[Tripredacus]

NOTE: Because of the nature of this project, I may be unable to provide any source code or code examples. If any code examples are posted in response to any of my issues, I cannot post whether or not I had used them or not in my program.

I have restarted my attempts to create a recovery partition using Windows PE. I have been successful (at last) getting the recovery partition to be bootable, and those details are here:
http://www.msfn.org/...howtopic=130609

On my eval unit, the recovery partition contains the contents of the winpe_x86\ISO folder on my Technician PC. The technician PC, aka UNCLESOCKS, specs can be see in the "my servers" link in my signature. My PE has all extra packages installed (as with my other PE versions) with a couple of additional items:

- Flash Projector EXE as the GUI
- AutoIT EXEs in the fscommand folder for full.exe, repair.exe, restart.exe and admin.exe.
- MBR.EXE (this also must exist in the main image)
- Recovery.wim (the image of the drive)

Full.exe will clean Partition 1, redeploy recovery.wim.
Repair.exe leaves the disk alone and just redeploys the wim.
restart.exe will restart the computer using wpeutil reboot.
admin.exe is an authentication wrapper to grant access to the command prompt. I felt it best that this could be used by technicians to do any advanced PE commands, but also so that the end-user does not have this ability. So if you type in the correct password, you get the command prompt. If you type in the wrong password, it displays an error. The credentials are encrypted into the EXE itself and not stored on the system in any other way.

Current Tasks
1. Need to determine which mix of commands for DISKPART is needed to reimage the © hard drive without damaging the recovery partition. When you boot into the recovery partition, it becomes the C drive (instead of X drive common with Win PE). I could accomplish this if I can make it so the Win PE boots using a different drive letter, or by examining the partition information in my next round of testing.

2. Currently, the repair (and full) options will attempt to restart the computer after deploying the image. Unfortunately, this is called using AutoIT's RUNWAIT function, and for some reason the computer attempts to restart before the image is deployed. I will have to remove this option.

3. The Projector (while it is 1024x768) does not open maximized and you can still see the command prompt behind it. I need to make this take up the entire screen.

4. I need to disable ALT+TAB options, which I should be able to do via the Win PE registry or by using ActionScript within the Projector.

[Tripredacus]

Full Recovery diskpart script has been completed. After booting into the recovery partition, the VOL and PART info is the same, but the drive letters are switched. Also, the PE does load up in a RAMDISK. Image redeployment takes about 5 minutes, but I am going to put up a progress timer for about 7 minutes.

diskpart
select disk 0
select vol 0
delete vol
create part pri size=62220
select part 1
active
assign letter=d
format fs=ntfs quick

Now with diskpart, we assign the letter D to the drive that will be C. On the reboot, the correct letters appear.

Also in addition to running the MBR reset, I also need to reapply the hidden value to the recovery partition or else it becomes visible in Windows.

My task now will be to create the GUI and figure out Projector settings. I am using Flash right now for testing, and to keep me in some sort of practice using it. Not sure if we will end up using it at all, or using a different app instead.

I made this thread thinking it would be more involved or harder than this. I am surprised really.

[WreX]

You could accomplish all your tasks in an HTA instead of Flash. I've configured our workstations with a bootable RAM disk PE image in the boot menu that runs an HTA via startnet.cmd. I use the cmdow.exe tool (freeware) to hide the PE command prompt and then use it to reveal it if a special key combo is pushed and password entered. If you want to leave it visible, here's a snippet that would prevent ALT+TAB unless a password has been entered at some point, and hides the system menu (prevents minimize):

 
<html>
<head>
<title>HTA Test</title>
<HTA:APPLICATION 
     ID="objTest" 
     APPLICATIONNAME="HTA Test"
     SCROLL="yes"
     SINGLEINSTANCE="yes"
     WINDOWSTATE="Maximize"
     CAPTION="no"
     SYSMENU="no"
>
</head>

<script LANGUAGE="VBScript">

Dim boolPasswordEntered
Dim boolALTkey, boolTABkey
boolPasswordEntered = False

Document.OnKeyDown = GetRef("CheckKeys")
Document.OnKeyUp = GetRef("ClearKeys")

Function Window_OnLoad
' Do your stuff and something to make boolPasswordEntered = True
...
End Function

Function CheckKeys

	Select Case Window.Event.KeyCode
	Case 18 ' ALT
		boolALTKey = True
	Case 9 ' ALT
		boolTABKey = True
	End Select

	If boolALTKey And boolTABKey And Not boolPasswordEntered Then
		DoNothing
	End If

End Function

Function ClearKeys

	boolALTKey = False
	boolTABKey = False

End Function

Function DoNothing

	Window.Event.returnValue = False

End Function

</SCRIPT>

<body>
...
</body>

</html>
 

You can then insert functions to perform your various tasks.

You could have your password prompt always visible, but I don't display mine unless a special key combo is pushed. I like to use tables in my <body> section with <span> and <div> so I can put together a string of code anywhere in the script and then assign it to the <span> or <div> dynamically. For instance, when my key combo is pushed, I call a function to assemble a string that has password_box and submit (button) input objects and then set SPAN_ID.InnerHTML = TheString. If the correct password is entered, I unhide the command prompt and close the HTA.

Just throwing this stuff out there since you'd need more VBScript and HTML code to add all the things you want to do, but it wouldn't be too difficult.

[Tripredacus]

I now have a fully working recovery partition. I added the MBR commands into the actions of the PE, and fixed the reimaging issue. Made some typos, such as confusing the X with C drives. And the D with C drive. It works now but doesn't look that good.

For example, it doesn't use any sort of progress bar or anything yet. I had problems scripting it to reboot after recovery, because it would reboot first. So right now the Full recovery formats the drive and reloads the image.

Also, In order to be able to use the recovery partition again, you need to reboot the system manually. The MBR command to hide the recovery partition is in the reboot code. So if you hit the reset button while in the recovery partition, you wouldn't be able to get back into it. I could try putting this code in the startnet.cmd after it resets the MBR, but I am wondering if that will effect the drive before the next reboot.

Projector also has a command to allow fullscreen, but I haven't tried it yet:

fscommand("fullscreen", "true");

Wrex, I'll check out your idea only if my company decides not to go the route of Flash.

[Tripredacus]

Well the decision was made not to use Flash, so I am experimenting with the HTA route. Here is my current setup order:

[diskpart]
sel disk 0
clean
create part pri size=62220
active
assign letter=c
format fs=ntfs quick
create part pri
sel part 2
assign letter=d
format fs=ntfs quick

imagex /apply z:\image.wim 1 c: (the OS partition)
imagex /apply z:\image.wim 3 d: (the recovery partition)

[diskpart]
sel disk 0
sel part 2
att vol set nodefault drive letter

mbr 0 /install selm 5 11 "Press F11 for Recovery" 0xC 0x1C
mbr 0 1 /h

The OS works fine, but again the F11 does not work. I am using the same process as my last attempt so I'm not sure what is so different...

[Tripredacus]

I think the problem I am experiencing is that the Recovery partition is NTFS, and in my test, I used Fat32. 0xC 0x1C is for FAT32 and not for NTFS, which is the format for it now. By using Terabyte Unlimited's Partinfo tool, I was able to determine the following:

The OS partition ID is 0x7. The Recovery Partition is 0x17.



going to try this instead:

mbr.exe 0 /install selm 5 11 "Press F11 for Recovery" 0x7 0x17

[TheReasonIFail]

So you're placing the hidden partition after the Windows partition?

[mrbeatnik]

Tripredacus, on Mar 3 2009, 07:18 PM, said:

3. The Projector (while it is 1024x768) does not open maximized and you can still see the command prompt behind it. I need to make this take up the entire screen.

Would it be possible for you to modify the Winpeshl.ini in PE to:
- Launch wpeinit.exe
- Launch your GUI

Using the INI file will avoid the startnet.cmd being processed, so should stop any command prompt window from appearing...
From there I would just GUI entirely in Autoit

[Tripredacus]

Yes, the partition will be after, which is how our current recovery partition is used.

I am using an HTA for the partition. I am going through its development testing now.

[Tripredacus]

The HTA design is nearly complete. I have the following to now do:

1. Remove the button that allows the user to open the command prompt, and add a function that would launch the command prompt via a keyboard shortcut.
2. Test launching the HTA via winpeshl.ini. This will remove the need to disable ALT + TAB since there would be no command prompt behind the program.

Unfortunately, I cannot post the code for this HTA any longer because it has now been branded and is the IP of myself and my company.

I also got to learn some good Photoshop skills today. Man paths were frustrating and confusing at first but now I wonder how I had lived without them!

[Tripredacus]

WreX, on Mar 4 2009, 11:24 AM, said:

You could accomplish all your tasks in an HTA instead of Flash. I've configured our workstations with a bootable RAM disk PE image in the boot menu that runs an HTA via startnet.cmd. I use the cmdow.exe tool (freeware) to hide the PE command prompt and then use it to reveal it if a special key combo is pushed and password entered. If you want to leave it visible, here's a snippet that would prevent ALT+TAB unless a password has been entered at some point, and hides the system menu (prevents minimize):

 
<html>
<head>
<title>HTA Test</title>
<HTA:APPLICATION 
     ID="objTest" 
     APPLICATIONNAME="HTA Test"
     SCROLL="yes"
     SINGLEINSTANCE="yes"
     WINDOWSTATE="Maximize"
     CAPTION="no"
     SYSMENU="no"
>
</head>

<script LANGUAGE="VBScript">

Dim boolPasswordEntered
Dim boolALTkey, boolTABkey
boolPasswordEntered = False

Document.OnKeyDown = GetRef("CheckKeys")
Document.OnKeyUp = GetRef("ClearKeys")

Function Window_OnLoad
' Do your stuff and something to make boolPasswordEntered = True
...
End Function

Function CheckKeys

	Select Case Window.Event.KeyCode
	Case 18 ' ALT
		boolALTKey = True
	Case 9 ' ALT
		boolTABKey = True
	End Select

	If boolALTKey And boolTABKey And Not boolPasswordEntered Then
		DoNothing
	End If

End Function

Function ClearKeys

	boolALTKey = False
	boolTABKey = False

End Function

Function DoNothing

	Window.Event.returnValue = False

End Function

</SCRIPT>

<body>
...
</body>

</html>
 

You can then insert functions to perform your various tasks.

You could have your password prompt always visible, but I don't display mine unless a special key combo is pushed. I like to use tables in my <body> section with <span> and <div> so I can put together a string of code anywhere in the script and then assign it to the <span> or <div> dynamically. For instance, when my key combo is pushed, I call a function to assemble a string that has password_box and submit (button) input objects and then set SPAN_ID.InnerHTML = TheString. If the correct password is entered, I unhide the command prompt and close the HTA.

Just throwing this stuff out there since you'd need more VBScript and HTML code to add all the things you want to do, but it wouldn't be too difficult.

I'm trying to figure this out but it just isn't working for me. As I said previously, I no longer need to disable ALT+TAB after switching to winpeshl.ini loading functionality. However, now the request is that I remove the button I had to launch the command prompt. They want that button to not be visible but use a key combination that launches that program.

So my question is, how can I use that function to launch a program instead of doing nothing? I have researched this function online but I can find no specific examples. Most likely because people use these scripts for games and online websites, and putting in code that opens a program this way (on the internet) would likely be considered malware of some degree.

[WreX]

Here's some code for how to do it with CheckKeys and ClearKeys:

 
Function CheckKeys

Select Case Window.Event.KeyCode  ' Standard ASCII keycodes
Case 65 ' A
	boolFirstKey = True
Case 66 ' B
	boolSecondKey = True
Case 67 ' C
	boolThirdKey = True
End Select

If boolFirstKey And boolSecondKey And boolThirdKey Then
	cmd = "%comspec% /c start ""Command Prompt"" %comspec%"
	objShell.Run cmd,0,0  ' Invisible command window to run the start command, which will be visible, don't wait on return
End If 

The bool* variables would need to be declared with Dim at the beginning of the <script LANGUAGE="VBScript"> section so that they're global since the CheckKeys function will only set one of them to true and then exit when a key is pressed. This also assumes you want to push the keys A, B, and C at the same time, since ClearKeys would reset the variables when any key was released.

You can put whatever you want in that cmd string, like "%comspec% /c X:\WINDOWS\SYSTEM32\Notepad.exe" or something.

[Tripredacus]

Hey WreX, I am using this method instead:

<script>Sub RunAdmin
	Set objShell = CreateObject("WScript.Shell")
	objShell.Run "fscommand\admin.exe"
	On Error Resume Next
	Set objShell = Nothing
End Sub</script>
<html><input id=runbutton style="width:153" class="button" type="button" value="Admin Prompt" accessKey="k" name="admin_button" display="none" onClick="RunAdmin">
</html>

Using AccessKey. This allows ALT+K to be used to run the function.

[Siginet]

Great project! I can definatly see a need for me to use this as well.

[WreX]

Cool. I would've used that if we didn't want to make our key combo so complex. I'll shove that little accessKey tidbit into my bag of tricks.

[Tripredacus]

I'm going to drop my task list in this thread to help me track my progress. It may have been easier to have done this earlier, as I am almost finished with the alpha version.

Current issues:
1. Repair and Full recovery buttons do not launch their helper HTAs properly. MSHTA is executed but the HTA does not appear. Testing in VM fails script processing because the VM is running XP Pro and not WinPE.

Currently, repair and full HTA files are untested as to whether or not they actually work.

2. Command prompt authenticator box stays open after cmd.exe is launched.

3. Display resolution issue has possible fix, see here:
http://www.msfn.org/...howtopic=134244

4. Need to change restart button to open a OK/Cancel msgbox instead of a standard OK box. This way if the user clicks the button by accident they won't be forced to reboot even if they cancel.

5. Go through the "corporate test" meaning showing the software to management. I am currently using example branding items, such as a place to put a company logo and corporate copyright information. Also need to approve all colors, verbiage, and boot process wording, blah blah blah. Also determine final recovery partition size, currently using 14GB!

For a general update, all current testing is being done on an MSI Wind model netbook. It has been a tough transition for me. Basically this all started one day because I was bored and wanted to figure out a solution to making a recovery partition for Vista, since we aren't going to upgrade our SoftThinks software for it. And I did it in the demo version of Flash. I had previously written software in Flash so I didn't need more than 30 days to do it. So it came under the attention of the bigwigs and they want me to work on it for real. Well, for real meant I couldn't use Flash (not because it was the demo) because we don't have a license for it. I think we have Photoshop but that's it from Adobe, maybe Acrobat. Anyways so I had to take my perfectly working and horrible looking idea and switch "engines" and make it nice looking and flawless. Well since I am only (currently) down to the five problems above, I think I am almost done. I think my first problem list was like 20+ and that didn't count my week or so trying to figure out how to use the MBR!

[WreX]

Quote

1. Repair and Full recovery buttons do not launch their helper HTAs properly. MSHTA is executed but the HTA does not appear. Testing in VM fails script processing because the VM is running XP Pro and not WinPE.

How are you launching these other HTAs? A shell object.run command? If so, make sure the first parameter isn't 0 or the window will be hidden (ex. objShell.Run cmd, 0, 0) Are you running them by just using the command "FILENAME.HTA" or are you using "mshta.exe FILENAME.HTA"? Are you putting a "%comspec% /c" in front of it?

Quote

2. Command prompt authenticator box stays open after cmd.exe is launched.

Is this a pop-up box or within the HTA's HTML? If it's in the HTML you should be able to use a div or span area and just replace its contents when you launch your cmd.exe.

Quote

4. Need to change restart button to open a OK/Cancel msgbox instead of a standard OK box. This way if the user clicks the button by accident they won't be forced to reboot even if they cancel.

This should be easy enough to fix with something like valAnswer = msgbox("Do you really want to reboot now?", vbYesNo,"Reboot?")...if valAnswer=vbYes...if valAnswer=vbNo

[Tripredacus]

I have a plan for most of those items. The HTA launching issue is in a thread in the programming forum. I am using a method from other programs I have used so am expecting the same results... maybe I am missing a peice there.
http://www.msfn.org/...howtopic=134164

The ok/cancel box is not something I need help on, its just on my checklist.

As far as the password prompt, its because I have to change how I have the code arranged. Currently, after the correct credentials are typed in, it launches a program, cmd.exe. However, I need to wrap that into a funtion and add exit() to that function only. Previously I tried putting it at the end of the script but it just would taskkill itself It is written in AutoIT.

I forgot an additional item, need to take into effect the Realtek Card Reader issue.
http://www.msfn.org/...howtopic=134398

[WreX]

I just replied to that thread you linked for the card reader. Maybe some of that code would be useful to you.

[Tripredacus]

Revised restart.exe code in AutoIT.

Switch MsgBox(1, "Restart", "You have chosen to restart the computer. Click OK to continue.")
	Case 1;OK pressed
		RunWait (@ComSpec & " /c c:\mbr 0 1 /h")
		RunWait (@ComSpec & " /c x:\windows\system32\wpeutil reboot")
	Case 2;CANCEL pressed
		Exit()
	EndSwitch

Note that it does more than restart. It hides the recovery partition again... and I forgot that the recovery partition will appear as the C Drive, so the drive letter changing script isn't going to work for me in this case. I will have to do a lot of pilot testing to verify that the recovery partition is always the C Drive. The Card Reader issue may only appear during deployment and not during recovery, and if this is the case then I'm not going to have to worry about it. It has already been accepted that if the recovery partition fails to work in the field, it will come back on RMA to get redone anyways. This is good news at least!

Now here is a big issue. When the recovery partition loads, it resets the MBR via winpeshl.ini. This is required otherwise after the restart, it won't go back to the system partition. One of my concerns is a big "what if" such as a user boots into the recovery partition and then powers off the machine, the battery dies, etc. This will leave the recovery partition visible in Windows which is a big no-no. I may end up having it hide the partition during winpeshl.ini as well to eliminate this issue. Any ideas about this possible problem?

I'll work on the admin prompt code after lunch and hopefully post a revised version of that as well.

I wanted to add that I've found an additional issue. While testing to see how Windows sees the recovery partition, I realised that it is possible for the end user to delete the partition from Disk Management. Any ideas of how I can change the image so that this option is not available?

Here is the test code for the admin prompt. Also in AutoIT. It hasn't been tested but it passes Beta Compile.

$GUI = GUICreate("Login",210,80,-1,-1,0x16C80000,0x00000181)
$USERNAME = GUICtrlCreateInput("Username",5,5,200,20,0x01)
$PASSWORD = GUICtrlCreateInput("Password",5,30,200,20,0x21)
$LOGIN = GUICtrlCreateButton("Login",50,55,100,20)
GUISetState(@SW_SHOW,$GUI)

While 1
	$MSG = GUIGetMsg()
	If $MSG = $LOGIN Then
		If GUICtrlRead($USERNAME) == "username" And GUICtrlRead($PASSWORD) == "password" Then
			Run(@Comspec & " /c cmd.exe")
			Exit
		Else
			MsgBox(0,"Login","Incorrect username or password.")
		EndIf
	ElseIf $MSG = -3 Then
		Exit
	EndIf
WEnd

Exit