3.7

2025-09-12 06:19:13 +05:30
parent 0435d4ee39
commit 705b2f54e6
5 changed files with 158 additions and 174 deletions
--- a/docs/hwid.md
+++ b/docs/hwid.md
@@ -128,98 +128,86 @@ Now a question, can Microsoft block the new requests or revoke already establish

 This guide is for manually creating the same kind of tickets that are used in the MAS script.

-   Download the .cab file from the following official Microsoft link:  
-    https://download.microsoft.com/download/9/A/E/9AE69DD5-BA93-44E0-864E-180F5E700AB4/adk/Installers/14f4df8a2a7fc82a4f415cf6a341415d.cab
-   Find the file named `filf8377e82b29deadca67bc4858ed3fba9` (Size: 330 KB) and rename it to `gatherosstate.exe`.
-   Make a folder named `Files` in the root of the C: drive (`C:\Files`) and copy the `gatherosstate.exe` file to that folder.
-   Make sure you have a working Internet connection.
-   Open Windows PowerShell as Administrator and enter the following commands.
-   Copy the entire block of code below and enter it in PowerShell to patch the `gatherosstate.exe` file. The patches are based on [GamersOsState](https://github.com/asdcorp/GamersOsState).  
+-   Make a folder named `Files` in the root of the C: drive (`C:\Files`).
+-   Open Windows PowerShell.
+-   Copy the entire block of code below and enter it in PowerShell to generate the `GenuineTicket.xml` file.
 ```
-$bytes  = [System.IO.File]::ReadAllBytes("C:\Files\gatherosstate.exe")
-$bytes[320] = 0xf8
-$bytes[321] = 0xfb
-$bytes[322] = 0x05
-$bytes[324] = 0x03
-$bytes[13672] = 0x25
-$bytes[13674] = 0x73
-$bytes[13676] = 0x3b
-$bytes[13678] = 0x00
-$bytes[13680] = 0x00
-$bytes[13682] = 0x00
-$bytes[13684] = 0x00
-$bytes[32748] = 0xe9
-$bytes[32749] = 0x9e
-$bytes[32750] = 0x00
-$bytes[32751] = 0x00
-$bytes[32752] = 0x00
-$bytes[32894] = 0x8b
-$bytes[32895] = 0x44
-$bytes[32897] = 0x64
-$bytes[32898] = 0x85
-$bytes[32899] = 0xc0
-$bytes[32900] = 0x0f
-$bytes[32901] = 0x85
-$bytes[32902] = 0x1c
-$bytes[32903] = 0x02
-$bytes[32904] = 0x00
-$bytes[32906] = 0xe9
-$bytes[32907] = 0x3c
-$bytes[32908] = 0x01
-$bytes[32909] = 0x00
-$bytes[32910] = 0x00
-$bytes[32911] = 0x85
-$bytes[32912] = 0xdb
-$bytes[32913] = 0x75
-$bytes[32914] = 0xeb
-$bytes[32915] = 0xe9
-$bytes[32916] = 0x69
-$bytes[32917] = 0xff
-$bytes[32918] = 0xff
-$bytes[32919] = 0xff
-$bytes[33094] = 0xe9
-$bytes[33095] = 0x80
-$bytes[33096] = 0x00
-$bytes[33097] = 0x00
-$bytes[33098] = 0x00
-$bytes[33449] = 0x64
-$bytes[33576] = 0x8d
-$bytes[33577] = 0x54
-$bytes[33579] = 0x24
-$bytes[33580] = 0xe9
-$bytes[33581] = 0x55
-$bytes[33582] = 0x01
-$bytes[33583] = 0x00
-$bytes[33584] = 0x00
-$bytes[33978] = 0xc3
-$bytes[34189] = 0x59
-$bytes[34190] = 0xeb
-$bytes[34191] = 0x28
-$bytes[34238] = 0xe9
-$bytes[34239] = 0x4f
-$bytes[34240] = 0x00
-$bytes[34241] = 0x00
-$bytes[34242] = 0x00
-$bytes[34346] = 0x24
-$bytes[34376] = 0xeb
-$bytes[34377] = 0x63
-[System.IO.File]::WriteAllBytes("C:\Files\gatherosstatemodified.exe", $bytes)
-```
-   Right click on the newly created file, `gatherosstatemodified.exe`, click the "Properties" option and set the Compatibility mode to Windows XP SP3.
-   To generate the ticket using our modified `gatherosstate.exe`, run these commands:  
-```         
-$value = (Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\ProductOptions).OSProductPfn
+function SignProperties {
+    param (
+        $Properties,
+        $rsa
+    )

-C:\Files\gatherosstatemodified.exe /c Pfn=$value`;PKeyIID=465145217131314304264339481117862266242033457260311819664735280
+    $sha256 = [Security.Cryptography.SHA256]::Create()
+    $bytes = [Text.Encoding]::UTF8.GetBytes($Properties)
+    $hash = $sha256.ComputeHash($bytes)
+
+    $signature = $rsa.SignHash($hash, [Security.Cryptography.HashAlgorithmName]::SHA256, [Security.Cryptography.RSASignaturePadding]::Pkcs1)
+    return [Convert]::ToBase64String($signature)
+
+}
+
+[byte[]] $key = 0x07,0x02,0x00,0x00,0x00,0xA4,0x00,0x00,0x52,0x53,0x41,0x32,0x00,0x04,0x00,0x00,
+                0x01,0x00,0x01,0x00,0x29,0x87,0xBA,0x3F,0x52,0x90,0x57,0xD8,0x12,0x26,0x6B,0x38,
+                0xB2,0x3B,0xF9,0x67,0x08,0x4F,0xDD,0x8B,0xF5,0xE3,0x11,0xB8,0x61,0x3A,0x33,0x42,
+                0x51,0x65,0x05,0x86,0x1E,0x00,0x41,0xDE,0xC5,0xDD,0x44,0x60,0x56,0x3D,0x14,0x39,
+                0xB7,0x43,0x65,0xE9,0xF7,0x2B,0xA5,0xF0,0xA3,0x65,0x68,0xE9,0xE4,0x8B,0x5C,0x03,
+                0x2D,0x36,0xFE,0x28,0x4C,0xD1,0x3C,0x3D,0xC1,0x90,0x75,0xF9,0x6E,0x02,0xE0,0x58,
+                0x97,0x6A,0xCA,0x80,0x02,0x42,0x3F,0x6C,0x15,0x85,0x4D,0x83,0x23,0x6A,0x95,0x9E,
+                0x38,0x52,0x59,0x38,0x6A,0x99,0xF0,0xB5,0xCD,0x53,0x7E,0x08,0x7C,0xB5,0x51,0xD3,
+                0x8F,0xA3,0x0D,0xA0,0xFA,0x8D,0x87,0x3C,0xFC,0x59,0x21,0xD8,0x2E,0xD9,0x97,0x8B,
+                0x40,0x60,0xB1,0xD7,0x2B,0x0A,0x6E,0x60,0xB5,0x50,0xCC,0x3C,0xB1,0x57,0xE4,0xB7,
+                0xDC,0x5A,0x4D,0xE1,0x5C,0xE0,0x94,0x4C,0x5E,0x28,0xFF,0xFA,0x80,0x6A,0x13,0x53,
+                0x52,0xDB,0xF3,0x04,0x92,0x43,0x38,0xB9,0x1B,0xD9,0x85,0x54,0x7B,0x14,0xC7,0x89,
+                0x16,0x8A,0x4B,0x82,0xA1,0x08,0x02,0x99,0x23,0x48,0xDD,0x75,0x9C,0xC8,0xC1,0xCE,
+                0xB0,0xD7,0x1B,0xD8,0xFB,0x2D,0xA7,0x2E,0x47,0xA7,0x18,0x4B,0xF6,0x29,0x69,0x44,
+                0x30,0x33,0xBA,0xA7,0x1F,0xCE,0x96,0x9E,0x40,0xE1,0x43,0xF0,0xE0,0x0D,0x0A,0x32,
+                0xB4,0xEE,0xA1,0xC3,0x5E,0x9B,0xC7,0x7F,0xF5,0x9D,0xD8,0xF2,0x0F,0xD9,0x8F,0xAD,
+                0x75,0x0A,0x00,0xD5,0x25,0x43,0xF7,0xAE,0x51,0x7F,0xB7,0xDE,0xB7,0xAD,0xFB,0xCE,
+                0x83,0xE1,0x81,0xFF,0xDD,0xA2,0x77,0xFE,0xEB,0x27,0x1F,0x10,0xFA,0x82,0x37,0xF4,
+                0x7E,0xCC,0xE2,0xA1,0x58,0xC8,0xAF,0x1D,0x1A,0x81,0x31,0x6E,0xF4,0x8B,0x63,0x34,
+                0xF3,0x05,0x0F,0xE1,0xCC,0x15,0xDC,0xA4,0x28,0x7A,0x9E,0xEB,0x62,0xD8,0xD8,0x8C,
+                0x85,0xD7,0x07,0x87,0x90,0x2F,0xF7,0x1C,0x56,0x85,0x2F,0xEF,0x32,0x37,0x07,0xAB,
+                0xB0,0xE6,0xB5,0x02,0x19,0x35,0xAF,0xDB,0xD4,0xA2,0x9C,0x36,0x80,0xC6,0xDC,0x82,
+                0x08,0xE0,0xC0,0x5F,0x3C,0x59,0xAA,0x4E,0x26,0x03,0x29,0xB3,0x62,0x58,0x41,0x59,
+                0x3A,0x37,0x43,0x35,0xE3,0x9F,0x34,0xE2,0xA1,0x04,0x97,0x12,0x9D,0x8C,0xAD,0xF7,
+                0xFB,0x8C,0xA1,0xA2,0xE9,0xE4,0xEF,0xD9,0xC5,0xE5,0xDF,0x0E,0xBF,0x4A,0xE0,0x7A,
+                0x1E,0x10,0x50,0x58,0x63,0x51,0xE1,0xD4,0xFE,0x57,0xB0,0x9E,0xD7,0xDA,0x8C,0xED,
+                0x7D,0x82,0xAC,0x2F,0x25,0x58,0x0A,0x58,0xE6,0xA4,0xF4,0x57,0x4B,0xA4,0x1B,0x65,
+                0xB9,0x4A,0x87,0x46,0xEB,0x8C,0x0F,0x9A,0x48,0x90,0xF9,0x9F,0x76,0x69,0x03,0x72,
+                0x77,0xEC,0xC1,0x42,0x4C,0x87,0xDB,0x0B,0x3C,0xD4,0x74,0xEF,0xE5,0x34,0xE0,0x32,
+                0x45,0xB0,0xF8,0xAB,0xD5,0x26,0x21,0xD7,0xD2,0x98,0x54,0x8F,0x64,0x88,0x20,0x2B,
+                0x14,0xE3,0x82,0xD5,0x2A,0x4B,0x8F,0x4E,0x35,0x20,0x82,0x7E,0x1B,0xFE,0xFA,0x2C,
+                0x79,0x6C,0x6E,0x66,0x94,0xBB,0x0A,0xEB,0xBA,0xD9,0x70,0x61,0xE9,0x47,0xB5,0x82,
+                0xFC,0x18,0x3C,0x66,0x3A,0x09,0x2E,0x1F,0x61,0x74,0xCA,0xCB,0xF6,0x7A,0x52,0x37,
+                0x1D,0xAC,0x8D,0x63,0x69,0x84,0x8E,0xC7,0x70,0x59,0xDD,0x2D,0x91,0x1E,0xF7,0xB1,
+                0x56,0xED,0x7A,0x06,0x9D,0x5B,0x33,0x15,0xDD,0x31,0xD0,0xE6,0x16,0x07,0x9B,0xA5,
+                0x94,0x06,0x7D,0xC1,0xE9,0xD6,0xC8,0xAF,0xB4,0x1E,0x2D,0x88,0x06,0xA7,0x63,0xB8,
+                0xCF,0xC8,0xA2,0x6E,0x84,0xB3,0x8D,0xE5,0x47,0xE6,0x13,0x63,0x8E,0xD1,0x7F,0xD4,
+                0x81,0x44,0x38,0xBF
+
+$rsa = New-Object Security.Cryptography.RSACryptoServiceProvider
+$rsa.ImportCspBlob($key)
+
+$Pfn = (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\ProductOptions" -Name "OSProductPfn").OSProductPfn
+# By default, this code generates a GenuineTicket.xml file for the edition of Windows it's run on.
+# To create a ticket for an arbitrary edition, set $Pfn to the appropriate value for that edition.
+# Example: Uncommenting the line below will create a ticket for Windows 10/11 Pro.
+# $Pfn = "Microsoft.Windows.48.X19-98841_8wekyb3d8bbwe"
+
+$SessionIdStr = "OSMajorVersion=5;OSMinorVersion=1;OSPlatformId=2;PP=0;Pfn=$Pfn;PKeyIID=465145217131314304264339481117862266242033457260311819664735280;"
+$SessionId = [Convert]::ToBase64String([Text.Encoding]::Unicode.GetBytes($SessionIdStr + [char]0))
+$PropertiesStr = "OA3xOriginalProductId=;OA3xOriginalProductKey=;SessionId=$SessionId;TimeStampClient=2022-10-11T12:00:00Z"
+$SignatureStr = SignProperties $PropertiesStr $rsa
+
+$xml = @"
+<?xml version="1.0" encoding="utf-8"?><genuineAuthorization xmlns="http://www.microsoft.com/DRM/SL/GenuineAuthorization/1.0"><version>1.0</version><genuineProperties origin="sppclient"><properties>$PropertiesStr</properties><signatures><signature name="clientLockboxKey" method="rsa-sha256">$SignatureStr</signature></signatures></genuineProperties></genuineAuthorization>
+"@
+[System.IO.File]::WriteAllText("C:\Files\GenuineTicket.xml", ($xml -join ""), [System.Text.Encoding]::ASCII)
 ```
 -   A GenuineTicket.xml file should be created in the `C:\Files\` folder.

-**Notes:**
-
-   There are two types of tickets: Lockbox and Downlevel. If the system is already activated, then the created ticket will be a Lockbox ticket. If not, it will be a Downlevel ticket.
-   To make the exact ticket used by the MAS script for HWID activation, make sure the system is already activated and change the time with the below PowerShell command. Then, start the ticket generation process according to the steps above.\
-    `Set-TimeZone -Id "UTC"; $date=[datetime]"2022/10/11 12:00";while($true){set-date $date; start-sleep -milliseconds 10}`
-
+------------------------------------------------------------------------

 ## Setup Preactivate