Is there any way to crack/decrypt the WinXP CONSUMER activation system to generate Activation IDs?

Discussion in 'Windows XP / Older OS' started by ENZOLU, Aug 20, 2019.

  1. ENZOLU

    ENZOLU MDL Novice

    Aug 29, 2018
    4
    1
    0
    Hello.

    I'm a newbie who is just getting into all this Windows activation stuff, and I read that Windows uses a public/private key scheme with a Schnorr signature algorithm. Question is, since the WPA system for XP is pretty dated, and they haven't changed the algorithms for XP ever since, is there any known crack or way to generate the activation ID (that you have to type in the "Activate by phone" window) based on the unique Installation ID generated for every PC?
     
  2. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,725
    11,859
    340
    As long as you can hide the private key there would be no need to change the algo.
    PGP for instance is secure until today and is also 'dated'...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. ENZOLU

    ENZOLU MDL Novice

    Aug 29, 2018
    4
    1
    0
    Ok, understood.

    HOWEVER, I found a really nice method to activate Windows XP that doesn't requiere any software or search for new keys. Basically, some guy cracked the private key used to sign the hash of the product key, and made a keygen for WinXP and Server 2003 keys. The neat part is that since the key is generated by YOU and only YOU, Microsoft won't blacklist it since it's never published online! Thus allowing activation, either via phone or internet (if you have SP3)
    I can't post links here due to not having 5 posts or more, but if anyone wants, search in google "Windows XP schnorr reddit" and a result should come up from the r/reverseengineering subreddit.
     
  4. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    3,170
    2,778
    120
    There are XPKey and XPKey_OEM tools out there for years, where you could brute-force keys that passed the local validity check. However, these keys mean Jack Schitt to MS; they know what keys were issued by them, all others will fail validation.
     
  5. ENZOLU

    ENZOLU MDL Novice

    Aug 29, 2018
    4
    1
    0
    Yes, but the idea here is not to generate keys, but to replicate what microsoft does when generating a Confirmation ID based on the Unique Installation ID generated on the activation window. That's what I'm asking if it's possible.
     
  6. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    3,170
    2,778
    120
    If it was possible, you would certainly have heard about it here. To my knowledge, that process is unbroken to that day. Even if it was broken in the past, MS would have just updated it and deprecated the whole old one. Nothing gained, permanently.

    OEM:SLP 1.0 and Volume licensing are the way to go. Especially the first is as permanent as you can get (if the OEM string in the BIOS remains the same, you can change all the hardware you want).