Closed Dusk-Golem closed 10 months ago
@Dusk-Golem I guess you want to use ohook 0.4 because it sets Resiliency on every run and with current ohook script, you need to run it again on new user accounts. I've made some changes in script and now it will ensure that Resiliency key is auto set on new user accounts creation and it will be created on current all user accounts as well. Check here Ohook_Activation_AIO.zip
I don't think you should need to use ohook 0.4 now. Let me know why would you still want to run 0.4 version.
Regarding the questions you have raised, you can find how those .dll files are compiled here https://massgrave.dev/ohook.html#Custom_sppcdll_Info Along with changing the base64 string, you will also need to change offset value here https://github.com/massgravel/Microsoft-Activation-Scripts/blob/master/MAS/Separate-Files-Version/Activators/Ohook_Activation_AIO.cmd#L871-#L872 which I'll need to check.
Awesome my man. Thank you for this. And I can see now that the difference in files is intentional (the timestamp is changed in order to avoid AV detections / FPs).
All is good now. Besides, the offset thing kinda flew over my head π . Just for curiousity, what is it for? I can understand the offsets and characters of base64 but what about the one you mentioned? Is it to specify where to start reading the file from?
I know it's out of topic but, if you have an unsupported pc for Win11, I can help you download and activate it.
I know it's out of topic but, if you have an unsupported pc for Win11, I can help you download and activate it.
Thanks bud, but I am proficient in downloading, customising and installing Windows OSs to my needs at this point. π
May I ask why 0.3 is preferred over 0.4?
Good to knowπ
On Fri, Dec 29, 2023, 9:17 PM Dusk-Golem @.***> wrote:
I know it's out of topic but, if you have an unsupported pc for Win11, I can help you download and activate it.
Thanks bud, but I am proficient in downloading, customising and installing Windows OSs to my needs at this point. π
β Reply to this email directly, view it on GitHub https://github.com/massgravel/Microsoft-Activation-Scripts/issues/329#issuecomment-1872181647, or unsubscribe https://github.com/notifications/unsubscribe-auth/A6DGDMEWKEMFUZWI4XKHD5DYL3Q2XAVCNFSM6AAAAABBFRGMRCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNZSGE4DCNRUG4 . You are receiving this because you commented.Message ID: @.***>
May I ask why 0.3 is preferred over 0.4?
This ia the reason:
Awesome my man. Thank you for this. And I can see now that the difference in files is intentional (the timestamp is changed in order to avoid AV detections / FPs).
All is good now. Besides, the offset thing kinda flew over my head π . Just for curiousity, what is it for? I can understand the offsets and characters of base64 but what about the one you mentioned? Is it to specify where to start reading the file from?
Offset value is to set to specify in which part script can modify timestamp value in .dll file in order to change its hashes.
Hi there, as the title suggests, I was thinking about replacing OHook (shifting from 0.3 to 0.4) in MAS 2.5 script for myself. I was comparing the the Base64 string of OHook in MAS vs the original files at the Github page of asdcorp and found that the two strings were different indicating the files in MAS are different than the ones provided by asdcorp.
My question is;
1) Do you guys change the sppc64.dll and sppc32.dll files in order to better integrate them in MAS or the difference is simply because you compiled the files yourselves instead of using the ones provided by asdcopr on their github page?
2) If the files are not editted, then can I simply use the Base64 string of the files from asdcorp github page and just replace it in the MAS script files (200 characters per line)?
I am attaching the files here so you guys can check them.
This zip contains the OHook sppc64.dll only, from both MAS and ASDCORP and below is the screenshot of the hashes comparison.
sppc64.dll files.zip
Also, here is the Base64 string for the sppc64.dll from ASDCORP for reference. sppc64_asdcorp.txt
P.S: I AM AWARE OF THE FACT THAT MAS SHIFTED TO USING OHOOK v0.3 DUE TO AV FALSE POSITIVES.