搜索
缓存时间02 现在时间02 缓存数据 曾经以为在一起不需要任何理由,后来发现实在没有理由再在一起。
查看: 474|回复: 3

IDA Pro 9.0.240925 (9.0 RC1)

[复制链接]
发表于 2024-10-3 18:33:53 | 显示全部楼层 |阅读模式

厌倦了滚动浏览相同的帖子?当您创建帐户后,您将始终回到您离开的地方。使用帐户,不仅可以享受无广告的清爽界面!

您需要 登录 才可以下载或查看,没有账号?注册

×
DA Pro 9.0 RC1论坛内好像没有佬发:thinking:,那我先发一个(
安全提醒:逆向软件建议放在虚拟机内运行

反编译器:x86,x64,arm,arm64,mips,ppc,ppc64

适用平台:windows,Intel mac,arm mac,linux

下载链接:https://drive.google.com/drive/f ... aTPPFOOvtJYBqU95qKO


激活脚本:
  1. import json
  2. import hashlib
  3. import os

  4. license = {
  5.     "header": {"version": 1},
  6.     "payload": {
  7.         "name": "elf",
  8.         "email": "elv@ven",
  9.         "licenses": [
  10.             {
  11.                 "description": "license",
  12.                 "edition_id": "ida-pro",
  13.                 "id": "48-2137-ACAB-99",
  14.                 "license_type": "named",
  15.                 "product": "IDA",
  16.                 "seats": 1,
  17.                 "start_date": "2024-08-10 00:00:00",
  18.                 "end_date": "2033-12-31 23:59:59",  # This can't be more than 10 years!
  19.                 "issued_on": "2024-08-10 00:00:00",
  20.                 "owner": "",
  21.                 "product_id": "IDAPRO",
  22.                 "add_ons": [
  23.                     # {
  24.                     #     "id": "48-1337-DEAD-01",
  25.                     #     "code": "HEXX86L",
  26.                     #     "owner": "48-0000-0000-00",
  27.                     #     "start_date": "2024-08-10 00:00:00",
  28.                     #     "end_date": "2033-12-31 23:59:59",
  29.                     # },
  30.                     # {
  31.                     #     "id": "48-1337-DEAD-02",
  32.                     #     "code": "HEXX64L",
  33.                     #     "owner": "48-0000-0000-00",
  34.                     #     "start_date": "2024-08-10 00:00:00",
  35.                     #     "end_date": "2033-12-31 23:59:59",
  36.                     # },
  37.                 ],
  38.                 "features": [],
  39.             }
  40.         ],
  41.     },
  42. }


  43. def add_every_addon(license):
  44.     platforms = [
  45.         "W",  # Windows
  46.         "L",  # Linux
  47.         "M",  # macOS
  48.     ]
  49.     addons = [
  50.         "HEXX86",
  51.         "HEXX64",
  52.         "HEXARM",
  53.         "HEXARM64",
  54.         "HEXMIPS",
  55.         "HEXMIPS64",
  56.         "HEXPPC",
  57.         "HEXPPC64",
  58.         "HEXRV64",
  59.         "HEXARC",
  60.         "HEXARC64",
  61.         # Probably cloud?
  62.         # "HEXCX86",
  63.         # "HEXCX64",
  64.         # "HEXCARM",
  65.         # "HEXCARM64",
  66.         # "HEXCMIPS",
  67.         # "HEXCMIPS64",
  68.         # "HEXCPPC",
  69.         # "HEXCPPC64",
  70.         # "HEXCRV",
  71.         # "HEXCRV64",
  72.         # "HEXCARC",
  73.         # "HEXCARC64",
  74.     ]

  75.     i = 0
  76.     for addon in addons:
  77.         i += 1
  78.         license["payload"]["licenses"][0]["add_ons"].append(
  79.             {
  80.                 "id": f"48-1337-DEAD-{i:02}",
  81.                 "code": addon,
  82.                 "owner": license["payload"]["licenses"][0]["id"],
  83.                 "start_date": "2024-08-10 00:00:00",
  84.                 "end_date": "2033-12-31 23:59:59",
  85.             }
  86.         )
  87.     # for addon in addons:
  88.     #     for platform in platforms:
  89.     #         i += 1
  90.     #         license["payload"]["licenses"][0]["add_ons"].append(
  91.     #             {
  92.     #                 "id": f"48-1337-DEAD-{i:02}",
  93.     #                 "code": addon + platform,
  94.     #                 "owner": license["payload"]["licenses"][0]["id"],
  95.     #                 "start_date": "2024-08-10 00:00:00",
  96.     #                 "end_date": "2033-12-31 23:59:59",
  97.     #             }
  98.     #         )


  99. add_every_addon(license)


  100. def json_stringify_alphabetical(obj):
  101.     return json.dumps(obj, sort_keys=True, separators=(",", ":"))


  102. def buf_to_bigint(buf):
  103.     return int.from_bytes(buf, byteorder="little")


  104. def bigint_to_buf(i):
  105.     return i.to_bytes((i.bit_length() + 7) // 8, byteorder="little")


  106. # Yup, you only have to patch 5c -> cb in libida64.so
  107. pub_modulus_hexrays = buf_to_bigint(
  108.     bytes.fromhex(
  109.         "edfd425cf978546e8911225884436c57140525650bcf6ebfe80edbc5fb1de68f4c66c29cb22eb668788afcb0abbb718044584b810f8970cddf227385f75d5dddd91d4f18937a08aa83b28c49d12dc92e7505bb38809e91bd0fbd2f2e6ab1d2e33c0c55d5bddd478ee8bf845fcef3c82b9d2929ecb71f4d1b3db96e3a8e7aaf93"
  110.     )
  111. )
  112. pub_modulus_patched = buf_to_bigint(
  113.     bytes.fromhex(
  114.         "edfd42cbf978546e8911225884436c57140525650bcf6ebfe80edbc5fb1de68f4c66c29cb22eb668788afcb0abbb718044584b810f8970cddf227385f75d5dddd91d4f18937a08aa83b28c49d12dc92e7505bb38809e91bd0fbd2f2e6ab1d2e33c0c55d5bddd478ee8bf845fcef3c82b9d2929ecb71f4d1b3db96e3a8e7aaf93"
  115.     )
  116. )

  117. private_key = buf_to_bigint(
  118.     bytes.fromhex(
  119.         "77c86abbb7f3bb134436797b68ff47beb1a5457816608dbfb72641814dd464dd640d711d5732d3017a1c4e63d835822f00a4eab619a2c4791cf33f9f57f9c2ae4d9eed9981e79ac9b8f8a411f68f25b9f0c05d04d11e22a3a0d8d4672b56a61f1532282ff4e4e74759e832b70e98b9d102d07e9fb9ba8d15810b144970029874"
  120.     )
  121. )


  122. def decrypt(message):
  123.     decrypted = pow(buf_to_bigint(message), exponent, pub_modulus_patched)
  124.     decrypted = bigint_to_buf(decrypted)
  125.     return decrypted[::-1]


  126. def encrypt(message):
  127.     encrypted = pow(buf_to_bigint(message[::-1]), private_key, pub_modulus_patched)
  128.     encrypted = bigint_to_buf(encrypted)
  129.     return encrypted


  130. exponent = 0x13


  131. def sign_hexlic(payload: dict) -> str:
  132.     data = {"payload": payload}
  133.     data_str = json_stringify_alphabetical(data)

  134.     buffer = bytearray(128)
  135.     # first 33 bytes are random
  136.     for i in range(33):
  137.         buffer[i] = 0x42

  138.     # compute sha256 of the data
  139.     sha256 = hashlib.sha256()
  140.     sha256.update(data_str.encode())
  141.     digest = sha256.digest()

  142.     # copy the sha256 digest to the buffer
  143.     for i in range(32):
  144.         buffer[33 + i] = digest[i]

  145.     # encrypt the buffer
  146.     encrypted = encrypt(buffer)

  147.     return encrypted.hex().upper()


  148. def generate_patched_dll(filename):
  149.     if not os.path.exists(filename):
  150.         print(f"Didn't find {filename}, skipping patch generation")
  151.         return

  152.     with open(filename, "rb") as f:
  153.         data = f.read()

  154.         if data.find(bytes.fromhex("EDFD42CBF978")) != -1:
  155.             print(f"{filename} looks to be already patched :)")
  156.             return
  157.         
  158.         if data.find(bytes.fromhex("EDFD425CF978")) == -1:
  159.             print(f"{filename} doesn't contain the original modulus.")
  160.             return

  161.         data = data.replace(
  162.             bytes.fromhex("EDFD425CF978"), bytes.fromhex("EDFD42CBF978")
  163.         )

  164.         patched_filename = f"{filename}.patched"
  165.         with open(patched_filename, "wb") as f:
  166.             f.write(data)

  167.         print(f"Generated modulus patch to {patched_filename}! To apply the patch, replace the original file with the patched file")


  168. # message = bytes.fromhex(license["signature"])
  169. # print(decrypt(message).hex())
  170. # print(encrypt(decrypt(message)).hex())

  171. license["signature"] = sign_hexlic(license["payload"])

  172. serialized = json_stringify_alphabetical(license)

  173. # write to ida.hexlic
  174. filename = "idapro.hexlic"

  175. with open(filename, "w") as f:
  176.     f.write(serialized)

  177. print(f"Saved new license to {filename}!")

  178. generate_patched_dll("ida32.dll")
  179. generate_patched_dll("ida.dll")
  180. generate_patched_dll("libida32.so")
  181. generate_patched_dll("libida.so")
  182. generate_patched_dll("libida32.dylib")
  183. generate_patched_dll("libida.dylib")
复制代码
[发帖际遇]: 一个袋子砸在了 liammtop 头上,liammtop 赚了 2 点数. 幸运榜 / 衰神榜
爱生活,爱奶昔~
发表于 2024-10-3 19:54:42 来自手机 | 显示全部楼层
帮顶,我记得这个版本我搬过?
爱生活,爱奶昔~
回复 支持 反对

使用道具 举报

楼主| 发表于 2024-10-4 10:09:35 | 显示全部楼层
nyarime 发表于 2024-10-3 19:54
帮顶,我记得这个版本我搬过?

是在 dl.naixi.net 上吗,我这边打不开
爱生活,爱奶昔~
回复 支持 反对

使用道具 举报

发表于 2024-10-4 10:26:41 | 显示全部楼层
liammtop 发表于 2024-10-4 10:09
是在 dl.naixi.net 上吗,我这边打不开

是啊,py版的注册机都在上面
https://dl.naixi.net/tools/ida/9.0/
爱生活,爱奶昔~
回复 支持 反对

使用道具 举报

Powered by Nyarime. Licensed

GMT+8, 2024-11-22 02:02 , Processed in 0.024663 second(s), 8 queries , Gzip On, Redis On
发帖际遇 ·手机版 ·小黑屋 ·RSS ·奶昔网

登录切换风格
快速回复 返回顶部 返回列表