[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <df8ba96d0509261121e265293@mail.gmail.com>
Date: Mon Sep 26 19:21:58 2005
From: c0ntexb at gmail.com (c0ntex)
Subject: CORE-Impact license bypass
A 4. version :-)
On 26/09/05, Morning Wood <se_cur_ity@...mail.com> wrote:
> been known since at least v3.2
> are you using a 3.x or a 4.x series?
> i belive the 4.x requires an auth from core before use
>
> ----- Original Message -----
> From: "c0ntex" <c0ntexb@...il.com>
> To: <full-disclosure@...ts.grok.org.uk>
> Sent: Monday, September 26, 2005 3:30 AM
> Subject: [Full-disclosure] CORE-Impact license bypass
>
>
> I seem to have stumbled over a bug in Core Impact
> licensing mechanisms that will allow anyone to continually use the
> Core Impact product even after the license has expired.
>
> This is not a security issue but it is, I feel, either an oversight or
> a "feature" which can be abused to utilise the Core Impact product for
> longer than designed / desired.
>
> In my "business funded" Core Impact install on this machine, the
> license expired at the end of last month and the usualy "Your license
> has expired" pop-up appears, however it is easy to re-enable Core to a
> working install by merely changing the system date on the PC to say a
> month before the product was due to expire. Oops ;) I guess Core is
> using a very simplistic license mechanism.
>
> Emailed CORE two times, 1 week ago, no reply.
> --
>
> regards
> c0ntex
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
regards
c0ntex
Powered by blists - more mailing lists