lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <web-233578064@admin.nni.com>
From: amt at gecko-software.com (Adam Tuliper)
Subject: Re: Reverse Engineering thoughts

Some companies consider reverse engineering to be a
violation of their product licensing, so doing this may be
going against their rules to begin with. I believe there
have been several legal cases relating to items like this
(decss being one of them in a sense of reverse
engineering). Considering with enough thought almost any
application can be cracked Im not sure I would include that
as a recommendation. However if their demo to full mode is
something even a novice user could do then I may recommend
it.



On Tue, 6 Jan 2004 10:36:37 -0800
 "n30" <n30_lists@...mail.com> wrote:
> Hello Folks,
> 
> Just wanted your opinion.
> 
> Say I am pen-testing an application...It requires
> authentication credentials
> to run. Also, the software has a demo mode & full version
> mode.
> 
> Now using RE (Reverse engineering), I can change the ASM
> & create a small
> patch file to bypass the auth & convert the demo mode to
> full version mode.
> 
> Is this a security problem?? What should be my
> recommendation??
> 
> This is assuming that I work for a pen test firm & the
> company wants us to
> test their product. So I should not be affected by DMCA??
> Am i right??
> 
> Thanks in advance
> -N
> 
>
---------------------------------------------------------------------------
>
----------------------------------------------------------------------------
> 

---------------------------------------------------------------------
Web mail provided by NuNet, Inc. The Premier National provider.
http://www.nni.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ