keygen.js
const fs = require('fs');
const crypto = require('crypto');
const license = {
header: { version: 1 },
payload: {
name: 'auth',
email: '[email protected]',
licenses: [
{
description: 'license',
edition_id: 'ida-pro',
id: '14-0000-FFFF-88',
license_type: 'named',
product: 'IDA',
seats: 1,
start_date: '2024-08-10 00:00:00',
end_date: '2033-12-31 23:59:59',
issued_on: '2025-07-20 00:00:00',
owner: 'auth',
product_id: 'IDAPRO',
product_version: '9.3',
add_ons: [],
features: [],
}
],
},
};
function addons(license) {
var addons = [ //update as needed, doesnt include cloud addons
'LUMINA', 'TEAMS',
'HEXX86', 'HEXX64', 'HEXARM', 'HEXARM64',
'HEXMIPS', 'HEXMIPS64', 'HEXPPC', 'HEXPPC64',
'HEXRV', 'HEXRV64', 'HEXARC', 'HEXARC64',
'HEXV850'
];
addons.forEach((addon, i) => {
license.payload.licenses[0].add_ons.push({
id: `48-1337-B00B-${String(i + 1).padStart(2, '0')}`,
code: addon,
owner: license.payload.licenses[0].id,
start_date: '2025-07-20 00:00:00',
end_date: '2033-12-31 23:59:59',
});
});
}
addons(license);
// --- Helper funcs ---
//recursive sorting into json string
function sort(obj) {
if (Array.isArray(obj)) {
return '[' + obj.map(sort).join(',') + ']';
} else if (obj && typeof obj === 'object' && obj !== null) {
var keys = Object.keys(obj).sort();
return '{' + keys.map(k => '"' + k + '":' + sort(obj[k])).join(',') + '}';
} else {
return JSON.stringify(obj);
}
}
const cModulus = Buffer.from("edfd42cbf978546e8911225884436c57140525650bcf6ebfe80edbc5fb1de68f4c66c29cb22eb668788afcb0abbb718044584b810f8970cddf227385f75d5dddd91d4f18937a08aa83b28c49d12dc92e7505bb38809e91bd0fbd2f2e6ab1d2e33c0c55d5bddd478ee8bf845fcef3c82b9d2929ecb71f4d1b3db96e3a8e7aaf93", "hex");
const privateKey = Buffer.from("77c86abbb7f3bb134436797b68ff47beb1a5457816608dbfb72641814dd464dd640d711d5732d3017a1c4e63d835822f00a4eab619a2c4791cf33f9f57f9c2ae4d9eed9981e79ac9b8f8a411f68f25b9f0c05d04d11e22a3a0d8d4672b56a61f1532282ff4e4e74759e832b70e98b9d102d07e9fb9ba8d15810b144970029874", "hex");
function encrypt(message) {
let modulusBuf = 0n;
for (let i = cModulus.length - 1; i >= 0; i--)
modulusBuf = (modulusBuf << 8n) + BigInt(cModulus[i]);
let keyBuf = 0n;
for (let i = privateKey.length - 1; i >= 0; i--)
keyBuf = (keyBuf << 8n) + BigInt(privateKey[i]);
var reversed = Buffer.from(message).reverse();
let msgBuf = 0n;
for (let i = reversed.length - 1; i >= 0; i--)
msgBuf = (msgBuf << 8n) + BigInt(reversed[i]);
let base = msgBuf % modulusBuf, exponent = keyBuf, modulus = modulusBuf, encryptedBigInt = 1n;
while (exponent > 0n) {
if (exponent % 2n === 1n)
encryptedBigInt = (encryptedBigInt * base) % modulus;
exponent >>= 1n; base = (base * base) % modulus;
}
var bytes = [];
for (let buffer = encryptedBigInt; buffer > 0n; buffer >>= 8n) bytes.push(Number(buffer & 0xFFn));
return Buffer.from(bytes);
}
function patch(filePath, search, replace) {
try {
const buf = fs.readFileSync(filePath);
const idx = buf.indexOf(search);
if (idx !== -1) {
buf.set(replace, idx);
fs.writeFileSync(filePath, buf);
console.log(`Patched ${filePath}`);
return;
}
else {
console.error(`Pattern not found in ${filePath}`);
return;
}
} catch (err) {
console.error(`Error reading or writing file: ${filePath}`);
console.error('Elevated permissions given?')
return;
}
}
function sign(payload) {
var data = { payload };
var dataStr = sort(data);
var buffer = Buffer.alloc(128, 0);
buffer.fill(0x42, 0, 33); // first 33 bytes filled with 0x42
var hash = crypto.createHash('sha256').update(dataStr).digest();
hash.copy(buffer, 33); // copy hash after first 33 bytes
var encrypted = encrypt(buffer);
return encrypted.toString('hex').toUpperCase();
}
license.signature = sign(license.payload);
// --- Write License to file ---
fs.writeFileSync('idapro.hexlic', sort(license));
console.log('License written to idapro.hexlic');
// --- Patcher ---
const search = Buffer.from('EDFD425CF978', 'hex');
const replace = Buffer.from('EDFD42CBF978', 'hex');
["ida.dll", "ida32.dll", "libida.so", "libida32.so", "libida.dylib", "libida32.dylib"].forEach(file => {
if (fs.existsSync(file)) {
console.log(`Patching ${file}...`);
patch(file, search, replace);
}
});
// --- libidalib.so EULA gate (arch-aware auto-discovery) ---
// Bypass "License not yet accepted, cannot run in batch mode" so idalib runs
// headlessly. The gate reads the "EULA" registry value and conditionally
// branches to the accepted path; we locate that branch via the unique error
// string and flip it to unconditional. Supports x86_64 and aarch64 builds.
function patchEulaGate(filePath) {
const buf = fs.readFileSync(filePath);
if (buf[0]!==0x7f||buf[1]!==0x45||buf[2]!==0x4c||buf[3]!==0x46||buf[4]!==2) {
console.error(` EULA gate: ${filePath}: not ELF64, skipping`); return;
}
const e_machine = buf.readUInt16LE(0x12);
const e_phoff = Number(buf.readBigUInt64LE(0x20));
const e_phentsize = buf.readUInt16LE(0x36);
const e_phnum = buf.readUInt16LE(0x38);
const segs = [];
for (let i=0;i<e_phnum;i++){
const o=e_phoff+i*e_phentsize;
if (buf.readUInt32LE(o)!==1) continue;
segs.push({
p_offset:Number(buf.readBigUInt64LE(o+8)),
p_vaddr:Number(buf.readBigUInt64LE(o+16)),
p_filesz:Number(buf.readBigUInt64LE(o+32)),
p_flags:buf.readUInt32LE(o+4),
});
}
const off2va = (off)=>{ for (const s of segs) if(off>=s.p_offset && off<s.p_offset+s.p_filesz) return s.p_vaddr+(off-s.p_offset); return -1; };
const execSegs = segs.filter(s=>s.p_flags&1);
const sIdx = buf.indexOf(Buffer.from("License not yet accepted, cannot run in batch mode\x00"));
if (sIdx<0) { console.error(` EULA gate: ${filePath}: error string not found`); return; }
const errVa = off2va(sIdx);
const SCAN = 0x4000;
let site = null;
if (e_machine===0x3e) site = findEulaX64(buf, execSegs, off2va, errVa, SCAN);
else if (e_machine===0xb7) site = findEulaArm64(buf, execSegs, off2va, errVa, SCAN);
else { console.error(` EULA gate: ${filePath}: unsupported machine 0x${e_machine.toString(16)}`); return; }
if (!site) { console.error(` EULA gate: ${filePath}: patch site not located`); return; }
for (const [off,val] of site.patches) buf[off]=val;
fs.writeFileSync(filePath, buf);
console.log(`Patched ${filePath} (EULA gate @0x${site.addr.toString(16)}, ${site.desc})`);
}
function findEulaX64(buf, execSegs, off2va, errVa, SCAN) {
let xref=-1;
for (const s of execSegs) for (let o=s.p_offset; o<s.p_offset+s.p_filesz-7 && xref<0; o++) {
if (buf[o]===0x48 && (buf[o+1]===0x8d || buf[o+1]===0x8b) && (buf[o+2]&0xc7)===0x05)
if (off2va(o)+7+buf.readInt32LE(o+3)===errVa) xref=o;
}
if (xref<0) return null;
for (let o=Math.min(xref-3,xref); o>=Math.max(0,xref-SCAN); o--) {
if (buf[o]===0x85 && buf[o+1]===0xc0 && (buf[o+2]===0x74||buf[o+2]===0x75) && buf[o-5]===0xe8)
return {addr:off2va(o+2), desc:`jcc 0x${buf[o+2].toString(16)}->0xeb`, patches:[[o+2,0xeb]]};
}
for (let o=Math.min(xref-3,xref); o>=Math.max(0,xref-SCAN); o--) {
if (buf[o]===0x85 && buf[o+1]===0xc0 && buf[o+2]===0x0f && (buf[o+3]===0x84||buf[o+3]===0x85) && buf[o-5]===0xe8) {
const dd=buf.readInt32LE(o+4), dd2=(dd+1)>>>0;
return {addr:off2va(o+2), desc:`near jcc->jmp`, patches:[[o+2,0xe9],[o+3,dd2&0xff],[o+4,(dd2>>>8)&0xff],[o+5,(dd2>>>16)&0xff],[o+6,(dd2>>>24)&0xff],[o+7,0x90]]};
}
}
return null;
}
function findEulaArm64(buf, execSegs, off2va, errVa, SCAN) {
let xref=-1;
for (const s of execSegs) for (let o=s.p_offset; o<s.p_offset+s.p_filesz-8 && xref<0; o+=4) {
const ins=buf.readUInt32LE(o);
if (((ins&0x9F000000)>>>0)===0x90000000) {
let imm=((((ins>>>5)&0x7ffff)<<2)|((ins>>>29)&3)); if (imm&(1<<20)) imm-=(1<<21);
const rd=ins&0x1f, page=(off2va(o)&~0xfff)+(imm<<12);
const ins2=buf.readUInt32LE(o+4);
if (((ins2&0xFF800000)>>>0)===0x91000000) {
const imm12=(ins2>>>10)&0xfff, rn=(ins2>>>5)&0x1f, rd2=ins2&0x1f;
if (rd2===rd && rn===rd && page+imm12===errVa) xref=o;
}
}
}
if (xref<0) return null;
const start=Math.max(execSegs[0].p_offset, xref-SCAN);
for (let o=xref; o>=start; o-=4) {
const ins=buf.readUInt32LE(o);
if (((ins&0xFC000000)>>>0)===0x94000000) {
const ins2=buf.readUInt32LE(o+4), top=(ins2>>>24)&0xff;
if (top===0x34||top===0xb4||top===0x35||top===0xb5) {
let imm19=(ins2>>>5)&0x7ffff; if (imm19&(1<<18)) imm19-=(1<<19);
const cbVa=off2va(o+4), target=cbVa+imm19*4, off=((target-cbVa)/4)>>>0;
const bIns=(0x14000000|(off&0x3ffffff))>>>0;
return {addr:cbVa, desc:`cb${(top&1)?'nz':'z'}->b 0x${target.toString(16)}`, patches:[[o+4,bIns&0xff],[o+5,(bIns>>>8)&0xff],[o+6,(bIns>>>16)&0xff],[o+7,(bIns>>>24)&0xff]]};
}
}
}
return null;
}
["libidalib.so"].forEach(file => {
if (fs.existsSync(file)) {
console.log(`Patching ${file} (EULA gate)...`);
patchEulaGate(file);
}
});