Script to calculate it using sagemath (all credit goes to sk00ter) Code: #!/usr/bin/env sage import sys def warnx(*args, **kwargs): print(*args, file=sys.stderr, **kwargs) with open(sys.argv[1], 'rb') as f: bink = f.read()[4:] # skip res ID def btoi(bb): n = 0 for b in reversed(bb): # little-endian n = n << 8 n |= b return n offs = 4 * int.from_bytes(bink[0x04:0x08], 'little') # offset to curve params in words nb = 4 * int.from_bytes(bink[0x10:0x14], 'little') # size of curve params in words pkScalarBits = int.from_bytes(bink[0x18:0x1c], 'little') warnx("pkScalarBits = %d" % pkScalarBits) p = btoi(bink[offs:offs+nb]) warnx("offs = %d, nb = %d, p = %x" % (offs, nb, p)) F = GF(p) a = F(btoi(bink[offs+nb:offs+2*nb])) b = F(btoi(bink[offs+2*nb:offs+3*nb])) Bx = F(btoi(bink[offs+3*nb:offs+4*nb])) By = F(btoi(bink[offs+4*nb:offs+5*nb])) Kx = F(btoi(bink[offs+5*nb:offs+6*nb])) Ky = F(btoi(bink[offs+6*nb:offs+7*nb])) E = EllipticCurve(F, [0, 0, 0, a, b]) warnx(E) B = E(Bx, By) K = E(Kx, Ky) # If we get here, we know B and K are on the curve. # Now get the order of the curve and then factorize it. n = E.order() warnx("n = %d, now factoring..." % n) # Find L by just trying if any of the factors in f yield the point at infinity factors = [] def rfactor(m): digits = len('%d' % (2^pkScalarBits - 1)) ff = ecm.find_factor(m, factor_digits=digits) # Try to find a good candidate for f in ff: if f > 2 and f.is_prime() and not f * B: warnx("ok for %d" % f) return True, [f] else: warnx("bad run: %s" % ff) return False, ff ok, values = rfactor(n) while not ok: for value in values: ok, nl = rfactor(value) if ok: L = nl[0] break values.extend(nl) factors = [n // L, L] warnx(factors) warnx("Reduce the result of ECDLP Solver modulo %d" % L) warnx("\n\njob input:\n\n") print("GF := GF(%d);" % p) print("E := EllipticCurve([GF|%d,%d]);" % (a, b)) print("G := E![%d,%d];" % (Bx, By)) print("K := E![%d,%d];" % (Kx, Ky)) print("/*") print("FactorCount:=%d;" % len(factors)) for f in factors: print("%d;" % f) print("*/")
On Arch Linux I get Code: ~/keyXP.sh Traceback (most recent call last): File "/home/user/keyXP.sh", line 7, in <module> with open(sys.argv[1], 'rb') as f: ~~~~~~~~^^^ IndexError: list index out of range
After a long exchange of ideas some time ago with Mr. Pottzman, I publish here my route to use the tool "I think for now and up to 512-bit ECC, given p, G, R: E. cardinality_pari() (sage) >> Get NP msieve153 >> Get n ecdlp solver by mrhaandi.v0.2a >> Get k pottzman soft >> Get Microsoft Key (Old version)" That's all !
If you have never used the program before, start by pressing "Import from file" then select your pidgen.dll file the file will be scanned for BINK resource, if it finds any it will create a file for each BINK resource found. now select "base line" option and any binks that have been found will be listed in dropdown now all the parameters will be filled in, but there will not be any value for "n" or "k" because these values are not available in the pidgen file, these are the values you need to calculate before you can experiment. once you have calculated these values you can click on "save" button to resave the bink resources with the "n" and "k" values. you need to use other programs to calculate these values. Now you have a working set of BINK parameters to use for that BINK ID.
Code: sage keyXP.sage BINKID2A.ks2 pkScalarBits = 222376516 offs = 674592204, nb = 4916311444, p = 0 Traceback (most recent call last): File "/home/user/keyXP.sage.py", line 28, in <module> F = GF(p) ^^^^^ File "sage/structure/factory.pyx", line 369, in sage.structure.factory.UniqueFactory.__call__ (build/cythonized/sage/structure/factory.c:2329) File "/usr/lib/python3.11/site-packages/sage/rings/finite_rings/finite_field_constructor.py", line 591, in create_key_and_extra_args raise ValueError("the order of a finite field must be at least 2") ValueError: the order of a finite field must be at least 2 sage keyXP.sage BINKID2B.ks2 pkScalarBits = 222442052 offs = 674592204, nb = 4916311444, p = 0 Traceback (most recent call last): File "/home/user/keyXP.sage.py", line 28, in <module> F = GF(p) ^^^^^ File "sage/structure/factory.pyx", line 369, in sage.structure.factory.UniqueFactory.__call__ (build/cythonized/sage/structure/factory.c:2329) File "/usr/lib/python3.11/site-packages/sage/rings/finite_rings/finite_field_constructor.py", line 591, in create_key_and_extra_args raise ValueError("the order of a finite field must be at least 2") ValueError: the order of a finite field must be at least 2
These are the files extracted with the program like shown above, I just removed the space in the file names to avoid any parsing problem
That program doesn't seem to extract the binks correctly in raw format. It seems to do it in its own format to import later. Try using Resource Hacker or other program to play with dll resources to extract them.
Extracting them to .bin with Resource Hacker, it works Code: sage keyXP.sage BINK1.bin pkScalarBits = 55 offs = 28, nb = 48, p = foobar Elliptic Curve defined by y^2 = x^3 + x over Finite Field of size foobar n = N_NUMBER, now factoring... bad run: [2, foobar] bad run: [2] bad run: [2, foobar] bad run: [2] bad run: [2] bad run: [2, foobar] bad run: [2] bad run: [2] bad run: [2] bad run: [2, foobar] bad run: [2] bad run: [2] bad run: [2] bad run: [2] bad run: [foobar, foobar] bad run: [2] bad run: [2] bad run: [2] bad run: [2] bad run: [foobar] ok for foobar [K_NUMBER1, K_NUMBER2] Reduce the result of ECDLP Solver modulo foobar job input: GF := GF(foobar); E := EllipticCurve([GF|1,0]); G := E![foobar,foobar]; K := E![foobar,foobar]; /* FactorCount:=2; K_NUMBER1; K_NUMBER2; */ Using "K_NUMBER1" number (the long one from the both) on the program and pressing Generate (intentionally censored the numbers, don't know if they're allowed on the forum) CPU usage of the EllipticCurveTool.exe goes up a bit (8%) but no output after about an hour
the script you are using does not calculate the "K" value. it only calculates the value for "N". you need to use the ecdslover to then calculate the value of "K". place these 2 calculated values in program and press generate.
@pottzman This real or fake info Code: hidden XXXXX-427-3127447-22XXX Full Version Validating Product Key... Product Key : hidden Software : Windows XP Pro Product ID : XXXXX-427-3127447-22184 Key Type : Retail Valid : Yes I remove just key
yes its real info. but be aware just because a product key will test as valid does not mean it will work for the program. in your example above the product key validates against the pidgen.dll file because the pidgen file will validate all keys generated using the correct parameters however, windows xp has a table inside the file dpcdll.dll that will only allow subsets of product keys. I know from memory xp will not allow a product key that has a product id of XXXXX-666-XXXXXXX-XXXXX (regardless of what value the Xs are) because the table in dpcdll.dll does not allow it. earlier software (pre xp) have no such restrictions and accept all keys generated from their respective bink parameters. post xp (2003) have built-in checking in the pidgen.dll file so if u check a Server 2003 key and its “valid” then it will definitely work for that program.