Got an iPhone or iPad? We have a brand new Pastebin App for both devices, and it's totally free! Click here to download the new Pastebin App for iOS.
Public Pastes
Guest

Untitled

By: a guest on Feb 16th, 2010  |  syntax: Python  |  size: 8.30 KB  |  hits: 16,836  |  expires: Never
download  |  raw  |  embed  |  report abuse
Copied
  1. #! /usr/bin/python
  2.  
  3. # ineptkey.pyw, version 4.3
  4.  
  5. # To run this program install Python 2.6 from http://www.python.org/download/
  6. # and PyCrypto from http://www.voidspace.org.uk/python/modules.shtml#pycrypto
  7. # (make sure to install the version for Python 2.6).  Save this script file as
  8. # ineptkey.pyw and double-click on it to run it.  It will create a file named
  9. # adeptkey.der in the same directory.  These are your ADEPT user keys.
  10.  
  11. # Revision history:
  12. #   1 - Initial release, for Adobe Digital Editions 1.7
  13. #   2 - Better algorithm for finding pLK; improved error handling
  14. #   3 - Rename to INEPT
  15. #   4.1 - quick beta fix for ADE 1.7.2 (anon)
  16. #   4.2 - added old 1.7.1 processing
  17. #   4.3 - better key search
  18.  
  19.  
  20. """
  21. Retrieve Adobe ADEPT user key under Windows.
  22. """
  23.  
  24. from __future__ import with_statement
  25.  
  26. __license__ = 'GPL v3'
  27.  
  28. import sys
  29. import os
  30. from struct import pack
  31. from ctypes import windll, c_char_p, c_wchar_p, c_uint, POINTER, byref, \
  32.     create_unicode_buffer, create_string_buffer, CFUNCTYPE, addressof, \
  33.     string_at, Structure, c_void_p, cast
  34. import _winreg as winreg
  35. import Tkinter
  36. import Tkconstants
  37. import tkMessageBox
  38. import traceback
  39. import hashlib
  40. import pickle
  41.  
  42.  
  43. try:
  44.     from Crypto.Cipher import AES
  45. except ImportError:
  46.     AES = None
  47.  
  48.  
  49. DEVICE_KEY = 'Software\\Adobe\\Adept\\Device'
  50. PRIVATE_LICENCE_KEY = 'Software\\Adobe\\Adept\\Activation\\%04d'
  51. PRIVATE_LICENCE_KEY_KEY = 'Software\\Adobe\\Adept\\Activation\\%04d\\%04d'
  52. ACTIVATION = 'Software\\Adobe\\Adept\\Activation\\'
  53.  
  54. MAX_PATH = 255
  55.  
  56. kernel32 = windll.kernel32
  57. advapi32 = windll.advapi32
  58. crypt32 = windll.crypt32
  59.  
  60.  
  61. class ADEPTError(Exception):
  62.     pass
  63.  
  64.  
  65. def GetSystemDirectory():
  66.     GetSystemDirectoryW = kernel32.GetSystemDirectoryW
  67.     GetSystemDirectoryW.argtypes = [c_wchar_p, c_uint]
  68.     GetSystemDirectoryW.restype = c_uint
  69.     def GetSystemDirectory():
  70.         buffer = create_unicode_buffer(MAX_PATH + 1)
  71.         GetSystemDirectoryW(buffer, len(buffer))
  72.         return buffer.value
  73.     return GetSystemDirectory
  74. GetSystemDirectory = GetSystemDirectory()
  75.  
  76.  
  77. def GetVolumeSerialNumber():
  78.     GetVolumeInformationW = kernel32.GetVolumeInformationW
  79.     GetVolumeInformationW.argtypes = [c_wchar_p, c_wchar_p, c_uint,
  80.                                       POINTER(c_uint), POINTER(c_uint),
  81.                                       POINTER(c_uint), c_wchar_p, c_uint]
  82.     GetVolumeInformationW.restype = c_uint
  83.     def GetVolumeSerialNumber(path):
  84.         vsn = c_uint(0)
  85.         GetVolumeInformationW(path, None, 0, byref(vsn), None, None, None, 0)
  86.         return vsn.value
  87.     return GetVolumeSerialNumber
  88. GetVolumeSerialNumber = GetVolumeSerialNumber()
  89.  
  90.  
  91. def GetUserName():
  92.     GetUserNameW = advapi32.GetUserNameW
  93.     GetUserNameW.argtypes = [c_wchar_p, POINTER(c_uint)]
  94.     GetUserNameW.restype = c_uint
  95.     def GetUserName():
  96.         buffer = create_unicode_buffer(32)
  97.         size = c_uint(len(buffer))
  98.         while not GetUserNameW(buffer, byref(size)):
  99.             buffer = create_unicode_buffer(len(buffer) * 2)
  100.             size.value = len(buffer)
  101.         return buffer.value.encode('utf-16-le')[::2]
  102.     return GetUserName
  103. GetUserName = GetUserName()
  104.  
  105.  
  106. CPUID0_INSNS = create_string_buffer("\x53\x31\xc0\x0f\xa2\x8b\x44\x24\x08\x89"
  107.                                     "\x18\x89\x50\x04\x89\x48\x08\x5b\xc3")
  108. def cpuid0():
  109.     buffer = create_string_buffer(12)
  110.     cpuid0__ = CFUNCTYPE(c_char_p)(addressof(CPUID0_INSNS))
  111.     def cpuid0():
  112.         cpuid0__(buffer)
  113.         return buffer.raw
  114.     return cpuid0
  115. cpuid0 = cpuid0()
  116.  
  117.  
  118. CPUID1_INSNS = create_string_buffer("\x53\x31\xc0\x40\x0f\xa2\x5b\xc3")
  119. cpuid1 = CFUNCTYPE(c_uint)(addressof(CPUID1_INSNS))
  120.  
  121.  
  122. class DataBlob(Structure):
  123.     _fields_ = [('cbData', c_uint),
  124.                 ('pbData', c_void_p)]
  125. DataBlob_p = POINTER(DataBlob)
  126.  
  127. def CryptUnprotectData():
  128.     _CryptUnprotectData = crypt32.CryptUnprotectData
  129.     _CryptUnprotectData.argtypes = [DataBlob_p, c_wchar_p, DataBlob_p,
  130.                                    c_void_p, c_void_p, c_uint, DataBlob_p]
  131.     _CryptUnprotectData.restype = c_uint
  132.     def CryptUnprotectData(indata, entropy):
  133.         indatab = create_string_buffer(indata)
  134.         indata = DataBlob(len(indata), cast(indatab, c_void_p))
  135.         entropyb = create_string_buffer(entropy)
  136.         entropy = DataBlob(len(entropy), cast(entropyb, c_void_p))
  137.         outdata = DataBlob()
  138.         if not _CryptUnprotectData(byref(indata), None, byref(entropy),
  139.                                    None, None, 0, byref(outdata)):
  140.             raise ADEPTError("Failed to decrypt user key key (sic)")
  141.         return string_at(outdata.pbData, outdata.cbData)
  142.     return CryptUnprotectData
  143. CryptUnprotectData = CryptUnprotectData()
  144.  
  145.  
  146. def retrieve_key(keypath):
  147.     root = GetSystemDirectory().split('\\')[0] + '\\'
  148.     serial = GetVolumeSerialNumber(root)
  149.     vendor = cpuid0()
  150.     signature = pack('>I', cpuid1())[1:]
  151.     user = GetUserName()
  152.     entropy = pack('>I12s3s13s', serial, vendor, signature, user)
  153.     cuser = winreg.HKEY_CURRENT_USER
  154.     try:
  155.         regkey = winreg.OpenKey(cuser, DEVICE_KEY)
  156.     except WindowsError:
  157.         raise ADEPTError("Adobe Digital Editions not activated")
  158.     device = winreg.QueryValueEx(regkey, 'key')[0]
  159.     keykey = CryptUnprotectData(device, entropy)
  160.     userkey = None
  161.     pkcs = None
  162.     keys = {}
  163.     counter = 0
  164.     for i in xrange(0, 16):
  165.         skey = PRIVATE_LICENCE_KEY % i
  166.         try:
  167.             regkey = winreg.OpenKey(cuser, skey)
  168.         except WindowsError:
  169.             break
  170.         type = winreg.QueryValueEx(regkey, None)[0]
  171.         # obfuscation technique
  172.         if type != 'credentials':
  173.             continue
  174.         for j in xrange(0, 16):
  175.             plkkey = PRIVATE_LICENCE_KEY_KEY  % (i, j)
  176.             try:
  177.                 regkey = winreg.OpenKey(cuser, plkkey)                
  178.             except WindowsError:
  179.                 break
  180.             type = winreg.QueryValueEx(regkey, None)[0]            
  181.             if type != 'privateLicenseKey':
  182.                 continue
  183.             userkey = winreg.QueryValueEx(regkey, 'value')[0]
  184.             break
  185.         for j in xrange(0, 16):
  186.             plkkey = PRIVATE_LICENCE_KEY_KEY  % (i, j)
  187.             try:
  188.                 pkcs = winreg.OpenKey(cuser, plkkey)  
  189.             except WindowsError:
  190.                 break
  191.             type = winreg.QueryValueEx(pkcs, None)[0]
  192.             if type != 'pkcs12':
  193.                 continue
  194.             pkcs = winreg.QueryValueEx(pkcs, 'value')[0]
  195.             break
  196.     if pkcs is None:      
  197.         raise ADEPTError('Could not locate PKCS specification')
  198.     if userkey is None:
  199.         raise ADEPTError('Could not locate privateLicenseKey')
  200.     userkey = userkey.decode('base64')
  201.     userkey = AES.new(keykey, AES.MODE_CBC).decrypt(userkey)
  202.     userkey = userkey[26:-ord(userkey[-1])]
  203.     with open(keypath, 'wb') as f:
  204.         f.write(userkey)
  205.     return
  206.  
  207. class ExceptionDialog(Tkinter.Frame):
  208.     def __init__(self, root, text):
  209.         Tkinter.Frame.__init__(self, root, border=5)
  210.         label = Tkinter.Label(self, text="Unexpected error:",
  211.                               anchor=Tkconstants.W, justify=Tkconstants.LEFT)
  212.         label.pack(fill=Tkconstants.X, expand=0)
  213.         self.text = Tkinter.Text(self)
  214.         self.text.pack(fill=Tkconstants.BOTH, expand=1)
  215.         self.text.insert(Tkconstants.END, text)
  216.  
  217.  
  218. def main(argv=sys.argv):
  219.     root = Tkinter.Tk()
  220.     root.withdraw()
  221.     progname = os.path.basename(argv[0])
  222.     if AES is None:
  223.         tkMessageBox.showerror(
  224.             "ADEPT Key",
  225.             "This script requires PyCrypto, which must be installed "
  226.             "separately.  Read the top-of-script comment for details.")
  227.         return 1
  228.     keypath = 'adeptkey.der'
  229.     try:
  230.         retrieve_key(keypath)
  231.     except ADEPTError, e:
  232.         tkMessageBox.showerror("ADEPT Key", "Error: " + str(e))
  233.         return 1
  234.     except Exception:
  235.         root.wm_state('normal')
  236.         root.title('ADEPT Key')
  237.         text = traceback.format_exc()
  238.         ExceptionDialog(root, text).pack(fill=Tkconstants.BOTH, expand=1)
  239.         root.mainloop()
  240.         return 1
  241.     tkMessageBox.showinfo(
  242.         "ADEPT Key", "Key successfully retrieved to %s" % (keypath))
  243.     return 0
  244.  
  245. if __name__ == '__main__':
  246.     sys.exit(main())
create a new version of this paste RAW Paste Data