Tooling Tuesday - Windows Serial Checker...from Linux!

Something for those auditing Windows machines, but using Linux bootable USB drives / dual booting.

This little tool is for dual booting Windows users, or system administrators using live Linux USB drives. It can read the Windows serial key stored in the ACPI system description table.

So where did you find out about this?

Via this Tweet from Brandon Perry

So what is it?

It is a command that can be entered from the Terminal to read the serial from the ACPI table.

So how does it work?

sudo cat /sys/firmware/acpi/tables/MSDM | tail -c32 | xargs -0 echo

The command is broken down into four parts.

sudo as only the root user or a user in the sudo group can access the ACPI table.

cat is used to concatenate and print files.

tail is used to output the last part of a file.

xargs is used execute commands from standard input.

Between each part there is a | which pipes the standard output of a command, into the input of the next.

So the command first uses cat to read the file /sys/firmware/acpi/tables/MSDM and then the output of that command is "piped" to the tail command which has the parameter -c32 to print the last 32 bytes of data. Another pipe is used to send this to xargs which has a parameter -0 to terminate using null characters, rather than whitespace. The output is then printed to the terminal using echo

So I want to make this into a script

So yeah I did, always handy!

The script is just two lines long...

The first tells the script where to find the interpreter.

#!/bin/bash

The second line is the command to get the serial key.

cat /sys/firmware/acpi/tables/MSDM | tail -c32 | xargs -0 echo

Save the script as win-serial and then in the terminal make it into an executable.

chmod +x win-serial

I can then run the command by typing the following in the same directory as the script.

sudo ./win-serial

But what if I want to run it across the system?

You may want to install the command, so that you can use it in any directory / location of your system.

Well we can copy the command to the /usr/bin directory so that it is accessible across the system.

sudo cp win-serial /usr/bin/

Then to run the command just type.

sudo win-serial

So there we have it!

Useful for those of us that need to get serials from Windows devices (audits etc) and a good bit of fun in the terminal!

Happy hacking!