ida9.0 python keygen（来自国外网友，仅转载）

AronnaxM · 发表于 2024-11-24 16:49

论坛版规里说不能发注册鸡和颇解成品，但是我看到好几个IDA泄露、补丁相关的帖子，H大在下面还留言了，所以我发出来试试。如有违规，还有劳管理员大大帮忙删除。
以下是IDA9.0 Win端的Keygen python源码，已征询到转载许可。作者是国外的 alula 和 HTC 两位大佬。
如果这类能发，欢迎需要的坛友在下面回帖，但本人1-5无法上线回复

[Python] 纯文本查看 复制代码

001

002

003

004

005

006

007

008

009

010

011

012

013

014

015

016

017

018

019

020

021

022

023

024

025

026

027

028

029

030

031

032

033

034

035

036

037

038

039

040

041

042

043

044

045

046

047

048

049

050

051

052

053

054

055

056

057

058

059

060

061

062

063

064

065

066

067

068

069

070

071

072

073

074

075

076

077

078

079

080

081

082

083

084

085

086

087

088

089

090

091

092

093

094

095

096

097

098

099

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

import hashlib
import json
import os
 
# originally made by alula
license = {
    "header": {"version": 1},
    "payload": {
        "name": "TQN",
        "email": "bccb.htc@gmail.comn",
        "licenses": [
            {
                "description": "license",
                "edition_id": "ida-pro",
                "id": "48-2137-ACAB-99",
                "license_type": "named",
                "product": "IDA",
                "seats": 1,
                "start_date": "2024-08-10 00:00:00",
                "end_date": "2033-12-31 23:59:59",  # This can't be more than 10 years!
                "issued_on": "2024-08-10 00:00:00",
                "owner": "",
                "product_id": "IDAPRO",
                "add_ons": [
                    # {
                    #     "id": "48-1337-DEAD-01",
                    #     "code": "HEXX86L",
                    #     "owner": "48-0000-0000-00",
                    #     "start_date": "2024-08-10 00:00:00",
                    #     "end_date": "2033-12-31 23:59:59",
                    # },
                    # {
                    #     "id": "48-1337-DEAD-02",
                    #     "code": "HEXX64L",
                    #     "owner": "48-0000-0000-00",
                    #     "start_date": "2024-08-10 00:00:00",
                    #     "end_date": "2033-12-31 23:59:59",
                    # },
                ],
                "features": [],
            },
        ],
    },
}
 
 
def add_every_addon(license):
    platforms = [
        "W",  # Windows
        "L",  # Linux
        "M",  # macOS
    ]
    addons = [
        "HEXX86",
        "HEXX64",
        "HEXARM",
        "HEXARM64",
        "HEXMIPS",
        "HEXMIPS64",
        "HEXPPC",
        "HEXPPC64",
        "HEXRV64",
        "HEXARC",
        "HEXARC64",
        # Probably cloud?
        # "HEXCX86",
        # "HEXCX64",
        # "HEXCARM",
        # "HEXCARM64",
        # "HEXCMIPS",
        # "HEXCMIPS64",
        # "HEXCPPC",
        # "HEXCPPC64",
        # "HEXCRV",
        # "HEXCRV64",
        # "HEXCARC",
        # "HEXCARC64",
    ]
 
    i = 0
    for addon in addons:
        i += 1
        license["payload"]["licenses"][0]["add_ons"].append(
            {
                "id": f"48-1337-DEAD-{i:02}",
                "code": addon,
                "owner": license["payload"]["licenses"][0]["id"],
                "start_date": "2024-08-10 00:00:00",
                "end_date": "2033-12-31 23:59:59",
            },
        )
 
 
add_every_addon(license)
 
 
def json_stringify_alphabetical(obj) -> str:
    return json.dumps(obj, sort_keys=True, separators=(",", ":"))
 
 
def buf_to_bigint(buf: bytes) -> int:
    return int.from_bytes(buf, byteorder="little")
 
 
def bigint_to_buf(i):
    return i.to_bytes((i.bit_length() + 7) // 8, byteorder="little")
 
 
# Yup, you only have to patch 5c -> cb in libida64.so
pub_modulus_hexrays: int = buf_to_bigint(
    bytes.fromhex(
        "edfd425cf978546e8911225884436c57140525650bcf6ebfe80edbc5fb1de68f4c66c29cb22eb668788afcb0abbb718044584b810f8970cddf227385f75d5dddd91d4f18937a08aa83b28c49d12dc92e7505bb38809e91bd0fbd2f2e6ab1d2e33c0c55d5bddd478ee8bf845fcef3c82b9d2929ecb71f4d1b3db96e3a8e7aaf93",
    ),
)
pub_modulus_patched: int = buf_to_bigint(
    bytes.fromhex(
        "edfd42cbf978546e8911225884436c57140525650bcf6ebfe80edbc5fb1de68f4c66c29cb22eb668788afcb0abbb718044584b810f8970cddf227385f75d5dddd91d4f18937a08aa83b28c49d12dc92e7505bb38809e91bd0fbd2f2e6ab1d2e33c0c55d5bddd478ee8bf845fcef3c82b9d2929ecb71f4d1b3db96e3a8e7aaf93",
    ),
)
 
private_key: int = buf_to_bigint(
    bytes.fromhex(
        "77c86abbb7f3bb134436797b68ff47beb1a5457816608dbfb72641814dd464dd640d711d5732d3017a1c4e63d835822f00a4eab619a2c4791cf33f9f57f9c2ae4d9eed9981e79ac9b8f8a411f68f25b9f0c05d04d11e22a3a0d8d4672b56a61f1532282ff4e4e74759e832b70e98b9d102d07e9fb9ba8d15810b144970029874",
    ),
)
 
 
def decrypt(message) -> bytes:
    bdecrypted: int = pow(buf_to_bigint(message), exponent, pub_modulus_patched)
    decrypted: bytes = bigint_to_buf(bdecrypted)
    return decrypted[::-1]
 
 
def encrypt(message) -> bytes:
    encrypted = pow(buf_to_bigint(message[::-1]), private_key, pub_modulus_patched)
    encrypted = bigint_to_buf(encrypted)
    return encrypted
 
 
exponent = 0x13
 
 
def sign_hexlic(payload: dict) -> str:
    data = {"payload": payload}
    data_str = json_stringify_alphabetical(data)
 
    buffer = bytearray(128)
    # first 33 bytes are random
    for i in range(33):
        buffer[i] = 0x42
 
    # compute sha256 of the data
    sha256 = hashlib.sha256()
    sha256.update(data_str.encode())
    digest = sha256.digest()
 
    # copy the sha256 digest to the buffer
    for i in range(32):
        buffer[33 + i] = digest[i]
 
    # encrypt the buffer
    encrypted = encrypt(buffer)
 
    return encrypted.hex().upper()
 
 
def generate_patched_dll(filename) -> None:
    if not os.path.exists(filename):
        print(f"Didn't find {filename}, skipping patch generation")
        return
 
    with open(filename, "rb") as f:
        data = f.read()
 
        if data.find(bytes.fromhex("EDFD42CBF978")) != -1:
            print(f"{filename} looks to be already patched :)")
            return
 
        if data.find(bytes.fromhex("EDFD425CF978")) == -1:
            print(f"{filename} doesn't contain the original modulus.")
            return
 
        data = data.replace(
            bytes.fromhex("EDFD425CF978"),
            bytes.fromhex("EDFD42CBF978"),
        )
 
        patched_filename = f"{filename}.patched"
        with open(patched_filename, "wb") as f:
            f.write(data)
 
        print(
            f"Generated modulus patch to {patched_filename}! To apply the patch, replace the original file with the patched file",
        )
 
 
license["signature"] = sign_hexlic(license["payload"])
 
message = bytes.fromhex(license["signature"])
print(decrypt(message).hex())
print(encrypt(decrypt(message)).hex())
 
serialized = json_stringify_alphabetical(license)
 
# write to ida.hexlic
filename = "idapro.hexlic"
 
with open(filename, "w") as f:
    f.write(serialized)
 
print(f"Saved new license to {filename}!")
 
generate_patched_dll("ida32.dll")
generate_patched_dll("ida.dll")
generate_patched_dll("libida32.so")
generate_patched_dll("libida.so")
generate_patched_dll("libida32.dylib")
generate_patched_dll("libida.dylib")

pingsky · 发表于 2025-1-3 12:02

我比较喜欢 IDA 9.0.240925 v2 这个版本, 也就是楼主提供的下载链接. 下载完成之后, 去找 "IDA Pro 9.0 RC1 全平台安装包及 patch脚本.torrent" 这个种子，下载里面的: kg_patch 目录, 里面包含有keygen2.py (为了方便, 附件提供下载), 打开这个文件, 修改如下源码:

"name": "elf", -> 随便替换一个名字

"email": "elv@ven", -> 随便替换一个邮箱

"issued_on": "2024-08-10 00:00:00", -> 修正授权文件发行时间

修改好之后把keygen2.py文件复制到 IDA 9.0.240925 v2的安装目录, 运行即可, 如果成功的话, 会出现: ida.dll.patched, ida32.dll.patched, idapro.hexlic . 这3个文件就是破解好的文件了, 然后备份原版的ida.dll, ida32.dll, 把 ida.dll.patched，ida32.dll.patched 文件从命名为: ida.dll, ida32.dll.
=========================================
转自看雪，标记，以备后续自用。

wyp123 · 发表于 2024-11-25 09:01

这个就是https://auth.lol/这个网站里面的吧，在没有被dma前，安装包和kegen都有

nicksean · 发表于 2024-11-25 09:19

谢谢分享，暂时用不上

ml1121608 · 发表于 2024-11-25 10:49

谢谢分享

litgle · 发表于 2024-11-25 11:12

楼主优秀！！！手动点赞

sdieedu · 发表于 2024-11-25 12:18

感谢分享

jiang8888 · 发表于 2024-11-25 12:57

谢谢分享,学习一下

db123 · 发表于 2024-11-25 13:04

谢谢分享。

graywolfz · 发表于 2024-11-25 13:50

学习一下，正好需要。

shaunkelly · 发表于 2024-11-25 15:32

wyp123 发表于 2024-11-25 09:01
这个就是https://auth.lol/这个网站里面的吧，在没有被dma前，安装包和kegen都有

应该是的

帐号		自动登录	找回密码
密码			注册[Register]

[Disassemblers] ida9.0 python keygen（来自国外网友，仅转载）

免费评分

本帖被以下淘专辑推荐: