Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   Armadillo Key Tool v0.2 (https://forum.exetools.com/showthread.php?t=14732)

mr.exodia 01-13-2013 04:21

Armadillo Key Tool v0.2
1 Attachment(s)
Hello everyone,

Some time ago I posted a tool called "Armadillo Key Tool".

Back then, this tool could just be used to generate serials. This version of the tool has more features:
  • Version + Option + Extra Option detection (ArmaFP)
  • Inline patch tool (with plugin support)
  • Environment Variable Finder (ArmaEV)
  • Full key generation support (with keystring and nameless support, Unsigned - ShortV3 Level 10)
  • Key analysis support with keystring and nameless support, Unsigned - ShortV3 Level 10)
  • Key decoding and decryption (Decoding: ShortV3 only, Decryption: SignedV2 - ShortV3 Level 10)
  • Tabbed, userfriendly interface.
  • Built-in help function (Hit F1).
  • Current Sym retriever.
  • Checksum generator and finder.
  • SymVerify.
  • FixClock key generator.
  • Arma date converter.
  • Armadillo reducer-alike tool.
  • Previous settings are remembered (OnTop and Version Log till now)
  • Dynamic certificate retriever.
  • Certificate brute force tool (in form of a dll, which can be customized)
Planned are the following features (ask for more if you like):
  • Fully automatic inline.
  • Text section decrypt (for inline)
  • Full Win7 support (please report issues)
  • Program-specific license clear tool.
  • Nanomite helper (Easy manual identification of nanomites)
  • You name it...
Screenshot (v0.2 Alpha 14):

Download: See attachment

Please come with suggestions and bug reports (please for recent armadillo versions)
Notice that this is Alpha, it might be very buggy, that's why I post it here.


Mr. eXoDia

PS If you like to develop inline plugins or wish to help with something specific, please contact me. I'll see what I can do.

PS2 Same for developing bruting plugins.

Gmax 01-13-2013 12:04

Is there a Manual for the use of this tool Please

mr.exodia 01-13-2013 21:40

1 Attachment(s)
@Gmax: I't just finished

See attachment

Gmax 01-13-2013 22:43

thank you very much Bro mr.exodia for manual

Jupiter 01-14-2013 13:35

clear and useful guide, thank you for your work!
btw, explaining glossary at start is a good idea

nhadnt 01-16-2013 14:08

Help me to download, because I don't have enough point to download.

Dreamer 01-16-2013 15:48

here is tool and manual

password : shockwawe



mr.exodia 01-17-2013 01:32

There is a reason that just-registered users cannot download attachments.

mr.exodia 01-17-2013 03:41

2 Attachment(s)
Updated to Alpha 22 (No, still not beta )

- Fixed Keystring analysis and creation (overflow problem with strings longer then 0x7F bytes)
- Fixed .akt dump

Files attached

BAHEK 10-24-2013 21:44

1 Attachment(s)
Updated to 0.2alpha27

- fixed a bug with copy in Certs tab (right click to copy data)
- fixed a bug with saving DLL files (first executable *.exe was selected instead of *.dll)
- added a browse button (requested by MB! and apuromafo and maybe someone else too)
- fixed a bug with reporting an ECDSA MD5 while it was never used by the target (Armadillo v4.x and 3.x)

squareD 10-24-2013 23:34

I say thank for the great work of mr.exodia

But never forget, the public version of keytool-certs takes seven days, seven nights and may be more, bruteforcing a working sym, but at least no success...

So I'm a little bit disappointed and don't like Armadillo targets, which I would enjoy to use by my own. :p

NeOXOeN 10-25-2013 05:50

mr.exodia : one question... is your tool fully keygening armadillo app? or you also patch some part of rutins? And if so.. why dont you just patch the whole rutin.. so its skipped.. ??

bye NEO

[hepL3r] 10-25-2013 16:15

squareD: what armadillo version you are trying to bruteforce?

NeOXOeN: It depends on Armadillo version and also level, for example in armadillo v7 and earlier you can easily use Baboons method for armadillo short lvl 10 to create a pure keygen but in armadillo 7.4 and later this method doesn't work and you should patch some bytes in security.dll. and also you should play with some mathematics in armadillo level 1-9 to find private key.

NeOXOeN 10-26-2013 05:27

so if i understand this correctly.. if you pacth it... you alwasy can patch it that way.. so runtine doesnt run.. or just to skip the serial checking.. ..

tool can be for fun.. but not much of use, if you need to patch it anyway.

ps: mr.exodia i see a lot time put into tool, but looks like useless if you cant keygen 100 % and need to patch it.. just make patcher to skip the serial check easyer..

bye NeO

squareD 10-26-2013 22:43


I did it with some v6.x it was very fast (just some hours) and worked very well...
Tried a program in v8.x, taking bruteforcing time nearly one week, at least the key won't work.
I hate to keep my PC online for so long time without supervision, especially at night, (may be the house is burning down :)) and at least no success with the key, is making me very sad...

No reproach to mr.exodia, I understand that he will keep his knowledge in a very small circle, but accerelate bruteforcing a little bit in public, would be a nice present!

[hepL3r] 10-27-2013 05:10

squareD: use a gpu bruter and get symkey in less than 30 seconds :p

BAHEK 01-24-2015 06:05

1 Attachment(s)
v0.3a has been released!

- Fixed a bug in InlineHelper (it would not correctly retrieve the security dll data)
- IAT hooking in the inline template (far more stable than the previous hook)
- auto-load armabrut_opencl.dll
- included opencl bruter


Apuromafo 07-09-2015 06:35

nice update and work here, i hope there the plugins can be compiled for use ...

odovo 08-17-2015 09:43

does it support arm v9 or newer?

mr.exodia 08-17-2015 10:09

@odovo: it should support all versions of armadillo, including the latest v9.64

LordByte 08-18-2015 00:50

Works perfectly, - but ..
Unwrapped an Armadillo target with your tool.
And indeed it works as designed.
However, after processing the target is littered
with junk-segments, or so I think at least.

Do you have some smart tool that can "clean up" unwanted
Armadillo-leftovers, or just a guide how to easy identify armadillo-junk-segments ?

mr.exodia 08-18-2015 09:10

@LordByte: My tool doesn't unwrap Armadillo, but if you did that's great :p

You can use the Misc tab to check for the leftover sections of Armadillo. The delete button might work, but I recommend doing it manually with a tool like CFF Explorer.


giv 08-22-2015 23:26

Here is a short info.
After unpack put a mem bp on access on each section from last to first and run.
If the bp is hit then that section is used else you can remove with CFF Explorer or LordPE.
Don't forget to rebuild the exe after sections removal.

the_beginner 10-07-2015 16:24

@mr.exodia yesterday i try to use the Armadillo KeyTool on
http://www.stellarinfo.com/repair-excel-file.php but it's crash when I try to use, can you please explain why or how can I fix this issue.

Thank you in advance

jump 10-07-2015 17:01


Originally Posted by mr.exodia (Post 101132)
@odovo: it should support all versions of armadillo, including the latest v9.64

including 9.66 ;)

uranus64 10-07-2015 18:16


Originally Posted by jump (Post 102261)
including 9.66 ;)

Exist new version than 9.64 ? I have license for version 9.64 and I know that was the last official version before this:


Important Notice
Starting on January 1, 2013, Software Passport terminated all sales for the Software Passport product lineup. Beginning on July 1, 2014, we will be removing the Software Passport website. In the near future, Software Passport will not be supported.
Thanks for your support of Software Passport over the years.
The Software Passport Team

jump 10-15-2015 22:40

Yes, this is latest beta.


giv 10-16-2015 12:08

I as a legal owner of Arma downloaded the 9.64 version...
I did not know that 9.66 BETA exists....
Do you have a custom build for 9.66?

cybercoder 10-16-2015 19:13

if there is a 9.66 beta it should be on there page or at least know about especially by its old customers, does it really exist or is this some kind of trickery..

jump 10-18-2015 16:15


Originally Posted by giv (Post 102425)
I as a legal owner of Arma downloaded the 9.64 version...
I did not know that 9.66 BETA exists....
Do you have a custom build for 9.66?

I dont have such installer. I just have target which use 9.66. Yes of course, it could be fake, but this software use Arma long time and always used latest version so I guess it is real. So I cant be sure if really exists such build for all the customers. But someone at the forum told that this beta exists. I think mr.exodia was the guy. I hope I am not wrong :)


giv 10-18-2015 16:55

In last days of the site i downloaded the available custom build.
It was 9.64.
After the site was closed.
Maybe the version was available to beta testers.

TheEnd 06-27-2017 17:54

v0.4 has been released!

Fixed Drag&Drop on Vista+
Better MSVC compatibility
Updated version of armabrut_opencl (make sure to install NVIDIA/AMD drivers, otherwise check here)
Fixed bug with inline plugins
Added binaries for all inline plugins
Include NanoLol for nanomites (+ unpackme)
Include tool for code splicing
Include ArmaGetBuildSeed
Include ArmaStolenBrute


TheEnd 06-27-2017 18:02


Originally Posted by giv (Post 102473)
In last days of the site i downloaded the available custom build.
It was 9.64.
After the site was closed.
Maybe the version was available to beta testers.

Is there any videos how to use this tools?:D

SinaDiR 06-28-2017 23:24

Mr.eXoDia provides much better tutorial than a video!
Check this out!

squareD 05-29-2019 18:54

Just a question to mr.exodia...

There are more and more programs x64 protected with Armadillo

So is there a chance, that you may release a new version working with x64, or does your work on x64dbg bind all your free time?

mr.exodia 06-16-2019 20:08

squareD As I understand it Armadillo is discontinued. What kind of features are you looking for?

squareD 06-19-2019 22:07

1 Attachment(s)
Well what I mean is following...

In the past I made a key for a german program called FixFoto
This worked till last year and the 32 Bit version 3.5
It was with old Armadillo version 6.62 protected

Since 2019 and v4.0 there is only a 64 Bit version available and trying to get the sym will show me this

mr.exodia 06-22-2019 18:00

I don't really want to check out your target, but here is some code that was used to replace the hwid for arma 64. Generally all the API order is the same between 32 and 64 bit, so you can try to port AKT to 64 by changing some registers and finding new patterns etc.


Also I made public some old plugin (probably doesn't work anymore, but might be useful for research purposes): https://github.com/mrexodia/x64_dbg_pluginarma

All times are GMT +8. The time now is 12:09.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX