Jump to content


Photo
- - - - -

wga hack again


  • Please log in to reply
4 replies to this topic

#1 nikon-xillion

nikon-xillion

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 13 posts

Posted 05 September 2006 - 09:10 PM

this was posted to slashdot today

bypass WGA check on any microsoft.com download

1. download mgadiag.exe
http://download.micr...8A6/MGADiag.exe

2. start mgadiag.exe and look at the download center code
3. visit a download page at microsoft.com
4. append &Hash=”download center code” to the url (example &Hash=6VJPCR9), no quotation marks needed
5. Hit enter

enjoy.

#2 v0id_64

v0id_64

    H4x0r

  • Members
  • 33 posts

Posted 05 September 2006 - 09:53 PM

Mind at least explaining to everyone why and how this works? I find it somewhat lame when someone posts a so-called "exploit" without even explaining anything at all. That's no technical skill; that's simply clicking a few buttons.

#3 Linux

Linux

    SUP3R 31337 P1MP

  • Banned
  • 278 posts

Posted 05 September 2006 - 10:01 PM

/d

Edited by Linux, 05 September 2006 - 10:02 PM.


#4 nikon-xillion

nikon-xillion

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 13 posts

Posted 05 September 2006 - 10:16 PM

Mind at least explaining to everyone why and how this works? I find it somewhat lame when someone posts a so-called "exploit" without even explaining anything at all. That's no technical skill; that's simply clicking a few buttons.


v0id_64 is teh win i bow to you. i have 0 skills :)

the person that discovered this and found the mdiag tool has worked out that wga download validation uses your "download center code" which in turn represents the hash="your code here" i have no idea how he found this as their is no details on his posting. The original link is here

i tested on another product key from the same area i live in. my friend got the same download center code so maybe product regions have the same download center code.

happy now mr v0id?

Edited by nikon-xillion, 05 September 2006 - 10:25 PM.


#5 rEph

rEph

    mad 1337

  • Members
  • 145 posts
  • Location:Huntsville, AL

Posted 06 September 2006 - 06:03 AM

Well it's obvious HOW it works, though I'd like to know what the hash is created from. though guessing from previous problems with windows WGA, ie adding hardware buggers it up for ya. I assume it's a hash created from the hardware on the computer and perhaps against thr serial key used for windows...though I really have no idea. Though I don't think the small flame ya tossed out with your reply is warranted considering he was simply relating the information and isn't really the one to relay the how, simply that it exists...what however I do suggest is if you see an exploit mentioned, and don't understand how it works, then YOU reseqarch it and post the hows of it...mindless flaming however isn't needed.

Edited by rEph, 06 September 2006 - 06:06 AM.





BinRev is hosted by the great people at Lunarpages!