header image
Home arrow Blog arrow Cryptography In Life arrow Advapi32 patch for Windows 7 32bit - 64bit
Advapi32 patch for Windows 7 32bit - 64bit PDF Print E-mail

It has been a long time since my last posting about the patch for the RC of
Windows 7. Lately I have been contacted by severel people concerning the last
verion for Windows 7, so here it is :

--------------------------------------------------------------------
cryptsp.dll 32-bit in SysWOW64, version 6.1.7600.16385  :
    - At offset 0x34F3 : change 75 to 90
    - At offset 0x34F4 : change 10 to 90
    - At offset 0x34FB : change 75 to 90
    - At offset 0x34FC : change 08 to 90

Its new SHA256 hash value is :
qJGJtoI1ADNp5mrhyJ1v5aRyTc+yiKpZ0DysB62q3Qk=
--------------------------------------------------------------------
--------------------------------------------------------------------
cryptsp.dll 64-bit in System32, version 6.1.7600.16385 :
    - At offset 0x7721 : change 75 to 90
    - At offset 0x7722 : change 0D to 90
    - At offset 0x7727 : change 75 to 90
    - At offset 0x7728 : change 07 to 90

And its new SHA256 hash value is :
zpX5gcGNLnEhIn+JbWTpjp9wVkDVbKyCCPy7GYLpaR4=
--------------------------------------------------------------------

Just a last word about the how to apply this patch for new comers.
Some manifest files must be updated using the new hash values. They are
located under C:\Windows\winsxs\Manifests :
For 32-bit :
x86_microsoft-windows-cryptsp-dll_31bf3856ad364e35_6.1.7600.16385_none_2933c430682017d9.manifest

For 64-bit :
amd64_microsoft-windows-cryptsp-dll_31bf3856ad364e35_6.1.7600.16385_none_85525fb4207d890f.manifest

The hash value to be modified is in the XML node dsig:DigestValue.

Also, you need to replace cryptsp.dll with the patched one in the following
folders under C:\Windows\winsxs :
For 32-bit :
x86_microsoft-windows-cryptsp-dll_31bf3856ad364e35_6.1.7600.16385_none_2933c430682017d9

For 64-bit :
amd64_microsoft-windows-cryptsp-dll_31bf3856ad364e35_6.1.7600.16385_none_85525fb4207d890f

This is sufficient for having a running patched system. For a more complete
patch, you can have a look at the directory C:\Windows\winsxs\Backup : it
contains copies of the manifest files and dlls that you can also patch.

Have fun.

If you are looking for advice or help on the field of Cryptography or IT Security, don't hesitate to contact my company IDRIX by going to its web site: http://www.idrix.fr. You'll benefit from the tremendous experience acquired by IDRIX and my self through advanced projects for many requiring customers with very high expectations.