VUKeyfinder

[jokin]

Hi,

I have created a VUK keyfinder that utilizes a WinHex Script to find the VUK of a HD-DVD from a memory dump. All you have to do to run it is drag your memory dump file onto the BAT script and it goes from there. It takes me about 2 seconds max to pull out the key. It then creates a file with a filename that contains the key (ex. VUK-00000000000000000000000000000000) in the directory of your choice.

First of all you have to have WinHex for this to work.
Second there are a few things you will need to edit based on the location of your files.

1. Edit the VUKfinder.bat to reflect the location of your WinHEX install. *Fixed in 0.99b as long as WinHes is in the default Program Files directory.

2. Edit the findkey.whs and change the value "C:\AACSkeys\" to the location you want your key stored when done.

3. Enjoy

This may not find 100% of the keys. It uses the "00200000003F00000080000000" search method.

It does work for:

Superman Returns
Batman Begins
World Trade Center
King Kong
Apollo 13

Feel free to edit this and make improvements.

Please post some more titles that it works for and any that it doesnt. Thank you.

UPDATE:

version 0.99a fixed to account of US/GER discs.
version 0.99b made the .Bat utilize the Windows system variable for Program Files to be more user friendly.
version 0.99c added the ability to dump from WinDVD using pmdump automatically and then get the key. Pmdump needs to be in the folder with the script. (Im at work so it needs testing)
version 0.99d added english tasklist.exe and pmdump.exe to archive per request.

[xyz987]

MrDVD reported the hex search string starts with "0620" for euro HD-DVDs instead of "0020"

May be a good idea you modify your script to avoid first byte of current search string (i.e. a 12-byte search string instead of the current 13-byte long)

[jokin]

Quote:

Originally Posted by xyz987

MrDVD reported the hex search string starts with "0620" for euro HD-DVDs instead of "0020"

May be a good idea you modify your script to avoid first byte of current search string (i.e. a 12-byte search string instead of the current 13-byte long)

Fixed.

Quote:

Originally Posted by jokin

1. Edit the VUKfinder.bat to reflect the location of your WinHEX install.

I would suggest you change VUKfinder.bat from this:

Code:

"E:\Program Files\WinHEX\WinHex.exe" %1 findkey.whs

To this:

Code:

"%ProgramFiles%\WinHex\WinHex.exe" %1 findkey.whs

By using %ProgramFiles% it will choose your systems default installation drive+directory path (often "C:\Program Files" on English Windows versions). But this also works if your installation folder is not on C: or if you have a different Windows language versions where the installation folder is not named "Program Files".

If you type %ProgramFiles% in Windows Explorer it will open up your default installation folder.

[jokin]

Quote:

Originally Posted by He-Man

I would suggest you change VUKfinder.bat from this:

Code:

"E:\Program Files\WinHEX\WinHex.exe" %1 findkey.whs

To this:

Code:

"%ProgramFiles%\WinHex\WinHex.exe" %1 findkey.whs

By using %ProgramFiles% it will choose your systems default installation drive+directory path (often "C:\Program Files" on English Windows versions). But this also works if your installation folder is not on C: or if you have a different Windows language versions where the installation folder is not named "Program Files".

If you type %ProgramFiles% in your browser or Windows Explorer it will open up your default installation folder.

Done.

[MrDVD]

Quote:

Originally Posted by xyz987

MrDVD reported the hex search string starts with "0620" for euro HD-DVDs instead of "0020"

May be a good idea you modify your script to avoid first byte of current search string (i.e. a 12-byte search string instead of the current 13-byte long)

I have to correct me this 0620 is for german hddvds so maybe there are more diff hex out and we can locate it by this way. Maybe some FR or UK ppl can test this.

[2bigkings]

confirmed: tool work for Mission Impossible 2 [GER], the other 2 MI also i think. will check it later..

[dukey]

what do u use to create a memory dump ?

[2bigkings]

i use winhex and do a search, no "save as"

[2bigkings]

i forgot that the RAM is changing, but some titles seems to work without "save as" for me. (like mi2..)

4E8D74142E30E780B84905A62E70FBB58C3A0245=CSI NY (GER) |V|MM/DD/YY| C2B8E0A7E3384CC4C02F4AA5E396EF8B

this should be the volume key for CSI NY, but the main movie don't work really good. (black screen all few seconds), all other evo files works great! (search via vukkeyfinder)

Quote:

Originally Posted by 2bigkings

4E8D74142E30E780B84905A62E70FBB58C3A0245=CSI NY (GER) |V|MM/DD/YY| C2B8E0A7E3384CC4C02F4AA5E396EF8B

this should be the volume key for CSI NY, but the main movie don't work really good. (black screen all few seconds), all other evo files works great! (search via vukkeyfinder)

Please keep keys in the sticky Volume Unique Keys topic instead: http://forum.doom9.org/showthread.php?t=120611

[jokin]

Quote:

Originally Posted by dukey

what do u use to create a memory dump ?

I use pmdump.

Quote:

Originally Posted by jokin

I use pmdump.

The next step must be to write a script to run pmdump and extract the key from the pmdump file-dump without using WinHex.
WinHex requires registration to run scripts, so it would be nice to be able to extract keys without having to install and register WinHex. This would make it easier for more people to use and the process can be more automated by running pmdump automatically and delete the memory dump file afterwards.
Anyone capable to writing a script to extract the key from the pmdump file without using WinHex Script? Maybe jokin?

[tonyp12]

I could add that function to TitleSorter if needed.

It would be cool as my programs could calc hash,
read creation date and look in pmdump file for key.
Insert in proper form to keydb.cfg then sort and save.

But I not for a few days, I need get other things done.

[jokin]

Quote:

Originally Posted by tonyp12

I could add that function to TitleSorter if needed.

It would be cool as my programs could calc hash,
read creation date and look in pmdump file for key.
Insert in proper form to keydb.cfg then sort and save.

But I not for a few days, I need get other things done.

That would be great. I will try to figure out how to get pmdump to work with a script.

[tonyp12]

I can start another executable file from within javascript.

So I could issue a C:\programfiles\pmdump -windvd -C:\mydocs\memdumps


If pmdump allows that, but running the program manually
and just later have my program read 1k at time form the memfile and look for keys could be done.

Quote:

Originally Posted by tonyp12

I can start another executable file from within javascript.

So I could issue a C:\programfiles\pmdump -windvd -C:\mydocs\memdumps


If pmdump allows that, but running the program manually
and just later have my program read 1k at time form the memfile and look for keys could be done.

Should look something like this: %ProgramFiles%\BackupHDDVD\pmdump.exe <PID> <filename>

The problem is you can't use WinDVD.exe directly as input parameter for pmdump; you have to find the current PID (Process ID) value of WinDVD.exe by running the command pmdump -list. The problem is the PID value for WinDVD is not the same each time yo run WinDVD. So first you have to find the correct PID value to run pmdump with.
Maybe there's a better suited tool available to create a memory dumpMemory search and extraction or maybe just some C++/C# or Java code example that can do the trick. Maybe even an MS Windows tool/command?

[jokin]

Quote:

Originally Posted by tonyp12

I can start another executable file from within javascript.

So I could issue a C:\programfiles\pmdump -windvd -C:\mydocs\memdumps


If pmdump allows that, but running the program manually
and just later have my program read 1k at time form the memfile and look for keys could be done.

There is apparently a way to memory dump from within Java.
Hope this helps.dumpHeap

[markrb]

I am getting the file without it being converted. It is still Hex.
Are any of these commands version specific in regards to winhex?

Mark

[jokin]

Quote:

Originally Posted by markrb

I am getting the file without it being converted. It is still Hex.
Are any of these commands version specific in regards to winhex?

Mark

Which file. The final result is a 0 byte file named VUK-aacskey