Skip to content

Instantly share code, notes, and snippets.

@adeii

adeii/gist:874368cd715b228de499b7b05e4644d6

Created January 8, 2024 12:59
Show Gist options
  • Save adeii/874368cd715b228de499b7b05e4644d6 to your computer and use it in GitHub Desktop.
Save adeii/874368cd715b228de499b7b05e4644d6 to your computer and use it in GitHub Desktop.
Download ZIP
Chrome 120.0.6099.63 x64 for Win 7 SP1 ESU
Raw
gistfile1.txt
swap in import/export Chrome 120.0.6099.63 64bit
------------
chrome.exe PE.ImportTable, PE.DELAY_IMPORT, sandbox init props, clear digital sign
chrome_proxy.exe PE.ImportTable, clear digital sign
chrome_elf.dll PE.ImportTable, PE.DELAY_IMPORT, clear digital sign
chrome.dll PE.ImportTable, PE.DELAY_IMPORT, clear digital sign, Render DirectXDraw, Render D3D fix, any functional fixes for Win7/8
notification_helper.exe PE.ImportTable, clear digital sign
elevation_service.exe PE.ImportTable, clear digital sign
-------
chrome.exe
==========
120- Security Directory RVA/Size dont touch.
---
32910> 15 D3 9E 1D 00 85 C0 74 14 FF CF 48 8B 0E 48 85 --> 15 D3 9E 1D 00 90 90 90 90 90 90 90 90 90 90 90 chrome 120
32920> C9 75 72 B3 01 85 FF 0F 85 2A 01 00 00 89 D8 48 --> 90 90 90 B3 01 90 90 90 90 90 90 90 90 89 D8 48
CC CC CC CC
1af920> 41 57 41 56 41 55 41 54 56 57 55 53 48 81 EC 98 --> B8 01 00 00 00 C3 41 54 56 57 55 53 48 81 EC 98
1f2c10: b.c.r.y.p.t.p.r -> x.c.r.y.p.t.p.r (hidden) 63 00 72 00 79 00 70 00 74 00 70 !
20b910: userenv -> userenx (hidden) !
kernel32 -> kernel64 (works with kernel32 better 114)
chrome_proxy.exe
=======================
120- Security Directory RVA/Size --> 000000.
b.c.r.y.p.t.p.r -> x.c.r.y.p.t.p.r (hidden) 63 00 72 00 79 00 70 00 74 00 70 x2!
kernel32.dll -> kernel64.dll
chrome_elf.dll
==============
120-Security Directory RVA / Size --> 00000000
b.c.r.y.p.t.p.r.i.m.i.t -> x.c.r.y.p.t.p.r.i.m.i.t (hidden)
b.c.r.y.p.t.p.r.i -> x.c.r.y.p.t.p.r.i (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00 72]
d8710: kernel32 -> kernel64
chrome.dll
=================
clear digital sign:
120-Security Directory RVA / Size --> 00000000
18fcf0:
C1 30 C1 0F 84 0E 01 00 00 4C 8B BC 24 C0 00 00 --> C1 30 C1 90 90 90 90 90 90 4C 8B BC 24 C0 00 00 (chrome .63) NEMA!
1028a80:
00 00 4C 89 F1 BA 01 00 00 00 41 B8 0F 00 00 10 --> 00 00 4C 89 F1 BA 01 00 00 00 41 B8 0F 00 00 00 !
4e06470:
0F 95 C1 30 C1 0F 84 E5 01 00 00 4C 8B 27 48 C7 --> 0F 95 C1 30 C1 90 90 90 90 90 90 4C 8B 27 48 C7 !
b147520:
02 0F 85 50 01 00 00 48 8D 54 24 64 C7 02 04 00 --> 02 90 90 90 90 90 90 48 8D 54 24 64 C7 02 04 00 !
b1475b0:
5B 5F 5E C3 E8 C7 D1 49 00 83 F8 02 0F 85 BE 00 --> 5B 5F 5E C3 E8 C7 D1 49 00 83 F8 02 90 90 90 90 !
00 00 48 89 F1 BA FF FF 00 80 EB CD E8 AF D1 49 --> 90 90 48 89 F1 BA FF FF 00 80 EB CD E8 AF D1 49 !
00 83 F8 02 74 EC E9 A2 00 00 00 48 89 F1 E8 BD --> 00 83 F8 02 EB EC E9 A2 00 00 00 48 89 F1 E8 BD !
b1477e0:
80 01 00 00 E8 97 CF 49 00 83 F8 02 0F 85 6F 01 --> 80 01 00 00 E8 97 CF 49 00 83 F8 02 90 90 90 90 !
00 00 48 8B 05 97 51 27 02 48 8D 5C 24 48 48 89 --> 90 90 48 8B 05 97 51 27 02 48 8D 5C 24 48 48 89 !
b147990:
70 E8 EA CD 49 00 83 F8 02 0F 85 69 01 00 00 48 --> 70 E8 EA CD 49 00 83 F8 02 90 90 90 90 90 90 48 !
b147b40:
F8 02 0F 85 97 03 00 00 48 B8 AA AA AA AA AA AA --> F8 02 90 90 90 90 90 90 48 B8 AA AA AA AA AA AA !
b147f10:
30 E8 6A C8 49 00 83 F8 02 0F 85 F1 00 00 00 4C --> 30 E8 6A C8 49 00 83 F8 02 90 90 90 90 90 90 4C !
b148030:
75 17 48 89 F1 E8 66 05 00 00 48 89 F1 89 C2 48 --> 90 90 48 89 F1 E8 66 05 00 00 48 89 F1 89 C2 48 !
b148070:
75 42 48 8D 54 24 2C C7 02 00 00 00 00 48 8D 8E --> 90 90 48 8D 54 24 2C C7 02 00 00 00 00 48 8D 8E !
b1480d0:
02 75 26 48 89 F1 E8 85 07 00 00 89 C3 84 C0 75 --> 02 90 90 48 89 F1 E8 85 07 00 00 89 C3 84 C0 75 !
b148120:
75 71 48 8D 54 24 2C C7 02 00 00 00 00 48 8D 8E --> 90 90 48 8D 54 24 2C C7 02 00 00 00 00 48 8D 8E !
b1481c0:
00 83 F8 02 0F 85 2C 01 00 00 48 8B 05 BF 47 27 --> 00 83 F8 02 90 90 90 90 90 90 48 8B 05 BF 47 27 !
b1485c0:
00 E8 BA C1 49 00 83 F8 02 0F 85 C3 01 00 00 48 --> 00 E8 BA C1 49 00 83 F8 02 90 90 90 90 90 90 48 !
b148880:
02 75 4C B8 00 E9 A4 35 48 03 86 A8 00 00 00 48 --> 02 90 90 B8 00 E9 A4 35 48 03 86 A8 00 00 00 48 !
b148910:
E8 6B BE 49 00 83 F8 02 0F 85 55 03 00 00 48 83 --> E8 6B BE 49 00 83 F8 02 90 90 90 90 90 90 90 90 !
BE 90 00 00 00 00 0F 84 4A 03 00 00 48 BD AA AA --> 90 90 90 90 90 90 90 90 90 90 90 90 48 BD AA AA !
b148c80:
41 57 41 56 41 55 41 54 56 57 53 48 81 EC 90 00 --> 31 C0 C3 90 41 55 41 54 56 57 53 48 81 EC 90 00 !
b148cb0:
CC BA 49 00 83 F8 02 0F 85 45 02 00 00 48 8B 8F --> CC BA 49 00 83 F8 02 90 90 90 90 90 90 48 8B 8F !
b148f50:
0F 85 BD 05 00 00 0F 57 C0 0F 29 44 24 40 45 31 --> 90 90 90 90 90 90 0F 57 C0 0F 29 44 24 40 45 31 !
b149550:
2C B2 49 00 83 F8 02 0F 85 D5 02 00 00 49 BF AA --> 2C B2 49 00 83 F8 02 90 90 90 90 90 90 49 BF AA !
b5e47a0:
0F F7 D1 31 C0 F7 C1 40 01 00 00 0F 94 C0 01 C0 --> 10 F7 D1 31 C0 F7 C1 40 01 00 00 0F 94 C0 01 C0 !
C3 31 C0 C3 CC CC CC CC CC CC CC CC CC CC CC CC --> C3 31 C0 C3 90 90 C3 CC CC CC CC CC CC CC CC CC !
b.c.r.y.p.t.p -> x.c.r.y.p.t.p (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00] !
c501fa8: C3 41 1B 9A BB D3 6A 46 87 FC FE 67 55 6A 3B 65 --> 5A EE 59 B8 38 D8 5B 4B A2 E8 1A DC 7D 93 DB 48 !
b.c.r.y.p.t.p -> x.c.r.y.p.t.p (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00] !
user32 -> user64 (hidden) !
mfplat -> xfplat (hidden) !
netapi32 -> netapi64 (hidden) !
kernel32 -> kernel64 !
userenv -> userenx !
winhttp -> winxttp !
notification_helper.exe
=======================
120-Security Directory RVA / Size --> 00000000
kernel32 -> kernel64
b.c.r.y.p.t.p -> x.c.r.y.p.t.p (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00] 2x!
elevation_service.exe
======================
120-Security Directory RVA / Size --> 00000000
kernel32 -> kernel64
b.c.r.y.p.t.p -> x.c.r.y.p.t.p (hidden) [62 00 63 00 72 00 79 00 70 00 74 00 70 00] 2x!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment