Tool for decrypting oembios.dat of Windows 2003 and XP

Discussion in 'Windows XP / Older OS' started by tmpuser, Jan 6, 2010.

  1. tmpuser

    tmpuser MDL Novice

    Jan 2, 2010
    2
    7
    0
    I've made small command line tool that can decrypt (and encrypt) oembios.dat and secupd.dat files of Windows 2003 and XP: mediafire.com/?dcodttomjjn
    Note that oembios.dat is signed by oembios.sig which is signed by key in winlogon.exe, so modified even correctly encrypted oembios.dat won't be accepted by system.
     

    Attached Files:

  2. FreeStyler

    FreeStyler MDL Guru

    Jun 23, 2007
    3,503
    3,614
    120
    Thx (another one ;) )
    Whats the real use for the encrypt command as the files are not digitally signed, so validation will always fail, isn't?
     
  3. tmpuser

    tmpuser MDL Novice

    Jan 2, 2010
    2
    7
    0
    After writing decrypt it was trivial to add encrypt, so i made them both.
    The real use of it? Don't know, maybe to store files unencrypted in archives for better compressibility. :) Or in case someone will find private key for public one stored in winlogon.exe.

    I wonder is oembios.bin just dumb set of 100 random data blocks or is it something encrypted? So far i saw no usage of it other than comparing md5 of its blocks to ones stored in oembios.dat.
     
  4. FreeStyler

    FreeStyler MDL Guru

    Jun 23, 2007
    3,503
    3,614
    120
    I do not know the answer you are looking for, i think you are right and it are just random data blocks used to compare against the ones in oembios.dat
     
  5. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,895
    1,783
    180
    Thanks, was hoping one would eventually appear

    sebus
     
  6. SpideRaY

    SpideRaY MDL Novice

    Sep 15, 2010
    5
    1
    0
    #6 SpideRaY, Apr 6, 2011
    Last edited: Apr 6, 2011
    OEMBIOS Editor

    Been filling in time by practicing my DOS batch files. if you were thinking of creating a few slipstreamed OEM pre-activated Windows XP Professional CD's and have stumbled across the decryptoembios.7z‎ posted by tnpuser then this is for you.

    Loved the fact that you could tell which Manufacturer's OEMBIOS files were on your CD so I automated it you can download this from my windowstipsclub.blogspot

    Just follow the instructions on the WINRAR self exe files then run the editoembios.exe in the created root drive folder oembios, within 20 seconds you will be given the MSDOS editor window with the contents of the OEMBIOS.DAT file from your source CD, this wil also work if you have mounted ISO images as it will find the file regardless.


    SpideRaY
     
  7. urie

    urie Moderator
    Staff Member

    May 21, 2007
    8,709
    3,066
    300
    A link to download would be handy :)
     
  8. urie

    urie Moderator
    Staff Member

    May 21, 2007
    8,709
    3,066
    300
  9. SpideRaY

    SpideRaY MDL Novice

    Sep 15, 2010
    5
    1
    0
    Latest version of my OEMBIOSEDITOR2.exe

    Had a problem with the pervious link to I have upped the latest version OEMBIOSEDITOR2.exe to rapidshare the password on my windowstipsclub.blogspot, sorry I can post links on the forum as I only have 3 posts need 17 more to post hyperlinks

    SpideRaY :clap:
     
  10. urie

    urie Moderator
    Staff Member

    May 21, 2007
    8,709
    3,066
    300
  11. SpideRaY

    SpideRaY MDL Novice

    Sep 15, 2010
    5
    1
    0
    Link is now working again !!!

    Sorry I had a few problems with RSM2 updating cause a few problems I have now uploaded the latest version OEMBIOSEDITOR2.exe for all your users.

    SpideRaY ;)
     
  12. urie

    urie Moderator
    Staff Member

    May 21, 2007
    8,709
    3,066
    300
    @ SpideRaY, Link working ok now Thanks for updated version :)
     
  13. SpideRaY

    SpideRaY MDL Novice

    Sep 15, 2010
    5
    1
    0
    #15 SpideRaY, Apr 7, 2011
    Last edited: Apr 7, 2011
    Urie,

    Just added my OEMBIOSVERIFY2.exe tool works in a similar fashion to the OEMBIOSEDITOR2.exe uses the same root folder, this one automates the checking of your source OEMBIOS files.

    As soon as I get the ability to post links to Rapidshare on this forum I will do until them they are on my windowstipsclub.blogspot search for OEMBIOS and it will bring up this post for the tools and the other two relating to Slipstreaming OEM install CD for Windows XP Professional, also added one of my first batch files that will check pre-activated OEM systems by re-registering the DLL's if there is a problem with them.

    Keep up the good work love the site and the fast response to comments

    SpideRaY :p
     
  14. sebus

    sebus MDL Guru

    Jul 23, 2008
    5,895
    1,783
    180
    #16 sebus, Apr 7, 2011
    Last edited by a moderator: Apr 20, 2017
  15. Gelip

    Gelip MDL Novice

    Feb 28, 2011
    42
    2
    0
    #17 Gelip, Oct 4, 2015
    Last edited: Oct 4, 2015
    Please share files because the links inactive.
     
  16. LittlePro

    LittlePro MDL Novice

    Jan 19, 2017
    27
    2
    0
    Hi All,

    @ tmpuser : thanks sir, but where are you now ? we are missing you !

    Sir/Madam(s),

    the easiest way i am able to use tmpuser's utilty is as below :

    1) extract 'decryptoembios.7z' to get 'decryptoembios.exe' with archivers like 7zip, WinRAR,etc. (mine : 7zip)
    (i suppose you have already installed one of them)

    2) then place decryptoembios.exe & OEMBIOS.DAT in the same folder. for eg.
    i would place both files in a temporary folder in c: root i.e. 'c:\NewFolder1\'
    (i suppose you have already downloaded and extracted 'XP oembios set' relevant to your system manufacturer and model )

    3) type 'cmd.exe' in the 'start menu search box' and press 'Enter' (administrator rights are not required). it will bring up a command prompt window. Now navigate into the temporary folder 'c:\NewFolder1' from within command prompt using 'cd' command. then run the 'decryptoembios.exe' with 'dx' command for xp (d3 for 2003 key) from the same location to decrypt OEMBIOS.DAT and propose a name for the output file. For eg.

    c:\Users\LittlePro> cd c:\NewFolder1


    c:\NewFolder1>decryptoembios dx OEMBIOS.DAT xyz.txt and press 'Enter'

    c:\NewFolder1>exit

    after exit from command windows , i simply navigate to 'c:\NewFolder1' and double click 'xyz.txt' and compare the values !

    NOTE: 1. I don't think, encrypting back and to work with, will make any sense as tmpuser says himself ! 2. avoid leaving spaces in the name of files ,folders, ISOs, etc. which you have to work with. because it was unfunctional sometimes ! 3. ignore/omit quotes ' ' , '' '',etc.as they are used to make the things clearer and not to confuse/complicate ! )

    Thanks & Regards,
    LittlePro