Subscribe to the newsletter or RSS feed to receive updates automatically blog!

Cracking Windows WGA with a trivial text file



Bypass the WGA
It 'amazing how the world's underground network is giving to be done to propose new systems that allow illegally to bypass the security systems of Windows, so Microsoft is forced to invest most of their time in developing and issuing updates acts from time to time to hinder the frantic work of a huge community of hackers who live their activities more often than as a real "mission".

Certainly it must be said that Windows, in terms of security, makes water from all sides and unfortunately for Microsoft, the problem is not easy resolution because I believe lies in the way in which it was thought the 'architecture of the operating system: a huge and monolithic "kernel" become impossible to manage in a structured and rational. It is a clear symptom of the fact that for example we can bypass the protection system WGA (Windows Genuine Advantage) Windows XP simply by changing a registry key.

The steps are only two:

  1. Create with Notepad or another editor to your liking with a file extension. "Reg" (eg "patch.reg") with the following contents: 
      Windows Registry Editor Version 5.00 

  [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion] 
  "CurrentBuild" = "1.511.1 () (Obsolete data - do not use)" 
  "ProductID" = "55274-640-1011873-23081" 
  "DigitalProductId" = hex: a4, 00,00,00,03,00,00,00,35,35,32,37,34,2 d, 36,34,30,2 d, \ 
    31,30,31,31,38,37,33,2 d, 32,33,30,38,31,00,2 and 00,00,00,41,32,32,2 d, 30,30,30, \ 
    30,31,00,00,00,00,00,00,00,86,56,4 and 4c, 21.1 b, 2b, 6a, a3, and 78.8, 8f, 98.5 c, 00.00, \ 
    00,00,00,00, dd, da, 47.41, cc, 6b, 06,00,00,00,00,00,00,00,00,00,00,00,00,00,00, \ 
    00,00,00,00,00,00,00,00,00,00,00,38,31,30,32,36,00,00,00,00,00,00,00, b5, 16, \ 
    00,00,83,83,1 f, 38, f8, 01,00,00, f5, 1c, 00,00,00,00,00,00,00,00,00,00,00,00,00, \ 
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,66, e5, 70, f3 

  "LicenseInfo" = hex: 33, b7, 21, c1, e5, e7, cd, 4b, fd, 7c, c6, 35.51, fd, 52,57,17,86,3 and 18 \ 
    d3, f4, 8c, 8th, 35,32,7 b, d1, 43.8 d, 61,38,60, a4, ca, 55, c9, 9a, 35,17,46,7 a, 4f, 91, fc, \ 
    4a, d9, db, 64.5 c, c4, e2, 0f, 34, f3, and 

  [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ WPAEvents] 
  "OOBETimer" = hex: ff, d5, 71, d6, 8b, 6a, 8d, 6f, d5, 33.93, fd
  2. Import the registry file created by a simple double click, or launching "regedit.exe" and using "Import".

I want to clarify that the purpose of this post is not to encourage piracy, but simply to give a practical demonstration of the inherent weakness of Windows and maybe even do some 'propaganda in favor of alternative operating systems and most especially Linux docet sure ...!



Did you like this article? Sign up now to receive updates or news articles:
Subscribe to RSS feeds write to the RSS feed


Date Posted on April 7th, 2008 at 13:08 in Hacking
Sharing Share | Tags: cracking, Hacking, regedit, Windows

8 Comments »

Comments RSS feed for this post. TrackBack URI

  1. But it works seriously? You tested? Of course I ask for purely journalistic curiosity ... ;)

    Why then, I wonder, can be found on emule actualizations successive patches of various anti-WGA?

    Commentary Braist - April 9, 2008 #

  2. @ Braist: I have personally tested before writing the post and you confirm that works ;-)

    Comments davide - April 13, 2008 #

  3. First off all sorry for writing in English.
    Even though Microsoft takes many security measures to solve piracy, this post also shows how easily crack Windows Genuine Advantage Validation. Because of curiosity I tested this hack with a pirated copy of Windows (I am also not encourage piracy) and they validated it. Then the question is how Microsoft can prevent this kind of piracy?

    Comments by Prakash - April 15, 2008 #

  4. [...] In the past we have seen how changing a simple registry key you can obtain a copy of Windows XP functioning as if it had actually purchased a license: this time we will see how we can [...]

    Pingback of How to activate Windows Home Server with a simple change in the Registry | Nothing2Hide - August 12, 2008 #

  5. Precisely what I was looking .. Thanks for the article really :)
    Greetings Corevil
    References: http://corevil.netsons.org

    Commentary Corevil - August 28, 2008 #

  6. oe sorry but I have a problem I do so, so what the system says that the copy has become genuine and application "Activate Windows" says "windows is already activated." The problem is that at the next reboot I am again the "active windows", and this time I may even already has expired!

    Commentary affgv - August 30, 2008 #

  7. No checking WGA I top up a written green "genuine"

    must be made before or after you download the WGA update?

    I copied the text in blocnote, I have to click twice where?

    Commentary carlo - August 31, 2008 #

  8. [...] To image Nothing2Hide Share or [...]

    Pingback of Windows Format ... With a Text File | Tip and Tricks for Computer - October 15, 2008 #

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


Nothing2Hide © 2006 All rights reserved.

License | Disclaimer

Close
Send e-mail