Penetration Testing mailing list archives
Re: Reverse Engineering thoughts
From: "Adam Tuliper" <amt () gecko-software com>
Date: Wed, 07 Jan 2004 12:43:41 -0500
Some companies consider reverse engineering to be a violation of their product licensing, so doing this may be going against their rules to begin with. I believe there have been several legal cases relating to items like this (decss being one of them in a sense of reverse engineering). Considering with enough thought almost any application can be cracked Im not sure I would include that as a recommendation. However if their demo to full mode is something even a novice user could do then I may recommend it. On Tue, 6 Jan 2004 10:36:37 -0800 "n30" <n30_lists () hotmail com> wrote:
Hello Folks, Just wanted your opinion. Say I am pen-testing an application...It requires authentication credentials to run. Also, the software has a demo mode & full version mode. Now using RE (Reverse engineering), I can change the ASM & create a small patch file to bypass the auth & convert the demo mode to full version mode. Is this a security problem?? What should be my recommendation?? This is assuming that I work for a pen test firm & the company wants us to test their product. So I should not be affected by DMCA?? Am i right?? Thanks in advance -N
---------------------------------------------------------------------------
----------------------------------------------------------------------------
--------------------------------------------------------------------- Web mail provided by NuNet, Inc. The Premier National provider. http://www.nni.com/ --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SQL Injection question Sasa Jusic (Jan 05)
- Re: SQL Injection question Jeff Williams @ Aspect (Jan 05)
- RE: SQL Injection question Yvan Boily (Jan 05)
- Re: SQL Injection question Adam Tuliper (Jan 05)
- Reverse Engineering thoughts n30 (Jan 07)
- Re: Reverse Engineering thoughts Riad S. Wahby (Jan 07)
- Re: Reverse Engineering thoughts johnny cyberpunk (Jan 07)
- RE: Reverse Engineering thoughts Brett Moore (Jan 07)
- Re: Reverse Engineering thoughts Adam Tuliper (Jan 07)
- RE: SQL Injection question Yvan Boily (Jan 05)
- Re: SQL Injection question Jeff Williams @ Aspect (Jan 05)
- RE: SQL Injection question Tibor Biro (Jan 05)
- <Possible follow-ups>
- RE: SQL Injection question Lachniet, Mark (Jan 05)
- RE: SQL Injection question Scovetta, Michael V (Jan 05)
- SQL injection question John (Jan 21)
- Re: SQL injection question .Saphyr (Jan 22)