XP CD Key Extractor (C++)

[Iain]

I came across some C++ code which builds an extractor for the XP CD Key (it also works on Windows 2000). I use Visual C++ Express Edition (and occasionally Dev-C++) and tried to compile it but it generated a load of errors. In addition to the .cpp file, there were .dsp and .dsw files (otherwise they had the same name as the .cpp file). Is it likely that I could compile it with the compilers that I have, or would I need another compiler?

The reason that I'm asking here is because it might be a nice addition to a USB key and, in general, I like to know what's happening in the apps that I use (hence I like to build the .exe myself). If I can't get this to compile, I suspect that I'd have to rely on something else to get the CD Key. I've heard of RockXP but have no experience of this. What are the feelings of this community about other software to get the key from the registry?

[pseudobreed]

I have used RockXP many o times before for people who needed a computer rebuilt but lost their current XP product key, works great.

The new version actually has a dumper built into, however, it's based off pwdump code and can throw the lsass.exe into berzerk mode that will shutdown the computer. The new version also will extract CD-Keys from other products such as Office XP.

I just ran into the same problem you are having with compiling code. I used to have Visual Studio 2005 when I was a developer (Came with MSDN) and I can not seem to find it. So, I downloaded the free express edition and started coding in it. When it came time to build my project I was getting a crap load of errors and it could not find some of the headers I wanted to include (Mainly windows.h).

I read up on why this was happening, and most people were having the same problem. I tried some fixes other posted but I never could get the thing to compile. I guess Im going to have to ride back up to my old work and borrow VS2005 again.

* I just found this link. It has links to the new SDK's and how to compile off the command line. Im going to try this out later.

[PoyBoy]

Cool! I think theres one built into one of the switchblades, not sure though how that one works though.

[Iain]

Thank you for the responses. The code that I saw produces the output at a console, rather than a nice graphical interface. I just wonder if it will work from an MS DOS boot disk. I'll give it a go because it would be a great addition to a USB software toolkit if windows isn't working. Files could be stripped off (maybe using a live linux CD), the XP COA obtained and then the OS reinstalled.

BTW, am I right in thinking that RockXP is "stand alone" so it could be used from a USB key, rather than having to be installed? It makes no sense if it has to be installed because, in general, the software would be needed just once on a PC.

[PoyBoy]

Be sure to boot the boot disk on a new page in the wiki!!!!

[pseudobreed]

The one in the switchblade uses pwdump and it causes the same thing with lsass.exe

I used fgdump and it checks to see if it can dump before actually attempting to do so. This way, if it can not it will not force the machine to shutdown and you just get a log file instead of the hashes.

I want to try this on an Active Directory machine to see if it works on those accounts.

[Deveant]

^^ i use to use pwdump a while ago now, and found that pretty much every PC (well the ones of interest) had all ways of defending it, so i ended up programing my own XP CD Key Dump, its called MSXPKeyD (Microsoft XP Key Dump) and pretty much just dumps the CD Key and the running OS, i created it and put it on a Game CD so that when i went to LAN Partys and shared my Disks ppl ended up sending out there Keys to my Network address, this copy though dumps the data to the app directory. its pretty simple just run program, and was programed in VB6, and b4 u flame me it was done in VB6 becuase the C++ version i made kept flagging ZoneAlarm and Windows Firewall, this version made in VB6 runs perfectly stealth to the firewalls, Windows trust windows made ^^ if u want the source just say so and ill post it but yeah just so u know its not C++ just simply VB6.

MSXPKeyD can be downloaded for http://72.21.48.178/tools/MSXPKeyD.exe for now till i move it, mabye it can be used on switchblade ^^ lol.

[Emilml]

Thats a nice prog thx :D

another +1 stealth point for the switchblade if it gets in :D

[pseudobreed]

@Deveant

pwdump does not dump out a product key. It dumps out the hashes in the SAM.

[Deveant]

sorry ment keydump, its made by the same ppl and uses the same methods, though Symantec finds it as pwdump

[Darren Kitchen]

If we could get a PWdump equiv that doesnt set off anti-virus, and can be run by guest (possibly using the hack posted earlier about reading/writing protected files) that would be awesome.

Nice prog Deveant

[Deveant]

lol i just owned my PC attacking SAM T_T though the good news is that it worked, as a guest account i got my root admin LM's then of my Laptop rainbowed it and all went fine, till i logged out and tryed to sign in again... So now with a fresh install of XP and not much else on my PC i try again!

[pseudobreed]

Ill have to check out the code in pwdump and see if I can offer any help.

Oh, and if you screw up your SAM again, use this. It has saved me before.

Just burn the iso, and if you loose your accounts, boot from the CD and it can rebuild the SAM hashes.

I have never got the thing to work changing the password, however, I have got it to work by just blanking out the password.

[ChevronX]

Jellybean Keyfinder is an awesome application for that usage as well.

[ChevronX]

Jellybean Keyfinder is an awesome application for that usage as well.

[PoyBoy]

Interesting double post, 2 minutes apart. Server glitch?