techguy16
commented
11 months ago This keygen is for keys that use BINK, not the Windows 95/NT4 algorithm.
Open TrialMedusa64 opened 11 months ago
techguy16
commented
11 months ago This keygen is for keys that use BINK, not the Windows 95/NT4 algorithm.
TrialMedusa64
commented
11 months ago Hi @techguy16, I Understand That This Keygen Is Focusing On Keys That Uses BiNK And Not The Mod7 Algorithm That 95 & NT4 Use. I Think Its A Cool Addition To The Keygen. I Just Wanted 95 & NT4 To Added In To The Keygen.
TrialMedusa64
commented
11 months ago Nice Python Library @techguy16!
techguy16
commented
11 months ago @TrialMedusa64 'm about to implement XP keygen too. Thnx to @WitherOrNot over at UMSKT for the SageMath code for generating WinXP keys.
TrialMedusa64
commented
11 months ago Nice
TrialMedusa64
commented
11 months ago @techguy16 if your going to make a keygen that makes XP keys (or any other ms products dat use the PID-BiNK licensing system), its important to know the channel IDs first! so far, we know... we know... uhh we know.... wait how many channel IDs do we know so far?
techguy16
commented
11 months ago I know. It's all in the keys.json file in UMSKT.
thepwrtank18
commented
11 months ago Those are BINK ID's. We still need to figure out every Channel ID (more specifically, the ranges).
techguy16
commented
11 months ago Oops....
thepwrtank18
commented
11 months ago Now that I think about it, it's possible to find every product that at least verifies the Channel ID, and then brute force 000-999 to find which ones work and which ones don't (provided we don't have the ranges from decompilation anyway).
techguy16
commented
11 months ago So just run a github action 24/7 that tests every Channel ID against every BINK? I'll run it?
thepwrtank18
commented
11 months ago Problem is how you check to see if it's a valid Channel ID or not. In the case of Office, it tells you to put in a new product key. In the case of Windows, you get the infamous activation loop. Hard to put that through an Actions script.
techguy16
commented
11 months ago But UMSKT, verify a key?
thepwrtank18
commented
11 months ago But UMSKT, verify a key?
I completely forgot you could do that.
techguy16
commented
11 months ago I'm making one now.
thepwrtank18
commented
11 months ago Just made a brute-forcer, I'll leave it on overnight and make a list of everything that gave a match.
thepwrtank18
commented
11 months ago Here's the full code (.NET 7 Console App):
using System.Diagnostics;
namespace ChannelVerifier
{
internal class Program
{
static void Main()
{
File.Create("log_cv.txt").Dispose();
File.Create("log_umskt.txt").Dispose();
for (int i = 0; i <= 255; i++) // 00 (0) through FF (255)
{
string binkId = i.ToString("X2");
for (int i2 = 0; i2 <= 999 ; i2++) // 000 through 999
{
string channelId = i2.ToString("D3");
File.AppendAllText("log_umskt.txt", $"[{binkId},{channelId}]\n");
Process umskt = new();
string arguments = $"-b {binkId} -c {channelId}";
umskt.StartInfo.FileName = "umskt.exe";
umskt.StartInfo.Arguments = arguments;
umskt.StartInfo.RedirectStandardOutput = true;
File.AppendAllText("log_umskt.txt", $"{arguments}\n");
umskt.Start();
umskt.WaitForExit();
string keyToVerify = umskt.StandardOutput.ReadToEnd();
File.AppendAllText("log_umskt.txt", umskt.StandardOutput.ReadToEnd());
keyToVerify = keyToVerify.Replace("\n", "").Replace(" ", "").Replace("\r", "");
if (string.IsNullOrEmpty(keyToVerify) )
{
Console.WriteLine($"No Listing: BINK ID = {binkId}");
File.AppendAllText("log_cv.txt", $"No Listing: BINK ID = {binkId}\n");
i2 = 999; // effectively cancels going through unlisted bink
}
else
{
Process umskt2 = new();
umskt2.StartInfo.FileName = "umskt.exe";
string arguments2 = $"--validate {keyToVerify}";
umskt2.StartInfo.RedirectStandardOutput = true;
umskt2.StartInfo.Arguments = arguments2;
File.AppendAllText("log_umskt.txt", $"{arguments2}\n");
umskt2.Start();
umskt2.WaitForExit();
string validateStatus = umskt2.StandardOutput.ReadToEnd();
File.AppendAllText("log_umskt.txt", validateStatus + "\n");
if (validateStatus.Contains("Key validated successfully!"))
{
Console.WriteLine($"Match: BINK ID = {binkId}, Channel ID = {channelId}");
File.AppendAllText("log_cv.txt", $"Match: BINK ID = {binkId}, Channel ID = {channelId}\n");
}
else
{
Console.WriteLine($"Invalid: BINK ID = {binkId}, Channel ID = {channelId}");
File.AppendAllText("log_cv.txt", $"Invalid: BINK ID = {binkId}, Channel ID = {channelId}\n");
}
}
}
};
}
}
}umskt.exe needs to be in the same directory, then just run and let it do it's thing. Expect log.txt to get pretty big.
TrialMedusa64
commented
11 months ago I Think You Should Make A List (Preferably A Spreadsheet) Of Channel IDs @thepwrtank18 And @techguy16 Its Important To Know That 1 Channel ID, Are Sometimes Linked To Multiple Products For Example, ID "640". Is Linked To VL [Volume Licensing] Versions Of XP, Server 2k3, Office XP And Office 2k3, And ID "865", Is Linked To Office 2007 Enterprise. How i Do Know All Of This? Well Keep In Mind That I'm No Expert In Cryptography (In This Case ECC Cryptography) I Heard About XPKeygen And UMSKT In One Of Enderman Videos And I Was Like "Ey Lets Check It Out" I Downloaded The Latest Version At The Time And I Was Really Impressed On How Well It Works Not Only That It Can Make Keys But The Keys Are Random. RANDOM! I Was Like "I Can't Believe That This An Real Thing" XPKeygen Would Later Be Added In To My Set Of [REDACTED] Tools. Oh And In Case If Your Wondering How I Know The ID For Office 2007 Enterprise, I Seem To Just Have A Text File Title "ms_chl_id.txt" Along With 9 IDs
thepwrtank18
commented
11 months ago It looks like --validate is broken, where every channel ID is "valid" when the BINK is 2E (even ones that would never be used, like 999), but none of them are "valid" otherwise.
thepwrtank18
commented
11 months ago Update: It looks like the Rust port validates everything successfully (still wrong), but not the original UMSKT. Regardless, we're not gonna be able to brute force our way through it. ☹️
techguy16
commented
11 months ago I'm working on a WIP Python port which I will take this onboard.
TrialMedusa64
commented
11 months ago @techguy16 & @thepwrtank18 Can I Share A List Of Channel IDs That I Know With You?
TrialMedusa64
commented
11 months ago @thepwrtank18 & @techguy16 Here's A List Of Channel IDs That I Know So Far:
906-Office 2007 Home & Student 862-Project 2007 Professional 640-Windows XP Professional x86 VL Windows Server 2k3 VL x86 Office XP VL Office 2k3 VL 652-Windows XP Professional x64 VL 641-Office XP VL Applications 861-Groove 2007 Publisher 2007 Project 2007 Professional OneNote 2007 864-Office 2007 Standard 902-Office 2007 Small Business 865-Office 2007 Enterprise 905-Visio 2007 Professional
As You Can See, Some IDs (Like 861 And 640) Are Linked To Multiple Products. There's An Oddball In This List, And That Oddball Is ID 862. ID 862 Is Oddly Enough, Linked To Project 2007 Professional, Which Is Also Linked To ID 861. And To Make This Even More Of A Oddball, Some Office 2007 Keys Are Actually (And You Wil Not Believe This) Longhorn Keys Yepp! You Heard Me Correctly! Some Office 2007 Keys, Are Longhorn Keys Not All Of Them Are Longhorn Keys, But Some Of Them Are. Confusing? Yes Surprising? Yes (I Guess???)
Keep In Mind That The List Is NOT A Definitive (You Can Obviously Tell Its Not) List And I Might Have Got Some IDs Wrong And There Are F A R More Channel IDs That We Haven't Discovered Yet. So Lets Get To Building That List Channel IDs! :D
techguy16
commented
11 months ago Hey @TrialMedusa64 , thanks for your list of Channel IDs.
techguy16
commented
11 months ago I have a valid copy of Office 2007 Professional so I will be seeing which channel IDs work.
thepwrtank18
commented
11 months ago I think the only way to actually test which CID's work is to create every single key through 000 to 999, and manually see which CID's work in each product through some AutoHotKey script.
An alternative method is croudsourcing. Get people to use https://mskt.surge.sh?validate= on their key, and post the channel ID. With enough data, we could get the ranges.
TrialMedusa64
commented
11 months ago @techguy16 Your Welcome! :D
TrialMedusa64
commented
11 months ago @techguy16 & @thepwrtank18! Got Another ID! 492-Windows XP Home
techguy16
commented
11 months ago @TrialMedusa64 can you provide a spreadsheet?
TrialMedusa64
commented
11 months ago Making The Spreadsheet Now!
TrialMedusa64
commented
11 months ago TrialMedusa64
commented
11 months ago Oh And In Case If Your Wondering, Yes! I Am Updating The Spreadsheet With New IDs Being Discovered By Yours Truly.
You Know, Now That I Think About It, I'm Really Glad That Can Help You All Out! Sure I Can't Help You With The ECC And Cryptography Nonsense, But I Can Help You With The ID Situation!
Again Glad I Can Help! :D
abrik1
commented
2 months ago @thepwrtank18 @TrialMedusa64 @drazisil I made a C implementation for this a while back
techguy16
commented
2 months ago I did in umsktpy as well: https://github.com/techguy16/umsktpy
drazisil
commented
2 months ago 👋 @abrik1 How did I get in this list?
...not that I'm complaining lol
abrik1
commented
2 months ago Sorry, I guess I might have accidentally blindly clicked the suggestions of GHs auto complete
Since Windows 95s Key Generation Algorithm Is Alot More Simplistic (And More Well Known), It Should Be Alot Easier To Implement Than XP's Algorithm.