www.hackingspirits.

com

Defeating WGA (Windows Genuine Advantage) Validation

by
Debasis Mohanty

Incase you are aware of Microsoft WGA validation then you can directly jump in
to the PoC section otherwise it is advisable to read on WGA and what it does
before reading the PoC.

Refer the Microsoft link to know about WGA

http://www.microsoft.com/genuine/downloads/FAQ.aspx?displaylang=en

Proof of Concept (PoC)

This PoC explains how Microsoft WGA validation check can be defeated and any
Microsoft product with the WGA validation feature can be run and installed on
machines running pirated copy of Windows XP. To bypass WGA validation
check, one can run “GenuineCheck.exe” file on a machine running a copy of
an authentic Windows XP for generating a key code. This key code generated
on the machine running genuine copy of Win XP can be used to circumvent the
WGA check on the machine running a pirated copy of Win XP.

Below given are the steps to defeat WGA validation check on a pirated copy of
Win XP –

Case Study – Download and Install Windows AntiSpyware on a pirated copy of

Windows XP

Steps for Bypassing WGA Validation Check

1. Visit the Microsoft download link to download a copy of Windows Anti-

Spyware.

PoC by Debasis Mohanty

www.hackingspirits.com
 www.hackingspirits.com

PoC by Debasis Mohanty

www.hackingspirits.com
 www.hackingspirits.com

2. After clicking on the “Windows Anti-Spyware” link in the download section

the following screen will appear with a “Continue” button in it. Click on the
“Continue” button to go to the next screen.

3. The screenshot below is the next screen that appears after step 2. Select
the first option and click on the “Continue” button.

PoC by Debasis Mohanty

www.hackingspirits.com
 www.hackingspirits.com

4. The screenshot below is the next screen that appears after Step 3. Scroll
down to the “Alternative Validation Section” and click on the link
“Genuine Windows Validation, Alternate Method”.

5. The following page appears after clicking on the “Genuine Windows

Validation, Alternate Method” link. To download a copy of
“GenuineCheck.exe”, click on the “Continue” button.

PoC by Debasis Mohanty

www.hackingspirits.com
 www.hackingspirits.com

6. After downloading “GenuineCheck.exe”, run it on the machine running a

genuine copy of Windows XP. It will generate a code which is used for WGA
validation. Copy the code and use the same code to validate a pirated copy
of Windows XP and bypass the WGA.

7. The code generated in the above step can be copied and pasted on to the
WGA validation page on a machine running a pirated copy of Windows XP.
Then click on the “Validate” button to continue. Since the code was
generated on the machine running a genuine copy of the OS, the online
validation fails to identify the pirated copy of the OS and allows the software
to be downloaded and installed.

8. After the code is “Validated” on the machine running a pirated copy of

Windows XP, the following download screen appears. Now the software can
be downloaded and installed on the pirated copy of Windows XP without any
problem.

PoC by Debasis Mohanty

www.hackingspirits.com
 www.hackingspirits.com

PoC by Debasis Mohanty

www.hackingspirits.com