Member-only story
Patching Microsoft’s RDP service yourself
You probably arrived at this article looking for a way to allow multiple RDP sessions to you Windows Home or Professional machine. If you want the quick fix, read this article.
If you want to know a little bit more what you are doing, keep reading this ;-)
The original article describes 2 ways of patching your RDP service: running RDP Wrapper or patching termsrv.dll In this article I’ll be looking into patching the dll as I want to know what I’m doing.
Long story short, you need to look for the following bytes inside the dll:
39 81 3C 06 00 00 xx xx xx xx xx xxxx xx xx xx xx xx are bytes that change from Windows update to Windows update.
Replace all of those bytes with:
B8 00 01 00 00 89 81 38 06 00 00 90But what are we actually doing here?
Let’s load up termsrv.dll in x64dbg, that’s an open source debugger for Windows. Hit the play button so you’ll arrive at termsrv.dll .
Next, let’s look for these mysterious set of bytes. Right click anywhere and select Search For, All Modules, Pattern:
Enter the 6 bytes 39 81 3C 06 00 00 and hit OK to search:
