bigmuscle

UxTheme Signature Bypass

214 posts in this topic

UxTheme service hook - Visual Theme Signature Bypass

 

I just had a little bit of free time, so I extracted some older code from Aero Glass for Win8 into the separate DLL to make it work on Windows 8.1.

 

It has not been tested, but you can play with this as you want, there is no limit. But also no support and probably no future development, because there is nothing more to change on it. Either It works or it does not work :whistle:

 

How to install?

The only possible way to install it is using old injection method via AppInit_DLLs registry key.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows -> set AppInit_DLLs value to specific DLL for your OS (so select either xxx32.dll or xxx64.dll only!)

 

Although, it is not needed to make this work, it is also suitable that, on 64-bit Windows, you do the same "install" procedure on HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows (but always with xxx32.dll!). If you don't do this, 32-bit theme-related applications won't be able to access your unsigned themes.

 

Something to know?

Yes! There is one very important thing if you use Aero Glass for Win8.1! Due to certain DbgHelp.dll restriction, Aero Glass for Win8.1 won't able to load PDB symbols after you install UxThemeSignatureBypass.dll into your system. There is a simple workaround - just copy symsrv.dll from Aero Glass directory into your system directory (probably C:\Windows\System32). I will try to bring a fix for this in future version of Aero Glass for Win8.1, but I cannot promise that, because its a bit complicated.

 

License?

It's freeware. Use as you want, just the copyright must be preserved.

 

Where to download?

http://glass8.eu/

 

:w00t:

Edited by bigmuscle
2

Share this post


Link to post
Share on other sites

Thanks bigmuscle UxThemeSignatureBypass (dlls) seems to work fine here.

MY Settings Window 8.1 x64:

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=dword:00000001"AppInit_DLLs"="C:\\AeroGlass\\UxThemeSignatureBypass\\UxThemeSignatureBypass64.dll""RequireSignedAppInit_DLLs"=dword:00000000[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=dword:00000001"AppInit_DLLs"="C:\\AeroGlass\\UxThemeSignatureBypass\\UxThemeSignatureBypass32.dll""RequireSignedAppInit_DLLs"=dword:00000000

Thanks again bigmuscle. :thumbup

Update:

I don't keep DbgHelp.dll and symsrv.dll installed on my PC, and PDB symbols load just fine.

Edited by ace2
0

Share this post


Link to post
Share on other sites

can you not create a service like other tools? I doubt that I can disable secure boot and my tablet.

0

Share this post


Link to post
Share on other sites

Nope, I cannot. This is how it works.

0

Share this post


Link to post
Share on other sites

Thanks BM, this was a nice feature and a good fallback if UXstyle decides to fail.

0

Share this post


Link to post
Share on other sites

Nice!

Though I don't choose to use a custom theme, it seems to me this is better than a tool that changes the content of Windows executable files (and in doing so breaks the system protection). I haven't used UXstyle... Can a system modified by UXstyle pass a SFC /VERIFYONLY test? Seems to me if it does, you're asking for trouble during some future Windows Update.

-Noel

0

Share this post


Link to post
Share on other sites

Please help i got black screen at srart and cannot go further..

I applied xxx64.dll on registry value as my system has 64 bit version..

I also set theme to default windows theme before restarting..

What should i do to fix this..?

Sent from my GT-I9300 using Tapatalk

0

Share this post


Link to post
Share on other sites

Please help i got black screen at srart and cannot go further..

I applied xxx64.dll on registry value as my system has 64 bit version..

I also set theme to default windows theme before restarting..

What should i do to fix this..?

Sent from my GT-I9300 using Tapatalk

You might need to try and get to the recovery options and do a system restore, boot up and reset your PC a couple of times just before you get to the log on screen and it should start an automatic repair.

0

Share this post


Link to post
Share on other sites

Back during Aero Glass development BigMuscle programmed-in the ability to press and hold the Control key during login to avert the function of the (then Aero Glass) injection process.

Is that still available in this tool?

-Noel

0

Share this post


Link to post
Share on other sites

It's not here, because it would have probably no sense. Eventual black screens are not caused directly by this tool, but because DWM/UxTheme fails to load the theme and it would not be fixed by skipping this tool.

0

Share this post


Link to post
Share on other sites

It's not here, because it would have probably no sense. Eventual black screens are not caused directly by this tool, but because DWM/UxTheme fails to load the theme and it would not be fixed by skipping this tool.

Would it be possible to put a process check in place so that if for some reason the bypass doesn't function it returns back to the default aero theme?

0

Share this post


Link to post
Share on other sites

It's not possible, because if "bypass hook" does not load properly then it cannot check it either. But I'm planning to hook registry updating and disallow any change of global theme in HKEY_USERS\.DEFAULT. It could help.

0

Share this post


Link to post
Share on other sites

Thanks a lot! I waited this thing!

0

Share this post


Link to post
Share on other sites

Could anyone confirm if it's working after Windows 8.1 updates dated 12 Feb 2014 ?

Edited by oomek
0

Share this post


Link to post
Share on other sites

Could anyone confirm if it's working after Windows 8.1 updates dated 12 Feb 2014 ?

Yes UxThemeSignatureBypass is working after these updates.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.