Full Disclosure mailing list archives
Re: Reverse Engineering thoughts
From: "johnny cyberpunk" <johncybpk () gmx net>
Date: Wed, 7 Jan 2004 18:52:52 +0100
hi n30, what you are doing is not reversing the tool for security bugs, it's traditional cracking stuff. my opinion is, that this can't be reported directly as a security problem, but you can point out that they should improve there software with a harder copy protection, such as runtime binary encryption, anti-debugging stuff and so on. cheers, johnny cyberpunk / thc +++ no cock is as hard as life +++ public key: http://www.thc.org/keys/jcyberpunk.pub fingerprint: CB59 19F9 ABF2 781A 4E6C 0A43 F773 9106 BADA BF8C ----- Original Message ----- From: "n30" <n30_lists () hotmail com> To: <pen-test () securityfocus com>; <full-disclosure () lists netsys com> Sent: Tuesday, January 06, 2004 7:36 PM Subject: Reverse Engineering thoughts
Hello Folks, Just wanted your opinion. Say I am pen-testing an application...It requires authentication
credentials
to run. Also, the software has a demo mode & full version mode. Now using RE (Reverse engineering), I can change the ASM & create a small patch file to bypass the auth & convert the demo mode to full version
mode.
Is this a security problem?? What should be my recommendation?? This is assuming that I work for a pen test firm & the company wants us to test their product. So I should not be affected by DMCA?? Am i right?? Thanks in advance -N --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Reverse Engineering thoughts n30 (Jan 06)
- Re: Reverse Engineering thoughts Blue Boar (Jan 06)
- Re: Reverse Engineering thoughts Riad S. Wahby (Jan 07)
- Re: Reverse Engineering thoughts Adam Tuliper (Jan 07)
- Re: Reverse Engineering thoughts johnny cyberpunk (Jan 07)
- Re: Reverse Engineering thoughts Riad S. Wahby (Jan 07)