| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <003c01c37646$91a89a40$ca02a8c0@winxpnetsniper> From: khermansen at ht-technology.com (Kristian Hermansen) Subject: Product activation is exploitable Activation can be disabled through a number of different processes while running in "Safe Mode". Check astalavista.box.sk for a good Activation Crack, but beware than many of these are labeled incorrectly and are actually just SP1 upgrade hacks (from corporate version). Basically, you just change your key to a supplied key thats in the program (wonder why Miscrosoft hasn't blacklisted these keys?!?!) and then you can use Windows Update just fine (since corp key is blacklisted). Kris Hermansen ----- Original Message ----- From: "Eduardo Reis" <eduardo.reis@...p.vodafone.pt> To: "Full-Disclosure@...ts.Netsys.Com" <full-disclosure@...ts.netsys.com> Sent: Monday, September 08, 2003 7:34 AM Subject: RE: [Full-Disclosure] Product activation is exploitable > > Just one question about this, why didn't anyone made a server (software) that would accept product activations and processed them as a MS server? Is that hard to do such an attack? > > I don't have the resources or the knowledge to do such a thing but I think is easier to do than to patch the windows itself. > > As anyone tried to do this? know anyone who tried? have any info on the protocol used? > > ------------------------------------------ > This message may contain confidential information or privileged material, > and is intended only for the individual(s) named. If you are not in the > named addressee you should not disseminate, distribute or copy this e-mail. > Please notify the sender immediately by e-mail if you have received this > e-mail by mistake and delete this e-mail from your system. > > E-mail transmission cannot be guaranteed to be secure or error-free as > information could be intercepted, corrupted, lost, destroyed, arrive late > or incomplete, or contain viruses. The sender therefore does not accept > liability for any errors or omissions in the contents of this message > which arise as a result of e-mail transmission. If verification is > required please request a hard-copy version. > > Vodafone (Portugal) > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists