lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: khermansen at ht-technology.com (Kristian Hermansen)
Subject: Product activation is exploitable

Activation can be disabled through a number of different processes while
running in "Safe Mode".  Check astalavista.box.sk for a good Activation
Crack, but beware than many of these are labeled incorrectly and are
actually just SP1 upgrade hacks (from corporate version).  Basically, you
just change your key to a supplied key thats in the program (wonder why
Miscrosoft hasn't blacklisted these keys?!?!) and then you can use Windows
Update just fine (since corp key is blacklisted).

Kris Hermansen



----- Original Message ----- 
From: "Eduardo Reis" <eduardo.reis@...p.vodafone.pt>
To: "Full-Disclosure@...ts.Netsys.Com" <full-disclosure@...ts.netsys.com>
Sent: Monday, September 08, 2003 7:34 AM
Subject: RE: [Full-Disclosure] Product activation is exploitable


>
> Just one question about this, why didn't anyone made a server (software)
that would accept product activations and processed them as a MS server? Is
that hard to do such an attack?
>
> I don't have the resources or the knowledge to do such a thing but I think
is easier to do than to patch the windows itself.
>
> As anyone tried to do this? know anyone who tried? have any info on the
protocol used?
>
> ------------------------------------------
> This message may contain confidential information or privileged material,
> and is intended only for the individual(s) named. If you are not in the
> named addressee you should not disseminate, distribute or copy this
e-mail.
> Please notify the sender immediately by e-mail if you have received this
> e-mail by mistake and delete this e-mail from your system.
>
> E-mail transmission cannot be guaranteed to be secure or error-free as
> information could be intercepted, corrupted, lost, destroyed, arrive late
> or incomplete, or contain viruses. The sender therefore does not accept
> liability for any errors or omissions in the contents of this message
> which arise as a result of e-mail transmission. If verification is
> required please request a hard-copy version.
>
> Vodafone (Portugal)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ