Hacking “Admin” from “User” mode and more

Haking “admin” from “user” mode n more

Most popular page of

really that is possible !

Refer to the other articles on this wiki for the same topic
as windows seems to have fixed this bug..
still u can browse for educational purpose

u know why is it a “user” account because it lacks come service layer than that in “administrator” account

Using simple command line tools on a machine running Windows XP we will obtain system level privileges, and run the entire explorer process (Desktop), and all processes that run from it have system privileges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. At the time I’m publishing this, I have been unable to find any other mention of people running an entire desktop as system, although I have seen some articles regarding the SYSTEM command prompt.

Local privilege escalation is useful on any system that a hacker may compromise; the system account allows for several other things that aren’t normally possible (like resetting the administrator password).

The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager

Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message. The following quote from Wikipedia explains this in a easy to understand way:

You can trick the system into running a program, script, or batch file with system level privileges.

One sample

One trick is to use a vulnerability in Windows long filename support.
Try placing an executable named Program.*, in the root directory of the “Windows” drive. Then reboot. The system may run the Program.*, with system level privileges. So long as one of the applications in the “Program Files” directory is a startup app. The call to “Program Files”, will be intercepted by Program.*.

Microsoft eventually caught on to that trick. Now days, more and more, of the startup applications are being coded to use limited privileges.

Quote:

In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.
Getting SYSTEM
I will now walk you through the process of obtaining SYSTEM privileges.
To start, lets open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:

Code:

at

If it responds with an “access denied” error, then we are out of luck, and you’ll have to try another method of privilege escalation; if it responds with “There are no entries in the list” (or sometimes with multiple entries already in the list) then we are good. Access to the at command varies, on some installations of Windows, even the Guest account can access it, on others it’s limited to Administrator accounts. If you can use the at command, enter the following commands, then press [ENTER]:

Code:

at 15:25 /interactive “cmd.exe”

Lets break down the preceding code. The “at” told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer’s clock says it’s 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command. If you issue the at command again with no operators, then you should see something similar to this:

When the system clock reaches the time you set, then a new command prompt will magically run. The difference is that this one is running with system privileges (because it was started by the task scheduler service, which runs under the Local System account). It should look like this:

You’ll notice that the title bar has changed from cmd.exe to svchost.exe (which is short for Service Host). Now that we have our system command prompt, you may close the old one. Run Task Manager by either pressing CTRL+ALT+DELETE or typing taskmgr at the command prompt. In task manager, go to the processes tab, and kill explorer.exe; your desktop and all open folders should disappear, but the system command prompt should still be there.
At the system command prompt, enter in the following:

Code:

explorer.exe

A desktop will come back up, but what this? It isn’t your desktop. Go to the start menu and look at the user name, it should say “SYSTEM”. Also open up task manager again, and you’ll notice that explorer.exe is now running as SYSTEM. The easiest way to get back into your own desktop, is to log out and then log back in. The following 2 screenshots show my results (click to zoom):

System user name on start menu

explorer.exe running under SYSTEM

What to do now
Now that we have SYSTEM access, everything that we run from our explorer process will have it too, browsers, games, etc. You also have the ability to reset the administrators password, and kill other processes owned by SYSTEM. You can do anything on the machine, the equivalent of root; You are now God of the Windows machine. I’ll leave the rest up to your imagination.

ADMINISTRATOR IN WELCOME SCREEN.

When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the “Welcome Screen” does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the “Win2000 Logon Screen Tweak” ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.

EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!

Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it’s Value data. Close the registry editor and restart.

How To Bypass Firewalls

Port Knocking

In computing, port knocking is a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specified port(s).

This is usually implemented by configuring a daemon to watch the firewall log file for said connection attempts then modify the firewall configuration accordingly. It can also be performed by a process examining packets at a higher level (using packet capture interfaces such as Pcap), allowing the use of already “open” TCP ports to be used within the knock sequence. Port knocking is most often used to determine access to port 22, the Secure Shell (SSH) port. The port “knock” itself is similar to a secret handshake and can consist of any number of TCP, UDP or even sometimes ICMP and other protocol packets to numbered ports on the destination machine. The complexity of the knock can be anything from a simple ordered list (e.g. TCP port 1000, TCP port 2000, UDP port 3000) to a complex time-dependent, source-IP-based and other-factor-based encrypted hash.

A port knock setup takes next to no resources and very simple software to implement. A portknock daemon on the firewall machine listens for packets on certain ports (either via the firewall log or by packet capture). The client user would carry an extra utility, which could be as simple as netcat or a modified ping program or as complicated as a full hash-generator, and use that before they attempted to connect to the machine in the usual way.

Most portknocks are stateful systems in that if the first part of the “knock” has been received successfully, an incorrect second part would not allow the remote user to continue and, indeed, would give the remote user no clue as to how far through the sequence they failed. Usually the only indication of failure is that, at the end of the knock sequence, the port expected to be open is not opened. No packets are sent to the remote user at any time.
While this technique for securing access to remote network daemons has not yet been widely adopted by the security community, it has been integrated in newer rootkits.

Step 3

Step 4

How Port knocking works in theory

Step 1 (A) Client cannot connect to application listening on port n; (B) Client cannot establish connection to any port.

Step 2 (1,2,3,4) Client tries to connect to a well-defined set of ports in sequence by sending certain packets; Client has prior knowledge of the port knocking daemon and its configuration, but receives no acknowledgement during this phase because firewall rules preclude any response.

Step 3 (A) Server process (a port knocking daemon) intercepts connection attempts and interprets (decrypts and decodes) them as comprising an authentic “port knock”; server carries out specific task based on content of port knock, such as opening port n to the client.

Step 4 (A) Client connects to port n and authenticates using application’s regular mechanism.

Benefits of port knocking

Consider that, if an external attacker did not know the port knock sequence, even the simplest of sequences would require a massive brute force effort in order to be discovered. A three-knock simple TCP sequence (e.g. port 1000, 2000, 3000) would require an attacker without prior knowledge of the sequence to test every combination of three ports in the range 1-65535, and then to scan each port in between to see if anything had opened. As a stateful system, the port would not open until after the correct three-digit sequence had been received in order, without other packets in between.

That equates to approximately 655354 packets in order to obtain and detect a single successful opening. That’s approximately 18,445,618,199,572,250,625 or 18 million million million packets. On the average attempt it would take approximately 9 million million million packets to successfully open a single, simple three-port TCP-only knock by brute force. This is made even more impractical when knock attempt-limiting is used to stop brute force attacks, longer and more complex sequences are used and cryptographic hashes are used as part of the knock.

When a port knock is successfully used to open a port, the firewall rules are generally only opened to the IP address that supplied the correct knock. This is similar to only allowing a certain IP whitelist to access a service but is also more dynamic. An authorised user situated anywhere in the world would be able to open the port he is interested in to only the IP that he is using without needing help from the server administrator. He would also be able to “close” the port once he had finished, or the system could be set up to use a timeout mechanism, to ensure that once he changes IP’s, only the IP’s necessary are left able to contact the server. Because of port knocking’s stateful behaviour, several users from different source IP addresses can simultaneously be at varying levels of the port knock. Thus it is possible to have a genuine user with the correct knock let through the firewall even in the middle of a port attack from multiple IP’s (assuming the bandwidth of the firewall is not completely swamped). To all other IP addresses, the ports still appear closed and there is no indication that there are other users who have successfully opened ports and are using them.

Using cryptographic hashes inside the port knock sequence can mean that even sniffing the network traffic in and out of the source and target machines is ineffective against discovering the port knock sequence or using traffic replay attacks to repeat prior port knock sequences. Even if somebody did manage to guess, steal or sniff the port knock and successfully use it to gain access to a port, the usual port security mechanisms are still in place, along with whatever service authentication was running on the opened ports.

The software required, either at the server or client end, is minimal and can in fact be implemented as simply as a shell script for the server or a Windows batch file and a standard Windows command line utility for the client. Overhead in terms of traffic, CPU and memory consumption is at an absolute minimum. Port knock daemons also tend to be so simple that any sort of vulnerability is obvious and the code is very easily auditable. With a portknock system in place on ports such as the SSH port, it can prevent brute force password attacks on logins. The SSH daemon need not even wake up as any attempt that is made without the correct portknock will bounce harmlessly off the TCP/IP stack rather than the SSH authentication. As far as any attacker is concerned, there is no daemon running on that port at all until he manages to correctly knock on the port. The system is completely customisable and not limited to opening specific ports or, indeed, opening ports at all. Usually a knock sequence description is tied with an action, such as running a shell script, so when a specific sequence is detected by the port knock daemon, the relevant shell script is run. This could add firewall rules to open ports or do anything else that was possible in a shell script. Many portknocks can be used on a single machine to perform many different actions, such as opening or closing different ports.

Due to the fact that the ports appear closed at all times until a user knowing the correct knock uses it, port knocking can help cut down not only on brute force password attacks and their associated log spam but also protocol vulnerability exploits. If an exploit was discovered that could compromise SSH daemons in their default configuration, having a port knock on that SSH port could mean that the SSH daemon may not be compromised in the time before it was updated. Only authorised users would have the knock and therefore only authorised users would be able to contact the SSH server in any way. Thus, random attempts on SSH servers by worms and viruses trying to exploit the vulnerability would not reach the vulnerable SSH server at all, giving the administrator a chance to update or patch the software. Although not a complete protection, port knocking would certainly be another level of defense against random attacks and, properly implemented, could even stop determined, targeted attacks.

Port knocking generally has some disregard in the security world, given that early implementations basically consisted of a number of ports that had to be hit in order. However, the best of modern portknock systems are much more complex, some using highly secure cryptographic hashes in order to defeat the most common attacks (such as packet sniffing and packet replay). Additionally, portknock systems can include blacklists, whitelists and dynamic attack responses as can any internet service, however, even the simplest of port knocks controls access to a system before attackers are able to hit a service that allocates memory, CPU time or other significant resources and also acts as a barrier against brute-force attempts, automated vulnerability exploits, etc. Also, port knocking does not generally lower the security of a system overall. Indeed, it provides another layer of security for minimal overhead. In a worst case scenario however, the port knocking software introduced a new security problem or lowers security due to risk compensation.

All Keyboard Shutcuts.

All keyboard Shortcuts

You can’t afford to miss this.
1.) Windows Hotkeys

• Shift + F10 right-clicks.
• Win + L (XP Only): Locks keyboard. Similar to Lock Workstation.
• Win + F or F3: Open Find dialog. (All Files) F3 may not work in some applications which use F3 for their own find dialogs.
• Win + Control + F: Open Find dialog. (Computers)
• Win + U: Open Utility Manager.
• Win + F1: Open Windows help.
• Win + Pause: Open System Properties dialog.
• Win + Tab: Cycle through taskbar buttons. Enter clicks, AppsKey or Shift + F10 right-clicks.
• Win + Shift + Tab: Cycle through taskbar buttons in reverse.
• Alt + Tab: Display CoolSwitch. More commonly known as the AltTab dialog.
• Alt + Shift + Tab: Display CoolSwitch; go in reverse.
• Alt + Escape: Send active window to the bottom of the z-order.
• Alt + Shift + Escape: Activate the window at the bottom of the z-order.
• Alt + F4: Close active window; or, if all windows are closed, open shutdown dialog.
• Shift while a CD is loading: Bypass AutoPlay.
• Shift while login: Bypass startup folder. Only those applications will be ignored which are in the startup folder, not those started from the registry (Microsoft\Windows\CurrentVersion\Run\)
• Ctrl + Alt + Delete or Ctrl + Alt + NumpadDel (Both NumLock states): Invoke the Task Manager or NT Security dialog.
• Ctrl + Shift + Escape (2000/XP ) or (Ctrl + Alt + NumpadDot) : Invoke the task manager. On earlier OSes, acts like Ctrl + Escape.
• Printscreen: Copy screenshot of current screen to clipboard.
• Alt + Printscreen: Copy screenshot of current active window to clipboard.
• Ctrl + Alt + Down Arrow: Invert screen. Untested on OSes other than XP.
• Ctrl + Alt + Up Arrow: Undo inversion.
• Win + B : Move focus to systray icons.

2.) Generic

• Ctrl + C or Ctrl + Insert: Copy.
• Ctrl + X or Shift + Delete: Cut.
• Ctrl + V or Shift + Insert: Paste/Move.
• Ctrl + N: New… File, Tab, Entry, etc.
• Ctrl + S: Save.
• Ctrl + O: Open…
• Ctrl + P: Print.
• Ctrl + Z: Undo.
• Ctrl + A: Select all.
• Ctrl + F: Find…
• Ctrl+W : to close the current window
• Ctrl + F4: Close tab or child window.
• F1: Open help.
• F11: Toggle full screen mode.
• Alt or F10: Activate menu bar.
• Alt + Space: Display system menu. Same as clicking the icon on the titlebar.
• Escape: Remove focus from current control/menu, or close dialog box.

3.) Generic Navigation

• Tab: Forward one item.
• Shift + Tab: Backward one item.
• Ctrl + Tab: Cycle through tabs/child windows.
• Ctrl + Shift + Tab: Cycle backwards through tabs/child windows.
• Enter: If a button’s selected, click it, otherwise, click default button.
• Space: Toggle items such as radio buttons or checkboxes.
• Alt + (Letter): Activate item corresponding to (Letter). (Letter) is the underlined letter on the item’s name.
• Ctrl + Left: Move cursor to the beginning of previous word.
• Ctrl + Right: Move cursor to the beginning of next word.
• Ctrl + Up: Move cursor to beginning of previous paragraph. This and all subsequent Up/Down hotkeys in this section have only been known to work in RichEdit controls.
• Ctrl + Down: Move cursor to beginning of next paragraph.
• Shift + Left: Highlight one character to the left.
• Shift + Right: Highlight one character to the right.
• Shift + Up: Highlight from current cursor position, to one line up.
• Shift + Down: Highlight from current cursor position, to one line down.
• Ctrl + Shift + Left: Highlight to beginning of previous word.
• Ctrl + Shift + Right: Highlight to beginning of next word.
• Ctrl + Shift + Up: Highlight to beginning of previous paragraph.
• Ctrl + Shift + Down: Highlight to beginning of next paragraph.
• Home: Move cursor to top of a scrollable control.
• End: Move cursor to bottom of a scrollable control.

4.) Generic File Browser

• Arrow Keys: Navigate.
• Shift + Arrow Keys: Select multiple items.
• Ctrl + Arrow Keys: Change focus without changing selection. “Focus” is the object that will run on Enter. Space toggles selection of the focused item.
• (Letter): Select first found item that begins with (Letter).
• BackSpace: Go up one level to the parent directory.
• Alt + Left: Go back one folder.
• Alt + Right: Go forward one folder.
• Enter: Activate (Double-click) selected item(s).
• Alt + Enter: View properties for selected item.
• F2: Rename selected item(s).
• Ctrl + NumpadPlus: In a Details view, resizes all columns to fit the longest item in each one.
• Delete: Delete selected item(s).
• Shift + Delete: Delete selected item(s); bypass Recycle Bin.
• Ctrl while dragging item(s): Copy.
• Ctrl + Shift while dragging item(s): Create shortcut(s).
• In tree pane, if any:
• Left: Collapse the current selection if expanded, or select the parent folder.
• Right: Expand the current selection if collapsed, or select the first subfolder.
• NumpadAsterisk: Expand currently selected directory and all subdirectories. No undo.
• NumpadPlus: Expand currently selected directory.
• NumpadMinus: Collapse currently selected directory.

5.) Accessibility

• Right Shift for eight seconds: Toggle FilterKeys on and off. FilterKeys must be enabled.
• Left Alt + Left Shift + PrintScreen: Toggle High Contrast on and off. High Contrast must be enabled.
• Left Alt + Left Shift + NumLock: Toggle MouseKeys on and off. MouseKeys must be enabled.
• NumLock for five seconds: Toggle ToggleKeys on and off. ToggleKeys must be enabled.
• Shift five times: Toggle StickyKeys on and off. StickyKeys must be enabled.
• 6.) Microsoft Natural Keyboard with IntelliType Software Installed
• Win + L: Log off Windows.
• Win + P: Open Print Manager.
• Win + C: Open control panel.
• Win + V: Open clipboard.
• Win + K: Open keyboard properties.
• Win + I: Open mouse properties.
• Win + A: Open Accessibility properties.
• Win + Space: Displays the list of Microsoft IntelliType shortcut keys.
• Win + S: Toggle CapsLock on and off.

7.) Remote Desktop Connection Navigation

• Ctrl + Alt + End: Open the NT Security dialog.
• Alt + PageUp: Switch between programs.
• Alt + PageDown: Switch between programs in reverse.
• Alt + Insert: Cycle through the programs in most recently used order.
• Alt + Home: Display start menu.
• Ctrl + Alt + Break: Switch the client computer between a window and a full screen.
• Alt + Delete: Display the Windows menu.
• Ctrl + Alt + NumpadMinus: Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing Alt + PrintScreen on a local computer.
• Ctrl + Alt + NumpadPlus: Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PrintScreen on a local computer.

8.) Mozilla Firefox Shortcuts

• Ctrl + Tab or Ctrl + PageDown: Cycle through tabs.
• Ctrl + Shift + Tab or Ctrl + PageUp: Cycle through tabs in reverse.
• Ctrl + (1-9): Switch to tab corresponding to number.
• Ctrl + N: New window.
• Ctrl + T: New tab.
• Ctrl + L or Alt + D or F6: Switch focus to location bar.
• Ctrl + Enter: Open location in new tab.
• Shift + Enter: Open location in new window.
• Ctrl + K or Ctrl + E: Switch focus to search bar.
• Ctrl + O: Open a local file.
• Ctrl + W: Close tab, or window if there’s only one tab open.
• Ctrl + Shift + W: Close window.
• Ctrl + S: Save page as a local file.
• Ctrl + P: Print page.
• Ctrl + F or F3: Open find toolbar.
• Ctrl + G or F3: Find next…
• Ctrl + Shift + G or Shift + F3: Find previous…
• Ctrl + B or Ctrl + I: Open Bookmarks sidebar.
• Ctrl + H: Open History sidebar.
• Escape: Stop loading page.
• Ctrl + R or F5: Reload current page.
• Ctrl + Shift + R or Ctrl + F5: Reload current page; bypass cache.
• Ctrl + U: View page source.
• Ctrl + D: Bookmark current page.
• Ctrl + NumpadPlus or Ctrl + Equals (+/=): Increase text size.
• Ctrl + NumpadMinus or Ctrl + Minus: Decrease text size.
• Ctrl + Numpad0 or Ctrl + 0: Set text size to default.
• Alt + Left or Backspace: Back.
• Alt + Right or Shift + Backspace: Forward.
• Alt + Home: Open home page.
• Ctrl + M: Open new message in integrated mail client.
• Ctrl + J: Open Downloads dialog.
• F6: Switch to next frame. You must have selected something on the page already, e.g. by use of Tab.
• Shift + F6: Switch to previous frame.
• Apostrophe (‘): Find link as you type.
• Slash (/): Find text as you type.

9.) GMail

• Note: Must have “keyboard shortcuts” on in settings.
• C: Compose new message.
• Shift + C: Open new window to compose new message.
• Slash (/): Switch focus to search box.
• K: Switch focus to the next most recent email. Enter or “O” opens focused email.
• J: Switch focus to the next oldest email.
• N: Switch focus to the next message in the “conversation.” Enter or “O” expands/collapses messages.
• P: Switch focus to the previous message.
• U: Takes you back to the inbox and checks for new mail.
• Y: Various actions depending on current view:
• Has no effect in “Sent” and “All Mail” views.
• Inbox: Archive email or message.
• Starred: Unstar email or message.
• Spam: Unmark as spam and move back to “Inbox.”
• Trash: Move back to “Inbox.”
• Any label: Remove the label.
• X: “Check” an email. Various actions can be performed against all checked emails.
• S: “Star” an email. Identical to the more familiar term, “flagging.”
• R: Reply to the email.
• A: Reply to all recipients of the email.
• F: Forward an email.
• Shift + R: Reply to the email in a new window.
• Shift + A: Reply to all recipients of the email in a new window.
• Shift + F: Forward an email in a new window.
• Shift + 1 (!): Mark an email as spam and remove it from the inbox.
• G then I: Switch to “Inbox” view.
• G then S: Switch to “Starred” view.
• G then A: Switch to “All Mail” view.
• G then C: Switch to “Contacts” view.
• G then S: Switch to “Drafts” view.

10.) List of F1-F9 Key Commands for the Command Prompt

• F1 / right arrow: Repeats the letters of the last command line, one by one.
• F2: Displays a dialog asking user to “enter the char to copy up to” of the last command line
• F3: Repeats the last command line
• F4: Displays a dialog asking user to “enter the char to delete up to” of the last command line
• F5: Goes back one command line
• F6: Enters the traditional CTRL+Z (^z)
• F7: Displays a menu with the command line history
• F8: Cycles back through previous command lines (beginning with most recent)
• F9: Displays a dialog asking user to enter a command number, where 0 is for first command line entered.
• Alt+Enter: toggle fullScreen mode.
• up/down: scroll thru/repeat previous entries
• Esc: delete line

MAKE YOUR DATA CONFIDENTIAL

How to Hide Partition.

IT’s EASIER THAN YOU THINK

How to Hide the Partitions?

This trick is for all those people who want to hide tons of data into their box. So here it is, if you have very important data in your hard drive placed in some partition which you do not want anybody to access then this trick is only for you! Just click on start>run type gpedit.msc, now navigate through user configuration> administrative templates > windows components> windows explorer, now double click on “Hide these specified drives in My Computer” modify it accordingly then just below you will find another option “Prevent access to drives from My Computer”, double click on this option and modify it accordingly. To make it visible again select “disable” by double clicking on the “Hide these specified drives in My Computer” option.

MAKE YOUR WINDOWS ORIGINAL

make Your windows original

Please note that the information contained here is strictly for educational purpose.
Download the WindowsLicense.rar or wpa_registry.rar archive files which contains the same registry’s registration file with .reg extension. Link http://wannabegeek.org/component/option,com_docman/task,doc_download/gid,26/Itemid,120/
OR http://wannabegeek.org/component/option,com_docman/task,doc_download/gid,27/Itemid,120/
Extract the archive to retrieve the registration file.
Double click on the registry entry file (with .reg extension), and answer Yes when asked whether want to add the information to the registry to hack the registry.
The Windows is fully licensed, legal, genuine and activated. You should be able to pass all validation of Windows Genuine Advantage program required at anywhere, including Windows Update or Microsoft Update, Microsoft Download Center, validate with Microsoft Genuine Advantage Diagnostic Tool, validate from Genuine Microsoft Windows online, setup installation of WGA apps and etc. Of course, until the next Microsoft update.
The registration file actually put in the following registry keys and branches to the Windows registry:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents]
“OOBETimer”=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
“LastWPAEventLogged”=hex:d5,07,05,00,06,00,07,00,0f,00,38,00,24,00,fd,02

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion]
“CurrentBuild”=”1.511.1 () (Obsolete data – do not use)”
“InstallDate”=dword:427cdd95
“ProductId”=”69831-640-1780577-45389″
“DigitalProductId”=hex:a4,00,00,00,03,00,00,00,36,39,38,33,31,2d,36,34,30,2d,\
31,37,38,30,35,37,37,2d,34,35,33,38,39,00,5a,00,00,00,41,32,32,2d,30,30,30,\
30,31,00,00,00,00,00,00,00,00,0d,04,89,b2,15,1b,c4,ee,62,4f,e6,64,6f,01,00,\
00,00,00,00,27,ed,85,43,a2,20,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,31,34,35,30,34,00,00,00,00,00,00,00,ce,0e,\
00,00,12,42,15,a0,00,08,00,00,87,01,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,94,a2,b3,ac
“LicenseInfo”=hex:9e,bf,09,d0,3a,76,a5,27,bb,f2,da,88,58,ce,58,e9,05,6b,0b,82,\
c3,74,ab,42,0d,fb,ee,c3,ea,57,d0,9d,67,a5,3d,6e,42,0d,60,c0,1a,70,24,46,16,\
0a,0a,ce,0d,b8,27,4a,46,53,f3,17

If you can’t download the files above, simply open any text editor, copy and paste the above text (make sure the format is text only and not a rich text, as the quotation marks (which is distorted by WordPress) matter to make the registration file you created yourself works), and the save the file with .reg extension. The double click on the .reg you created to apply the registry trick.