{"id":3931,"date":"2015-11-23T17:16:44","date_gmt":"2015-11-24T01:16:44","guid":{"rendered":"http:\/\/www.atumvirt.com\/?p=3931"},"modified":"2015-11-23T17:16:44","modified_gmt":"2015-11-24T01:16:44","slug":"playing-with-pvs-opening-the-pvp-file","status":"publish","type":"post","link":"https:\/\/avtempwp.azurewebsites.net\/2015\/11\/playing-with-pvs-opening-the-pvp-file\/","title":{"rendered":"Playing with PVS – Opening the PVP file"},"content":{"rendered":"

If you’re like me, you enjoy a good challenge. One thing I’ve always been interested in with regard to PVS is exactly what is in the .PVP file.\u00a0 From various whitepapers and blogs I’ve read over the years, I understood it to be a collection of outside of the VHD, as PVS doesn’t do anything magical with the VHD files – they’re standard, true to form honest to goodness VHDs, per the specification<\/a>.\u00a0 Awhile back, I saw this post<\/a>\u00a0and a comment from Nick Rintalan<\/a>\u00a0caught my eye.<\/p>\n

\u00a0And while there is a header and footer in the VHD, it\u2019s not PVS-specific and I\u2019ve confirmed we don\u2019t extend the header or footer\u2026it\u2019s simply the header and footer used in all dynamic disks according to the PVS [sic]\u00a0spec defined by our friends at MSFT.<\/p><\/blockquote>\n

That means that PVS specific information must be stored externally, which makes sense.\u00a0 So, naturally, my first step was to\u00a0start digging with NotePad++ first.<\/p>\n

\"Viewed<\/a>

Viewed as plain text, you can see this is a binary format<\/p><\/div>\n

After a quick installation of the Hex editor plugin, I was in luck<\/p>\n

\"Data<\/a>

Data revealed in Hex<\/p><\/div>\n

Seeing this, I figured there was a clearly defined structure, which makes sense, given that they are always 528,896 bytes.\u00a0 My next stop was on to JetBrains <\/a>DotPeek<\/a>, to take a look at how exactly PVS reads the file itself.\u00a0 I knew PVS has several interfaces\u00a0 (SOAP, MCLI, PowerShell) so I decided to start at the StreamProcess, but being somewhat limited in C++ experience, I moved on to the Mapi DLL which is in C#.\u00a0 After a bit of digging through the assemblies, I struck some pay dirt.<\/p>\n

 <\/p>\n

\"Header<\/a>

Header and footer structure<\/p><\/div>\n

 <\/p>\n

From there, it was only a matter of presenting it in a meaningful manner.\u00a0 I spent some time in the airport\u00a0poking around classifying some of the properties or reformatting them to be slightly more helpful.\u00a0 What has come out of that, so far, is PVS DiskUP.\u00a0 The source code is available<\/a> on GitHub if you’d like to compile this and run it yourself, or download PVS DiskUP 1.0<\/a>.<\/p>\n

 <\/p>\n

\"PVS<\/a><\/p>\n

 <\/p>\n

There may come a time when I get bored and continue deciphering the structure, such as adding support for readable write cache types and such, but for now, I’ll leave that to the readers!\u00a0 Check out MapiConstants.dll, clone the Git repo and see what you come up with.\u00a0 If you’d like to be a contributor to the repository, please tweet me!<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_None = 0;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_Server = 1;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_ServerEncrypted = 2;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_RAM = 3;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_ClientHD = 4;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_ClientHDEncrypted = 5;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_RAMDisk = 6;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_ServerHDPersist = 7;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_ClientHDPersist = 8;<\/p>\n

public<\/span> const<\/span> int<\/span> writeCacheType_ClientRAMwithOverflowOnHD = 9;<\/p><\/blockquote>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

If you’re like me, you enjoy a good challenge. One thing I’ve always been interested in with regard to PVS is exactly what is in the .PVP file.\u00a0 From various whitepapers and blogs I’ve read over the years, I understood it to be a collection of outside of the VHD, as PVS doesn’t do anything […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[10,43],"tags":[106,117],"_links":{"self":[{"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/posts\/3931"}],"collection":[{"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/comments?post=3931"}],"version-history":[{"count":0,"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/posts\/3931\/revisions"}],"wp:attachment":[{"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/media?parent=3931"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/categories?post=3931"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/avtempwp.azurewebsites.net\/wp-json\/wp\/v2\/tags?post=3931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}