this post was submitted on 28 Sep 2023
434 points (99.5% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54565 readers
485 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

Time of death: 4:22 PM UTC September 26th

Notes, please read:

For those of you who don't know, HWID was the holy grail for Windows activation, letting you generate licenses straight from Microsoft licensing servers, being registered as fully legitimate in microsofts servers and letting you keep the activation permanently, even after windows reinstalls being completely undetectable and with nothing on your system being modified. If you're still using outdated activation methods and you missed out on this, I'm sorry

Existing HWID licenses are left unaffected. Only new requests are blocked, no licenses were revoked.

By the way, MAS still works and is the best option for Windows/Office activation. For permanent Office activation use it's Ohook method (supports subscription products such as 365 as well) and KMS38 for Windows

ALL OTHER ACTIVATION METHODS ARE STILL WORKING, ONLY METHOD AFFECTED IS HWID.

All HWID activators are affected, not only MAS

Around that time, Microsoft servers unexpectedly started blocking the licensing requests HWID activation method sends to Microsoft. This was a slow rollout that spanned over a few hours, at the moment the exploit is completely dead. The best options for Windows activation now is KMS38 or vlmcsd.

Patching this would boost illegal key reselling websites which causes more harm to Microsoft than HWID exploit. We can only wonder why they patched this.

{"code":"BadRequest","data":[],"details":[],"innererror":{"code":"PermanentTSLRejection","data":[],"details":[{"code":"113","message":"avsErrorCode","target":null}],"message":"The Purchase Service rejected the provided TSL; the client should destroy the TSL.","source":"PurchaseFD"},"message":"The calling client sent a bad request to the service.","source":"PurchaseFD"}

TLS=Temporary Signed License=The tickets HWID activation sends. Microsoft servers are now just responding with "kill it."

Transferring existing HWID licenses to other computers using Microsoft account is broken too.

you are viewing a single comment's thread
view the rest of the comments
[–] BrownianMotion@lemmy.dbzer0.com 10 points 1 year ago (1 children)

this is even more funny since there are apps that literally target this shit and remove it. Its unregistered, and the watermarks are removed, allowing you to forget the existance you are in. (disclaimer: I didn't do W11, but I doubt they were that good at their job)

[–] viking@infosec.pub 6 points 1 year ago

In Windows 11 they lock down the customization/personalization options, but you can get around that with some registry edits regardless. So I guess it's pretty straightforward to build a third party tool that replaces the internal customizer.

But... MAS was so nice and easy.