Sunday, October 04, 2009

Ineptkey.pyw Script for Windows

UPDATE 2-28-10

The code below the line of ******* won't work now because ADE updated to 1.7.2. To get the correct Ineptkey.pyw file, please click on the following link, where you can download Ineptkey.pyw version4.3.

IneptKey.pyw Download

The following script [everything after the line of ********* below] is the necessary script to run under Python 2.6 with PyCrypto2.6 installed. Save this script as Ineptkey.pyw in your Python26 directory using a text editor [notepad, or even Python will work. Just copy and paste]. Using the Python GUI, also called IDLE, open the ineptkey.pyw file and then under the RUN tab, hit the RUN MODULE command. This should get you the Adeptkey needed to break the adobe adept drm on epub files. The file created should automatically save under the python26 directory and be named *.der. [where the * varies by user]

Added 1-14-10
If anyone needs it, I can email the .pyw file I've used.

just put ineptkeybreaker or ineptepub or something similar in the subject line so it doesn't go to the trash...

don't forget to click on the label "code" at the bottom right of the post to see my other script posts


Retrieve Adobe ADEPT user key under Windows.

from __future__ import with_statement

__license__ = 'GPL v3'

import sys
import os
from struct import pack
from ctypes import windll, c_char_p, c_wchar_p, c_uint, POINTER, byref, \
create_unicode_buffer, create_string_buffer, CFUNCTYPE, addressof, \
string_at, Structure, c_void_p, cast
import _winreg as winreg
import Tkinter
import Tkconstants
import tkMessageBox
import traceback

from Crypto.Cipher import AES
except ImportError:
AES = None

DEVICE_KEY = 'Software\\Adobe\\Adept\\Device'
PRIVATE_LICENCE_KEY_KEY = 'Software\\Adobe\\Adept\\Activation\\%04d\\%04d'

MAX_PATH = 255

kernel32 = windll.kernel32
advapi32 = windll.advapi32
crypt32 = windll.crypt32

class ADEPTError(Exception):

def GetSystemDirectory():
GetSystemDirectoryW = kernel32.GetSystemDirectoryW
GetSystemDirectoryW.argtypes = [c_wchar_p, c_uint]
GetSystemDirectoryW.restype = c_uint
def GetSystemDirectory():
buffer = create_unicode_buffer(MAX_PATH + 1)
GetSystemDirectoryW(buffer, len(buffer))
return buffer.value
return GetSystemDirectory
GetSystemDirectory = GetSystemDirectory()

def GetVolumeSerialNumber():
GetVolumeInformationW = kernel32.GetVolumeInformationW
GetVolumeInformationW.argtypes = [c_wchar_p, c_wchar_p, c_uint,
POINTER(c_uint), POINTER(c_uint),
POINTER(c_uint), c_wchar_p, c_uint]
GetVolumeInformationW.restype = c_uint
def GetVolumeSerialNumber(path):
vsn = c_uint(0)
GetVolumeInformationW(path, None, 0, byref(vsn), None, None, None, 0)
return vsn.value
return GetVolumeSerialNumber
GetVolumeSerialNumber = GetVolumeSerialNumber()

def GetUserName():
GetUserNameW = advapi32.GetUserNameW
GetUserNameW.argtypes = [c_wchar_p, POINTER(c_uint)]
GetUserNameW.restype = c_uint
def GetUserName():
buffer = create_unicode_buffer(32)
size = c_uint(len(buffer))
while not GetUserNameW(buffer, byref(size)):
buffer = create_unicode_buffer(len(buffer) * 2)
size.value = len(buffer)
return buffer.value.encode('utf-16-le')[::2]
return GetUserName
GetUserName = GetUserName()

CPUID0_INSNS = create_string_buffer("\x53\x31\xc0\x0f\xa2\x8b\x44\x24\x08\x89"
def cpuid0():
buffer = create_string_buffer(12)
cpuid0__ = CFUNCTYPE(c_char_p)(addressof(CPUID0_INSNS))
def cpuid0():
return buffer.raw
return cpuid0
cpuid0 = cpuid0()

CPUID1_INSNS = create_string_buffer("\x53\x31\xc0\x40\x0f\xa2\x5b\xc3")
cpuid1 = CFUNCTYPE(c_uint)(addressof(CPUID1_INSNS))

class DataBlob(Structure):
_fields_ = [('cbData', c_uint),
('pbData', c_void_p)]
DataBlob_p = POINTER(DataBlob)

def CryptUnprotectData():
_CryptUnprotectData = crypt32.CryptUnprotectData
_CryptUnprotectData.argtypes = [DataBlob_p, c_wchar_p, DataBlob_p,
c_void_p, c_void_p, c_uint, DataBlob_p]
_CryptUnprotectData.restype = c_uint
def CryptUnprotectData(indata, entropy):
indatab = create_string_buffer(indata)
indata = DataBlob(len(indata), cast(indatab, c_void_p))
entropyb = create_string_buffer(entropy)
entropy = DataBlob(len(entropy), cast(entropyb, c_void_p))
outdata = DataBlob()
if not _CryptUnprotectData(byref(indata), None, byref(entropy),
None, None, 0, byref(outdata)):
raise ADEPTError("Failed to decrypt user key key (sic)")
return string_at(outdata.pbData, outdata.cbData)
return CryptUnprotectData
CryptUnprotectData = CryptUnprotectData()

def retrieve_key(keypath):
root = GetSystemDirectory().split('\\')[0] + '\\'
serial = GetVolumeSerialNumber(root)
vendor = cpuid0()
signature = pack('>I', cpuid1())[1:]
user = GetUserName()
entropy = pack('>I12s3s13s', serial, vendor, signature, user)
cuser = winreg.HKEY_CURRENT_USER
regkey = winreg.OpenKey(cuser, DEVICE_KEY)
except WindowsError:
raise ADEPTError("Adobe Digital Editions not activated")
device = winreg.QueryValueEx(regkey, 'key')[0]
keykey = CryptUnprotectData(device, entropy)
userkey = None
for i in xrange(0, 16):
for j in xrange(0, 16):
plkkey = PRIVATE_LICENCE_KEY_KEY % (i, j)
regkey = winreg.OpenKey(cuser, plkkey)
except WindowsError:
type = winreg.QueryValueEx(regkey, None)[0]
if type != 'privateLicenseKey':
userkey = winreg.QueryValueEx(regkey, 'value')[0]
if userkey is not None:
if userkey is None:
raise ADEPTError('Could not locate privateLicenseKey')
userkey = userkey.decode('base64')
userkey =, AES.MODE_CBC).decrypt(userkey)
userkey = userkey[26:-ord(userkey[-1])]
with open(keypath, 'wb') as f:

class ExceptionDialog(Tkinter.Frame):
def __init__(self, root, text):
Tkinter.Frame.__init__(self, root, border=5)
label = Tkinter.Label(self, text="Unexpected error:",
anchor=Tkconstants.W, justify=Tkconstants.LEFT)
label.pack(fill=Tkconstants.X, expand=0)
self.text = Tkinter.Text(self)
self.text.pack(fill=Tkconstants.BOTH, expand=1)
self.text.insert(Tkconstants.END, text)

def main(argv=sys.argv):
root = Tkinter.Tk()
progname = os.path.basename(argv[0])
if AES is None:
"ADEPT Key",
"This script requires PyCrypto, which must be installed "
"separately. Read the top-of-script comment for details.")
return 1
keypath = 'adeptkey.der'
except ADEPTError, e:
tkMessageBox.showerror("ADEPT Key", "Error: " + str(e))
return 1
except Exception:
root.title('ADEPT Key')
text = traceback.format_exc()
ExceptionDialog(root, text).pack(fill=Tkconstants.BOTH, expand=1)
return 1
"ADEPT Key", "Key successfully retrieved to %s" % (keypath))
return 0

if __name__ == '__main__':


Anonymous said...

I am getting a WindowsError: exception: access violation writing somenumbershere.

Any help?

Derrick said...

A couple of ideas:

1: Do you have adobe digital editions installed and registered to you? That would be my biggest check.

2: You need the install\re-install the Microsoft Visual C++ 2008 Redistributable Setup. Google "vcredist x86.exe" cause that is the file you'll need.

3: Just make sure your Python and Pycrypto are compatible :-)

Good luck...

Anonymous said...

I'm running Windows Vista and am getting the same error:
WindowsError: exception: access violation writing 10DigitAlphNumericCode

I have correct version of Python and matching Crypto. Any other suggestions

Anonymous said...

Just added python.exe and pythonw.exe to DEP exceptions and everything works as it should

Derrick said...

Sorry guys, I use XP home. You are on your own with vista :-)

Anonymous said...

I got this syntax error message

There is an error in your program: expected an indented block

I've got ADE installed and registered.

Derrick said...

Anon, beyond my first 3 suggestions [which you confirmed #1 as done, but not the others], I haven't a clue. Sorry...

Anonymous said...

I'm using Windows Vista Home Premium (64-bit Operating System) but downloaded and installed Python 2.6.4 (x86) for Windows & matching Pycrypto software.

Then, I downloaded the INEPT- scripts from the following URL:

My pdf file's encryption security method is Adobe LiveCycle Rights Management which says it can be opened by Acrobat 7.0 and later.

I try to add my pdf to Adobe Digital Editions' library but it says, "This version of Digital Editions does not support documents protected with Adobe Policy Server."

I'm wondering if my pdf's DRM encryption cannot be removed because it's technically not an E-Book; rather, it's a pdf created by Acrobat and encrypted with the Adobe LiveCycle Rights Management security method.

I was able to generate an "adeptkey.der" key file but the "ineptpdf.pyw" script simply returns an empty "Error: " message.

I added python.exe and pythonw.exe to DEP exceptions but the "ineptpdf.pyw" script still returns an empty "Error: " message.

Anyone have a best guess here?

Derrick said...

Maybe conflicting drm's? Which seems stupid, since both are Adobe, but hey, more stupid things have been known to exist :-)

ardot said...

The error with "expected indent" is because there is a tab space missing before the "from" in the 16th line as well as in other places. I used the script from but then had to remove a few tab spaces in IDLE for it to work. My file is under hope that helps.

Derrick said...

Thanks Ardot. Hopes that helps all you people experiencing this problem.

Not sure why it worked fine for me. Maybe a copy and paste error from my python file to bloggger?

Derrick said...

If anyone needs it, I can email the .msi file I've used.

just put ineptkeybreaker or ineptepub or something similar in the subject line so it doesn't go to the trash...

Anonymous said...

I was getting errors with 64bit python installed, uninstalled both python and crypto, then installed the 32bit versions and it worked fine.
Thanks :)