Go to ...

RSS Feed

A Peek Inside UUP dump


Last week, Microsoft released two Fast Ring builds. On Thursday, October 17, we got Build 19002.1. On Friday, after numerous reports of restart issues with that build, we got Build 19002.1002. For various reasons, I ended up using the UUP dump website to create ISOs for both builds while wrestling with the install process. For 19002.1, I couldn’t finish the install on my Lenovo X220 Tablet using WU, so I turned to UUPdump to grab an ISO to install using setup.exe. Though others who installed 19002.1 got an update offer for 19002.1002 from WU, neither of my two test machines did. So again, I turned to UUPdump and used the ISO it built for me to update those machines. I’d already been a big fan of UUPdump, but this quick and helpful dual encounter turned me into a diehard believer. It also made me curious to learn more about who’s behind the site and how they put it together. Here’s what I learned.

More About UUP dump

The site offers access to a community through the discord UWP app. So naturally, I joined up and fired off an inquiry to the developer, who goes by the handle “whatever.” He or she did interact with me via e-mail, and I was able to get some answers to a variety of questions I posed about the site. For convenience, I’ll refer to the developer as Whatever in my subsequent remarks.

Whatever is based in Poland, and is not a full-time computing professional. He or she was not willing to divulge a name nor an occupation, but did describe his/her background in computing as “self-taught.” For the record, UUP dump is also this person’s second computing project. UUP dump originated from use of the excellent Fiddler protocol analysis tool. Simply put, Fiddler captures communications that occur via the Web, so that developers can see exactly what an application is sending to a Web server, and what kinds of responses the server issues by way of reply. Whatever apparently used this tool to make a complete record of the interactions between a Windows 10 client running WU and the Microsoft Update servers. This allowed Whatever to re-issue those same commands to grab all of the bits and pieces that go into an upgrade download (and cumulative updates, too) so that he or she could grab and assemble them into an ISO file that includes its bits and pieces, as well as the windows image (WIM) files that go into an ISO as well: most notably, this means boot.wim, install.wim, and winre.wim.

The UUP dump website has been around since September, 2017, which is apparently when Whatever was far enough along in his/her Fiddler analysis to grab all the files available for some specific update identifier. Ultimately, he/she converted it into a command line utility. Later (early 2018), Whatever extended this website to include archives with all the tools necessary to handle esd files locally (on the client PC).

This was when he/she took down the UUP dump MiniServer (which Kari wrote about in a January 2018 post) and replaced it with something like the current environment, which operates on user’s machines at the command line to grab esd and cab files, and then uses various tools to put windows images together, and to assemble and create the ISO file for whatever Win10 version is specified in the download request. He/she hastens to observe that “UUP files are directly retrieved from Windows Update servers” so there’s no chance that these files are modified or tampered with in any way (much like the technique HeiDoc.net’s Microsoft Windows and Office ISO Download Tool uses to grab pre-fab ISO as well, I’m pretty sure).

Finally, some may be curious why UUP dump uses a domain based in Mali, Africa (the full URL for the site is https://uupdump.ml, and .ml is the country code for Mali). Whatever explains this as an economizing move. Apparently, he/she is unable to purchase a domain and is thus forced to use free domain and hosting services. By happenstance, this results in a domain from Mali. This approach lets Whatever offer a secure, HTTPS-based website with a legitimate public key certificate to match.

Hats Off to Whatever

Personally, I’m in awe of the time and effort that Whatever has put into the site which is available as a free public service. This work is incredibly helpful and makes dealing with the Insider Preview program much more tolerable than it might otherwise be. I’m going to recommend strongly to Brandon LeBlanc (and the rest of the Insider Team) that they look into providing support for Whatever, because it’s a tremendous boon to the whole Insider community. In short, it’s probably something that Microsoft should be doing on its own. But because they are not, supporting Whatever seems very much like the right thing to do.

Author: Ed Tittel

Ed Tittel is a 30-plus-year computer industry veteran. He’s a Princeton and multiple University of Texas graduate who’s worked in IT since 1981 when he started his first programming job. Over the past three decades he’s also worked as a manager, technical evangelist, consultant, trainer, and an expert witness. See his professional bio for all the details.

Leave a Reply