lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050523094620.387438E@lists.grok.org.uk>
Date: Mon May 23 10:46:26 2005
From: mail at hackingspirits.com (Debasis Mohanty)
Subject: Defeating Microsoft WGA Validation Check 

There is lot of hype about WGA (Windows Genuine Advantage) when Microsoft
builds functionality in its few of the public beta products to conduct a
genuine product check before the product gets installed. MS products or
tools with WGA check enabled can only be installed on a valid / genuine copy
of MS Windows XP. Incase it is a pirated copy then the product denies to
install. 

 

If you are aware of Microsoft WGA validation then you can directly jump in
to the PoC section otherwise it is advisable to read on WGA and what it does
before reading the PoC. 

 

To know more about WGA, refer to the following Microsoft link:

http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en

 

Defeating Microsoft WGA Validation Check - Proof of Concept (PoC)

This PoC explains how Microsoft WGA validation check can be defeated and any
Microsoft product with the WGA validation feature can be run and installed
on machines running pirated copy of Windows XP. To bypass WGA validation
check, one can run "GenuineCheck.exe" file on a machine running a copy of an
authentic Windows XP for generating a key code. This key code generated on
the machine running genuine copy of Win XP can be used to circumvent the WGA
check on the machine running a pirated copy of Win XP. 

 

A detailed approach can be downloaded from the following link - 

http://www.hackingspirits.com/vuln-rnd/defeating-wga-check.zip

 

Microsoft in its reply to my mail specified that "The generated code is
partly made up of a timestamp, which would prevent use after a short
period". However, I checked this on a pirated copy of Windows XP Pro and
installed couple of public beta products and tools for testing purpose. They
are still up and running since past 1.5 months. 

 

Incase, anyone is going to try this out on their pirated versions of Win XP
then do let me know if the installed product make noise after certain time
period. 

 

 

*     Debasis Mohanty

*     www.hackingspirits.com <http://www.hackingspirits.com/>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050523/1596dba9/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ