一句话说完,找到WinSCard.dll,开IDA pro,打开WinSCard.dll工程后,在左边函数列表,找到InTSMethodWithContext这个函数,然后将后面的 movzx eax,[ebp+var_1]这句,对应的二进制编码“原值应该是0F B6 45 FF”,改为“33 C0 90 90”,应用补丁,然后替换WINDOWS对应文件即可。 另,如果是x86,可能需要改为“33 C0 90 90 90 90”
以下为原文:
Windows Smart Card Subsystem and Remote Sessions
Situation
1. When you have an eToken usb device which is connected to a PC somewhere in your home or office and you want to use this token via a remote session. For instance. you're in another city with your favourite notebook. You use built-in Windows Remote Desktop Connection to access some applications required the usb token. Here we have an RDP session.
2. At work you have a VMware View infrastructure that uses PCoIP protocol. You added a usb passthrough device to a specific virtual machine. It means that your token connected directly to the ESXi host. This is the only possible way to make a token visible in a virtual machine that I know (directly connected tokens on the client side doesn't work in PCoIP)