Windows NT Bypassing Application Check for Terminal Services

  • Thread starter Thread starter langelgjm
  • Start date Start date
L

langelgjm

I work for a small business, and I have been using Remote Desktop to
work from home and school quite happily for the past 3 years. We
recently purchased an upgrade to one of our manufacturing software
packages (this is high-priced CAD/CAM stuff, complete with hardware
security dongles), and I just discovered that the "upgrade" no longer
allows the application to be run over Remote Desktop. This wasn't
disclosed anywhere. I called the distributor, and was told that my
options are to buy a network key and another license for the software,
which will cost several thousand dollars, or to use a service like
GoToMyPC or VNC. Frankly, I'm at a loss I don't understand: 1) why
they deny Remote Desktop but then suggest you use another program to
accomplish the same thing 2) why I should need a network key and two
licenses when only one person can use Remote Desktop at a time 3) why
I should have to pay nearly $200 a year indefinitely and rely on a
third party (GoToMyPC) to accomplish what I've been doing for free in
the past. I specifically chose not to use VNC because Remote Desktop
is significantly faster and better looking over slow network
connections also, Remote Desktop has lightweight and secure clients
for OS X, Pocket PC, and Linux, all of which I use.

After a little research, I believe what is going on is that the
application in question is somehow checking if Terminal Services is
running and active, with a user logged in. I know from a forum for the
product that it will not run properly on a Windows Server with
Terminal Services, the idea being that then more than one user could
use the application at the same time. As for why they disabled this in
XP Pro, where only one user can be logged in at a time, I think it's
either shoddy programming, or because there are some hacks that allow
XP Pro to have two or three users logged in simultaneously.

Has anyone experienced anything similar with other applications? Are
there any known workarounds for this, such as a way to fool the
application into thinking that Terminal Services/Remote Desktop isn't
running? I'm really frustrated by this whole situation.
 
langelgjm <gjm@umd.edu> wrote on 14 aug 2007 in
microsoft.public.windows.terminal_services:

> As for
> why they disabled this in XP Pro, where only one user can be
> logged in at a time, I think it's either shoddy programming, or
> because there are some hacks that allow XP Pro to have two or
> three users logged in simultaneously.

There is indeed 3rd party software around which makes it possible
(but not legal) to run multiple sessions on XP Pro (up to 20, I
believe!).

> Has anyone experienced anything similar with other applications?
> Are there any known workarounds for this, such as a way to fool
> the application into thinking that Terminal Services/Remote
> Desktop isn't running? I'm really frustrated by this whole
> situation.

I understand your frustration, but I think that there's not much
you can do. Seems to me a licensing strategy of the vendor.
Most likely, the application uses a call to the GetSystemMetrics()
function, which returns TRUE if the application is running in a
remote session and FALSE if the application is running on the
console.

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
 
You can try to use injecting code technic that injects the code to capture
GetSystemMetric function
and returns false , or something similar, but this's not a easy technic . I
have done some kind like that
on the Windows 2000 Terminal Server there is no timezone redirection, then I
have to inject
the code that capture function GetLocalTime and make adjutment with the
timezone on the client
machine . It works but not easy to archive.

Good luck

Regards

Thomas T

"langelgjm" <gjm@umd.edu> wrote in message
news:1187112116.516917.306680@l70g2000hse.googlegroups.com...
>I work for a small business, and I have been using Remote Desktop to
> work from home and school quite happily for the past 3 years. We
> recently purchased an upgrade to one of our manufacturing software
> packages (this is high-priced CAD/CAM stuff, complete with hardware
> security dongles), and I just discovered that the "upgrade" no longer
> allows the application to be run over Remote Desktop. This wasn't
> disclosed anywhere. I called the distributor, and was told that my
> options are to buy a network key and another license for the software,
> which will cost several thousand dollars, or to use a service like
> GoToMyPC or VNC. Frankly, I'm at a loss I don't understand: 1) why
> they deny Remote Desktop but then suggest you use another program to
> accomplish the same thing 2) why I should need a network key and two
> licenses when only one person can use Remote Desktop at a time 3) why
> I should have to pay nearly $200 a year indefinitely and rely on a
> third party (GoToMyPC) to accomplish what I've been doing for free in
> the past. I specifically chose not to use VNC because Remote Desktop
> is significantly faster and better looking over slow network
> connections also, Remote Desktop has lightweight and secure clients
> for OS X, Pocket PC, and Linux, all of which I use.
>
> After a little research, I believe what is going on is that the
> application in question is somehow checking if Terminal Services is
> running and active, with a user logged in. I know from a forum for the
> product that it will not run properly on a Windows Server with
> Terminal Services, the idea being that then more than one user could
> use the application at the same time. As for why they disabled this in
> XP Pro, where only one user can be logged in at a time, I think it's
> either shoddy programming, or because there are some hacks that allow
> XP Pro to have two or three users logged in simultaneously.
>
> Has anyone experienced anything similar with other applications? Are
> there any known workarounds for this, such as a way to fool the
> application into thinking that Terminal Services/Remote Desktop isn't
> running? I'm really frustrated by this whole situation.
>
 
There is software available that can make it relatively easy for a Windows
programmer such as you to inject a DLL that hooks system calls such as
GetSystemMetric. An example of that is the Microsoft Research product
Detours, but it is expensive for commercial use I am told (I am not sure).

My guess though is that the solution is not that simple. Expensive software
such as that that wants to inhibit it's use can easily make things more
difficult. There is anti-injection software. So as they say, even if you win
the battle, you will likely lose the war. It is likely not worthwhile
dealing with this on a technical level it is likely worthwhile dealing with
it on a legal level.

If anyone wants to get really technical, there is (was) a recent discussion
in the MSDN VC General forum discussing the possibility of preventing DLL
injection. We can probably assume that the vendor of the other software is
aware of at least the issues mentioned in that thread, or (their developers)
will become familiar with those issues if they discover they need to. There
are many other articles on the subject in other web sites.


"ThomasT." <ThomasT@nospam.nospam> wrote in message
news:u79maZr3HHA.5880@TK2MSFTNGP03.phx.gbl...
> You can try to use injecting code technic that injects the code to capture
> GetSystemMetric function
> and returns false , or something similar, but this's not a easy technic .
> I have done some kind like that
> on the Windows 2000 Terminal Server there is no timezone redirection, then
> I have to inject
> the code that capture function GetLocalTime and make adjutment with the
> timezone on the client
> machine . It works but not easy to archive.
>
> Good luck
>
> Regards
>
> Thomas T
>
> "langelgjm" <gjm@umd.edu> wrote in message
> news:1187112116.516917.306680@l70g2000hse.googlegroups.com...
>>I work for a small business, and I have been using Remote Desktop to
>> work from home and school quite happily for the past 3 years. We
>> recently purchased an upgrade to one of our manufacturing software
>> packages (this is high-priced CAD/CAM stuff, complete with hardware
>> security dongles), and I just discovered that the "upgrade" no longer
>> allows the application to be run over Remote Desktop. This wasn't
>> disclosed anywhere. I called the distributor, and was told that my
>> options are to buy a network key and another license for the software,
>> which will cost several thousand dollars, or to use a service like
>> GoToMyPC or VNC. Frankly, I'm at a loss I don't understand: 1) why
>> they deny Remote Desktop but then suggest you use another program to
>> accomplish the same thing 2) why I should need a network key and two
>> licenses when only one person can use Remote Desktop at a time 3) why
>> I should have to pay nearly $200 a year indefinitely and rely on a
>> third party (GoToMyPC) to accomplish what I've been doing for free in
>> the past. I specifically chose not to use VNC because Remote Desktop
>> is significantly faster and better looking over slow network
>> connections also, Remote Desktop has lightweight and secure clients
>> for OS X, Pocket PC, and Linux, all of which I use.
>>
>> After a little research, I believe what is going on is that the
>> application in question is somehow checking if Terminal Services is
>> running and active, with a user logged in. I know from a forum for the
>> product that it will not run properly on a Windows Server with
>> Terminal Services, the idea being that then more than one user could
>> use the application at the same time. As for why they disabled this in
>> XP Pro, where only one user can be logged in at a time, I think it's
>> either shoddy programming, or because there are some hacks that allow
>> XP Pro to have two or three users logged in simultaneously.
>>
>> Has anyone experienced anything similar with other applications? Are
>> there any known workarounds for this, such as a way to fool the
>> application into thinking that Terminal Services/Remote Desktop isn't
>> running? I'm really frustrated by this whole situation.
>>
>
>
 
What is your point here ? Are you trying to help the person who asks the
original question ?

I have tried many tools including Detours (Detours is suck, not easy to use
at all).
Surely there are many technics for preventing injecting code. But in
general, the injecting
code is the way to bypass the problem asked here . There are a lot articles
and samples
on Code Project website and other site on the Internet . There is nothing
illegal here,
you don't modify the program, and if the license agreement does not specify
that you
don't have right to use under a Remote Session (and ha has specified only 1
user who uses at a time)
so what is the illegal point ?

"Sam Hobbs" <samuel@social.rr.com_change_social_to_socal> wrote in message
news:%23IbdF8E5HHA.2108@TK2MSFTNGP02.phx.gbl...
> There is software available that can make it relatively easy for a Windows
> programmer such as you to inject a DLL that hooks system calls such as
> GetSystemMetric. An example of that is the Microsoft Research product
> Detours, but it is expensive for commercial use I am told (I am not sure).
>
> My guess though is that the solution is not that simple. Expensive
> software such as that that wants to inhibit it's use can easily make
> things more difficult. There is anti-injection software. So as they say,
> even if you win the battle, you will likely lose the war. It is likely not
> worthwhile dealing with this on a technical level it is likely worthwhile
> dealing with it on a legal level.
>
> If anyone wants to get really technical, there is (was) a recent
> discussion in the MSDN VC General forum discussing the possibility of
> preventing DLL injection. We can probably assume that the vendor of the
> other software is aware of at least the issues mentioned in that thread,
> or (their developers) will become familiar with those issues if they
> discover they need to. There are many other articles on the subject in
> other web sites.
>
>
> "ThomasT." <ThomasT@nospam.nospam> wrote in message
> news:u79maZr3HHA.5880@TK2MSFTNGP03.phx.gbl...
>> You can try to use injecting code technic that injects the code to
>> capture GetSystemMetric function
>> and returns false , or something similar, but this's not a easy technic .
>> I have done some kind like that
>> on the Windows 2000 Terminal Server there is no timezone redirection,
>> then I have to inject
>> the code that capture function GetLocalTime and make adjutment with the
>> timezone on the client
>> machine . It works but not easy to archive.
>>
>> Good luck
>>
>> Regards
>>
>> Thomas T
>>
>> "langelgjm" <gjm@umd.edu> wrote in message
>> news:1187112116.516917.306680@l70g2000hse.googlegroups.com...
>>>I work for a small business, and I have been using Remote Desktop to
>>> work from home and school quite happily for the past 3 years. We
>>> recently purchased an upgrade to one of our manufacturing software
>>> packages (this is high-priced CAD/CAM stuff, complete with hardware
>>> security dongles), and I just discovered that the "upgrade" no longer
>>> allows the application to be run over Remote Desktop. This wasn't
>>> disclosed anywhere. I called the distributor, and was told that my
>>> options are to buy a network key and another license for the software,
>>> which will cost several thousand dollars, or to use a service like
>>> GoToMyPC or VNC. Frankly, I'm at a loss I don't understand: 1) why
>>> they deny Remote Desktop but then suggest you use another program to
>>> accomplish the same thing 2) why I should need a network key and two
>>> licenses when only one person can use Remote Desktop at a time 3) why
>>> I should have to pay nearly $200 a year indefinitely and rely on a
>>> third party (GoToMyPC) to accomplish what I've been doing for free in
>>> the past. I specifically chose not to use VNC because Remote Desktop
>>> is significantly faster and better looking over slow network
>>> connections also, Remote Desktop has lightweight and secure clients
>>> for OS X, Pocket PC, and Linux, all of which I use.
>>>
>>> After a little research, I believe what is going on is that the
>>> application in question is somehow checking if Terminal Services is
>>> running and active, with a user logged in. I know from a forum for the
>>> product that it will not run properly on a Windows Server with
>>> Terminal Services, the idea being that then more than one user could
>>> use the application at the same time. As for why they disabled this in
>>> XP Pro, where only one user can be logged in at a time, I think it's
>>> either shoddy programming, or because there are some hacks that allow
>>> XP Pro to have two or three users logged in simultaneously.
>>>
>>> Has anyone experienced anything similar with other applications? Are
>>> there any known workarounds for this, such as a way to fool the
>>> application into thinking that Terminal Services/Remote Desktop isn't
>>> running? I'm really frustrated by this whole situation.
>>>
>>
>>
>
>
 
I have many points, but one important point is that it is unlikely that the
solution would be as easy as intercepting GetSystemMetric. I would be
surprised if it was that easy. Also I am saying that it might be relatively
easy to do but if so then when someone does something to get around other
software then a vendor of other sofware with staff as sufficient as this one
would likely respond with something more difficult.


"ThomasT." <ThomasT@nospam.nospam> wrote in message
news:uf965aM5HHA.5804@TK2MSFTNGP05.phx.gbl...
> What is your point here ? Are you trying to help the person who asks the
> original question ?
>
> I have tried many tools including Detours (Detours is suck, not easy to
> use at all).
> Surely there are many technics for preventing injecting code. But in
> general, the injecting
> code is the way to bypass the problem asked here . There are a lot
> articles and samples
> on Code Project website and other site on the Internet . There is nothing
> illegal here,
> you don't modify the program, and if the license agreement does not
> specify that you
> don't have right to use under a Remote Session (and ha has specified only
> 1 user who uses at a time)
> so what is the illegal point ?
>
> "Sam Hobbs" <samuel@social.rr.com_change_social_to_socal> wrote in message
> news:%23IbdF8E5HHA.2108@TK2MSFTNGP02.phx.gbl...
>> There is software available that can make it relatively easy for a
>> Windows programmer such as you to inject a DLL that hooks system calls
>> such as GetSystemMetric. An example of that is the Microsoft Research
>> product Detours, but it is expensive for commercial use I am told (I am
>> not sure).
>>
>> My guess though is that the solution is not that simple. Expensive
>> software such as that that wants to inhibit it's use can easily make
>> things more difficult. There is anti-injection software. So as they say,
>> even if you win the battle, you will likely lose the war. It is likely
>> not worthwhile dealing with this on a technical level it is likely
>> worthwhile dealing with it on a legal level.
>>
>> If anyone wants to get really technical, there is (was) a recent
>> discussion in the MSDN VC General forum discussing the possibility of
>> preventing DLL injection. We can probably assume that the vendor of the
>> other software is aware of at least the issues mentioned in that thread,
>> or (their developers) will become familiar with those issues if they
>> discover they need to. There are many other articles on the subject in
>> other web sites.
>>
>>
>> "ThomasT." <ThomasT@nospam.nospam> wrote in message
>> news:u79maZr3HHA.5880@TK2MSFTNGP03.phx.gbl...
>>> You can try to use injecting code technic that injects the code to
>>> capture GetSystemMetric function
>>> and returns false , or something similar, but this's not a easy technic
>>> . I have done some kind like that
>>> on the Windows 2000 Terminal Server there is no timezone redirection,
>>> then I have to inject
>>> the code that capture function GetLocalTime and make adjutment with the
>>> timezone on the client
>>> machine . It works but not easy to archive.
>>>
>>> Good luck
>>>
>>> Regards
>>>
>>> Thomas T
>>>
>>> "langelgjm" <gjm@umd.edu> wrote in message
>>> news:1187112116.516917.306680@l70g2000hse.googlegroups.com...
>>>>I work for a small business, and I have been using Remote Desktop to
>>>> work from home and school quite happily for the past 3 years. We
>>>> recently purchased an upgrade to one of our manufacturing software
>>>> packages (this is high-priced CAD/CAM stuff, complete with hardware
>>>> security dongles), and I just discovered that the "upgrade" no longer
>>>> allows the application to be run over Remote Desktop. This wasn't
>>>> disclosed anywhere. I called the distributor, and was told that my
>>>> options are to buy a network key and another license for the software,
>>>> which will cost several thousand dollars, or to use a service like
>>>> GoToMyPC or VNC. Frankly, I'm at a loss I don't understand: 1) why
>>>> they deny Remote Desktop but then suggest you use another program to
>>>> accomplish the same thing 2) why I should need a network key and two
>>>> licenses when only one person can use Remote Desktop at a time 3) why
>>>> I should have to pay nearly $200 a year indefinitely and rely on a
>>>> third party (GoToMyPC) to accomplish what I've been doing for free in
>>>> the past. I specifically chose not to use VNC because Remote Desktop
>>>> is significantly faster and better looking over slow network
>>>> connections also, Remote Desktop has lightweight and secure clients
>>>> for OS X, Pocket PC, and Linux, all of which I use.
>>>>
>>>> After a little research, I believe what is going on is that the
>>>> application in question is somehow checking if Terminal Services is
>>>> running and active, with a user logged in. I know from a forum for the
>>>> product that it will not run properly on a Windows Server with
>>>> Terminal Services, the idea being that then more than one user could
>>>> use the application at the same time. As for why they disabled this in
>>>> XP Pro, where only one user can be logged in at a time, I think it's
>>>> either shoddy programming, or because there are some hacks that allow
>>>> XP Pro to have two or three users logged in simultaneously.
>>>>
>>>> Has anyone experienced anything similar with other applications? Are
>>>> there any known workarounds for this, such as a way to fool the
>>>> application into thinking that Terminal Services/Remote Desktop isn't
>>>> running? I'm really frustrated by this whole situation.
>>>>
>>>
>>>
>>
>>
>
>
 
Back
Top