This proof of concept explains how Microsoft WGA validation check can be defeated and any Microsoft product with the WGA validation feature can be run and installed on machines running a pirated copy of Windows XP.
f0ce619089e25cac5ce67e00f1bbdd6bcafd35a9367e9e68693cf0d792c122b2This is a multi-part message in MIME format.
------=_NextPart_000_006C_01C55FAA.6300C100
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
There is lot of hype about WGA (Windows Genuine Advantage) when Microsoft
builds functionality in its few of the public beta products to conduct a
genuine product check before the product gets installed. MS products or
tools with WGA check enabled can only be installed on a valid / genuine copy
of MS Windows XP. Incase it is a pirated copy then the product denies to
install.
If you are aware of Microsoft WGA validation then you can directly jump in
to the PoC section otherwise it is advisable to read on WGA and what it does
before reading the PoC.
To know more about WGA, refer to the following Microsoft link:
http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en
Defeating Microsoft WGA Validation Check - Proof of Concept (PoC)
This PoC explains how Microsoft WGA validation check can be defeated and any
Microsoft product with the WGA validation feature can be run and installed
on machines running pirated copy of Windows XP. To bypass WGA validation
check, one can run "GenuineCheck.exe" file on a machine running a copy of an
authentic Windows XP for generating a key code. This key code generated on
the machine running genuine copy of Win XP can be used to circumvent the WGA
check on the machine running a pirated copy of Win XP.
A detailed approach can be downloaded from the following link -
http://www.hackingspirits.com/vuln-rnd/defeating-wga-check.zip
Microsoft in its reply to my mail specified that "The generated code is
partly made up of a timestamp, which would prevent use after a short
period". However, I checked this on a pirated copy of Windows XP Pro and
installed couple of public beta products and tools for testing purpose. They
are still up and running since past 1.5 months.
Incase, anyone is going to try this out on their pirated versions of Win XP
then do let me know if the installed product make noise after certain time
period.
* Debasis Mohanty
* www.hackingspirits.com <http://www.hackingspirits.com/>
------=_NextPart_000_006C_01C55FAA.6300C100
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Arial Narrow";
panose-1:2 11 5 6 2 2 2 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p.charchar2char, li.charchar2char, div.charchar2char
{margin-top:0in;
margin-right:0in;
margin-bottom:8.0pt;
margin-left:0in;
line-height:12.0pt;
font-size:10.0pt;
font-family:Verdana;}
span.EmailStyle18
{mso-style-type:personal;
font-family:Arial;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:873225059;
mso-list-type:hybrid;
mso-list-template-ids:479132936 -202844574 67698691 67698693 67698689 =
67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-start-at:0;
mso-level-number-format:bullet;
mso-level-text:\F0F0;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;
mso-fareast-font-family:"Times New Roman";
mso-bidi-font-family:"Courier New";}
@list l0:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>There
is lot of hype about WGA (Windows Genuine Advantage) when Microsoft =
builds
functionality in its few of the public beta products to conduct a =
genuine
product check before the product gets installed. MS products or tools =
with WGA
check enabled can only be installed on a valid / genuine copy of MS =
Windows XP.
Incase it is a pirated copy then the product denies to install. =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>If
you are aware of Microsoft WGA validation then you can directly jump in =
to the
PoC section otherwise it is advisable to read on WGA and what it does =
before
reading the PoC. <o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>To
know more about WGA, refer to the following Microsoft =
link:<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><a
href=3D"http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=3D=
en">http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=3Den<=
/a><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><b><font
size=3D3 face=3D"Arial Narrow"><span =
style=3D'font-size:12.0pt;font-family:"Arial Narrow";
font-weight:bold'>Defeating Microsoft WGA Validation Check - Proof of =
Concept
(PoC)<o:p></o:p></span></font></b></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>This
PoC explains how Microsoft WGA validation check can be defeated and any
Microsoft product with the WGA validation feature can be run and =
installed on
machines running pirated copy of Windows XP. To bypass WGA validation =
check,
one can run “<b><span =
style=3D'font-weight:bold'>GenuineCheck.exe</span></b>”
file on a machine running a copy of an authentic Windows XP for =
generating a
key code. This key code generated on the machine running genuine copy of =
Win XP
can be used to circumvent the WGA check on the machine running a pirated =
copy
of Win XP. <o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>A
detailed approach can be downloaded from the following link – =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><a
href=3D"http://www.hackingspirits.com/vuln-rnd/defeating-wga-check.zip">h=
ttp://www.hackingspirits.com/vuln-rnd/defeating-wga-check.zip</a><o:p></o=
:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>Microsoft
in its reply to my mail specified that “The generated code is =
partly made
up of a timestamp, which would prevent use after a short period”.
However, I checked this on a pirated copy of Windows XP Pro and =
installed
couple of public beta products and tools for testing purpose. They are =
still up
and running since past 1.5 months. <o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'>Incase,
anyone is going to try this out on their pirated versions of Win XP then =
do let
me know if the installed product make noise after certain time period. =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-align:justify'><font size=3D3
face=3D"Arial Narrow"><span style=3D'font-size:12.0pt;font-family:"Arial =
Narrow"'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.5in;text-align:justify;text-indent:-.25in;
mso-list:l0 level1 lfo2'><![if !supportLists]><font size=3D3 =
face=3DWingdings><span
style=3D'font-size:12.0pt;font-family:Wingdings'><span =
style=3D'mso-list:Ignore'>ð<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>
</span></font></span></span></font><![endif]><font face=3D"Arial =
Narrow"><span
style=3D'font-family:"Arial Narrow"'>Debasis =
Mohanty<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.5in;text-align:justify;text-indent:-.25in;
mso-list:l0 level1 lfo2'><![if !supportLists]><font size=3D3 =
face=3DWingdings><span
style=3D'font-size:12.0pt;font-family:Wingdings'><span =
style=3D'mso-list:Ignore'>ð<font
size=3D1 face=3D"Times New Roman"><span style=3D'font:7.0pt "Times New =
Roman"'>
</span></font></span></span></font><![endif]><font face=3D"Arial =
Narrow"><span
style=3D'font-family:"Arial Narrow"'><a =
href=3D"http://www.hackingspirits.com/">www.hackingspirits.com</a>
<o:p></o:p></span></font></p>
</div>
</body>
</html>
------=_NextPart_000_006C_01C55FAA.6300C100--
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed