MS can block it no doubt. If I won't be able to re-crack it again, others will do. This is one of the reasons why I post my source code and all the info. For others who will wish to continue my work - if they find my start somehow helping - I encourage them to take my source. It all depends on will or won't people use RT apps and how much good apps there will be. If MS thinks it can create anything uncrackable - I assure them and you - they are wrong.
@ kost-- service crk 123 installed and running, I repaired all through MS and was able to re-run tool and all seems to work again. I am taking your advice and backing up any .appx possible. -=FM45=-
This is working just about perfect, the only problem is that i pressed crack on apps that i uninstalled earlier and now i can't reinstall them anyway to fix this?
cannot update apps, eg. Shark Dash by Gameloft. this app is $1.99 yesterday ,i downloaded the trial version and used tokenextractor to crack it . today i receive an update, it is free now. but i can't update, the error code is 0x8024600e. i uninstalled the app and try to reinstall , no luck. and i uninstalled the crack service ,deleted the tokens.dat , resync my licenses, and try to install again. still the same. pls confirm this issue
I looked at this out of curiosity because I had the time to go ahead and modify the winstore dll to take out the activation requirement. However the signatures between the a7x I think its called and the regular signatures are fascinating its pretty much a unmodified signature that is used to verify the apps in the winstore. The only changes are with the timestamp and EGN that is put inside of the signature. Just thought I'd point this out.
This s**t happens because of Windows Update service plugin storewuauth.dll. Downloading scheme is as follows : 1) Winstore client acquires license from microsoft and feeds it to wsservice. 2) WSService verify it and put into tokens.dat 3) Winstore client put downloading request to windows update 4) Windows update queries storewuauth for downloading URL location 5) storewuauth queries WSService about the license. It grabs the license and somehow verifies it inside not using wsservice. 6) If it sees bogus license with invalid signature it bans download. And bans it permanently. I haven't discovered where yet but restoring VM state unbans download. Also no communication occurs with microsoft. It means that this check and ban are client side only. I'll see what I can do with storewuauth. But guyz, continuing of using windows store is not the intended way of using this crack. This way was mentioned only for dummies who cant do anything more than clicking on single button. Real way - grabbing appxes and licenses on a VM and preparing redistributables. On real computer do not use windows store on apps installed with cracked way.
I would check the winstore.dll man as it contains the license activation checker for the OS it may get you somewhere with it. If need be I'll help you trace the licensing portions of the metro apps in order to make this easier for you as I have already done so with Windows 8 to the fullest of my knowledge. Side not tokens.dat does not contain licensing status information it only has the edition information telling what can and cannot be used as a product. The true activation state is stored in the cache.dat please believe me on this one since I've been doing this for a little while. My advise would be to trace the import and export table functions using IDA 6.1 to track down all the little bits as Microsoft in my experience simply loves dispersing all parts of licensing related stuff. Windows Programs from Microsoft are not all in one programs they are dispersed and have several dlls. PS this is separate from the Software Protection Platform which is only related to the Licensing of the core OS. If memory serves me correctly the individual licenses of the store apps is outside of where you thought it was. I just can't remember at the moment.
I dont know what you talk about. Winstore.dll is not present in windows 8. Agreed - licensing system is dispersed. WSService and storewuauth are key components. Other processes seem not to verify license signatures but they verify signed xml hash.
Winstore.dll is present in windows I just got the name wrong Look under C:\Windows\Winstore You will find a file named WinstoreUI.dll along with the various signature checkers aka p7x which validates against a normal MS signature. Meanwhile I'll take a look at WSService with a decomipler I have handy and storewuauth. Found the 5 files related to the Windows Store in system32 should be simple. Seems to use a Basic X509 Signature.
I'm sure you are wrong about this dll. C:\windows\winstore is appcontainer folder for windows store metro application. It's invoked only when winstore client is invoked. Winstore client can be disabled, deleted and metro stuff will still work OK, take a look. Any improvements will be appreciated. If you need my source as attacking platform - feel free to use it.
I'm sorry sir but that dll is what tells the OS it can install apps when the activation says non-genuine. Now lets get rolling on the Actual stuff your looking for Located in System32 { WSReset.exe WSService.dll WSShared.dll WSSync.dll } Thats because the winstore is just the client the actual application paths are routed to "program files\windowsAPPs". Decompile WSService for a fuller explanation
BTW, what would be really very helpful - if you find where winstore licensing system stores public key(s) used for checking xml license signatures. If we can replace one of the valid pubkeys, we can sign licenses ourselves
Chances are thats done by one of the dll's and from what I'm seeing its probably going from bcrypt.dll to remoted check the signatures and hash's on the Apps I think. Then does an internal hash check by crypt32.dll. I may be mistaken though as I like taking apart stuff in a more complete manor. Do you have any Reverse Engineering Experience?
i tried on another machine with the following steps and successfully updated this app . BEFORE press "UPDATE" 1. uninstall crack service 2. delete tokens.dat 3. resync my license 4. delete the app and install again . then i get the updated version.
No doubt it will work because in this way storewuauth will never see bogus license. The right idea at the moment is : DO NOT DOWNLOAD/UPDATE APPS FOR WHICH YOU HAVE CRACKED LICENSE or BE BANNED (not by ms although but by local protection mechanisms). This ban is only about downloading through windows update. If you have an appx you can send this banning to hell. If you still want to update through winstore - you need first uninstall your bogus license in TokenExtractor !! PS. You dont ever need to uninstall crack service. It does nothing to valid MS licenses. Problem is created by having bogus license inside the store.
I found cure for 0x8024600e error. Here is updated info : In addition to WSService one more protection component exist - authentication of downloads. Microsoft will allow you to download content only on behalf of valid license signed by them. When you start installing an app from winstore client - request goes to windows update service. If package is in the local cache (C:\windows\softwaredistribution\download) it is used without redownloading. Otherwise storewuauth,dll is invoked. It's purpose - return downloading URLs to windows update. It requests WSService for license and constructs authentication tokens based on the license. Authentication tokens are passed to microsoft as parameters. If microsoft finds them invalid it returns some error. Storewuauth caches request no matter request was successfull or not. If invalid license was found then download fails and storewuauth remember this fact so next time you try to redownload your app you'll get error without even attempt to revalidate. Then this kind of error happens you can see error code 0x8024600e in winstore client. Happily you can easily clean token cache. Delete this file : C:\Windows\SoftwareDistribution\Plugins\7D5F3CBA-03DB-4BE5-B4B36DBED19A6833\117CAB2D-82B1-4B5A-A08C-4D62DBEE7782.cache Next time you try real validation attempt will be made. But remember : without VALID MICROSOFT SIGNED license YOU CANT DOWNLOAD ANYTHING. If you use bogus license you will fail. You have to uninstall bogus license first then clear storewuauth token cache. And only when you'll be able to download again (provided that microsoft is willing to give you at least trial license). If your trial is over see MachineID.txt. You can reset all trials. Right idea - do not download/update through winstore client any apps you have bogus license for. Correct way - grab appx from VM and install it without winstore. On a VM you can try apps forever if you do things described in MachineID.txt - and without sacrificing your real LiveID. If you still want to update through winstore - you need first uninstall your bogus license in TokenExtractor or you'll get 0x8024600e. But dont forget about trial period. If its over you risk to leave yourself with nothing.
Version 1.2.7 is available. Updated winjs.appx dependency. Dependencies are now sorted by version. Updated ProductPolicyEditor to 1.0.3. Token extractor : added cleanup of winstore error 0x8024600e. Added problem description : info/StoreWUAuth.txt.