Author Topic: KeyUtils v0.8 - Open-Source Key Recovery! (Read 6782 times)

Ipquarx · March 23, 2016, 07:53:21 PM

What is KeyUtils?

KeyUtils is an open-source program to assist in players recovering their lost keys, to help people understand more about the keydat system, and in the future to give players a more secure way to store their key. The program is now in its second release, with some cosmetic and practical improvements to the program.

KeyUtils is written in .NET C#, using the 4.0 framework. That means the program will be compatible with almost every version of windows.
If you don't have have the .NET 4 framework, you can download it here.

What can it do?

So far, it has the following:

3 Decryption Modes:
The first (and default) mode allows you to decrypt the keydat from your own blockland installation, assuming you can still play the game normally. You can optionally provide a console.log to make it easier. It can also decrypt your keydat if you have recently changed processors or just don't have a console.log available!
The second mode allows you to decrypt multiple keydats made on the same computer, if you have a keydat to which you know the key it contains.
The third mode allows you to experiment around with keydat decryption. You input a raw MAC address and a processor name (Case sensitive) and it outputs the raw decrypted result in hexadecimal.

.

Fake key generator (Just to clarify, they don't work. It's theoretically possible for them to work, but the chances are less than 0.0000000000000001%. Sooo... Not that good.)
Key to BLID converter
Check for updates automatically!
More features to come!

How do I use it?
The program is designed to be as easy to use as possible. However if you can't figure out how to use it on your own, you can click here to get a tutorial on the basics. The readme also has some technical information on the (hopefully) upcoming v2 keydat format.

How do I know it's safe?
The program is totally open-source! This means you can be sure what the program does. For the more technically inclined, you can take a look through the complete source code over at https://github.com/Ipquarx/KeyUtils and verify that for yourself. (Code's well-commented too!) After you download the zip file with the program in it, you can also verify the hashes of the file to ensure that you've not gotten a faulty download. Finally, on top of all that, you can decompile the exe file provided and ensure that the download itself doesn't contain any source code not in the Github repository. You can do this using one of many tools, like Telerik JustDecompiler, Red-Gate Reflector, and ILSpy.

Where can I download it?
You can download the program right here.

I whole-heartedly encourage you to spread awareness about this program. If you know someone who is having troubles getting their key, try directing them to this program! The solution could be as easy as that.

Ad Bot · Advertisement

DataProxy · March 23, 2016, 07:56:58 PM

Oooh, this can be rather useful....

Office-Pirate · March 23, 2016, 08:16:23 PM

Becquerel · March 23, 2016, 08:32:59 PM

Considering Ipquarx is pretty good with programming, and especially Cryptography, this is pretty much coming from miles away.
But that doesnt make it useless, in fact this is actually pretty cool, it blew my opinion that Key.dat files were not able to be decrypted

Nice job, ipq!

Greek2me · March 23, 2016, 08:34:12 PM

Quote from: Becquerel on March 23, 2016, 08:32:59 PM

Considering Ipquarx is pretty good with programming, and especially Cryptography, this is pretty much coming miles away.
But that doesnt make it useless, in fact this is actually pretty cool, it blew my opinion that Key.dat files were not able to be decrypted

Did you use Google Translator for that?

Becquerel · March 23, 2016, 08:35:16 PM

Quote from: Greek2me on March 23, 2016, 08:34:12 PM

Did you use Google Translator for that?

Uh, what?

Ipquarx · March 23, 2016, 09:32:28 PM

Quote from: Becquerel on March 23, 2016, 08:32:59 PM

Considering Ipquarx is pretty good with programming, and especially Cryptography, this is pretty much coming from miles away.
But that doesnt make it useless, in fact this is actually pretty cool, it blew my opinion that Key.dat files were not able to be decrypted

Nice job, ipq!

I had actually released this before as well, but it didn't get a ton of attention so it's pretty easy to see why it was missed. I finally added another feature and cleaned up the code so I figured I'd re-release since it was basically dead!

KentMansleyDaBoss · March 23, 2016, 09:40:32 PM

If this is Open Sourced, then it's able to be rigged with hacks, thus making this a dangerous product.

otto-san · March 23, 2016, 09:44:19 PM

Quote from: KentMansleyDaBoss on March 23, 2016, 09:40:32 PM

If this is Open Sourced, then it's able to be rigged with hacks, thus making this a dangerous product.

only if you download it from a weird source that's deliberately modified it

one of the biggest advantages of it being open source is that anyone can verify that there is no trickery in the original code

Ipquarx · March 23, 2016, 09:59:44 PM

Quote from: KentMansleyDaBoss on March 23, 2016, 09:40:32 PM

If this is Open Sourced, then it's able to be rigged with hacks, thus making this a dangerous product.

Wat. That's not what open source means lol. The entire point is that no, there's no rigged hacks, and you can check that for yourself by looking at the code.

KentMansleyDaBoss · March 23, 2016, 10:13:40 PM

Quote from: Ipquarx on March 23, 2016, 09:59:44 PM

Wat. That's not what open source means lol. The entire point is that no, there's no rigged hacks, and you can check that for yourself by looking at the code.

But can't someone maliciously enter and rewrite the code?

Ipquarx · March 23, 2016, 10:16:25 PM

Quote from: KentMansleyDaBoss on March 23, 2016, 10:13:40 PM

But can't someone maliciously enter and rewrite the code?

Nope! Since it's my repository, any code that gets put into the program has to go through me first, and I know what I'm doing. I don't let malicious code through, and I seriously doubt anyone would even try in the first place.

Tetris · March 23, 2016, 10:25:14 PM

Quote from: Ipquarx on March 23, 2016, 10:16:25 PM

and I seriously doubt anyone would even try in the first place.

really?

Ipquarx · March 23, 2016, 11:05:36 PM

Quote from: Tetris on March 23, 2016, 10:25:14 PM

really?

It's just a silly premise. Put it this way; If you have the skills to be able to write malicious code in my project and then request to have it put in, you have the skills to know that it won't work.

When you build a project like this from the ground up, and if in order to make a change you have to specifically make the code changes you've made shown to me, I can tell straight away what it's for. There's not a line of code in there that I don't know like the back of my hand.

Pecon · March 24, 2016, 12:01:01 AM

Quote from: KentMansleyDaBoss on March 23, 2016, 10:13:40 PM

But can't someone maliciously enter and rewrite the code?

You clearly don't understand how open-source projects work. The whole point is that any submitted changes are peer-reviewed before being pushed to the working branch, and on top of that individual users can read and verify the safety of the code themselves before downloading if they wish.

Github isn't some glorified titanpad, changes have to individually submitted, reviewed, and then approved to be moved into the code that users download (Unless you're the project owner, obviously. So make sure you at the very least trust that person).