daily pastebin goal
22%
SHARE
TWEET

Untitled

a guest Oct 8th, 2017 161 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #include <mbedtls/des.h>
  2. #include <mbedtls/md5.h>
  3. #include <stdio.h>
  4. #include <Windows.h>
  5. #include <IPHlpApi.h>
  6. #include <ShlObj.h>
  7. #include <Shlwapi.h>
  8.  
  9. #define TRACE 0
  10.  
  11. /* In place DSA-ECB encryption */
  12. void encryptData(const unsigned char *key, unsigned char *msg, size_t len)
  13. {
  14.     mbedtls_des_context ctx;
  15.     mbedtls_des_init(&ctx);
  16.  
  17.     while (len >= 8) {
  18.         mbedtls_des_setkey_enc(&ctx, key);
  19.         mbedtls_des_crypt_ecb(&ctx, msg, msg);
  20.  
  21.         msg += 8;
  22.         len -= 8;
  23.     }
  24.  
  25. #if TRACE
  26.     if (len)
  27.         printf("encryptData: Skipping last %d bytes.\n");
  28. #endif
  29.     mbedtls_des_free(&ctx);
  30. }
  31.  
  32. /* In place DSA-ECB decryption */
  33. void decryptData(const unsigned char *key, unsigned char *msg, size_t len)
  34. {
  35.     mbedtls_des_context ctx;
  36.     mbedtls_des_init(&ctx);
  37.  
  38.     while (len >= 8) {
  39.         mbedtls_des_setkey_enc(&ctx, key);
  40.         mbedtls_des_crypt_ecb(&ctx, msg, msg);
  41.  
  42.         msg += 8;
  43.         len -= 8;
  44.     }
  45.  
  46. #if TRACE
  47.     if (len)
  48.         printf("decryptData: Skipping last %d bytes.\n");
  49. #endif
  50.     mbedtls_des_free(&ctx);
  51. }
  52.  
  53. /* MAC address MD5 hash */
  54. void hashMACAddress(const BYTE *msg, size_t len, BYTE *out)
  55. {
  56.     unsigned char tmp[16];
  57.     char *buf;
  58.  
  59.     if (msg == NULL || !len || out == NULL)
  60.         return;
  61.  
  62.     buf = (char *)malloc(3 * len);
  63.  
  64.     sprintf(buf, "%02X", msg[0]);
  65.     for (size_t i = 1; i < len; i++)
  66.         sprintf(buf + 2 + 3 * (i - 1), "-%02X", msg[i]);
  67.  
  68. #if TRACE
  69.     printf("Hashing interface %s\n", buf);
  70. #endif
  71.  
  72.     mbedtls_md5((unsigned char *)buf, 3 * len - 1, tmp);
  73.  
  74.     for (size_t i = 0; i < 16; i++) {
  75.         sprintf(buf, "%02x", tmp[i]);
  76.         out[2 * i] = buf[0];
  77.         out[2 * i + 1] = buf[1];
  78.     }
  79.  
  80. #if TRACE
  81.     printf("MD5 hash %.32s\n", out);
  82. #endif
  83.  
  84.     free(buf);
  85. }
  86.  
  87. /* Volume serial MD5 hash */
  88. void hashVolumeSerial(DWORD msg, BYTE *out)
  89. {
  90.     unsigned char tmp[16];
  91.     char buf[9];
  92.     int i;
  93.  
  94.     sprintf(buf, "%08X", msg);
  95.  
  96. #if TRACE
  97.     printf("Hashing volume %s\n", buf);
  98. #endif
  99.  
  100.     mbedtls_md5((unsigned char *)buf, 8, tmp);
  101.  
  102.     for (i = 0; i < 16; i++) {
  103.         sprintf(buf, "%02x", tmp[i]);
  104.         out[2 * i] = buf[0];
  105.         out[2 * i + 1] = buf[1];
  106.     }
  107.  
  108. #if TRACE
  109.     printf("MD5 hash %.32s\n", out);
  110. #endif
  111. }
  112.  
  113. /* System time MD5 hash */
  114. void hashSystemTime(SYSTEMTIME *msg, BYTE *out)
  115. {
  116.     unsigned char tmp[16];
  117.     char buf[9];
  118.     int i;
  119.  
  120.     sprintf(buf, "%04d%02d%02d", msg->wYear, msg->wMonth, msg->wDay);
  121. #if TRACE
  122.     printf("Hashing time %s\n", buf);
  123. #endif
  124.  
  125.     mbedtls_md5((unsigned char *)buf, 8, tmp);
  126.  
  127.     for (i = 0; i < 16; i++) {
  128.         sprintf(buf, "%02x", tmp[i]);
  129.         out[2 * i] = buf[0];
  130.         out[2 * i + 1] = buf[1];
  131.     }
  132.  
  133. #if TRACE
  134.     printf("MD5 hash %.32s\n", out);
  135. #endif
  136. }
  137.  
  138. const BYTE terminator[] = "\x00\xff\xff\xff\xff\xff\xff\xff";
  139.  
  140. // unknown purpose, but needs to be unique
  141. const BYTE unknown[] = "deadbeef000000000000000000000000";
  142.  
  143. struct KeyNamePair
  144. {
  145.     const char * key;
  146.     const char * name;
  147. };
  148.  
  149. KeyNamePair knp[] =
  150. {
  151.     { "LA56KHYE", "CTLT99HB0X.kga"  },
  152.     { "S3MP42XB", "CTLT46HL1X.kga"  },
  153.     { "KYE08ZY3", "CTLT72HL2X.kga"  },
  154.     { "A31OKL25", "CTLT11HL3X.kga"  },
  155.     { "6K5YEHLA", "CTLT47H9X2.kga"  }, //
  156.     { "PX432SBM", "CTLT21H1X2.kga"  }, //
  157.     { "ZKY03YE8", "CTLT02H0X2.kga"  }, //
  158.     { "OKLA2153", "CTLTD2H3X2.kga"  }, //
  159.     { "NH5L2P13", "CTLT9SJDX2.kga"  }, //
  160.     { "BDC5687E", "CTLXS2Q3X2.kga"  }, //
  161.     { "23A3693F", "CTLO3H65X2.kga"  }, //
  162.     { "OAMDWHRH", "CTLMN34SX2.kga"  }, //
  163.     { "OTRTTRTR", "CTLNBK2HX2.kga"  }, //
  164.     { "OARPTNDH", "CTLLAS4HX2.kga"  }, //
  165.     { "OMNPMHHH", "CTLPS4HTX2.kga"  }, //!
  166.     { "AKSMRTSD", "CTLI37CVX2.kga"  }, //
  167.     { "F1GY89SE", "CTLUE8XYX2.kga"  }, //
  168.     { "L3IUZSK3", "CTLS2SR4X2.kga"  }, //
  169.     { "JH578SAA", "CTLT53HURX.kga"  },
  170.     { "LWR232SZ", "CTD5H2W3DK.kga"  },
  171.     { "XR2AG82P", "CTD1JXF23A.kga"  }, //*
  172.     { "P23DSU4S", "CTT78HSK12.kga"  },
  173.     { "P32LUD17", "CTT92KD23N.kga"  },
  174.     { "X34DSL1S", "CTD3SPO23G.kga"  },
  175.     { "ZL00SEW3", "CTLE2C3BA1.kga"  },
  176.     { "H34T2GW2", "CTH6K23AS7.kga"  },
  177.     { "BX32DNEK", "CTA30CF234.kga"  }, //
  178.     { "6BDF7E41", "CTA200FF2D.kga"  }, //
  179.     { "J8K23NM2", "CTAE90C24A.kga"  }, //
  180.     { "IH68ULK0", "CTLD2JX234.kga"  }, //
  181.     { "K53SFR23", "CTLD14KLI5.kga"  }, //
  182.     { "LQW341ME", "CTL42SW23M.kga"  }, //
  183.     { "M21PWSZ0", "CTLP22SV21.kga"  }, //
  184.     { "GN3E92V4", "CTLA20RVB5.kga"  }, //*
  185.     { "R260D5PX", "CTL34AF61R.kga"  }, //
  186. };
  187.  
  188. void GenKga(const char * key, const char * filename)
  189. {
  190.     DWORD ret, adapterCount, hashCount, volumeSerial;
  191.     ULONG len;
  192.     PIP_ADAPTER_INFO adapters, adap;
  193.     PBYTE hashes, hash;
  194.     CHAR buf[256];
  195.     INT drive;
  196.     SYSTEMTIME time;
  197.     FILE *file;
  198.  
  199.     printf("Generating %s\n", filename);
  200.  
  201.     adapterCount = 1;
  202.  
  203.     len = adapterCount * sizeof(IP_ADAPTER_INFO);
  204.     adapters = (PIP_ADAPTER_INFO)malloc(len);
  205.  
  206.     if ((ret = GetAdaptersInfo(adapters, &len)) == ERROR_BUFFER_OVERFLOW)
  207.         adapters = (PIP_ADAPTER_INFO)realloc(adapters, len);
  208.  
  209.     if (GetAdaptersInfo(adapters, &len) != NO_ERROR) {
  210.         fprintf(stderr, "GetAdapterInfo failed, aborting.\n");
  211.         free(adapters);
  212.         exit(1);
  213.     }
  214.  
  215.     adapterCount = 0;
  216.     adap = adapters;
  217.     while (adap) {
  218.         adapterCount++;
  219.         adap = adap->Next;
  220.     }
  221.  
  222. #if TRACE
  223.     printf("Adapter count: %d\n", adapterCount);
  224. #endif
  225.     hashCount = adapterCount + 3;
  226.     hash = hashes = (PBYTE)malloc((32 * hashCount) + 8);
  227.  
  228.     adap = adapters;
  229.     while (adap) {
  230.         if (adap->AddressLength) {
  231.             hashMACAddress(adap->Address, adap->AddressLength, hash);
  232.             hash += 32;
  233.         }
  234.         else {
  235.             hashCount--;
  236.         }
  237.         adap = adap->Next;
  238.     }
  239.     free(adapters);
  240.  
  241.     GetSystemDirectory(buf, 256);
  242.     drive = PathGetDriveNumber(buf);
  243.     sprintf(buf, "%C:\\", 'A' + drive);
  244.     GetVolumeInformation(buf, NULL, 0, &volumeSerial, NULL, NULL, NULL, 0);
  245.     hashVolumeSerial(volumeSerial, hash);
  246.     hash += 32;
  247.  
  248.     memcpy(hash, unknown, 32);
  249.     hash += 32;
  250.  
  251.     GetSystemTime(&time);
  252.     hashSystemTime(&time, hash);
  253.     hash += 32;
  254.  
  255.     memcpy(hash, terminator, 8);
  256.  
  257.     encryptData((unsigned char *)key, (unsigned char *)hashes, (32 * hashCount) + 8);
  258.  
  259.     file = fopen(filename, "wb+");
  260.     fwrite(hashes, (32 * hashCount) + 8, 1, file);
  261.     fclose(file);
  262.  
  263.     free(hashes);
  264.  
  265. #if TRACE
  266.     printf("\n");
  267. #endif
  268. }
  269.  
  270. int main(int argc, char *argv[])
  271. {
  272.     char szPath[MAX_PATH];
  273.     if (SUCCEEDED(SHGetFolderPathA(NULL, CSIDL_COMMON_APPDATA, NULL, SHGFP_TYPE_CURRENT, szPath)))
  274.     {
  275.         strcat_s(szPath, "\\Creative\\SoftwareLock");
  276.  
  277.         int error = SHCreateDirectoryExA(NULL, szPath, NULL);
  278.         if (error == ERROR_SUCCESS || error == ERROR_FILE_EXISTS || error == ERROR_ALREADY_EXISTS)
  279.             SetCurrentDirectoryA(szPath);
  280.  
  281.         ZeroMemory(szPath, sizeof(szPath));
  282.     }
  283.  
  284.     GetCurrentDirectoryA(MAX_PATH, szPath);
  285.     printf("%s\n", szPath);
  286.  
  287.     for (int i = 0; i < sizeof(knp) / sizeof(KeyNamePair); i++)
  288.     {
  289.         GenKga(knp[i].key, knp[i].name);
  290.     }
  291.  
  292.     return 0;
  293. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top