summaryrefslogtreecommitdiff
path: root/LibTSforge/Modifiers
diff options
context:
space:
mode:
Diffstat (limited to 'LibTSforge/Modifiers')
-rw-r--r--LibTSforge/Modifiers/GenPKeyInstall.cs207
-rw-r--r--LibTSforge/Modifiers/GracePeriodReset.cs29
-rw-r--r--LibTSforge/Modifiers/KMSHostCharge.cs119
-rw-r--r--LibTSforge/Modifiers/KeyChangeLockDelete.cs33
-rw-r--r--LibTSforge/Modifiers/RearmReset.cs45
-rw-r--r--LibTSforge/Modifiers/TamperedFlagsDelete.cs44
-rw-r--r--LibTSforge/Modifiers/UniqueIdDelete.cs55
7 files changed, 532 insertions, 0 deletions
diff --git a/LibTSforge/Modifiers/GenPKeyInstall.cs b/LibTSforge/Modifiers/GenPKeyInstall.cs
new file mode 100644
index 0000000..28d0027
--- /dev/null
+++ b/LibTSforge/Modifiers/GenPKeyInstall.cs
@@ -0,0 +1,207 @@
+namespace LibTSforge.Modifiers
+{
+ using System;
+ using System.IO;
+ using Microsoft.Win32;
+ using LibTSforge.PhysicalStore;
+ using LibTSforge.SPP;
+ using LibTSforge.TokenStore;
+
+ public static class GenPKeyInstall
+ {
+ private static void WritePkey2005RegistryValues(PSVersion version, ProductKey pkey)
+ {
+ Logger.WriteLine("Writing registry data for Windows product key...");
+ Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion", "ProductId", pkey.GetPid2());
+ Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion", "DigitalProductId", pkey.GetPid3());
+ Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion", "DigitalProductId4", pkey.GetPid4());
+
+ if (Registry.GetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Registration", "ProductId", null) != null)
+ {
+ Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Registration", "ProductId", pkey.GetPid2());
+ Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Registration", "DigitalProductId", pkey.GetPid3());
+ Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Registration", "DigitalProductId4", pkey.GetPid4());
+ }
+
+ if (pkey.Channel == "Volume:CSVLK" && version != PSVersion.Win7)
+ {
+ Registry.SetValue(@"HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform", "KmsHostConfig", 1);
+ }
+ }
+
+ public static void InstallGenPKey(PSVersion version, bool production, Guid actId)
+ {
+ if (actId == Guid.Empty) throw new ArgumentException("Activation ID must be specified for generated product key install.");
+
+ PKeyConfig pkc = new PKeyConfig();
+
+ try
+ {
+ pkc.LoadConfig(actId);
+ }
+ catch (ArgumentException)
+ {
+ pkc.LoadAllConfigs(SLApi.GetAppId(actId));
+ }
+
+ ProductConfig config;
+ pkc.Products.TryGetValue(actId, out config);
+
+ if (config == null) throw new ArgumentException("Activation ID " + actId + " not found in PKeyConfig.");
+
+ ProductKey pkey = config.GetRandomKey();
+
+ Guid instPkeyId = SLApi.GetInstalledPkeyID(actId);
+ if (instPkeyId != Guid.Empty) SLApi.UninstallProductKey(instPkeyId);
+
+ if (pkey.Algorithm == PKeyAlgorithm.PKEY2009)
+ {
+ uint status = SLApi.InstallProductKey(pkey);
+ Logger.WriteLine(string.Format("Installing generated product key {0} status {1:X}", pkey.ToString(), status));
+
+ if ((int)status < 0)
+ {
+ throw new ApplicationException("Failed to install generated product key.");
+ }
+
+ Logger.WriteLine("Successfully deposited generated product key.");
+ return;
+ }
+
+ Logger.WriteLine("Key range is PKEY2005, creating fake key data...");
+
+ if (pkey.Channel == "Volume:GVLK" && version == PSVersion.Win7) throw new NotSupportedException("Fake GVLK generation is not supported on Windows 7.");
+
+ VariableBag pkb = new VariableBag();
+ pkb.Blocks.AddRange(new CRCBlock[]
+ {
+ new CRCBlock
+ {
+ DataType = CRCBlockType.STRING,
+ KeyAsStr = "SppPkeyBindingProductKey",
+ ValueAsStr = pkey.ToString()
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.STRING,
+ KeyAsStr = "SppPkeyBindingMPC",
+ ValueAsStr = pkey.GetMPC()
+ },
+ new CRCBlock {
+ DataType = CRCBlockType.BINARY,
+ KeyAsStr = "SppPkeyBindingPid2",
+ ValueAsStr = pkey.GetPid2()
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ KeyAsStr = "SppPkeyBindingPid3",
+ Value = pkey.GetPid3()
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ KeyAsStr = "SppPkeyBindingPid4",
+ Value = pkey.GetPid4()
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.STRING,
+ KeyAsStr = "SppPkeyChannelId",
+ ValueAsStr = pkey.Channel
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.STRING,
+ KeyAsStr = "SppPkeyBindingEditionId",
+ ValueAsStr = pkey.Edition
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ KeyAsStr = (version == PSVersion.Win7) ? "SppPkeyShortAuthenticator" : "SppPkeyPhoneActivationData",
+ Value = pkey.GetPhoneData(version)
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ KeyAsStr = "SppPkeyBindingMiscData",
+ Value = new byte[] { }
+ }
+ });
+
+ Guid appId = SLApi.GetAppId(actId);
+ string pkeyId = pkey.GetPkeyId().ToString();
+ bool isAddon = SLApi.IsAddon(actId);
+ string currEdition = SLApi.GetMetaStr(actId, "Family");
+
+ if (appId == SLApi.WINDOWS_APP_ID && !isAddon)
+ {
+ SLApi.UninstallAllProductKeys(appId);
+ }
+
+ Utils.KillSPP();
+
+ using (IPhysicalStore ps = Utils.GetStore(version, production))
+ {
+ using (ITokenStore tks = Utils.GetTokenStore(version))
+ {
+ Logger.WriteLine("Writing to physical store and token store...");
+
+ string suffix = (version == PSVersion.Win8 || version == PSVersion.WinBlue || version == PSVersion.WinModern) ? "_--" : "";
+ string metSuffix = suffix + "_met";
+
+ if (appId == SLApi.WINDOWS_APP_ID && !isAddon)
+ {
+ string edTokName = "msft:spp/token/windows/productkeyid/" + currEdition;
+
+ TokenMeta edToken = tks.GetMetaEntry(edTokName);
+ edToken.Data["windowsComponentEditionPkeyId"] = pkeyId;
+ edToken.Data["windowsComponentEditionSkuId"] = actId.ToString();
+ tks.SetEntry(edTokName, "xml", edToken.Serialize());
+
+ WritePkey2005RegistryValues(version, pkey);
+ }
+
+ string uriMapName = "msft:spp/token/PKeyIdUriMapper" + metSuffix;
+ TokenMeta uriMap = tks.GetMetaEntry(uriMapName);
+ uriMap.Data[pkeyId] = pkey.GetAlgoUri();
+ tks.SetEntry(uriMapName, "xml", uriMap.Serialize());
+
+ string skuMetaName = actId.ToString() + metSuffix;
+ TokenMeta skuMeta = tks.GetMetaEntry(skuMetaName);
+
+ foreach (string k in skuMeta.Data.Keys)
+ {
+ if (k.StartsWith("pkeyId_"))
+ {
+ skuMeta.Data.Remove(k);
+ break;
+ }
+ }
+
+ skuMeta.Data["pkeyId"] = pkeyId;
+ skuMeta.Data["pkeyIdList"] = pkeyId;
+ tks.SetEntry(skuMetaName, "xml", skuMeta.Serialize());
+
+ string psKey = string.Format("SPPSVC\\{0}\\{1}", appId, actId);
+ ps.DeleteBlock(psKey, pkeyId);
+ ps.AddBlock(new PSBlock
+ {
+ Type = BlockType.NAMED,
+ Flags = (version == PSVersion.WinModern) ? (uint)0x402 : 0x2,
+ KeyAsStr = psKey,
+ ValueAsStr = pkeyId,
+ Data = pkb.Serialize()
+ });
+
+ string cachePath = Utils.GetTokensPath(version).Replace("tokens.dat", @"cache\cache.dat");
+ if (File.Exists(cachePath)) File.Delete(cachePath);
+ }
+ }
+
+ SLApi.RefreshTrustedTime(actId);
+ Logger.WriteLine("Successfully deposited fake product key.");
+ }
+ }
+}
diff --git a/LibTSforge/Modifiers/GracePeriodReset.cs b/LibTSforge/Modifiers/GracePeriodReset.cs
new file mode 100644
index 0000000..4743ea6
--- /dev/null
+++ b/LibTSforge/Modifiers/GracePeriodReset.cs
@@ -0,0 +1,29 @@
+namespace LibTSforge.Modifiers
+{
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using LibTSforge.PhysicalStore;
+
+ public static class GracePeriodReset
+ {
+ public static void Reset(PSVersion version, bool production)
+ {
+ Utils.KillSPP();
+ Logger.WriteLine("Writing TrustedStore data...");
+
+ using (IPhysicalStore store = Utils.GetStore(version, production))
+ {
+ string value = "msft:sl/timer";
+ List<PSBlock> blocks = store.FindBlocks(value).ToList();
+
+ foreach (PSBlock block in blocks)
+ {
+ store.DeleteBlock(block.KeyAsStr, block.ValueAsStr);
+ }
+ }
+
+ Logger.WriteLine("Successfully reset all grace and evaluation period timers.");
+ }
+ }
+}
diff --git a/LibTSforge/Modifiers/KMSHostCharge.cs b/LibTSforge/Modifiers/KMSHostCharge.cs
new file mode 100644
index 0000000..5bfabdf
--- /dev/null
+++ b/LibTSforge/Modifiers/KMSHostCharge.cs
@@ -0,0 +1,119 @@
+namespace LibTSforge.Modifiers
+{
+ using System;
+ using System.IO;
+ using LibTSforge.PhysicalStore;
+ using LibTSforge.SPP;
+
+ public static class KMSHostCharge
+ {
+ public static void Charge(PSVersion version, Guid actId, bool production)
+ {
+ if (actId == Guid.Empty)
+ {
+ actId = SLApi.GetDefaultActivationID(SLApi.WINDOWS_APP_ID, true);
+
+ if (actId == Guid.Empty)
+ {
+ throw new NotSupportedException("No applicable activation IDs found.");
+ }
+ }
+
+ if (SLApi.GetPKeyChannel(SLApi.GetInstalledPkeyID(actId)) != "Volume:CSVLK")
+ {
+ throw new NotSupportedException("Non-Volume:CSVLK product key installed.");
+ }
+
+ Guid appId = SLApi.GetAppId(actId);
+ int totalClients = 50;
+ int currClients = 25;
+ byte[] hwidBlock = Constants.UniversalHWIDBlock;
+ string key = string.Format("SPPSVC\\{0}", appId);
+ long ldapTimestamp = DateTime.Now.ToFileTime();
+
+ BinaryWriter writer = new BinaryWriter(new MemoryStream());
+
+ for (int i = 0; i < currClients; i++)
+ {
+ writer.Write(ldapTimestamp - (10 * (i + 1)));
+ writer.Write(Guid.NewGuid().ToByteArray());
+ }
+
+ byte[] cmidGuids = writer.GetBytes();
+
+ writer = new BinaryWriter(new MemoryStream());
+
+ writer.Write(new byte[40]);
+
+ writer.Seek(4, SeekOrigin.Begin);
+ writer.Write((byte)currClients);
+
+ writer.Seek(24, SeekOrigin.Begin);
+ writer.Write((byte)currClients);
+ byte[] reqCounts = writer.GetBytes();
+
+ Utils.KillSPP();
+
+ Logger.WriteLine("Writing TrustedStore data...");
+
+ using (IPhysicalStore store = Utils.GetStore(version, production))
+ {
+ VariableBag kmsCountData = new VariableBag();
+ kmsCountData.Blocks.AddRange(new CRCBlock[]
+ {
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ KeyAsStr = "SppBindingLicenseData",
+ Value = hwidBlock
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.UINT,
+ Key = new byte[] { },
+ ValueAsInt = (uint)totalClients
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.UINT,
+ Key = new byte[] { },
+ ValueAsInt = 1051200000
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.UINT,
+ Key = new byte[] { },
+ ValueAsInt = (uint)currClients
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ Key = new byte[] { },
+ Value = cmidGuids
+ },
+ new CRCBlock
+ {
+ DataType = CRCBlockType.BINARY,
+ Key = new byte[] { },
+ Value = reqCounts
+ }
+ });
+
+ byte[] kmsChargeData = kmsCountData.Serialize();
+ string countVal = string.Format("msft:spp/kms/host/2.0/store/counters/{0}", appId);
+
+ store.DeleteBlock(key, countVal);
+ store.AddBlock(new PSBlock
+ {
+ Type = BlockType.NAMED,
+ Flags = (version == PSVersion.WinModern) ? (uint)0x400 : 0,
+ KeyAsStr = key,
+ ValueAsStr = countVal,
+ Data = kmsChargeData
+ });
+
+ Logger.WriteLine(string.Format("Set charge count to {0} successfully.", currClients));
+ }
+ }
+ }
+}
diff --git a/LibTSforge/Modifiers/KeyChangeLockDelete.cs b/LibTSforge/Modifiers/KeyChangeLockDelete.cs
new file mode 100644
index 0000000..e3f32c4
--- /dev/null
+++ b/LibTSforge/Modifiers/KeyChangeLockDelete.cs
@@ -0,0 +1,33 @@
+namespace LibTSforge.Modifiers
+{
+ using System.Collections.Generic;
+ using System.Linq;
+ using LibTSforge.PhysicalStore;
+ using LibTSforge;
+ public static class KeyChangeLockDelete
+ {
+ public static void Delete(PSVersion version, bool production)
+ {
+ Utils.KillSPP();
+ Logger.WriteLine("Writing TrustedStore data...");
+ using (IPhysicalStore store = Utils.GetStore(version, production))
+ {
+ List<string> values = new List<string>
+ {
+ "msft:spp/timebased/AB",
+ "msft:spp/timebased/CD"
+ };
+ List<PSBlock> blocks = new List<PSBlock>();
+ foreach (string value in values)
+ {
+ blocks.AddRange(store.FindBlocks(value).ToList());
+ }
+ foreach (PSBlock block in blocks)
+ {
+ store.DeleteBlock(block.KeyAsStr, block.ValueAsStr);
+ }
+ }
+ Logger.WriteLine("Successfully removed the key change lock.");
+ }
+ }
+}
diff --git a/LibTSforge/Modifiers/RearmReset.cs b/LibTSforge/Modifiers/RearmReset.cs
new file mode 100644
index 0000000..be2b174
--- /dev/null
+++ b/LibTSforge/Modifiers/RearmReset.cs
@@ -0,0 +1,45 @@
+namespace LibTSforge.Modifiers
+{
+ using System;
+ using System.Collections.Generic;
+ using System.Linq;
+ using LibTSforge.PhysicalStore;
+
+ public static class RearmReset
+ {
+ public static void Reset(PSVersion version, bool production)
+ {
+ Utils.KillSPP();
+
+ Logger.WriteLine("Writing TrustedStore data...");
+
+ using (IPhysicalStore store = Utils.GetStore(version, production))
+ {
+ List<PSBlock> blocks;
+
+ if (version == PSVersion.Win7)
+ {
+ blocks = store.FindBlocks(0xA0000).ToList();
+ }
+ else
+ {
+ blocks = store.FindBlocks("__##USERSEP-RESERVED##__$$REARM-COUNT$$").ToList();
+ }
+
+ foreach (PSBlock block in blocks)
+ {
+ if (version == PSVersion.Win7)
+ {
+ store.SetBlock(block.KeyAsStr, block.ValueAsInt, new byte[8]);
+ }
+ else
+ {
+ store.SetBlock(block.KeyAsStr, block.ValueAsStr, new byte[8]);
+ }
+ }
+
+ Logger.WriteLine("Successfully reset all rearm counters.");
+ }
+ }
+ }
+}
diff --git a/LibTSforge/Modifiers/TamperedFlagsDelete.cs b/LibTSforge/Modifiers/TamperedFlagsDelete.cs
new file mode 100644
index 0000000..8ffb370
--- /dev/null
+++ b/LibTSforge/Modifiers/TamperedFlagsDelete.cs
@@ -0,0 +1,44 @@
+namespace LibTSforge.Modifiers
+{
+ using System;
+ using System.Linq;
+ using LibTSforge.PhysicalStore;
+
+ public static class TamperedFlagsDelete
+ {
+ public static void DeleteTamperFlags(PSVersion version, bool production)
+ {
+ Utils.KillSPP();
+
+ Logger.WriteLine("Writing TrustedStore data...");
+
+ using (IPhysicalStore store = Utils.GetStore(version, production))
+ {
+ if (version != PSVersion.Win7)
+ {
+ string recreatedFlag = "__##USERSEP-RESERVED##__$$RECREATED-FLAG$$";
+ string recoveredFlag = "__##USERSEP-RESERVED##__$$RECOVERED-FLAG$$";
+
+ DeleteFlag(store, recreatedFlag);
+ DeleteFlag(store, recoveredFlag);
+ }
+ else
+ {
+ SetFlag(store, 0xA0001);
+ }
+
+ Logger.WriteLine("Successfully cleared the tamper state.");
+ }
+ }
+
+ private static void DeleteFlag(IPhysicalStore store, string flag)
+ {
+ store.FindBlocks(flag).ToList().ForEach(block => store.DeleteBlock(block.KeyAsStr, block.ValueAsStr));
+ }
+
+ private static void SetFlag(IPhysicalStore store, uint flag)
+ {
+ store.FindBlocks(flag).ToList().ForEach(block => store.SetBlock(block.KeyAsStr, block.ValueAsInt, new byte[8]));
+ }
+ }
+}
diff --git a/LibTSforge/Modifiers/UniqueIdDelete.cs b/LibTSforge/Modifiers/UniqueIdDelete.cs
new file mode 100644
index 0000000..b83d328
--- /dev/null
+++ b/LibTSforge/Modifiers/UniqueIdDelete.cs
@@ -0,0 +1,55 @@
+namespace LibTSforge.Modifiers
+{
+ using System;
+ using LibTSforge.PhysicalStore;
+ using LibTSforge.SPP;
+
+ public static class UniqueIdDelete
+ {
+ public static void DeleteUniqueId(PSVersion version, bool production, Guid actId)
+ {
+ Guid appId;
+
+ if (actId == Guid.Empty)
+ {
+ appId = SLApi.WINDOWS_APP_ID;
+ actId = SLApi.GetDefaultActivationID(appId, true);
+
+ if (actId == Guid.Empty)
+ {
+ throw new Exception("No applicable activation IDs found.");
+ }
+ }
+ else
+ {
+ appId = SLApi.GetAppId(actId);
+ }
+
+ string instId = SLApi.GetInstallationID(actId);
+ Guid pkeyId = SLApi.GetInstalledPkeyID(actId);
+
+ Utils.KillSPP();
+
+ Logger.WriteLine("Writing TrustedStore data...");
+
+ using (IPhysicalStore store = Utils.GetStore(version, production))
+ {
+ string key = string.Format("SPPSVC\\{0}\\{1}", appId, actId);
+ PSBlock keyBlock = store.GetBlock(key, pkeyId.ToString());
+
+ if (keyBlock == null)
+ {
+ throw new Exception("No product key found.");
+ }
+
+ VariableBag pkb = new VariableBag(keyBlock.Data);
+
+ pkb.DeleteBlock("SppPkeyUniqueIdToken");
+
+ store.SetBlock(key, pkeyId.ToString(), pkb.Serialize());
+ }
+
+ Logger.WriteLine("Successfully removed Unique ID for product key ID " + pkeyId);
+ }
+ }
+}