Hacking

It has been to long for me to update everyone on a way to bypass windows genuine advantage. I receive loads of emails and web traffic searching for their answers on how to bypass WGA. I finally got some spare time to test some things out so let me update you on what you need to get started, and how to get it done.

I’ll be updating this post with step-by-step instructions on how to pass WGA, in the mean time, I think this video explains this fairly well.

[youtube width="425" height="355"]http://www.youtube.com/watch?v=3ONMgzbspo8[/youtube]

Back in October 12, 2005, I wrote a post on how to bypass Microsoft’s Windows Genuine Validation. I would just like to remind everyone that are is still ways of getting around this nuicence, and there will always will be. Let me remind some people or inform thoughs that already don’t know…

Microsoft’s Windows Genuine Validation is basically code that is slipped onto your PC when you update Windows. If you have automatic updates on, it was even more hidden because Microsoft won’t tell you what they are putting on your computer until it’s there. Anyways…what it does is checks your version of Windows XP for a Genuine CD key. So if you have a pirated version of Windows XP on your computer, it is going to tell that your version isn’t genuine. If it isn’t a genuine version of Windows XP, you will not be able to receive any of the updates (like anyone does update anyways).

For those who just can’t find life without Windows updates (Ya, there are times you need them.) here is the newest, and updated way around it. This will also include the new update of Microsofts’ of making annoying reminders that are copies are not “genuine”.

How To: Turn off the annoying WGA reminders-

This is so simple that It makes me wonder why Microsoft did it in the first place. When you load into a user, you will recieve a bubble on your taskbar, along with a icon. When right clicked, you get a “Change Notifications Settings” menu choice. Click on it. It will take you to the Microsoft site, and you will be given a check box to turn off the reminders that you aren’t running a genuine version of windows.

Like I said simple.

How To: Get Windows Updates With Non-Genuine Version of Windows-

Well, the way to get around WGA has changed since October of 2005, but if you have been checking out the original post I made, you would notice it still gets alot of activity.

The fix is the same as in the recent comments. It is a registery fix, and I’ll let you in on it.

Instructions-

1- Go to the Windows Updates page, and download all updates including windows genuine valdiation.

(You will know that you are ready to move on to step two when you go back to the Windows Updates page again, click “custom” or “express”, and you recieve a page that notifies you that your version of Windows is not Genuine. If this happens move on to step two.)

2- Go to start, run, and type in regedit

3- Locate yourself to HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ policies \ EXT \ CLSID

(HKLM= HKEY LOCAL MACHINE)

4. There will be two files, one has no value, and the other one should be set to 1.
Change the file value data that is “1″ to “0″.
5. Open windows update.

6. Select which way you want to go (either custom or express) it doesn’t matter at this point.

7. You will be asked to reinstall the Validation tool. It now thinks you don’t have Windows Genuine Validation installed, but you do. DON’T CLICK THE BUTTON! DON’T CLOSE THE PAGE! DON’T REFRESH THE PAGE! Instead…put the registry data variable string that you deleted back in with a value of “1″. Once you have the value set back to “1″ close regedit and return back to your open Windows Update window.
8. Click back and then click the update method of choice (Custom or Express) and voila! It works!

Deleteing it completely. (Advanced)-
End the process wgatray.exe in Windows TaskManager and restart Windows XP in safe mode. Now delete the following files:

Delete WgaTray.exe from c:\windowss\ystem32
Delete WgaTray.exe from c:\windows\system32\dllcache

Start Windows Registry editor and delete the folder “WGALOGON” located in the following location:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\WinlogonNotify. Delete all references in your registry to WgaTray.exe

Another alternative suggest that three files are installed Windows XP System Folder:

\WINDOWS\system32\WgaLogon.dll
\WINDOWS\system32\WgaTray.exe
\WINDOWS\system32\LegitCheckControl.dll

The wgatray.exe process makes the check for genuine windows software. You can disable WGA by removing the execute bit on WgaLogon.dll. That way, winlogon can’t call it as a notification package at boot, and since WgaLogon is responsible for running and maintaining WgaTray.exe, no more tray popups either.

To change the execute bit of WgaLogon.dll, first turn off Simple File Sharing. Now right click the file in Windows Explorer and open the Security Tab. Hit the Advanced button, uncheck the Inherit box at the bottom, hit the Copy button, then hit OK. Go through each listed user/group and remove the “Read & Execute” permission for that file, leaving the “Read” permission as-is.

Hit OK to apply the permission changes and close the file properties dialog. Restart the machine. You can now turn “Use simple file sharing” back on, if you want.

A third alternative posted on the internet suggest that users clear the content of file data.dat located in the following directory:
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data

Save the data.dat empty file and change the attributes to “Read Only” – Restart you computer. Or start your PC in Safe Mode and delete the following files from Windows system32 folder – wgalogon.dll spmgs.dll wgatray.exe The WGA setup file is in C:\WINDOWS\SoftwareDistribution\ Download\6c4788c9549d437e76e1773a7639582a

If you don’t use “Fast User Switching”, you can disable the Windows XP Welcome Screen if you are logged in as an Administrator. This will remove the initial WGA Warning Screen:

1. Click on Start -> Control Panel ->User Accounts
2. Click on “Change the way users log on or off”
3. Uncheck “Use the Welcome Screen” – Choose Apply
4. Close the User Accounts window and the Control Panel
5. The next time you reboot your computer, the classic login prompt will be used

I just want to report that I don’t believe the javascript code line in the address bar method works anymore. Neither can you disable WGA in your browser. That is basically what you are doing in the registery. You are making it seem like you didn’t have WGA, hence “0″, downloaded it and passed as genuine, hence the change to “1″.

I’m sure Microsoft will come out with more updates to WGA, and we’ll find ways around it. So if you have problems, just come check out this post comments and I’m sure will have the fix.

Also, you can download the new pirated version of Windows XP Pro SP2 that is out on torrent. That has a fix on it so it looks genuine to Windows all the time. I suggest if you are going to reformat, you download that image and use it on the reinstall.

Good luck my fellow Windows piraters!

Securing Windows XP can be a real chore if you do not know what you are doing, but there are some really easy ways to protect yourself. As we all know, Microsoft’s OS (Windows) is really insecure and easily hacked. Microsoft, in my opinion, doesn’t tell there users enough about the operating system, hence making new users prone to virus, spyware, and hijacking.

So here are some really easy things to do on your computer help protect your computer.

1-Changing your boot sequence, and setting BIOS password.

A person can easily still all the data on your hard drive by sticking in a live CD, like Knoppix, loading it up, and taking anything they want. They do this by putting in the CD to the drive, restarting your computer, changing the boot sequence to CD first, and booting their CD. When the user is in, they can take you SAM.SAM file (Windows Password File), crack it, and know your passwords.

It is really easy to fix this problem, but keep in mind, this will only discourage the hacker, or make slow him down, but it is not impossible to get around… like any other type of security.

Restart your computer and wait until the boot diagnostic screen tells you that you can enter the CMOS Config. To enter the CMOS config, hold down the key your boot diagnostic screen says, it will most likely be the DEL, F2, or F12 key.
Once you have entered CMOS, get to your boot loader page (all CMOS Configs are different, so I can’t really say where you will find it on your CMOS) Once located, change the setup to: FIRST= Hard Drive, SECOND= Floppy Drive, THIRD= CD Drive.
Now go in CMOS and find your “Set Supervisor Password” and password protect CMOS so a hacker can not change your boot sequence.
Save all changes

It is as easy as that, but remember the CMOS password will only slow down the hacker, or discourages him, if he really wants to get into the CMOS, he must pull the battery from the motherboard, or reset the CMOS by using the jumper on the motherboard.

2-Saving only NT Hash passwords

Microsoft for some reason saves two password hash files when you save a password to say… your user. You get a LM hash file, and a NT hash file. The difference is that NT hash is newer, and more secure, and LM hash has been used since Windows 3.1.

The funny thing is that you DO NOT need the LM hash at all! Your computer will run perfectly fine with out it, making your computer more secure.

So let’s get rid of that nasty LM hash

Log in as an Administrator
Go to the “Start” menu and click on “Run”
In the “Open:” text box type in “regedit” and click okay.
On the left hand side of the window you will see a tree menu, click on the folder HKEY_LOCAL_MACHINE.
Then click on SYSTEM, then CurrentControlSet, then Control, and then Lsa.
On the right side you will see the register file called “nolmhash”, double click and open that.
Change the “Value data:” to 0, and hit OK.

That wasn’t so bad now was it?

3- CTRL+ALT+DEL Real User Check

Some virus are coded to automatically login and begin to execute their code, we can easily stop them but screwing up there login code by making a user push CTRL+ALT+DEL, before logging in. In addition to that, we can change the login from the click and point to a user, to typing the in the Username, hence making your computer more secure (because the hackers won’t know your username).

In addition, say you have a little kid brother, or sister, and they love to screw with your computer. By doing the Real User Check, you can make it harder for them to login.

Log in as an Administrator
Go to the “Start” menu and click on Control Panel. (You may have to type “Control Panel” in your address bar in a explorer window if you do not see it on your start menu)
Go to “User Accounts” Under “Pick a task…” click on “Change the way users log on or off”
Uncheck “Use the Welcome Screen”.

You will now be switched back to the classic login, which is more secure.

4-Make a Lock Screen Shortcut

It is just one of the many human urges we get when we see someone else’s computer, or user logged in and unattended to. One just loves to get on and dink around with another’s stuff to screw it up.

It is so easy just to log off, but we don’t want to because that means closing apps. and when logging back on we would have to load all of are startup items again. So make a handy shortcut right on your desktop that you can easily click and lock the screen allowing no one to make any changes to your computer while not having to close any apps.

Right click on the desktop and click on New> Shortcut.
A wizard will come up and ask you to “Type the location of the item:” Point it to your Windows/System32/rundll32.exe (example: C:\WINDOWS\system32\rundll32.exe) Click Next
Name the shortcut something like… Lock Screen
YOU’RE DONE! That easy!

Well that was simple.

I hope you found all these tips helpful and trust me, it really does help. Questions are comments may be posted.

This simple guide shows you a couple tools helpful to logging into wireless networks whether they have encryption on our not.

Read More

The January 4, 2006 Dept. of Homeland Security Daily Infrastructure Report Highlighted a free online video and that shows the viewer the exact tools and procedures they need to hack into a person’s computer.

read more

Wow. The FBI is investigating the hijacking of milliondollar-homepage.com – the website that earned $1m (£566,000) for its British creator Alex Tew by hosting micro-advertisements – by hackers who demanded a ransom to restore the site.

read more