Microsoft Genuine Advantage Cracked in 24 Hours 522
jrobie writes "It looks like mandatory validation of your Windows XP license is now voluntary again. A simple hack has been found that disables the check.
BoingBoing has the story. "
I can't believe I was actually worried about this. (Score:5, Informative)
A simple hack has been found that disables the check.
It's simple, all right...as simple as the kids over at Microsoft who decided to implement an anti-piracy measure utilizing javascript without any input validation. Sheesh.
Re:It works... for now (Score:1, Informative)
Who really cares about this?? (Score:1, Informative)
People who break authentication so they can pirate software are hurting free and open source software. This behaviour encourages people to pirate the software. If you want to use Microsoft software then don't break the law and don't use pirated copies. That's right, pay for legal use of the software. Use you elite hacking skills to improve free and open source software.
Article Text (Score:3, Informative)
Microsoft "Genuine Advantage" cracked in 24h:
"This week, Microsoft started requiring users to verifiy their serial number before using Windows Update. This effort to force users to either buy XP or tell them where you got the illegal copy is called 'Genuine Advantage.' It was cracked within 24 hours."
Before pressing 'Custom' or 'Express' buttons paste this text to the address bar and press enter:
java script:void(window.g_sDisableWGACheck='all')
It turns off the trigger for the key check.
More then one way (Score:5, Informative)
Re:WTF (Score:5, Informative)
And now for something completely different (a comment about the article): I'm pretty sure the one who programmed this check knew that it wasn't bulletproof, and maybe it's just a case of a "proof of concept" project which suddenly becomes a "Gone live" project. - It will be pretty easy for them to fix, but it really is a huge embarassment for them, and you would think that a company with that kind of resources had rules to cover things like that (as in Rule #302742314 "Clientside checking is only okay if followed by a Serverside check").
Since BoingBoing is getting hammered... (Score:3, Informative)
Thursday, July 28, 2005
Microsoft "Genuine Advantage" cracked in 24h:
window.g_sDisableWGACheck='all'
AV sez, "This week, Microsoft started requiring users to verifiy their serial number before using Windows Update. This effort to force users to either buy XP or tell them where you got the illegal copy is called 'Genuine Advantage.' It was cracked within 24 hours."
Before pressing 'Custom' or 'Express' buttons paste this text to the address bar and press enter:
javascript:void(window.g_sDisableWGACheck='all')
It turns off the trigger for the key check.
Link [theinquirer.net] (Thanks, AV!)
Can Also Just Find a Direct Link (Score:3, Informative)
http://download.microsoft.com/download/8/1/5/815d
to get the anti-spyware program.
Different Way to Crack It... (Score:5, Informative)
Re:From the "rejected key" page (Score:3, Informative)
Which is fine by me. Patch the security wholes without bugging me, just my style.
Re:It works... for now (Score:5, Informative)
Microsoft has been saying don't run unknown EXEs and ActiveX controls. They do sign all of their controls so for those of us who check before we run something we can validate that they're actually from Microsoft or some other trusted party before we run the app/control.
What about softmods? (Score:2, Informative)
What about softmods? There's several of them around, designed for various purposes. Most of them are meant to be used to run XBMC, admittedly, but in theory they could be generalized to run Linux or something.
Check the various tutorials: http://www.xboxscene.net/tutorials.php?p=151%7C#1
Re:I can't believe I was actually worried about th (Score:2, Informative)
Re:Unbelievable. (Score:4, Informative)
But if you are using ANY validation control in ASP.NET, you sure as hell better be calling Page.IsValid on the server side instead of relying on the javascript functionality. well, I guess this assumes you knew that the validation controls can be ran from the server side...
Re:I can't believe I was actually worried about th (Score:3, Informative)
Comment removed (Score:5, Informative)
Just disable the tool (Score:3, Informative)
I cracked it nearly 6 months ago ;) (Score:5, Informative)
I mean, it was just so easy and obvious; I can't believe everyone else hadn't already found out about the easy ways to bypass it long ago.
Re:Who wouldn't know ? (Score:1, Informative)
Re:only for the geeks (Score:1, Informative)
microsoft even has instructions
http://support.microsoft.com/default.aspx?scid=kb
Re:I can't believe I was actually worried about th (Score:2, Informative)
No, this is to nail 'whitebox' sellers who purportedly sold you a copy of Windows XP but just pocketed the proceeds and left you high and dry.
Windows update verification (Score:1, Informative)