saves the custom logos for historical events or holidays. That I can recall, this is the first time they updated the logo for a current event…


Ida: Superstar fossil or superstar hype?

Ida: the Missing Link at Last?

Avoid the HP tx2000 series tablet pcs

If you are in the market for a Tablet PC, I would avoid the HP tx2000 series. The tx2115 nr (tx2115nr) is my personal specimen, and I have decided that it is a piece of junk.

Here are the problems (in no particular order):

1. The cursor intermittently and completely unpredictably jumps to the lower right corner of the screen sometimes.
I cannot make it happen, but when it starts doing it, I have to disable the tablet service.
Some people think it is EM interference from the fan, and have suggested turning the screen slightly. Sounds like HP has not acknowledged the problem.

2. The fan always runs, and is too loud. And the CPU is too hot.
For whatever reason, the fan never stops. Even it it’s lowest state it’s annoying, but as soon as you – oh I don’t know – move the mouse, the fan starts going faster. It’s insane.

3. The indicator lights are too bright and cannot be disabled.
This is marketed as an entertainment PC, so watching movies would be expected. If you want to watch a movie in the dark, those darn lights are VERY distracting.
The lights are also far too bight when in standby or even off – the charging light is bright enough to see a room once your eyes have adjusted. For some reason, they though they needed to leave the wireless light amber while sleeping as well, since I might forget that I have wireless disabled while the computer is asleep…

4. Terrible standby time.
My previous laptop could go several days on standby. This guy? After one day the battery is drained.

5. The dreaded Vista UAC / login / resolution change blank screen delay bug.
The Nvidia GeForce Go 6150 (I hear the whole 6100 series) has a bug when using any recent drivers in Vista where there is a several second delay when UAC blanks the screen, when you login or out, and when you change resolutions. This delay lasts anywhere from 5 – 20 seconds (in the lastest windows 7 drivers it’s a good 10-seconds per mode switch, and there are several while logging off…)
Sure, you can use an old, slow, buggy driver to avoid the delay… but why the heck doesn’t Nvidia or HP figure out what it is sitting there waiting for??

6. Disk performance is poor
For some reason, even though the chipset can handle Sata-II, under certain circumstances, it only operates at Sata-I. Here again, generally it requires old, buggy drivers to get it working correctly.

7. Poorly place fingerprint scanner
The position of the fingerprint scanner – on the left side of the screen bezel, requiring you to swipe horizontally – is just plain inconvenient. It might work if you had the thing laid flat for use as a tablet, but this is inconvenient as there are none of the typical navigation buttons on the bezel. Or power…

8. Drivers for the buttons are buggy, bloated, slow, inconfigurable, and annoying.
HP decided not to make the buttons standards compliant – they are some sort of proprietary interface that nobody has figured out (last I checked, the linux community had no idea how the drivers communicated with the buttons).
The result is that you must use HP’s drivers to use the buttons, but those drivers are very poorly written. the download is HUGE, it slows down your computer noticeably, and it forcibly changes the orientation of your screen when you switch into tablet mode — and you cannot change it!!

9. Playback control buttons are poorly placed.
The buttons for playback control are on edge of the screen, on the back side. When you switch to tabled mode, they are inaccessible. Otherwise they are too easily bumped, or require you to reach around to the other side.

10. Crappy speaker quality.
The Bezel says “Altec Lansing” I guess they make good speakers? Well not in this case. They are tinny, and distort easily.

11. The touchpad is unreliable.
Maybe this is just a driver issue, but with every OS I’ve tried on this thing, the touchpad will intermittently stop scrolling. It acts like it should be scrolling, the configuration window thinks it is scrolling, but I cannot get any windows to scroll. VERY ANNOYING.

12. Glossy screen.
Why would they not put an antireflective coating on this? I see more of what’s behind me than what is on the screen sometimes.

Is there anything good about this laptop?
So far, the display hinge has performed admirably.

I realize that this laptop is no longer in production, but I feel it is important to get a followup review out there. HP has ditched support for this thing. The official drivers are all quite stale and there are unfixed, widely reported bugs. I have no confidence in HP’s ability to keep consumer laptops up to date in the future.