101 - Patch a file using grub4dos

Sometimes, you might need to patch a file using grub4dos - i.e. replace some bytes in a file with different bytes.

Here is an example of how to do this.

This example, this patches the boot sector that is created when you run XP Setup winnt.exe. This boot sector is used on the first boot to XP Setup after the Winnt files have been installed to the hard disk.

For more details of this patch, see here.

title Patch \\$WIN_NT$.~BT\\BOOTSECT.DAT

set OS=

set BT=

if exist (hd0,0)/$WIN_NT$.~BT/BOOTSECT.DAT set BT=(hd0,0)/$WIN_NT$.~BT/BOOTSECT.DAT

if exist (hd1,0)/$WIN_NT$.~BT/BOOTSECT.DAT set BT=(hd1,0)/$WIN_NT$.~BT/BOOTSECT.DAT

if exist (hd1,1)/$WIN_NT$.~BT/BOOTSECT.DAT set BT=(hd1,1)/$WIN_NT$.~BT/BOOTSECT.DAT

if exist (hd1,2)/$WIN_NT$.~BT/BOOTSECT.DAT set BT=(hd1,2)/$WIN_NT$.~BT/BOOTSECT.DAT

if "%BT%"=="" pause --wait=3 Cannot find /$WIN_NT$.~BT/BOOTSECT.DAT && configfile /menu.lst

# detect OS

cat --skip=3 --length=0x52 --locate=FAT32 %BT% > nul && set OS=FAT32

cat --skip=3 --length=8 --locate=MSWIN4.1 %BT% > nul && set OS=FAT32

cat --skip=3 --length=8 --locate=MSDOS5.0 %BT% > nul && set OS=FAT32

cat --skip=3 --length=4 --locate=NTFS %BT% > nul && set OS=NTFS

if "%OS%"=="" pause --wait=3 Sorry - can't determine OS of BOOTSECT.DAT && configfile /menu.lst

echo FOUND %OS% at %BT%

cat --hex --length=0xf0 %BT%

set /p ASK=Press Y to patch file (Y/N):

if not /i "%ASK%"=="Y" configfile /menu.lst || echo -e \n\r

echo Patched file is now...

if "%OS%"=="FAT32" cat --skip=0xe6 --locate=\x0f\x82\x4a\x00 --replace=\x90\x90\x90\x90 %BT% > nul

if "%OS%"=="NTFS" cat --skip=0xd9 --locate=\x0f\x82\x3a\x00 --replace=\x90\x90\x90\x90 %BT% > nul

if not "%OS%"=="" cat --hex --length=0xf0 %BT%

echo Finished - press a key to continue...

pause

Note that if run under QEMU or some other emulators, the patch may not work if the volume is marked as 'read-only' by the emulator. For this reason you need to boot and run this grub4dos menu on real hardware.

For details about the grub4dos cat command see Tutorial #21.

To ensure only one instance of the bytes in the file are replaced, add --number=1 to the cat command- e.g.

if "%OS%"=="FAT32" cat --skip=0xe6 --number=1 --locate=\x0f\x82\x4a\x00 --replace=\x90\x90\x90\x90 %BT% > nul

Note that --skip is used to position the starting point. If you do not know the start position of the bytes (or the position may vary), simply omit the --skip=xxxxx parameter.