Brute force keygen cracks open Vista
There's already been a workaround discovered for using a Vista upgrade DVD to perform a full install, but some intrepid hackers now appear to have opened up an even bigger flaw in the shiny new OS's armor, developing a brute force keygen that spits out valid product activation keys. While the keygen has been confirmed to work by a number of sources, it's hardly a quick-and-easy hack, requiring some significant horsepower and quite a bit of patience, needing anything from a few hours to a few days to churn out a key. Not to mention the small problem that Microsoft could seemingly stop this particular hack in its tracks relatively easy. As ZD Net points out, however, the keygen could very well cause some additional headaches for Microsoft once the keys generated start overlapping with those already out there in legitimate copies of Vista, presumably leaving anyone who picks the wrong box out of luck.[Thanks to everyone who sent this in]
Reader Comments (Page 1 of 1)
Someone @ Mar 2nd 2007 1:48PM
"...requiring some significant horsepower and quite a bit of patience, needing anything from a few hours to a few days to churn out a key."
Windows Vista: Resource hog using the software, resource hog cracking the software.
Matt @ Mar 2nd 2007 1:49PM
Vista Business ISO + a KMS server = FREE ACTIVATION!
AppleJack @ Mar 2nd 2007 1:50PM
A NEW CHALLENGER APPEARS!
Mike @ Mar 2nd 2007 2:11PM
Wait.... Vista was cracked by a KEYGEN? Wow... Was XP even cracked by a keygen? I never heard anything about an XP keygen, and all XP keys had to come from actual XP installs... I am really anticipating all the security holes that are bound to pop up... Any day now.......
Paul @ Mar 2nd 2007 2:31PM
There was no keygen for XP because it was easily cracked by other means. *cough*(Corporate copy)*cough*
This same method could have been used on XP but it was not time effective, not sure if it even is now.
Also, this is not a 100% thing. What happens when Vista released, they generate a key which is entered into a database of active keys. So, you could generate 100 keys with this program and they will let you install Vista, but they will not activate because they are not in Microsoft's database or someone else (who actually bought it) has already activated it.
Instead this keygen makes what it thinks could be a real key, checks to see if it is a real key, alerts you that it has found a potential candidate, you enter it in, and try to activate it, If this key has been assigned to a copy of Vista which has not been activated you win, and some poor sucker who bought that copy for $200+ is now screwed.
All in all I think that if you are this desperate for a free copy of windows Vista, you should instead save up your money and just buy it for yourself. (Or use "Alternative" methods to acquire a copy)
Allie @ Mar 2nd 2007 2:13PM
All this anti-Microsoft fervor is just too much to handle. It's like Christmas morning: bloggers giving up on Vista, others hacking it, major bloggers asking if windows even matters anymore (see http://advancedmediacommittee.typepad.com/emmyadvancedmedia/2007/02/cracked_windows.html ).
The future looks a little bleak for Microsoft. Which means it looks pretty good for the rest of us.
- Allie
Xenoterranos @ Mar 2nd 2007 2:52PM
That XP keygen was just a database of a few KP keys packaged into an executable.. Some of them where even Office keys.
Manuel @ Mar 2nd 2007 3:02PM
Now trying this .... 3 hours still nothing...
Phoenix Enigma @ Mar 2nd 2007 3:04PM
OK MS, the game is on! Let's see if they can lock down Vista now . . . I'm waiting for a torrent to include a Vista Ultimate x64 iso with a crack based on this, and maybe the protected media crack too . . . because that torrent cant be far off now.
Also, as per Moores Law, this attack will grow more feasible with time . . . and it doesn't hurt that most machines that will handle Vista are going to be reasonably fast.
randy @ Mar 2nd 2007 3:10PM
Hopefully this will be a WAKEUP CALL to Microsoft that their Vista (Windows 95.4) upgrade is WAY OVERPRICED.
Arno @ Mar 2nd 2007 4:51PM
Any link so that I can start churning out keys with all the idle CPU cycles on my server PC? (which BTW is running a cracked Vista with a RC1 key)
John Doe @ Mar 2nd 2007 6:45PM
Hmmm distributed processing App designed to churn out keys?
Ryan Tenney @ Mar 2nd 2007 6:57PM
I don't know about these keys overlapping... A key (at least for XP) is 25 characters long, each with around 32 possibilities (A-Z,0-9, minus a few characters that are easily confused). That works out to over 40 trillion trillion trillion possibilities. I highly doubt there could ever be a collision
Tracert @ Mar 2nd 2007 8:41PM
You are calculating all the possible combinations that any 25 character string can make. However,the subset of VALID keys that may be generated within those 25 characters is much smaller than all possible combinations. Therefore, a collision is probably much more feasible than you have predicted.
But, I agree with you that it's probably unlikely. I think we can safely assume that Microsoft will have prepared for the possibility of shipping a lot of units, and allowed for a lot of keys as well.
tekdroid @ Mar 2nd 2007 11:26PM
I know Vista will let me be a more productive by 3000%, so I will downgrade to it immediately. I'm just bothered by these Microsoft-hating Wikipedians.
http://en.wikipedia.org/wiki/Criticism_of_Windows_Vista
rantanamo @ Mar 3rd 2007 4:12AM
More talk from people that don't even have Vista. You guys are pathetic.
slyecho @ Mar 3rd 2007 6:03AM
I just downloaded Vista Business for free. But it's totally legal, because I got it from MSDN Academic Alliance. Check your college or university if they have signed up for the program.
jordan @ Mar 3rd 2007 1:58PM
http://keznews.com/forum/viewtopic.php?t=2782
FYI, it's a hoax. In theory it could work, but *hasn't* yet!
Norm @ Mar 5th 2007 1:30PM
It was a pain in the butt to get that vbs file replaced, but now that I have, I seem to be going nowhere fast.
I do wish this was a bit easier... but in any case, I have a real license also so I'm not *too* annoyed.
patricia priestley @ Dec 14th 2007 4:05PM
help me i need my vista poducts key/and windows office 2007