klesh/dotfiles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7829c4d789
dotfiles/win/wubi-no-shift.ps1

71 lines
2.0 KiB
PowerShell
Raw Blame History

#Requires -RunAsAdministrator
Import-Module PSReflect-Functions
$Supported = @{
"B3448BF077665F2E1CA67094BCF2A7C5" = 0x14DE1;
"DE5FA392A825332AB3E348EF0316B514" = 0x16A61;
"F653C99D4A0C61D4B2C64358B8213BD8" = 0x15C11;
"C8BC76C87563E78C9BC85EE9F4F96760" = 0x15C11;
}
$ChsIME = "ChsIME"
$ChsIMEExe = "${ChsIME}.exe"
# make sure CheIme.exe is the right version
$ChsImeExePath = "$env:windir\System32\InputMethod\CHS\$ChsIMEExe"
$ChsIMEHash = (Get-FileHash $ChsImeExePath -Algorithm MD5).Hash
$offsetAddr = $Supported[$ChsIMEHash]
if (-not $offsetAddr) {
throw [System.Exception] "Unsupported ChsIme.exe"
}
echo "Offset Address: $offsetAddr"
# reference
<#
public enum ProcessAccessFlags : uint
{
All = 0x001F0FFF,
Terminate = 0x00000001,
CreateThread = 0x00000002,
VirtualMemoryOperation = 0x00000008,
VirtualMemoryRead = 0x00000010,
VirtualMemoryWrite = 0x00000020,
DuplicateHandle = 0x00000040,
CreateProcess = 0x000000080,
SetQuota = 0x00000100,
SetInformation = 0x00000200,
QueryInformation = 0x00000400,
QueryLimitedInformation = 0x00001000,
Synchronize = 0x00100000
}
public enum SnapshotFlags : uint
{
HeapList = 0x00000001,
Process = 0x00000002,
Thread = 0x00000004,
Module = 0x00000008,
Module32 = 0x00000010,
All = (HeapList | Process | Thread | Module),
Inherit = 0x80000000,
NoHeaps = 0x40000000
}
#>
$ps = Get-Process -Name $ChsIME
foreach ($p in $ps) {
$hProcess = Get-Process -Name $ChsIme
if (!$hProcess) {
throw [System.Exception] "Unable to open process $pid";
}
$hModule = $hProcess.Modules | Where-Object {$_.ModuleName -eq $ChsIMEExe}
if (!$hModule) {
continue
}
$hModule = $hModule[0]
$addr = [IntPtr]::Add($hModule.BaseAddress, $offsetAddr)
[Int32]$n = 0
[PSReflectFunctions.kernel32]::WriteProcessMemory($hProcess.Handle[0], $addr, @(0x31, 0xc0), 2, [ref]$n)
}
Reference in New Issue View Git Blame Copy Permalink