Bypass found for Windows piracy check

Advertisement (Why?)

Cnet news is reporting that Researcher Debasis Mohanty (bio) has posted a full explanation on how to bypass Microsofts WGA (Windows Genuine Advantage) Check.

A quick search on Google returned this post, originally submitted to the Full Disclosure mailing list, titled 'Defeating Microsoft WGA Validation Check'. Microsoft replied to Mohanty in an email stating "The generated code is partly made up of a timestamp, which would prevent use after a short period". Further testing by Mohanty returned a different result; "However, I checked this on a pirated copy of Windows XP Pro and installed couple of public beta products and tools for testing purpose. They are still up and running since past 1.5 months."

In a response to Cnet, an unnamed representative from Microsoft maintained that this posed "very little threat to Microsoft". The WGA check tool, which is downloaded to the computer and executed is still in testing and won't be fully implemented until around the middle of this year. After that date all Windows 2000 & XP users will be required to 'validate' their copy, before downloading anything from Microsofts websites.

WGA was added to the Microsoft Download Center late last year, and does not require Windows XP to be activated. Microsoft has not yet responded to Neowin on this issue, but we'll be keeping our eyes & ears on the ground for any more developments to this story.

View: Microsoft Download WGA Check Example | About Validation

View: Defeating Microsoft WGA Validation Check @ Seclist.org

Components in normal version:

Default User Interface
Standard input array
Standard DSP array
Album List
Converter (formerly known as Diskwriter)
Masstagger
ReplayGain Scanner

Components in full version:

all components from the normal version, plus
ABX comparator
AC3 decoder
ALAC decoder
Archive reader (supports 7-Zip, RAR, ZIP, GZIP)
Audio CD writer
Autoplaylist
CD Audio decoder
Crossfeed DSP
Database search
DUMB module decoder
DXi MIDI synthesizer host
Festalon
Game Emu Player
OggPreview
sidplay2
Utilities

New features (incomplete):

Improved playlist management: all playlists are editable without being active, multiple playlists with the same name, Autoplaylists
Field remappings in titleformat scripts: see Titleformat Introduction and Titleformat Reference for details
Tag merging: combines information from multiple tag formats on the same file
Cleaned-up preferences
On-line help system for preferences pages (uses the HA wiki)
Playback queue
...

#1 fr3ak on 24 May 2005 - 09:56

it was gonna happen some time

(2 replies) #2 xSuRgEx on 24 May 2005 - 09:57

now i wounder how many members at neowin have pirate versions of windows xp?
lets all hope that any one in the beta program looses all rights to sign to any new betas again.

but then again it wont be long before the WGA is cracked.

#2.1 krono6 on 24 May 2005 - 13:22

Erm, yes, who, would, have, a, pirated, windows...... *Hides paper of serial keys*..

#2.2 werejag on 25 May 2005 - 06:05

wga was cracked ages ago. this wasnt it

(2 replies) #3 tiwaris on 24 May 2005 - 10:00

It would be nice, if a little info about Mr. Mohanty and his affiliation is also provided with the news.

#3.1 Neobond on 24 May 2005 - 10:10

I added a Bio link. Hope this helps.

#3.2 tiwaris on 24 May 2005 - 17:11

Thanks

#4 PHiZZy on 24 May 2005 - 10:02

im surprised it took so long tbh :/ its been about for a while, even as a non-mandatory check, would thought some1 woulda cracked it now, just to take the p|ss!!

(6 replies) #5 ingrampj on 24 May 2005 - 10:04

I am in no way condemning this article, it is, after all, a piece of news....or is it.....it could be argued by greater authorities on the subject than myself, that by reporting the news it is, by it's very nature, publicising, and therefore to a certain extent, gloryfying it.....In other words, reporting this news which is, after all, a method to continue using illegal software, by such an august body as Neowin could be said to be at the least, giving creedence to this method, and at the most condoning this means of bypassing the Microsoft verification procedures.

I am neither praising this article nor denegrating it, I am simply posing a question and a healthy discussion on the whole subject of news reporting, I have no axe to grind either way save for the fact that I am a journalist myself.

I know some peoples immediate reaction will be..."even if nobody reports the news it will still be happening"....which is something that of course is indeed true. After all, if nobody reported some of the evil actions that take place in this world today, would those crimes be any less, or more evil and of course we all know the answer to that question.

As I said earlier, I am merely asking for peoples views and discussion on the reporting of illegal ways of obtaining software. I am not asking for peoples views on actually using illegal software, simply on the reporting of ways of bypassing actually having to purchase the said software through the usual and accepted channels.

Last edited by 16574 on 24 May 2005 - 10:14

#5.1 Neobond on 24 May 2005 - 10:16

We aren't journalists here at Neowin, but we try to from time to time, to formulate as much news possible ourselves. Microsoft had already outlined that they didn't see this as a threat, I also contacted Microsoft myself, who have yet to respond (I did this 4 hours before submitting this piece).

I don't believe I'm condoning this anymore than when we reported on Bypassing Windows Activation (which most sites on the internet picked up on, in a very similar manner).

Anyway, at least I researched this a little and gave the reader a lot more url references to look through, which is something I can't say for many others.

#5.2 ingrampj on 24 May 2005 - 10:23

Amen to those comments...I have always held NEOWIN in the highest regard so please this wasn't meant to be anything personal...as I said, I wasn't actually implying anything, merely trying to promote some healthy discussion...

#5.3 Tijiez on 24 May 2005 - 15:16

I have a fever, and, the only solution, is, more commas!

#5.4 triad_man on 24 May 2005 - 21:32

Neowin.net - Where unprofessional journalism looks better

#5.5 raid517 on 25 May 2005 - 03:57

QUOTE

Neowin.net - Where unprofessional journalism looks better.

Well sadly this isn't true in the instance of the above poster. I pretty much wanted my life to end by the time I finished reading the first paragraph of his comment - or at least I felt I wanted to slap him and shake him very hard and implore him to 'spit out' whatever it was he was trying to say.

If you are a journalist my friend, I pity your readers.

GJ

#5.6 AnalogRival on 26 May 2005 - 23:10

So you're say that if the Times reported on the US developing a new nuclear weapon, the company is supporting/encouraging them to use it? That's quite a statement.

Edited for grammar

Last edited by 17696 on 26 May 2005 - 23:18

(1 reply) #6 scoobydoobie on 24 May 2005 - 10:09

I have no axe to grind either way save for the fact that I am a journalist myself.

Couldn't you have just said something like "being a journalist myself, I feel that this news story is, at the least, giving creedence to this method, and at the most condoning this means of bypassing the Microsoft Verification Procedures"?

You know, you being a journalist and all....

#6.1 ingrampj on 24 May 2005 - 10:18

Well I am sure that by moving my comments around there are probably several ways I could have said the same thing....but with respect, what is your point. I was aking for opinions on the subject rather than my capabilities....(or lack of capabilities).....as a writer.

#7 Tungsten T on 24 May 2005 - 10:30

The check will never block my key bc to block my key they must block all Valid corp keys becuasue i have a 640 PID

#8 scoobydoobie on 24 May 2005 - 10:35

.but with respect, what is your point

I was critisizing the way you write. It reminds me of the kid who wants to sound more intelligent than he really is by using big words. On the other hand, I guess you being a "journalist" have the right to critisize the content of this story but I don't have the right to critisize yours...interesting...

#9 Fragaday on 24 May 2005 - 10:46

WGA isn't really some dastardly plan to stop pirates in their tracks, the fact there are so many ways around it shows that, to the point of downloading from somewhere else. If MS really cared, they'd have added something like WGA into the exe's themselves. Rather, WGA is a token measure to a) keep a good public anti-piracy stance for investors etc, and b) remind the mainstream consumers about piracy and to be careful what they buy.

#10 ingrampj on 24 May 2005 - 10:48

ScoobyDoobie...thanks for your comments...The whole point is this, I wasn't posting a critique on THE STORY and I most certainly was not posting a critique on your comments either, I don't have the right to do that, after all I am probably using as much "differently obtained" software as anybody else. All I was doing was asking for opinions on the reporting of this item in particular and perhaps even trying to widen the discussion on reporting on this sort of item generally.....please don't take any of my words as anything personal.....And I also apologise if some of my words were a bit on the long side for you....LOL....Discuss the subject if you must, but don't try to gain "points" by having cheap shots at me personally.

Once again, apologies if any of my original comments bothered you but it seems that you might have a slight persecution complex in thinking that everybody is getting at you personally.....

Last edited by 16574 on 24 May 2005 - 11:26

#11 Gowcra on 24 May 2005 - 10:51

Scooby... your an ANNOYING ***** stop making your smart assed comments in this place and get the **** outta here.

On topic: i like this new piece. Thnx neobond!

#12 edgrale on 24 May 2005 - 10:51

So ummm... Microsoft had a document containing information about something for Windows XP x86-64 (cannot remember what). Will it require validation before I can download this document?

If so, then what about us who are not running Windows 2000 or XP, but are interested in the latest stuff? Doesn't compute for me. Maybe I'm naive and missing something, but the fact that it recommended validation for downloading a document made me question the sanity behind the validation.

#13 nvizible on 24 May 2005 - 10:52

one word.... PWNED!

(1 reply) #14 Xeron on 24 May 2005 - 10:52

This is pointless. The guy didn't even understand Microsoft's reply. What Microsoft were saying is that the code will not work after a short period of time, not that the software downloaded would not work. So you can't just tell everyone to use the code 9BQ9BW9 when they need to download software, you need to generate a code on an genuine copy of XP every time, before you can install on a pirate copy. If you're doing that, it's not too much trouble to download the program on a genuine XP machine and then transfer it to the pirate XP machine. WGA at this stage is not to prevent people downloading software onto pirate copies of XP, it's simply a deterrent and makes it more difficult for companies selling computers with dodgy versions of XP as customers will start asking questions.

#14.1 Neobond on 24 May 2005 - 11:07

I agree its a detterent, but I also think its a scaled down Activation tool, because there is so many ways to be able to use a pirated version I also agree its more focused at OEMS and suppliers that may think they can get away with one license on many machines (pre-installs, rather than disc's).

#15 adrianarrakis on 24 May 2005 - 11:30

Is not the only way to bypass the WGA .. there is one more, an easyer way, and is around for more than 2 months already .. no need to install or to run anything

(1 reply) #16 Gowcra on 24 May 2005 - 11:32

ooooo i know this one adrian, is it BUY A LEGAL COPY OF WINDOWS? :ROFL:

#16.1 adrianarrakis on 24 May 2005 - 11:42

hehe .. is not what i`m talking about .. the comments are on how to skip WGA not how or why to be legit .. i respect neowin and i know i`m not allowed to write those things to the public

#17 Gowcra on 24 May 2005 - 11:57

how about u pm me then bud

adrain pm me

#18 DawnUnder2002 on 24 May 2005 - 12:12

It's actually easy to find using google

And indeed it is a far easier way to circumvent WGA.

#19 bravo369 on 24 May 2005 - 12:24

I still think this is pretty pointless. If it only checks before you download, you are going to start seeing MS patches available on bittorrent sites and elsewhere. All you need is one person to download and distribute unless it checks before you install also. Microsoft is not stupid so I find it hard to believe that this will be the only thing MS implements because it just seems too easy to get around.

#20 darkhooda on 24 May 2005 - 12:40

This crack is VERY simple... However, I don't think it works on WindowsUpdate still. That's currently the only mandatory check location.

#21 mr_demilord on 24 May 2005 - 12:49

#22 Magallanes on 24 May 2005 - 12:53

Crack?, why?, keygen run flawlessly.

I run many pc dell with genuine and legal windows xp but for install in network, the easy way is to install using the same serial number. Using a "illegal" copy of xp made the difference, you don't need to register each time you reinstall the os.

#23 loc[a]lhost on 24 May 2005 - 12:58

WGA is just stupid. A corporate cd-key generated by the most recent keygen will let you pass all those checks, and it always will, until Microsoft completely changes the key generating algorithms.

#24 JK1150 on 24 May 2005 - 20:52

or just click, "No, do not validate Windows at this time, but take me to the download."

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Neowin.net

Bypass found for Windows piracy check

Share this Article

About the Author

Related news