Re: CORE-Impact license bypass

["Morning Wood" <se_cur_ity () hotmail com>]

been known since at least v3.2
are you using a 3.x or a 4.x series?
i belive the 4.x requires an auth from core before use

----- Original Message ----- 
From: "c0ntex" <c0ntexb () gmail com>
To: <full-disclosure () lists grok org uk>
Sent: Monday, September 26, 2005 3:30 AM
Subject: [Full-disclosure] CORE-Impact license bypass


I seem to have stumbled over a bug in Core Impact
licensing mechanisms that will allow anyone to continually use the
Core Impact product even after the license has expired.

This is not a security issue but it is, I feel, either an oversight or
a "feature" which can be abused to utilise the Core Impact product for
longer than designed / desired.

In my "business funded" Core Impact install on this machine, the
license expired at the end of last month and the usualy "Your license
has expired" pop-up appears, however it is easy to re-enable Core to a
working install by merely changing the system date on the PC to say a
month before the product was due to expire. Oops  ;) I guess Core is
using a very simplistic license mechanism.

Emailed CORE two times, 1 week ago, no reply.
--

regards
c0ntex
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/