lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20050524100834.2CBAE6E@lists.grok.org.uk>
Date: Tue May 24 11:08:38 2005
From: mail at hackingspirits.com (Debasis Mohanty)
Subject: Re: Defeating Microsoft WGA Validation Check

>> pictureview@...tiamail.gr wrote: 
>> In the article the representative analyze this hack and explain why (by 
>> microsoft's opinion...) it is not a threat for Microsoft. Also the 
>> article speaks about the rapidly expiration which is a point that Debasis

>> Mohanty mistaken.

I am absolutely not mistaken. It is true that the product (public beta)
expires if you actually follow the thumb rule for validation check. 

This can easily be defeated by a simple date/time change trick. Once the
validation check is done on the pirated OS then install the product with
advance date and then restore back the original date followed by a reboot of
the machine. This works fine for me, I hope it will definitely work for you.


FYI: Timestamp protections are very easy to be defeated. 



- Debasis
 

-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of
pictureview@...tiamail.gr
Sent: Tuesday, May 24, 2005 10:11 AM
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] Re: Defeating Microsoft WGA Validation Check


news.com posted an article with the title "Bypass found for Windows piracy
check" which still calls Debasis Mohanty founder
of this crack.But they cant really know who found it first because their
only source to the article is THIS mailing list
and the article is based on Debasis Mohanty's disclosure.
 The interesting on the article is the official microsoft answer
on the crack. "Microsoft confirmed that the technique could circumvent the
piracy check, but a representative said Monday that the company is not
worried." In the article the representative analyze this hack and explain
why (by microsoft's opinion...) it is not a threat for Microsoft. Also the
article speaks about the rapidly expiration which is a point that Debasis
Mohanty mistaken.
 Read it at
http://news.com.com/Bypass+found+for+Windows+piracy+check/2100-1002_3-571712
7.html?tag=st_lh
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ