The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Microsoft Genuine Advantage Hacked Again

Posted by Xavier Ashe on December 28, 2005

In addition to adding Mozilla plugin support, it seems Microsoft
removed the chunk of code that accepted a cookie value that bypassed
Windows Genuine Advantage requirements, breaking my Trixie/Greasemonkey
scripts. As I don't have the luxury of continuously activating my MSDN
licensed boxes for WGA purposes, I created new scripts and a new
hash-generation automated job on my main desktop.

Every two hours, my main desktop executes a custom program that a)
launches GenuineCheck.exe, b) uses Win32 API to jot down the current
hash, and c) uses PuTTY to echo the hash into a file
on my host. I retreive this hash on-demand using simple XmlHttp objects
in the scripts and append them to the current URL. Simple! (source

Download the new Greasemonkey script (verified to work in Trixie unmodified)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: