Kaynak Kodu Hwid Spoofer Source By Kusursuz

  • Konbuyu başlatan Knull
  • Başlangıç tarihi
  • Cevaplar: 15
  • Görüntüleme: 4K
Knull

Knull

404
Legend Member
Katılım
18 Eki 2019
Konular
103
Mesajlar
1,662
Çözümler
229
Tepkime puanı
3,537
C++: 
#include "stdafx.h"

int main() {
    srand(GetTickCount());
    LoadLibrary(L"ntdll.dll");
    NtQueryKey = (NTQK)GetProcAddress(GetModuleHandle(L"ntdll.dll"), "NtQueryKey");
    if (!AdjustCurrentPrivilege(SE_TAKE_OWNERSHIP_NAME)) {
        printf("failed to adjust privilege\n");
        return 1;
    }

    // Monitors
    OpenThen(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Enum\\DISPLAY", {
        ForEachSubkey(key, {
            OpenThen(key, name, {
                ForEachSubkey(key, {
                    OpenThen(key, name, {
                        ForEachSubkey(key, {
                            if (_wcsicmp(name, L"device parameters") == 0) {
                                SpoofBinary(key, name, L"EDID");
                                break;
                            }
                        });
                    });
                });
            });
        });
    });

    /*
    OpenThen(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\Video", {
        ForEachSubkey(key, {
            HKEY parent = key;
            WCHAR spoof[MAX_PATH] = { 0 };
            OpenThen(HKEY_LOCAL_MACHINE, L"HARDWARE\\DEVICEMAP\\VIDEO", {
                DWORD count = 0;
                DWORD size = sizeof(count);
                if (GetKeyValue(key, L"MaxObjectNumber", (LPBYTE)&count, &size)) {
                    WCHAR video[MAX_PATH] = { 0 };
                    WCHAR path[MAX_PATH] = { 0 };
                    for (DWORD i = 0; i < count; ++i) {
                        size = sizeof(path);
                        wsprintf(video, L"\\Device\\Video%d", i);
                        if (GetKeyValue(key, video, (LPBYTE)path, &size)) {
                            LPWSTR replace = StrStrIW(path, name);
                            if (replace) {
                                if (!spoof[0]) {
                                    wcscpy(spoof, name);
                                    OutSpoofUnique(spoof);
                                    RenameSubkey(parent, name, spoof);
                                }
                                memcpy(replace, spoof, wcslen(spoof) * 2);
                                RegSetValueEx(key, video, 0, REG_SZ, (PBYTE)path, size);
                            }
                        }
                    }
                }
            });
        });
    });
    */

    // SMBIOS
    DeleteValue(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\mssmbios\\Data", L"SMBiosData");

    // Motherboard
    SpoofUniqueThen(HKEY_LOCAL_MACHINE, L"SYSTEM\\HardwareConfig", L"LastConfig", {
        ForEachSubkey(key, {
            if (_wcsicmp(name, L"current")) {
                RenameSubkey(key, name, spoof);
                break;
            }
        });
    });

    // NVIDIA
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\NVIDIA Corporation\\Global", L"ClientUUID");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\NVIDIA Corporation\\Global", L"PersistenceIdentifier");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\NVIDIA Corporation\\Global\\CoProcManager", L"ChipsetMatchID");

    // Misc
    DeleteKey(HKEY_LOCAL_MACHINE, L"SYSTEM\\MountedDevices");
    DeleteKey(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Dfrg\\Statistics");
    DeleteKey(HKEY_CURRENT_USER, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\BitBucket\\Volume");
    DeleteKey(HKEY_CURRENT_USER, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\CPC\\Volume");
    DeleteKey(HKEY_CURRENT_USER, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2");
    DeleteValue(HKEY_CURRENT_USER, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\BitBucket", L"LastEnum");

    SpoofBinary(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\TPM\\WMI", L"WindowsAIKHash");
    SpoofBinary(HKEY_CURRENT_USER, L"Software\\Microsoft\\Direct3D", L"WHQLClass");
    SpoofBinary(HKEY_CURRENT_USER, L"Software\\Classes\\Installer\\Dependencies", L"MSICache");

    OpenThen(HKEY_LOCAL_MACHINE, L"HARDWARE\\DESCRIPTION\\System\\MultifunctionAdapter\\0\\DiskController\\0\\DiskPeripheral", {
        ForEachSubkey(key, {
            SpoofUnique(key, name, L"Identifier");
        });
    });

    OpenThen(HKEY_LOCAL_MACHINE, L"HARDWARE\\DEVICEMAP\\Scsi", {
        ForEachSubkey(key, {
            OpenThen(key, name, {
                ForEachSubkey(key, {
                    OpenThen(key, name, {
                        ForEachSubkey(key, {
                            if (wcsstr(name, L"arget")) {
                                OpenThen(key, name, {
                                    ForEachSubkey(key, {
                                        SpoofUnique(key, name, L"Identifier");
                                    });
                                });
                            }
                        });
                    });
                });
            });
        });
    });

    SpoofBinary(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\TPM\\ODUID", L"RandomSeed");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Cryptography", L"MachineGuid");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\IDConfigDB\\Hardware Profiles\\0001", L"HwProfileGuid");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate", L"AccountDomainSid");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate", L"PingID");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate", L"SusClientId");
    SpoofBinary(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate", L"SusClientIdValidation");
    SpoofBinary(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Services\\Tcpip6\\Parameters", L"Dhcpv6DUID");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\SystemInformation", L"ComputerHardwareId");
    SpoofUniques(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\SystemInformation", L"ComputerHardwareIds");
    SpoofBinary(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Internet Explorer\\Migration", L"IE Installed Date");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\SQMClient", L"MachineId");
    SpoofQWORD(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\SQMClient", L"WinSqmFirstSessionStartTime");
    SpoofQWORD(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"InstallTime");
    SpoofQWORD(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"InstallDate");
    SpoofBinary(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"DigitalProductId");
    SpoofBinary(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"DigitalProductId4");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"BuildGUID");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"ProductId");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"BuildLab");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", L"BuildLabEx");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\Class\\{4d36e968-e325-11ce-bfc1-08002be10318}\\0000", L"_DriverProviderInfo");
    SpoofUnique(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\Class\\{4d36e968-e325-11ce-bfc1-08002be10318}\\0000", L"UserModeDriverGUID");

    OpenThen(HKEY_LOCAL_MACHINE, L"SYSTEM\\CurrentControlSet\\Control\\Class\\{4d36e972-e325-11ce-bfc1-08002be10318}", {
        ForEachSubkey(key, {
            if (_wcsicmp(name, L"configuration") && _wcsicmp(name, L"properties")) {
                DeleteValue(key, name, L"NetworkAddress");
                SpoofQWORD(key, name, L"NetworkInterfaceInstallTimestamp");
            }
        });
    });

    DeleteKey(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Diagnostics\\DiagTrack\\SettingsRequests");
    SpoofQWORD(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Diagnostics\\DiagTrack\\SevilleEventlogManager", L"LastEventlogWrittenTime");
    SpoofQWORD(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SoftwareProtectionPlatform\\Activation", L"ProductActivationTime");
    DeleteValue(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SoftwareProtectionPlatform", L"BackupProductKeyDefault");
    DeleteValue(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SoftwareProtectionPlatform", L"actionlist");
    DeleteValue(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SoftwareProtectionPlatform", L"ServiceSessionId");
    DeleteKey(HKEY_CURRENT_USER, L"Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\UserAssist");
    DeleteKey(HKEY_CURRENT_USER, L"Software\\Hex-Rays\\IDA\\History");
    DeleteKey(HKEY_CURRENT_USER, L"Software\\Hex-Rays\\IDA\\History64");

    OpenThen(HKEY_LOCAL_MACHINE, L"HARDWARE\\UEFI\\ESRT", {
        WCHAR subkeys[0xFF][MAX_PATH] = { 0 };
        DWORD subkeys_length = 0;

        ForEachSubkey(key, {
            wcscpy(subkeys[subkeys_length++], name);
        });

        for (DWORD i = 0; i < subkeys_length; ++i) {
            WCHAR spoof[MAX_PATH] = { 0 };
            wcscpy(spoof, subkeys[i]);
            OutSpoofUnique(spoof);
            RenameSubkey(key, subkeys[i], spoof);
        }
    });

    // Tracking files
    WCHAR path[MAX_PATH] = { 0 };
    WCHAR temp[MAX_PATH] = { 0 };
    WCHAR appdata[MAX_PATH] = { 0 };
    WCHAR localappdata[MAX_PATH] = { 0 };
    GetTempPath(MAX_PATH, temp);

    SHGetFolderPath(0, CSIDL_APPDATA, 0, SHGFP_TYPE_DEFAULT, appdata);
    SHGetFolderPath(0, CSIDL_LOCAL_APPDATA, 0, SHGFP_TYPE_DEFAULT, localappdata);

    wsprintf(path, L"%ws*", temp);
    ForEachFile(path, {
        wsprintf(path, L"%ws%ws", temp, file);
        ForceDeleteFile(path);
    });

    wsprintf(path, L"%ws\\D3DSCache", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\NVIDIA Corporation\\GfeSDK", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\Microsoft\\Feeds", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\Microsoft\\Feeds Cache", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\Microsoft\\Windows\\INetCache", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\Microsoft\\Windows\\INetCookies", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\Microsoft\\Windows\\WebCache", localappdata);
    ForceDeleteFile(path);

    wsprintf(path, L"%ws\\Microsoft\\XboxLive\\AuthStateCache.dat", localappdata);
    ForceDeleteFile(path);

    for (DWORD drives = GetLogicalDrives(), drive = L'C', index = 0; drives; drives >>= 1, ++index) {
        if (drives & 1) {
            printf("\n-- DRIVE: %c --\n\n", drive);

            // Volume serial change applies after restart
            wsprintf(path, L"\\\\.\\%c:", drive);
            HANDLE device = CreateFile(path, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
            if (device != INVALID_HANDLE_VALUE) {
                BYTE sector[512] = { 0 };
                DWORD read = 0;
                if (ReadFile(device, sector, sizeof(sector), &read, 0) && read == sizeof(sector)) {
                    for (DWORD i = 0; i < LENGTH(SECTORS); ++i) {
                        PSECTOR s = &SECTORS[i];
                        if (0 == memcmp(sector + s->NameOffset, s->Name, strlen(s->Name))) {
                            *(PDWORD)(sector + s->SerialOffset) = (rand() << 16) + rand();
                            if (INVALID_SET_FILE_POINTER != SetFilePointer(device, 0, 0, FILE_BEGIN)) {
                                WriteFile(device, sector, sizeof(sector), 0, 0);
                            }

                            break;
                        }
                    }
                }

                CloseHandle(device);
            }

            wsprintf(path, L"%c:\\Windows\\System32\\restore\\MachineGuid.txt", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Users\\Public\\Libraries\\collection.dat", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\System Volume Information\\IndexerVolumeGuid", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\System Volume Information\\WPSettings.dat", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\System Volume Information\\tracking.log", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\ProgramData\\Microsoft\\Windows\\WER", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Users\\Public\\Shared Files", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Windows\\INF\\setupapi.dev.log", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Windows\\INF\\setupapi.setup.log", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Windows\\System32\\spp\\store", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Users\\Public\\Libraries", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\MSOCache", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\ProgramData\\ntuser.pol", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Recovery\\ntuser.sys", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\desktop.ini", drive);
            ForceDeleteFile(path);

            wsprintf(path, L"%c:\\Windows\\Prefetch\\*", drive);
            ForEachFile(path, {
                wsprintf(path, L"%c:\\Windows\\Prefetch\\%ws", drive, file);
                ForceDeleteFile(path);
            });

            wsprintf(path, L"%c:\\Users\\*", drive);
            ForEachFile(path, {
                if (fd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
                    WCHAR user[MAX_PATH] = { 0 };
                    wcscpy(user, file);
                    wsprintf(path, L"%c:\\Users\\%ws\\*", drive, user);
                    ForEachFile(path, {
                        if (StrStrI(file, L"ntuser")) {
                            wsprintf(path, L"%c:\\Users\\%ws\\%ws", drive, user, file);
                            ForceDeleteFile(path);
                        }
                    });
                }
            });

            wsprintf(path, L"%c:\\Users", drive);
            RecursiveDelete(path, L"desktop.ini");

            CHAR journal[MAX_PATH] = { 0 };
            sprintf(journal, "fsutil usn deletejournal /d %c:", drive);
            system(journal);

            ++drive;
        }
    }

    // Extra cleanup
    system("vssadmin delete shadows /All /Quiet");

    // WMIC holds cache of SMBIOS. With the driver loaded, starting WMIC will query the nulled SMBIOS data
    HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    if (snapshot) {
        PROCESSENTRY32 entry = { 0 };
        entry.dwSize = sizeof(entry);
        if (Process32First(snapshot, &entry)) {
            do {
                // Sometimes 'net stop' by itself isn't enough
                if (0 == _wcsicmp(entry.szExeFile, L"WmiPrvSE.exe")) {
                    HANDLE process = OpenProcess(PROCESS_ALL_ACCESS, 0, entry.th32ProcessID);
                    if (INVALID_HANDLE_VALUE != process) {
                        printf("Killed Winmgmt\n");
                        TerminateProcess(process, 0);
                        CloseHandle(process);
                    }

                    break;
                }
            } while (Process32Next(snapshot, &entry));
        }

        CloseHandle(snapshot);
    }

    system("net stop winmgmt /Y");

    system("pause");

    return 0;
 
iwystic

iwystic

Veteran
Katılım
27 Ağu 2019
Konular
290
Mesajlar
4,886
Çözümler
491
Tepkime puanı
10,772
işime yarayabileceği için sevindim, source codes için teşekkürler. :)
 
irfanefe57

irfanefe57

Confirmed Memb.
Katılım
6 Haz 2020
Konular
10
Mesajlar
148
Tepkime puanı
22
eskimi bilmem ama olursa daha size ne diyem bee :3
 
L

leopix

Banned Member
Katılım
15 Ara 2020
Konular
5
Mesajlar
349
Tepkime puanı
61
Bunla tam olarak ne yapacağım az anlatırmısın kodlamaya yeni başladımda 1 yıllık konu olduğunu biliyorum
ama cidden işe yarar ve öğrenmek istiyorum
 
Knull

Knull

404
Legend Member
Katılım
18 Eki 2019
Konular
103
Mesajlar
1,662
Çözümler
229
Tepkime puanı
3,537
leopix' Alıntı:
Bunla tam olarak ne yapacağım az anlatırmısın kodlamaya yeni başladımda 1 yıllık konu olduğunu biliyorum
ama cidden işe yarar ve öğrenmek istiyorum
Genişletmek için tıkla ...
HWID spooferin neyini anlatayım sana ?
 
Cevap yazmak için giriş yap yada kayıt ol.

Benzer konular

A
Kaynak Kodu Valorant Hwid Spoofer | Para ile Satan Kişiler Varmış
32 33 34
Cevaplar
334
Görüntüleme
24K
Üye silindi 43636
Ü
Corvinus
Kaynak Kodu EFI Spoofer: Güvenli ve Kalıcı Çözüm Arayanlar İçin
2
Cevaplar
13
Görüntüleme
2K
sweaky23
S
A
  • Kilitli
Kaynak Kodu League of Legends Checker | Open Source
3 4 5
Cevaplar
47
Görüntüleme
3K
eym
E
A
  • Kilitli
Kaynak Kodu Valorant Checker | Proxy Destekli & Open Source
9 10 11
Cevaplar
106
Görüntüleme
7K
Troxen
Troxen
utku1114
Arduino LCD Saat & Termometre C++ [Source Code]
Cevaplar
1
Görüntüleme
550
ScoffieldBest
ScoffieldBest

Üst