Windows Activation Technologies : an unauthorized inside look

Discussion in 'Windows 7' started by Rebs, Mar 4, 2010.

  1. Rebs

    Rebs MDL Novice

    Sep 29, 2009
    28
    0
    0
    #1 Rebs, Mar 4, 2010
    Last edited by a moderator: Apr 20, 2017
  2. ennio

    ennio Guest

    #2 ennio, Mar 4, 2010
    Last edited by a moderator: Apr 20, 2017
  3. FreeStyler

    FreeStyler MDL Guru

    Jun 23, 2007
    3,502
    3,611
    120
    That was just because people where insulting each other there, nothing wrong with the story as long everybody sticks to the topic
     
  4. FreeStyler

    FreeStyler MDL Guru

    Jun 23, 2007
    3,502
    3,611
    120
    #4 FreeStyler, Mar 4, 2010
    Last edited: Mar 4, 2010
    Quite an interesting story, not that most or all of the stuff posted is something most of us already know...
    It seems like file tinkering with RemoveWat is detected relatively easy (i have warned you before, digital signatures ;) ) resulting in a non-genuine machine, although hazar claims to have fixed it in new release you will never pass the online verification

    Now see how long the physical installed GBLDR will last... but i guess it is just a matter of time
     
  5. MasterDisaster

    MasterDisaster MDL Expert

    Aug 29, 2009
    1,256
    670
    60
    Does any of you have WatAdminTemplate.dll?
    It is the signature file that WAT verifies against.
    It just 25kb.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. ennio

    ennio Guest

    I don't. Checked WAT folders and it is not there.
     
  7. FreeStyler

    FreeStyler MDL Guru

    Jun 23, 2007
    3,502
    3,611
    120
    #7 FreeStyler, Mar 4, 2010
    Last edited: Mar 4, 2010
    I do not have it either, where should it be located?
     
  8. ennio

    ennio Guest

    Yes, good question.
     
  9. MasterDisaster

    MasterDisaster MDL Expert

    Aug 29, 2009
    1,256
    670
    60
    It is not located in the system, this file is downloaded when WatAdminSvc is run and deleted immediatedly when the validation process is completed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. venu

    venu MDL Addicted

    Oct 16, 2009
    894
    99
    30
    As per bott's article, the signatures file is created in a secure temp folder. So probably deleted afterwards?
     
  11. venu

    venu MDL Addicted

    Oct 16, 2009
    894
    99
    30
    So could this file be saved somehow? Just speculating...if it could be saved the guys on this forum could take a look and maybe come up with a method of defeating it.
     
  12. MasterDisaster

    MasterDisaster MDL Expert

    Aug 29, 2009
    1,256
    670
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. alfa1

    alfa1 MDL Novice

    Feb 22, 2010
    34
    1
    0
    It's just a matter of time till an exploit is created !!!