Multiple Ways To Defeat Office Genuine Advantage (OGA)



Similar documents
Internet Explorer 11 Flash Install on Win7

Outlook Plugin. What is MangoApps for Outlook?

LinkedIn for MS Dynamics 2013, 2015, or 2016 Installation Guide

How To Use Windows Live Family Safety On Windows 7 (32 Bit) And Windows Live Safety (64 Bit) On A Pc Or Mac Or Ipad (32)

Guidelines for Installing SQL Server and Client (SQL Server Management Studio)

User Guide FOR TOSHIBA STORAGE PLACE

Contents Release Notes System Requirements Administering Jive for Office

User Profile Manager 2.6

Install MS SQL Server 2012 Express Edition

This feature is available on select devices featuring VUDU. In order to use this feature, your VUDU device must be connected to the Internet.

Lync 2013 FAQ s. How do I keep my Lync conversation window on top of all the other windows on my computer, so I can see it while I work?

ShoutCast v2 - Broadcasting with SAM Broadcaster

OmniServer UA Interface Tutorial. A Guide to Configuring the OmniServer OPC UA Server Settings

Contents. SnagIt Enterprise Installation 2. Overview of Enterprise Installation...2

Tunnel VNC through SSH Tutorial Version 1

ultimo theme Update Guide Copyright Infortis All rights reserved

RecoverIt Frequently Asked Questions

Easy Casino Profits. Congratulations!!

Internet Self Service FAQs

Argus Direct add-in for spreadsheets - Installation Guide

How to Setup your Account - Apple Mail for Mac OS X

Packet8 DTA-310 Firmware Upgrade, version

Stellar Phoenix Exchange Server Backup

Preparing a SQL Server for EmpowerID installation

What is the difference between MAK and KMS activation and how it is used? General Microsoft Volume Activation 2.0 FAQ... 2

Affiliate. For Dummies. Marketing. I m not saying the shit doesn t work. But that doesn t. change the fact that it s STILL dummy marketing.

Android Programming Family Fun Day using AppInventor

Technical document. Group 3 Mate Tomin Pieter van Ede Raymond Weijermars Daniel Faustino Stefan Hospes

ACADEMIC TECHNOLOGY SUPPORT

COBRA. Audio Box Detailed User Guide

Preparing a Windows 7 Gold Image for Unidesk

MICROSOFT SOFTWARE LICENSE TERMS MICROSOFT SILVERLIGHT 5 These license terms are an agreement between Microsoft Corporation (or based on where you

This guide describes features that are common to most models. Some features may not be available on your tablet.

Vodafone PC SMS (Software version 4.7.1) User Manual

Grandstream Networks, Inc.

This manual will also describe how to get Photo Supreme SQLServer up and running with an existing instance of SQLServer.

GoToMeeting, GoToWebinar & GoToTraining. Active Directory Connector Administration Guide Hollister Avenue Goleta CA 93117

Download and Installation Instructions. Visual C# 2010 Help Library

Connecting to the School of Computing Servers and Transferring Files

Boston University Security Awareness. What you need to know to keep information safe and secure

Basic Troubleshooting (Common Problems)

Setup guide for ebanking

Excel 2013 Installation Instructions for ICP MS MassHunter

Section 1: Ribbon Customization

MONITORING PERFORMANCE IN WINDOWS 7

Installing GFI MailEssentials

SuperOffice AS. CRM Online. How to get started with. Web Extensions and Mail link

Lab: Create Your Own Homepage! This exercise uses MS Expression Web as a Web Page creation tool. If you like you

Contents Jive for Outlook

Plug-In How-To Guide

Managing Your Class. Managing Users

Table of Contents. PBX Integration and API Guide - SmileTiger TeleMeeting Server 2011

Free Presentations thanks to Avast Software Norbert (Bob) Gostischa (505) Presentations started on Dec 1, 2010 in AZ

RECOMMENDED JAVA SETTINGS

Java version 7 update 45 (7u45)

Performance Optimization Guide

Getting Started Guide

A Sales Strategy to Increase Function Bookings

Sophos Mobile Control Installation guide. Product version: 3

Unbreakable Linux Network An Overview

Installing GFI Network Server Monitor

Installing and Setting Up the License Manager for Use with Pathfinder Office, GPS Analyst, or Trimble Positions Desktop Add-in

Keep your English up to date 4. Teacher s pack Lesson plan and student worksheets with answers. Facebook

If you get through this entire PDF and think you did this already and it didn t work then please me at proedgemarketing@gmail.

BIMcollab. Don t let any issue slip away. BCF Manager User Manual

Installs that include the QoS driver. Why are they needed? Description: Solution:

Getting Started with Citrix Remote Connectivity Service

KPN SMS mail. Send SMS as fast as !

Create a GAME PERFORMANCE Portfolio with Microsoft Word

HOW TO... LAUNCH YOUR BUSINESS ONLINE PRESENTED BY

Using InstallAware 7. To Publish Web Updates. November 2007

Page 18. Using Software To Make More Money With Surveys. Visit us on the web at:

Cub Scout Den Meeting Outline

CYBERSITTER NAME. LLC/Solid Oak Software. Company. Version Client. Type of product. Computer. Devices supported

CRM - Word Connector (CWC) For the vtiger CRM User s Manual Manual Version 1.0

Getting Started Guide: Deploying Puppet Enterprise in Microsoft Azure

Business intelligence server administration guide

Index. Registry Report

KWizCom Corporation. Clipboard Manager for SharePoint. User Guide

Sales Training Programme. Module 8. Closing the sale workbook

SELF PUBLISHING THE PRINTPAPA WAY PAUL NAG

THE WINNING ROULETTE SYSTEM.

AutoMerge Online Service Configuration for MS CRM 2013

vrealize Air Compliance OVA Installation and Deployment Guide

Getting Started With Parallels Desktop 7

2. The Open dialog box appears and you select Text Files (*.prn,*.txt,*.csv) from the drop-down list in the lower right-hand corner.

Making Judgments. A Winning Breakfast

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES

>

Security from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.

AN INTRODUCTION TO STAROFFICE WRITER

Cloud based Storage Drive Forensics

Windows Family Safety Filter

Transcription:

Multiple Ways To Defeat Office Genuine Advantage (OGA) 29 th Jan, 2007 Straight from WiKi ( http://en.wikipedia.org/wiki/office_genuine_advantage ) : Office Genuine Advantage (OGA) is a program currently (as of 2006-05-03) being piloted by Microsoft similar to Windows Genuine Advantage in that it requires users of the Microsoft Office software to validate their copy of Microsoft Office. Currently, Microsoft Office software is validated by using something called the Office Validation Assistant (OVA) which is available on Microsoft s web site. Validation using the OVA is not presently required. Use of Office Genuine Advantage to obtain Office updates and downloads, as of 2006-10-27 is mandatory in most countries. Starting in January 2007, users of Office Update will have to validate the legitimacy of their Office software before they can use the service. Pirated copies (that is, copies that won't pass product activation) of Microsoft Office 2007 will work in a "reduced functionality mode (in which you can view but can't edit any document) To say clean, there are 101 ways to defeat such lame attempt to prevent piracy or have control over illegal usage of softwares. Here I ll be explaining two different methods to defeat Office Genuine Advantage validation check.

Method 1: Bypass OGA by using Google search Lets get started with an extremely lame and simple method ;o). Now lets check out this download link for Office related updates or add-ins - http://office.microsoft.com/en-us/downloads/default.aspx. Select the Office version from the above link and try downloading any updates / add-ins related to that specific version. It will lead to a validation link (Refer the screenshot below) which will check whether the office installed in the system is genuine or not. In short the OGA validation generates a hash out of information gathered from the installed MS Office and passes it on to the server for verification. The user will be directed to the download link only if the installed office version is genuine. To defeat such validation, follow the extremely simple steps - Select the add-ins / updates that you require for office - In the Validation required page, copy the file name (Refer the screenshot below) - Use google and search for the filename using the following search keyword combination: site:download.microsoft.com/download <File Name> For Example: To search for the file name RedactionSetup.msi use the following search key combination site:download.microsoft.com/download RedactionSetup.msi - The above search result spits the direct link to the file available on the Microsoft download server which can be used to directly download the file without any validation check (Refer the screenshot below for details).

Method 2: Bypass OGA by re-using the product hash It is possible to re-use the hash generated in any machine having genuine copy of MS Office and can be distributed over the internet. For example The table below has hashes for downloading rhdtool.exe and RedactionSetup.msi which can be re-used by any user having pirated copy of Office to defeat OGA validation check. http://www.microsoft.com/downloads/details.aspx?familyid=144e54ed-d43e-42ca-bc7b- 5446D34E5360&displaylang=en&Hash=[Put the hash here]

Method 3: A Quick Analysis of OGACheckControl.dll Last but not the least is analyzing OGACheckControl.dll and preparing a patch. However just to keep myself away from those scary legal notices, I do not want to release any patch at this point of time. I did a quick reverse analysis while I was about to finish my last latte; below are few interesting sections which one may like to look at without wasting much of time - a. Creation of Hash -> Hashing the stream of data and computation of cryptographic hash of a stream of data

b. Modification of OGA code and subcode value in registry -> This can be patched to keep the value as code=100 and subcode=200 always

Like this there are many such sections which can be patched but I personally want to keep them for next level. ;o) It was fun playing this game; let s get to the next level.. Will look for more interesting stuffs in the next level. Thanks for the game ;o) Debasis Mohanty (aka Tr0y) www.hackingspirits.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information