Defeating WGA (Windows Genuine Advantage) Validation

by

Debasis Mohanty

 

Incase you are aware of Microsoft WGA validation then you can directly jump in to the PoC section otherwise it is advisable to read on WGA and what it does before reading the PoC.

 

Refer the Microsoft link to know about WGA

http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en

 

Proof of Concept (PoC)

This PoC explains how Microsoft WGA validation check can be defeated and any Microsoft product with the WGA validation feature can be run and installed on machines running pirated copy of Windows XP. To bypass WGA validation check, one can run “GenuineCheck.exe” file on a machine running a copy of an authentic Windows XP for generating a key code. This key code generated on the machine running genuine copy of Win XP can be used to circumvent the WGA check on the machine running a pirated copy of Win XP.

 

Below given are the steps to defeat WGA validation check on a pirated copy of Win XP –

 

 

Case Study – Download and Install Windows AntiSpyware on a pirated copy of Windows XP

 

Steps for Bypassing WGA Validation Check

 

  1. Visit the Microsoft download link to download a copy of Windows Anti-Spyware.

 

 

 

 

  1. After clicking on the “Windows Anti-Spyware” link in the download section the following screen will appear with a “Continue” button in it. Click on the “Continue” button to go to the next screen.

 

 

 

  1. The screenshot below is the next screen that appears after step 2. Select the first option and click on the “Continue” button.

 

 

 

  1. The screenshot below is the next screen that appears after Step 3. Scroll down to the “Alternative Validation Section” and click on the link “Genuine Windows Validation, Alternate Method”.

 

 

  1. The following page appears after clicking on the “Genuine Windows Validation, Alternate Method” link. To download a copy of “GenuineCheck.exe”, click on the “Continue” button.

 

 

 

  1. After downloading “GenuineCheck.exe”, run it on the machine running a genuine copy of Windows XP. It will generate a code which is used for WGA validation. Copy the code and use the same code to validate a pirated copy of Windows XP and bypass the WGA.

 

 

 

  1. The code generated in the above step can be copied and pasted on to the WGA validation page on a machine running a pirated copy of Windows XP. Then click on the “Validate” button to continue. Since the code was generated on the machine running a genuine copy of the OS, the online validation fails to identify the pirated copy of the OS and allows the software to be downloaded and installed.

 

 

  1. After the code is “Validated” on the machine running a pirated copy of Windows XP, the following download screen appears. Now the software can be downloaded and installed on the pirated copy of Windows XP without any problem.