From 72627ef6c412aff33f5d1d657bc6c1a8ef146d58 Mon Sep 17 00:00:00 2001 From: Joaquin Date: Tue, 9 May 2023 19:16:48 +0300 Subject: [PATCH] [HWID] Add Basic Activation Mechanism Add Ticket Generation and Validation Scripts, still heavily unpolished and may contain bugs --- main.js | 29 ++++++++++++++-- package.json | 2 +- webPage/css/dist.css | 4 +++ webPage/winhwid/done.html | 37 ++++++++++++++++++++ webPage/winhwid/genexe.html | 2 +- webPage/winhwid/genticket.html | 63 ++++++++++++++++++++++++++++++++++ webPage/winhwid/ipk.html | 55 +++++++++++++++++++++++++++++ 7 files changed, 187 insertions(+), 5 deletions(-) create mode 100644 webPage/winhwid/done.html create mode 100644 webPage/winhwid/genticket.html create mode 100644 webPage/winhwid/ipk.html diff --git a/main.js b/main.js index 0d0fb9d..a00d1a2 100644 --- a/main.js +++ b/main.js @@ -14,7 +14,7 @@ const createWindow = () => { webPreferences: { nodeIntegration: true, contextIsolation: false, - devTools: true, + devTools: false, }, autoHideMenuBar: true }) @@ -141,7 +141,7 @@ function genExe(){ } } - let exeGenProc = exec('powershell cd C:\\Users\\Public\\ActTicket ; echo "Y-> EXTRACTING GATHEROSSTATE.EXE Z" ; expand .\\14f4df8a2a7fc82a4f415cf6a341415d.cab -F:filf8377e82b29deadca67bc4858ed3fba9 . ; powershell mv .\\filf8377e82b29deadca67bc4858ed3fba9 .\\gatherosstate.exe ; echo "*Modifying Binary Code To Enable Exploit, credit to GamerOSState*" & powershell "" $bytes = [System.IO.File]::ReadAllBytes("""C:\\Users\\Public\\ActTicket\\gatherosstate.exe""") ; $bytes[320] = 0xf8 ; $bytes[321] = 0xfb ; $bytes[322] = 0x05 ; $bytes[324] = 0x03 ; $bytes[13672] = 0x25 ; $bytes[13674] = 0x73 ; $bytes[13676] = 0x3b ; $bytes[13678] = 0x00 ; $bytes[13680] = 0x00 ; $bytes[13682] = 0x00 ; $bytes[13684] = 0x00 ; $bytes[32748] = 0xe9 ; $bytes[32749] = 0x9e ; $bytes[32750] = 0x00 ; $bytes[32751] = 0x00 ; $bytes[32752] = 0x00 ; $bytes[32894] = 0x8b ; $bytes[32895] = 0x44 ; $bytes[32897] = 0x64 ; $bytes[32898] = 0x85 ; $bytes[32899] = 0xc0 ; $bytes[32900] = 0x0f ; $bytes[32901] = 0x85 ; $bytes[32902] = 0x1c ; $bytes[32903] = 0x02 ; $bytes[32904] = 0x00 ; $bytes[32906] = 0xe9 ; $bytes[32907] = 0x3c ; $bytes[32908] = 0x01 ; $bytes[32909] = 0x00 ; $bytes[32910] = 0x00 ; $bytes[32911] = 0x85 ; $bytes[32912] = 0xdb ; $bytes[32913] = 0x75 ; $bytes[32914] = 0xeb ; $bytes[32915] = 0xe9 ; $bytes[32916] = 0x69 ; $bytes[32917] = 0xff ; $bytes[32918] = 0xff ; $bytes[32919] = 0xff ; $bytes[33094] = 0xe9 ; $bytes[33095] = 0x80 ; $bytes[33096] = 0x00 ; $bytes[33097] = 0x00 ; $bytes[33098] = 0x00 ; $bytes[33449] = 0x64 ; $bytes[33576] = 0x8d ; $bytes[33577] = 0x54 ; $bytes[33579] = 0x24 ; $bytes[33580] = 0xe9 ; $bytes[33581] = 0x55 ; $bytes[33582] = 0x01 ; $bytes[33583] = 0x00 ; $bytes[33584] = 0x00 ; $bytes[33978] = 0xc3 ; $bytes[34189] = 0x59 ; $bytes[34190] = 0xeb ; $bytes[34191] = 0x28 ; $bytes[34238] = 0xe9 ; $bytes[34239] = 0x4f ; $bytes[34240] = 0x00 ; $bytes[34241] = 0x00 ; $bytes[34242] = 0x00 ; $bytes[34346] = 0x24 ; $bytes[34376] = 0xeb ; $bytes[34377] = 0x63 ; [System.IO.File]::WriteAllBytes("""C:\\Users\\Public\\ActTicket\\gatherosstatemodified.exe""", $bytes) "" & echo "-> Set exe Compatiblility Mode to xpsp3 in Registry" & powershell start-process powershell -verb runas { reg.exe Add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers" /v "C:\Users\Public\ActTicket\gatherosstatemodified.exe" /d "WINXPSP3" /f } & echo "Y -> File gatherosstatemodified.exe has now been sucesfully pacified and should output DownLevel tickets regardless or conditions met Z"') + let exeGenProc = exec('powershell cd C:\\Users\\Public\\ActTicket ; echo "Y-> EXTRACTING GATHEROSSTATE.EXE Z" ; expand .\\14f4df8a2a7fc82a4f415cf6a341415d.cab -F:filf8377e82b29deadca67bc4858ed3fba9 . ; powershell mv .\\filf8377e82b29deadca67bc4858ed3fba9 .\\gatherosstate.exe ; echo "*Modifying Binary Code To Enable Exploit, credit to GamerOSState*" & powershell "" $bytes = [System.IO.File]::ReadAllBytes("""C:\\Users\\Public\\ActTicket\\gatherosstate.exe""") ; $bytes[320] = 0xf8 ; $bytes[321] = 0xfb ; $bytes[322] = 0x05 ; $bytes[324] = 0x03 ; $bytes[13672] = 0x25 ; $bytes[13674] = 0x73 ; $bytes[13676] = 0x3b ; $bytes[13678] = 0x00 ; $bytes[13680] = 0x00 ; $bytes[13682] = 0x00 ; $bytes[13684] = 0x00 ; $bytes[32748] = 0xe9 ; $bytes[32749] = 0x9e ; $bytes[32750] = 0x00 ; $bytes[32751] = 0x00 ; $bytes[32752] = 0x00 ; $bytes[32894] = 0x8b ; $bytes[32895] = 0x44 ; $bytes[32897] = 0x64 ; $bytes[32898] = 0x85 ; $bytes[32899] = 0xc0 ; $bytes[32900] = 0x0f ; $bytes[32901] = 0x85 ; $bytes[32902] = 0x1c ; $bytes[32903] = 0x02 ; $bytes[32904] = 0x00 ; $bytes[32906] = 0xe9 ; $bytes[32907] = 0x3c ; $bytes[32908] = 0x01 ; $bytes[32909] = 0x00 ; $bytes[32910] = 0x00 ; $bytes[32911] = 0x85 ; $bytes[32912] = 0xdb ; $bytes[32913] = 0x75 ; $bytes[32914] = 0xeb ; $bytes[32915] = 0xe9 ; $bytes[32916] = 0x69 ; $bytes[32917] = 0xff ; $bytes[32918] = 0xff ; $bytes[32919] = 0xff ; $bytes[33094] = 0xe9 ; $bytes[33095] = 0x80 ; $bytes[33096] = 0x00 ; $bytes[33097] = 0x00 ; $bytes[33098] = 0x00 ; $bytes[33449] = 0x64 ; $bytes[33576] = 0x8d ; $bytes[33577] = 0x54 ; $bytes[33579] = 0x24 ; $bytes[33580] = 0xe9 ; $bytes[33581] = 0x55 ; $bytes[33582] = 0x01 ; $bytes[33583] = 0x00 ; $bytes[33584] = 0x00 ; $bytes[33978] = 0xc3 ; $bytes[34189] = 0x59 ; $bytes[34190] = 0xeb ; $bytes[34191] = 0x28 ; $bytes[34238] = 0xe9 ; $bytes[34239] = 0x4f ; $bytes[34240] = 0x00 ; $bytes[34241] = 0x00 ; $bytes[34242] = 0x00 ; $bytes[34346] = 0x24 ; $bytes[34376] = 0xeb ; $bytes[34377] = 0x63 ; [System.IO.File]::WriteAllBytes("""C:\\Users\\Public\\ActTicket\\gatherosstatemodified.exe""", $bytes) "" & echo "-> Set exe Compatiblility Mode to xpsp3 in Registry" & echo "Y -> File gatherosstatemodified.exe has now been sucesfully pacified and should output DownLevel tickets regardless or conditions met Z"') exeGenProc.stdout.on('data', (data) => { win.webContents.send('stdout', String(data)) @@ -152,7 +152,7 @@ function genExe(){ }) exeGenProc.on('close', () => { - exec('powershell {reg.exe Add `HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers` /v "C:\\ProgramData\\ActTicket\\gatherosstatemodified.exe" /d "WINXPSP3" /f ; echo "`n=======> Put file (gatherosstatemodified.exe) in Windows XP SP3 compatibility mode`n" ; pause}') + exec('powershell start-process powershell -verb runas {reg Add HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\` NT\\CurrentVersion\\AppCompatFlags\\Layers /v "C:\\Users\\Public\\ActTicket\\gatherosstatemodified.exe" /d "WINXPSP3" ; pause }') if(fs.existsSync('C:\\Users\\Public\\ActTicket\\gatherosstatemodified.exe')){ var exeStream = fs.readFileSync('C:\\Users\\Public\\ActTicket\\gatherosstatemodified.exe') @@ -170,6 +170,23 @@ function genExe(){ }) } +function runIpk(){ + exec('powershell start-process powershell -verb runas { cscript C:\\Windows\\System32\\slmgr.vbs /ipk ' + windowsProductKey + ' ; pause }') +} + +function genTicket(){ + let tickGenProc = exec('powershell "cd C:\\Users\\Public\\ActTicket ; $value = (Get-ItemProperty HKLM:\\SYSTEM\\CurrentControlSet\\Control\\ProductOptions).OSProductPfn ; .\\gatherosstatemodified.exe /c Pfn=$value`;DownlevelGenuineState=1 ; sleep 1" & type C:\\Users\\Public\\ActTicket\\GenuineTicket.xml') + + tickGenProc.stdout.on('data', (data) => { + win.webContents.send('ticketout', String(data)) + console.log(data) + }) +} + +function installTicket(){ + exec('powershell start-process powershell -verb runas { clipup -v -o -altto C:\\Users\\Public\\ActTicket ; cscript C:\\Windows\\System32\\slmgr.vbs /ato ; echo `n`n`nWINDOWS ACTIVATED SUCCESFULLY ; start ms-settings:activation ; pause }') +} + ipcMain.on("getCertDetails", getCertDetails) ipcMain.on("setKMS", (event, response) => { @@ -206,6 +223,12 @@ ipcMain.on("downloadexe", downloadExe) ipcMain.on("genexe", genExe) +ipcMain.on("runIpk", runIpk) + +ipcMain.on("genTicket", genTicket) + +ipcMain.on("installTicket", installTicket) + app.whenReady().then(() => { createWindow() }) diff --git a/package.json b/package.json index 1eb7756..9ab6db9 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "univator", - "version": "1.1.5", + "version": "1.2.0", "description": "Microsoft Product Activator", "main": "main.js", "scripts": { diff --git a/webPage/css/dist.css b/webPage/css/dist.css index 5fee79d..4a5f821 100644 --- a/webPage/css/dist.css +++ b/webPage/css/dist.css @@ -629,6 +629,10 @@ Ensure the default browser behavior of the `hidden` attribute. border-radius: 1.5rem; } +.rounded-2xl { + border-radius: 1rem; +} + .bg-transparent { background-color: transparent; } diff --git a/webPage/winhwid/done.html b/webPage/winhwid/done.html new file mode 100644 index 0000000..617e6c6 --- /dev/null +++ b/webPage/winhwid/done.html @@ -0,0 +1,37 @@ + + + + + + + Univator + + + +
+
+ +
+
+

Done.

+

Wait for the confirmation message to appear (might take a bit), and then your product should be fully activated

+
+
+ + + +
+ + +
+ + +
+ +
+ + + + diff --git a/webPage/winhwid/genexe.html b/webPage/winhwid/genexe.html index b79f5f3..fc6da33 100644 --- a/webPage/winhwid/genexe.html +++ b/webPage/winhwid/genexe.html @@ -20,7 +20,7 @@ - + diff --git a/webPage/winhwid/genticket.html b/webPage/winhwid/genticket.html new file mode 100644 index 0000000..8a734b4 --- /dev/null +++ b/webPage/winhwid/genticket.html @@ -0,0 +1,63 @@ + + + + + + + Univator + + + +
+
+ +
+
+

Generate Activation Request Ticket

+
+ + +
+ + + + +
+
+ + + +
+ + +
+ + + + + + diff --git a/webPage/winhwid/ipk.html b/webPage/winhwid/ipk.html new file mode 100644 index 0000000..1b4ac9a --- /dev/null +++ b/webPage/winhwid/ipk.html @@ -0,0 +1,55 @@ + + + + + + + Univator + + + +
+
+ +
+
+

Install Retail Product Key

+

Next we need to install a generic retail product key to make sure windows is not in volume or oem mode

+ +
+ +
+ +
+
+ + + +
+ + +
+ + +
+ +
+ + + + + +