summaryrefslogtreecommitdiff
path: root/readme-activation-faq.html
diff options
context:
space:
mode:
Diffstat (limited to 'readme-activation-faq.html')
-rw-r--r--readme-activation-faq.html193
1 files changed, 193 insertions, 0 deletions
diff --git a/readme-activation-faq.html b/readme-activation-faq.html
new file mode 100644
index 0000000..4cd62fc
--- /dev/null
+++ b/readme-activation-faq.html
@@ -0,0 +1,193 @@
+<!DOCTYPE html>
+<title>Read Me - Activation FAQs</title>
+<html>
+<head>
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+</head>
+<body style="background-color: #DfDfDf;">
+<pre>
+<code>
+Updated 30-08-2019
+
+
+====================================================================================================
+ Activation FAQs:
+====================================================================================================
+
+ The following text is a mixture of facts and few guesses. The facts as listed are true as far as
+ I am able to know.
+ You should read it with a grain of salt. It's a good habit to doubt things, but don't start to
+ believe your doubts if you don't have any reasonable argument to justify the doubt.
+
+ Digital License and KMS38 activation descriptions are based on reverse engineering efforts by
+ the methods' authors - @mspaintmsi and an Anonymous developer.
+
+ If you think anything written here is false, please notify https://windowsaddict.ml/
+
+====================================================================================================
+
+=====================================
+ Digital License (HWID) Activation:
+=====================================
+ Written by @mspaintmsi-
+
+ During the upgrade process from Windows 7, 8, 8.1 to Windows 10 (Also from Windows 10 to a newer
+ version of Windows 10) properly activated systems are eligible for a digital license.
+ The digital license activation is permanent and linked to a specific user (Through hardware and optionally through a Microsoft Account).
+
+ Internally it works something like this,
+
+ The upgrade process executes gatherosstate.exe contained in the installation medium.
+ The job of gatherosstate is to generate a Genuine Ticket for use by the Client License Platform migration tool (ClipUp)
+ This ticket is a GenuineAuthorization XML file containing the following information: (There are more fields in tickets from ClipUp, but we won't need those)
+ * Its version. As of now, this is always "1.0"
+ * the genuineProperties:
+ * Properties:
+ * OA3xOriginalProductId - The Product ID of the BIOS key.
+ * OA3xOriginalProductKey - The BIOS product key.
+ * SessionId:
+ * OSMajorVersion - The OS Version Major
+ * OSMinorVersion - The OS Version Minor
+ * OSPlatformId - The OS Platform ID. Always 2 (2 means Windows NT)
+ * PP - Protected Process - Whether or not gatherosstate was run as a protected process
+ (It practically never does. ClipUp is also capable of generating those tickets, and it runs as a protected process.)
+ * Hwid - The Hardware Id - a base64-encoded byte array containing information about the current hardware configuration.
+ * Pfn - Package Family Name - The package family name of your Windows edition.
+ * OA3xOriginalProductKey - The BIOS product key. (Yes, it's a duplicate)
+ * DownlevelGenuineState - Indicates whether or not your system is genuine. (activated)
+ * TimeStampClient - The ISO 8601 format date of ticket generation.
+ * Signatures:
+ * signature: (Either downlevelGTkey or clientLockboxKey depending on which utility actually generated the ticket - SLC, gatherosstate or ClipUp)
+ * downlevelGTkey - rsa-sha256 signature for the Properties field
+ * clientLockboxKey - rsa-sha256 signature for the Properties field
+
+ This ticket is later applied using ClipUp and sent to Microsoft Servers.
+ In return, the Microsoft servers responds with the JSON "receipt" for the digital license. The fields in it are irrelevant and mean practically nothing.
+
+ This license is linked to specific hardware, and can be transferred to other hardware if needed using a linked Microsoft Account.
+
+ This process during upgrading requires a lot of time, and it's not as easy as clicking an “Activate” button.
+ so to achieve this, @mspaintmsi and an Anonymous developer discovered a way to quickly generate a valid ticket for acquiring a license.
+
+ There were a lot of methods for this, but the simplest one is placing a modified SLC (Software Licensing Client) library next to gatherosstate.
+ Due to gatherosstate loading this library dynamically it can be substituted very easily without modifying the gatherosstate file at all.
+ This library was originally a modified version of SLSHIM by @vyvojar on GitHub (but has went through so many changes that it barely resembles it anymore).
+
+ This library is supposed to query the licensing information for use by gatherosstate.
+ gatherosstate has no way to verify this information, so it blindly places it into the ticket.
+
+ After sending the ticket and receiving the receipt your system is activated.
+
+ Now a question arises,
+ Q.) Can Microsoft differentiate counterfeit tickets and block the license?
+ A.) Umm.. Yes, but actully no.
+ The signature type can (sort of) be used to determine what utility is responsible for the ticket.
+ There is no way (in a standard environment) for a non-activated Windows 10 installation to generate a ticket.
+ In the normal process, gatherosstate will ask SLC for the entire ticket, but when this fails it will generate and sign it by itself, creating a
+ "downlevelGTkey" signature.
+ For every system with an installed product key a generated ticket will be returned by SLC and thus will have a "clientLockboxKey" signature.
+
+ Put simply, the signature (should) always be a "clientLockboxKey" one in case of an activated system, but in this case it isn't.
+ Microsoft will not take action against it, because of the risk of voiding valid licenses.
+ Besides, they never really cared for consumer piracy; That's not where they get the most money from.
+
+====================================================================================================
+
+==============================
+ KMS38 Activation:
+==============================
+
+ Written by @mspaintmsi-
+
+ The KMS38 method is closely related to the HWID method, as it utilizes the same tools.
+ This method also generates a GenuineAuthorization XML file using gatherosstate, but with slight differences.
+ This time instead of the "Pfn" field, we have the "GVLKExp" field.
+ GVLKExp is short for "Generic Volume Key Expiration (date)" and contains an ISO 8601 timestamp of when the KMS activation ends.
+
+ This volume expiration date can be changed to an arbitrarily (signed) integer value using the SLC library.
+ The very long time for activation is related to the Y2K38 problem as this date (19 january 2038 around 3AM) is the maximum date we can give
+ to gatherosstate without it looping back to year 1970.
+
+ The main difference is that those tickets are only valid on Volume:GVLK systems. That mostly includes Enterprise and Education editions.
+
+ Now another question,
+ Q.) Can Microsoft block this kind of activation?
+ A.) Not directly. They could only update Clipup to allow for a maximum activation period of 180 days.
+ Not much beside that can be done on their part.
+ The tickets are not sent to Microsoft at all, so they can't block them or take action directly.
+
+====================================================================================================
+
+==============================
+ Online KMS Activation:
+==============================
+
+ - What is KMS activation?
+ Key Management Service (KMS) is a genuine activation method provided by Microsoft for volume
+ licensing customers (organizations, schools or governments). The machines in those environments
+ (called KMS clients) are activated via the Environment KMS Host Server (authorized Microsoft's
+ licensing key), instead of Microsoft activation servers.
+ By design, the KMS activation period lasts up to 180 Days (6 Months) at max, with the ability to
+ renew and reinstate the period at any time. Activation renewal automatically happens every 7
+ days if the client can connect to the KMS host server.
+ For more info, see,
+ https://www.microsoft.com/Licensing/servicecenter/Help/FAQDetails.aspx?id=201#215
+ https://technet.microsoft.com/en-us/library/ee939272(v=ws.10).aspx#kms-overview
+
+ - How we are getting it for free?
+ Developers reverse-engineered the KMS Host Server setup, so now anyone can host a KMS server and
+ activate the systems without any limitations.
+ KMS activators such as KMSpico, MTK, KMS_VL_ALL, and etc., locally create an emulated KMS Host
+ Server and activate Windows and Office.
+
+ This locally-emulated KMS server requires you to run binary files which often cause
+ anti-virus alerts (false positives).
+
+ Another method of KMS activation is publicly-available Online KMS Host Server.
+ In this method, the site hosts the emulated KMS server and anyone can simply use this server to
+ activate their systems, there is no requirement for running any software on your system and
+ no worry of AV's alert. And this method is the most identical to the genuine KMS activation.
+ As long as the site hosting the emulated KMS server remains on line, and is available to connect
+ to, continued activation will be assured.
+
+ - Is it safe to use Online KMS activation?
+ Yes.
+ Now let's go into the details, why,
+ In the KMS protocol, there is a relationship of host and client. The client system asks the host
+ system to grant the activation, and the host system grants the activation if it's eligible.
+ In doing this, the client system shares some of the system’s data, which is not sensitive in nature.
+ According to the Microsoft documents, the client system shares the following LIMITED data
+ with the host system:
+ Client FQDN, CMID, time-stamp, Product license state, expiration time and IP address
+ https://technet.microsoft.com/en-us/library/ee939272(v=ws.10).aspx#kms-overview
+
+ In this info sharing, the only important part is your IP address.
+ We can now talk about possible assumptions and consequences regarding this, but before we begin,
+ you should know the following facts.
+ - IP addresses do not necessarily represent a specific person. Internet Service Providers (ISP's)
+ mostly use DYNAMIC IP, which means the same IP address can be used by many different persons,
+ and a dynamic IP address is periodically reassigned to different people all the time. But a
+ STATIC IP address is permanently assigned to a single, unique, subscriber.
+ However, the Internet Service Provider (ISP) won't reveal that information unless
+ there is a legal reason to do so.
+ - Microsoft has NEVER tried to catch Home users for using a few pirated activations (not
+ talking about stolen legal keys) simply because the cost of legal actions would be much higher
+ than the amount of money gained by forcing a few people to PURCHASE activations.
+ - No law enforcement is going to take action based on the IP's from all over the world without
+ the consent from the Microsoft itself.
+ - In case you are feeling that your machine’s sharing of IP address information as part of the
+ ongoing KMS activation process is quite intrusive in nature, then you should keep in
+ mind that any website can fingerprint your device, which means that website can keep a record of
+ you not only by your IP address, but also with information about your device hardware.
+
+ * After these facts, I can't imagine how Online KMS Activation can negatively affect the user.
+ If you know exactly how it can, than please let me know. Thanks.
+
+====================================================================================================
+</code></pre>
+</body>
+</html>
+
+<p>&nbsp;</p>
+
+