Announcement

Collapse
No announcement yet.

Vista Brute Force Crack Steals From Consumers, NOT Microsoft

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Vista Brute Force Crack Steals From Consumers, NOT Microsoft

    It seems that people are really desperate NOT to pay for Windows.
    It seems that someone who was "just testing his VBScripting skills" has posted a routine that attempts to activate a pirated copy of Windows Vista by brute force. That means that the script increments through methodically generated keys, and attempts to pass it on to Microsoft's activation servers for validation. If it fails, the generator moves on to the next one, until it finds a valid key. The author says this process can take anywhere from 2 hours to two days.
    UPDATE: Adrian explains how it works here.

    Here's the problem with this, folks. Previous Windows cracks have used leaked corporate activations keys to unlock Windows, which only really hurts Microsoft. This method actively steals a valid Product Key from Microsoft customers, because most keys can only be activated once. Think about that for a second. What if your mom just got home from laying down $150 for Windows Vista Home Premium, only to get it home and install it, and find out that their key has already been activated. Now, Microsoft doesn't get hurt, because the key has been paid for. But now your mom is branded a pirate, and has to go through a giant hassle to get a new legitimate key.

    Please, don't be an a$$hole use this method of activating Vista. It's one thing if your target is Microsoft, it's quite another if your target is an unsuspecting consumer who shelled out their hard-earned money to upgrade their home computing experience. And Microsoft, I hope you can shut this one down, for your customers' sakes.

    Source
    MCSE, MVP, CCIE
    Microsoft Beta Team


  • #2
    Temporary workaround..

    Don/t use your product key during your vista install, just enter it in system applet activation when you decide to activate..

    or

    Simply use product key during install and activate immediately..
    It is how-ever recommended you activate immediately.
    MCSE, MVP, CCIE
    Microsoft Beta Team

    Comment


    • #3
      Also this is a fake. The guy who "wrote" it admitted it:
      http://keznews.com/forum/viewtopic.php?t=2782
      Dean Clatworthy - Web Developer/Designer

      Comment


      • #4
        Also, although it could happen for sure, the actual chances of your one and only product key already being activated are pretty slim, since there are thousands (at least) of product keys.
        Forums

        Comment


        • #5
          Originally posted by Quillz View Post
          Also, although it could happen for sure, the actual chances of your one and only product key already being activated are pretty slim, since there are thousands (at least) of product keys.
          Thousands? More like 36^25. If it took you an unrealistic one millisecond to test each key, you'd be hammering away for 25630431172779174931606405392.457 years until you enumerated every single key.

          Or, if you could do one trillion a second, it would still take you 25,630,431,172,779,174,931 (25 quintillion) years.

          Enjoy your time.
          --filburt1, vBulletin.org/vBulletinTemplates.com moderator
          Web Design Forums.net: vB Board of the Month
          vBulletin Mail System (vBMS): webmail for your forum users

          Comment


          • #6
            Sounded fishy even before someone said it was fake, MS would spot someone repeatedly trying to verify different keys at their server in no time.

            Comment


            • #7
              Don't forget there's more than 1 key, there are also millions of working valid keys out there to accomandate all copies Microsoft is anticipating to sell. It's a "hit or miss without aim" kind of thing where its all about your luck. Improbable does not equate to impossible, though, it does cause problems to others should you be lucky enough to find one using that method...

              And those people who say its a trojan, they're just pulling sh** out of their a**, or they found a fake file claiming to be the real thing...
              Best Regards,
              Andy Huang

              Comment


              • #8
                Originally posted by RedTyger View Post
                Sounded fishy even before someone said it was fake, MS would spot someone repeatedly trying to verify different keys at their server in no time.
                Problem is, it does NOT contact MS server until the malicious user chooses to contact MS server manually if and when they do find a right key. The process (in a nut shell) is like this:

                Script makes random 25 character string
                Script passes that 25 character to windows (locally)
                Windows either accepts or rejects based on a mathmatical + encryption algorithm to see whether or not it is a valid key
                Script makes the next random 25 character string and repeat process

                Malicious user, on the other hand, uses a program to monitor changes to their system; if Windows rejects a randomly generated key, nothing happens; if windows accepts a randomly generated key, however, it updates its own records saying "Yeah, I'm using blah blah blah key". When the malicious user notices the change, he/she then goes through the normal activation procedures to contact MS to see if the key can be activated (only NOW it's going online to talk to MS).

                As mentioned, if a consumer tries to activate a key that is already activated, then the activation server will reject it. So if you go buy a copy of Vista today, and someone (anywhere in the world) fluked your key out of sheer luck, then you'll have to go through the problem of contacting MS, prooving your purchase, and then get a new key from them... a hassle most consumers would not expect... and should not expect in all honesty...
                Best Regards,
                Andy Huang

                Comment


                • #9
                  Originally posted by Dean C View Post
                  Also this is a fake. The guy who "wrote" it admitted it:
                  http://keznews.com/forum/viewtopic.php?t=2782
                  Nice find!

                  Comment


                  • #10
                    I've known about this since Wed Feb 28, 2007 2:00 pm

                    Comment


                    • #11
                      Originally posted by JakeS View Post
                      I've known about this since Wed Feb 28, 2007 2:00 pm
                      Do you want a medal?
                      Dean Clatworthy - Web Developer/Designer

                      Comment


                      • #12
                        Originally posted by Dean C View Post
                        Do you want a medal?
                        Yeah a big gold one, do you have it?

                        Comment


                        • #13
                          Originally posted by Dean C View Post
                          Do you want a medal?
                          lmao

                          Comment


                          • #14
                            Originally posted by JakeS View Post
                            Yeah a big gold one, do you have it?
                            Sorry I've run out of those. Can give you a special limited edition jar of sarcasm flavor marmite though if you're interested?
                            Dean Clatworthy - Web Developer/Designer

                            Comment


                            • #15
                              This thread seem to be going nowhere.

                              Also as per our vBulletin forum rules:
                              Discussion of illegal activities such as software and music piracy and other intellectual property violations are not allowed.
                              Thread closed.
                              Want to take your board beyond the standard vBulletin features?
                              Visit the official Member to Member support site for vBulletin Modifications: www.vbulletin.org

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X