diff --git a/assets/images/icons/pearl.gif b/assets/images/icons/pearl.gif index 2d17b23..0183cea 100644 Binary files a/assets/images/icons/pearl.gif and b/assets/images/icons/pearl.gif differ diff --git a/content/blog/hello-world.md b/content/blog/hello-world.md index 8dc54bf..4ae0664 100644 --- a/content/blog/hello-world.md +++ b/content/blog/hello-world.md @@ -11,3 +11,25 @@ tags: ['hello', 'world'] # Hello! This is an example piece of content. + +Here's some code: + +```js +console.log('Hello, world!'); +``` + +And here's a list: +* Item 1 +* Item 2 +* ```css + .example { + color: red; + } +``` +* `df -h` + +And here's a link to [Nuxt.js](https://nuxtjs.org/). + +And here's an image: +![Nuxt.js](https://nuxtjs.org/logos/nuxt-icon.png) + diff --git a/content/blog/the-windows-oobe.md b/content/blog/the-windows-oobe.md new file mode 100644 index 0000000..5af50d7 --- /dev/null +++ b/content/blog/the-windows-oobe.md @@ -0,0 +1,130 @@ +--- +title: The hidden features of the Windows OOBE +description: A deep dive into the Windows context menu API and customization options it offers. Shell components for beginners and context menu cleanup. +authors: ['Enderman'] +created: 2024-03-01T23:30:10Z +updated: 2024-03-02T15:10:58Z +draft: false +tags: ['windows', 'oobe', 'deployment', 'know how', 'secret features', 'protocols', 'features', 'windows 10', 'windows 11'] +--- + +# The Windows 11 OOBE is a mess... +The OOBE (Out-of-Box Experience) is the first thing a user sees when they boot up a new Windows device. +It's the first impression of the operating system, and it's important to get it right. +At first glance, it seems to be a thing Microsoft surprisingly _has_ gotten right. +However, once you take a look under the hood, you find a mess of legacy code, hidden features and undocumented APIs... +and suddenly, you take it all back. + +In this article, I aim to take a deep dive into that mess and explore some hidden features and +customization options it offers. + +::card +--- +icon: warning +title: Unfinished article +--- +This post is a **work in progress**, please check back later for more content! +:: + +### The OOBE protocol + +The OOBE is a web application, and the `ms-cxh://` protocol is a custom handler that defines a couple of shortcuts to +various pages, seemingly, for internal use. + +The list of available protocol strings can be retrieved by scanning Windows binaries for the `ms-cxh://` occurrences. +Luckily, Hexacorn did all the heavy lifting for us and shared +his findings in [his blog post](https://go.enderman.ch/18n6n). + +The protocol API is **undocumented** by Microsoft, so it's not guaranteed to work in the future. +In fact, it has already been partially removed or deprecated in Windows 11 without any notice. + +Microsoft used acronyms in protocol strings, and some of them are quite cryptic, but there's nothing we can't decode. + + + +#### Out-of-Box Experience +FRX stands for «**F**irst **R**un e**X**perience»; +RDX stands for «**R**etail **D**emo e**X**perience». + +* ms-cxh://FRX/AAD +* ms-cxh://FRX/INCLUSIVE +* ms-cxh://FRX/INCLUSIVE?start=OobeProvisioningStatus +* ms-cxh://FRX/TEAMEDITION +* ms-cxh://FRXRDXINCLUSIVE + +#### Microsoft Azure +The AAD acronym is commonly used and refers to «**A**zure **A**ctive **D**irectory»; +SSPR stands for «**S**elf-**S**ervice **P**assword **R**eset». + +* ms-cxh://AADPINRESETAUTH +* ms-cxh://AADSSPR +* ms-cxh://AADWEBAUTH + +#### Modern settings +The MOSET acronym most likely refers to «**Mo**dern **set**tings»; +MAM stands for «**M**obile **A**pplication **M**anagement». +MSA stands for «**M**icro**s**oft **A**ccount». + +* ms-cxh://MOSET/AADLOCAL +* ms-cxh://MOSET/CONNECTTOWORK +* ms-cxh://mosetmamconnecttowork?mode=mdm&username=%s&servername=%s +* ms-cxh://mosetmdmconnecttowork +* ms-cxh://MOSETMSA +* ms-cxh://MOSETMSALOCAL + +#### Microsoft account +CFL probably stands for «**C**hange **F**irst **L**ogon»? + +* ms-cxh://MSACFLPINRESET +* ms-cxh://MSACFLPINRESETSIGNIN +* ms-cxh://MSACXSIGNINAUTHONLY +* ms-cxh://MSACXSIGNINPINADD +* ms-cxh://MSACXSIGNINPINRESET +* ms-cxh://MSAPINENROLL +* ms-cxh://MSAPINRESET +* ms-cxh://MSARDX +* ms-cxh://MSASSPR + +#### Windows Hello for Microsoft Intune +NTH stands for «i**NT**une **H**ello»; +NGC stands for «**N**ext **G**eneration **C**redential»; +ENT stands for «**Ent**erprise»; +MDM stands for «**M**obile **D**evice **M**anagement». + +* ms-cxh://NTH +* ms-cxh://NTH/AADRECOVERY +* ms-cxh://NTHAADNGCFIXME +* ms-cxh://NTHAADNGCONLY +* ms-cxh://NTHAADNGCRESET +* ms-cxh://NTHAADNGCRESETDESTRUCTIVE +* ms-cxh://NTHAADNGCRESETNONDESTRUCTIVE +* ms-cxh://NTHAADORMDM?ngc=enabled +* ms-cxh://NTHENTNGCFIXME +* ms-cxh://NTHENTNGCONLY +* ms-cxh://NTHENTNGCRESET +* ms-cxh://NTHENTNGCRESETDESTRUCTIVE +* ms-cxh://NTHENTORMDM +* ms-cxh://NTHENTORMDM?ngc=enabled +* ms-cxh://NTHNGCUPSELL +* ms-cxh://NTHPRIVACY +* ms-cxh://RDXRACSKUINCLUSIVE + +#### Second-chance OOBE +![personalized-scoobe-test.png](/images/blog/assets/the-windows-oobe/personalized-scoobe-test.png) + +* ms-cxh://SCOOBE +* ms-cxh://SCOOBE%ws +* ms-cxh://SCOOBE/UPGRADE + +#### Cloud settings +* ms-cxh://SETADDLOCALONLY +* ms-cxh://SETADDNEWUSER +* ms-cxh://SETCHANGEPWD +* ms-cxh://SETPHONEPAIRING +* ms-cxh://SETPHONEPAIRING?scenarioId=SwiftKeyCloudClipboard +* ms-cxh://setsqsalocalonly + +#### Miscellaneous +* ms-cxh://TSET/ADDFAMILY +* ms-cxh://WLT +* ms-cxh://WLTUC diff --git a/public/images/blog/assets/the-windows-oobe/personalized-scoobe-test.png b/public/images/blog/assets/the-windows-oobe/personalized-scoobe-test.png new file mode 100644 index 0000000..1f11ff0 Binary files /dev/null and b/public/images/blog/assets/the-windows-oobe/personalized-scoobe-test.png differ