|
|
Vista activation cracked by brute force
Author: Brett ThomasPublished: 1st March 2007
"Just like the real thing" - A brute-force hack for Vista's licensing has begun to make the rounds.
Most of us remember the great effort Microsoft put in to developing a complicated and "foolproof" license setup for Windows Vista, and everyone has been waiting for its horrible defeat. Well, it looks like some crackers just got medieval on it.
Brute force cracking is as old as data security - if you have a hunch that someone uses a particular style of password, you can throw every password that fits those parameters at it in every combination until one of them is accepted. It's long, it's dirty, and it works on the Vista activation system.
The short keylength of 25 characters puts it well within the possibility of trying them all until one works. The only downside is, each legal copy of Vista is only able to be activated a certain number of times - so these codes that are accepted may easily end up activating units already on the shelves or even on someone's computer. It would entirely be possible to take your new computer home, plug it in, and find out your OS is not authorised since other people have already activated it.
Charlie mentioned that he didn't have a copy of Vista to test it on because of its anti-user measures, but the premise sounds pretty interesting and if it becomes widespread there could be some serious problems. What would Microsoft do if legitimate users are unable to register their legal software? I would not want to be an employee at the call centers (wherever they are) when this starts to get popular....
It all goes to show the old adage - "When you build a better mousetrap, you build a better mouse." Sometimes you just build an angry mouse, who takes a very big sledgehammer to your very delicate, Rube Goldberg-esque trap.
Do you have a thought on the Vista key debacle? How about a way for Microsoft to get out of its jam? Let us know in our forums.
Recent articles on bit-tech.net
Comments (39)Stats: 0.137 seconds
Plus, the file has been popping up on a few sites, but differing in sizes so just would like to put a warning out -- it may have been bound with a backdoor/rootkit on some sites.
Sam
this is the case with 99% of ALL key software, it is not just MS, so I dont really see how its such a big thing.
This is my favourite line of 2007 so far. So true.
:D
3DS Max
XSI Softimage
Maya
Adobe Creative Suit
all can be cracked with a keygen.. and this is basically a long winded way of getting a keygen.. omg !! SUCH NEWS!!
oh wait... no its not.
Although I have only cracked passwords upto 14 characters alpha numeric with symbols that took about 1 month per pass using john the ripper under ubuntu 5.1 on an athlon 2600+ with 1gb of ram.
Make sure you buying it on a credit card then. Might be the only way to get your money back.
Personally, I dont think that they will screw their customers over like that.
To be honest though, I couldn't help myself but laughing my rear off. Even though I know this is pretty serious, and that people who buy the OS and find that they can't even register it is pretty bad. But the way Bit-Tech has written it, it seems like Microsoft is really falling on their own big mouths here, hehehe.
Safest Windows ever! Best security in Windows ever! No virusses for Vista!
....
pewPEWpew! Byebye to all the bigtalk, hello to reality. :D
Sorry Microsoft, but if you are trying to get us to believe you're doing a good job, make sure you actually áre doing a good job. We'll talk about playing suck-up after that ;)
Too bad though... with the first screenshots of Vista I was actually excited. But the more I hear about Vista, the more it seems like hot air, wrapped in a nice XP-compatible skin ;)
It does sound fast for a key of that length... ~808,281,277,460,000,000,000,000,000,000,000,000,000 possibilities assuming any character can be one of thirty-six things (which obviously it can't since then any random typing would be a valid key, so they must know quite a bit about the structure)
Realistically, if this starts to become a problem, they're just going to have to relax the licensing restrictions, in order to keep the legit purchasers who get stung (who could number MANY when this crack gets known in the wider world) from turning up at Redmond with pitchforks and flaming torches.
I guess one semi-solution is to limit the number of activation requests serviced in a given time by each IP address - e.g. no more than 5 goes in a 1 hour period for any IP address. This would slow down the brute force something chronic (though I guess you could in principle use a distributed attempt from a botnet to spread the requests over many IPs), but would still allow for a couple of typos in the key, or for the (rare) situation where an IP leased to one person who has used it to activate his copy of Vista is then dropped and immediately re-leased to a second person who also needs to activate.
EDIT: I guess the point is that ANY activation / copy protection will eventually be broken, given enough effort, and MS' software will always attract that kind of effort. The best MS can hope to do is inconvenience the hackers enough that for the majority of people it isn't worth the hassle of working through the crack just to save a few £$
much less buying.
26 letters+ 10 numbers = 35 possible characters*.
25 positions*.
35^25 = 3.9966959347247031355112791061401e+38
number of seconds in a millenium = 3.1556926e+10
So even if we could try one million per second, there's still no hope of trying all combinations in any of our lifetimes.
And again, even if Microsoft does have 10 billion codes reserved, that's still less than 0.000000000000000000000001% of the total permutations.
*Obviously there will be fewer permutations, depending on the number of restrictions on the codes.
http://www.overclockers.com/articles1416/
i'll quote an excerpt:
"The Customer Service Manager told me that I could either borrow an XP Home disk from a friend (isn't that software piracy ??) or look online for one of the many Vista Activation cracks to bypass Vista Activation completely, and specifically mentioned "TimerLock" (um... hey, HE told me to do it !!). Well, I followed his instructions."
this story is simply hilarious!!!!!
With Vista, the need for a key to install it in the first place is no longer there. But the algorithm hasn't been worked out for a keygen, because MS REALLY did its homework on this one. Spent millions, in fact. The idea was, if you can't generate a keygen because the algorith can't be cracked, there would be no widespread cracking.
Because of that philosophy, crackers haven't been able to determine "safe" keyzones that won't infringe on other licensees. Rather than not cracking, they're just throwing numbers at the wall and seeing what sticks. It could be a corporation with 50 licenses. It could be the dude down the block. And if it's the dude down the block, he may find a bunch of people used up all his activations. If MS gives him a new key, there's a chance that one could get the exact same problem.
It's different than the XP issue simply because it's too hard to reverse engineer a decent keygen. That was supposed to stop the pirates. Instead, it's likely to simply inconvenience the users to an even greater degree. No matter what kind of complex, 10 tumbler lock you make in hopes it can't be picked, the door can still be broken down with a sledgehammer - and that has a far greater chance of hurting those standing behind said door.
Anyway, that was my purpose for writing it and why I felt it was newsworthy. :)
agreement is so out of touch and overbearing ms deserves every bit of crap they get over this. also who would want to buy vista in the state its in now and at a
rediculous price
I mean, if i don't like it, i haven't lost anything, and if i do like it, then i can still go out and buy it
But ms don't give trials or anything, in fact if you go and download the iso or whatever you can get a better trial then what MS gives you (at least i don't know any way of trialing it)
Although, 30 days really isn't a good trial period, MS should give you like 3 months or something, and that way their more likely to get you hooked anyway
of course now you can generate a completely valid code anyway - BTW were there ever keygens for XP - and if so why aren't the codes you normally get seen as valid :s
Also, if you get a load of keys that didn't work (like trillions) and then some that did work (10's) after a while someone who is good at coding can work out a way to generate keys
technically you could brute force it, but the likelyhood of getting a valid key is very low
The new one uses the oem style activation method from the likes of dell/asus so its going to be hard to stop the use of it.
gives lots of BSOD's though..
x npr y = x*(x-1)*(x-2)*...1/(x-y)...
or more simply
x npr y = x!/(x-y)!
so thats 35!/10! - come on bit tech staff...
edit: thats with the assumption given by the above poster on possible number or characters for entry into the 25 space string