Results 1 to 7 of 7

Thread: Inside Windows Product Activation (WPA)

  1. #1
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,114
    Blog Entries
    5

    Inside Windows Product Activation (WPA)

    Some of you crypto wizards might be interested in this document:

    Windows Product Activation (WPA) as implemented in Windows XP

    h*tp://www.licenturion.com/xp/fully-licensed-wpa.txt

    The text details how the Windows Installation ID, a number consisting of 50 decimal digits generated by msoobe.exe, and which is sent to MS in return for a Confirmation ID to complete the registration process, is derived from the Product ID and your hardware configuration. It doesn't discuss the Confirmation ID of course, just how your hardware config is used to generate the Installation ID.

    Kayaker

  2. #2
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,114
    Blog Entries
    5
    Doh! My apologies, I see JMI already posted this a day ago on the RE forum. Guess I missed it the first time around. So much for the scoop, heh. In any case, it's interesting and crypto based, so it might as well be mentioned again here.

    http://www.woodmann.net/forum/showthread.php?threadid=2139

  3. #3
    Cmefantastic
    Guest

    Question 2 Call me a newbie would complement

    Way off topic mate, sorry bout that.

    Was putting off doing the XP crack so the days counted down.

    HAd to reset bios yesterday, now Xp has got clever with the date change and can't log on. Is there a Dos based crack can use, am i insulting anyones intelligence, sorry guys.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Howdy,

    Does the puter even boot?
    Does it boot then stop and say "no way"?

    Anyway, Maybe you should just nuke the partitions and
    re-format.

    Peace, Woodmann

  5. #5
    Rummy
    Guest

    Question 6 months on...

    Looks like about 6 months since the last msg on this thread. I've searched this board and the internet generally and not found anything really useful about the algorithm(s) used by WPA.

    On this board it was mentioned that some variant of RIPEMD (-160?) was possibly part of the activation scheme. Around the internet, there doesn't seem to be any real keygens.

    From what I can see, an activation code would have to be more than a simple hash of the CD key and "unique" system identifier, because changing just one bit of the system ident. would completely alter the hash value. Since one is apparently allowed to make certain hardware changes without triggering re-activation, there has to be other stuff going on.

    On this board, there were a few threads, now months old, about taking the reversing of the whole WPA scheme underground. Does anyone have any new information they wouldn't mind sharing? Could be done through private email (with or without PGP) if it's still considered sensitive information.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    MTB
    Guest
    Normally I don't respond to these requests but since it is in the RCE section I will.

    There are several cracks running around the net for XP and XP Office. They operate by doing a hardware search then coming up with a key, note I have NOT tested it. According to the discussions I have seen it takes the program about 10 attempts to get it right. So if you want the crack I suggest you search in the usual places for it, then reverse it.

    I hope your math is up to the task, I hear it is pretty nasty.

    MTB
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Rummy
    Guest
    It only generates product keys, which would normally be found on a legit certificate that comes with the product. The only thing that does for you is give you something that can be used to activate the product with over the phone.

    There's no info out there that explains (or attempts to explain) how an activation code is genned from this key or where in the boot process the key is verified to give a go/no-go indication.

    News stories claiming the WPA is "totally" cracked are just wrong. The way I see it, almost a year after release the MS WPA scheme has yet to truly be "cracked" by anyone.

    Thanks for the response, in any case.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Replies: 12
    Last Post: January 11th, 2008, 03:44
  2. Product Activation
    By NoLoader in forum The Newbie Forum
    Replies: 22
    Last Post: September 22nd, 2007, 01:34
  3. Inside Windows Rootkits
    By Kayaker in forum Advanced Reversing and Programming
    Replies: 4
    Last Post: August 27th, 2006, 02:14
  4. Microsoft MSO.DLL (Product Activation)
    By Nad_Af in forum Malware Analysis and Unpacking Forum
    Replies: 17
    Last Post: June 3rd, 2004, 09:58
  5. link: Windows Product Activation
    By disavowed in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: July 10th, 2001, 23:15

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •