| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon May 23 10:46:26 2005 From: mail at hackingspirits.com (Debasis Mohanty) Subject: Defeating Microsoft WGA Validation Check There is lot of hype about WGA (Windows Genuine Advantage) when Microsoft builds functionality in its few of the public beta products to conduct a genuine product check before the product gets installed. MS products or tools with WGA check enabled can only be installed on a valid / genuine copy of MS Windows XP. Incase it is a pirated copy then the product denies to install. If you are aware of Microsoft WGA validation then you can directly jump in to the PoC section otherwise it is advisable to read on WGA and what it does before reading the PoC. To know more about WGA, refer to the following Microsoft link: http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en Defeating Microsoft WGA Validation Check - Proof of Concept (PoC) This PoC explains how Microsoft WGA validation check can be defeated and any Microsoft product with the WGA validation feature can be run and installed on machines running pirated copy of Windows XP. To bypass WGA validation check, one can run "GenuineCheck.exe" file on a machine running a copy of an authentic Windows XP for generating a key code. This key code generated on the machine running genuine copy of Win XP can be used to circumvent the WGA check on the machine running a pirated copy of Win XP. A detailed approach can be downloaded from the following link - http://www.hackingspirits.com/vuln-rnd/defeating-wga-check.zip Microsoft in its reply to my mail specified that "The generated code is partly made up of a timestamp, which would prevent use after a short period". However, I checked this on a pirated copy of Windows XP Pro and installed couple of public beta products and tools for testing purpose. They are still up and running since past 1.5 months. Incase, anyone is going to try this out on their pirated versions of Win XP then do let me know if the installed product make noise after certain time period. * Debasis Mohanty * www.hackingspirits.com <http://www.hackingspirits.com/> -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050523/1596dba9/attachment.html
Powered by blists - more mailing lists