Some companies consider reverse engineering to be a violation of their product licensing, so doing this may be going against their rules to begin with. I believe there have been several legal cases relating to items like this (decss being one of them in a sense of reverse engineering). Considering with enough thought almost any application can be cracked Im not sure I would include that as a recommendation. However if their demo to full mode is something even a novice user could do then I may recommend it.
On Tue, 6 Jan 2004 10:36:37 -0800 "n30" <[EMAIL PROTECTED]> wrote: > Hello Folks, > > Just wanted your opinion. > > Say I am pen-testing an application...It requires > authentication credentials > to run. Also, the software has a demo mode & full version > mode. > > Now using RE (Reverse engineering), I can change the ASM > & create a small > patch file to bypass the auth & convert the demo mode to > full version mode. > > Is this a security problem?? What should be my > recommendation?? > > This is assuming that I work for a pen test firm & the > company wants us to > test their product. So I should not be affected by DMCA?? > Am i right?? > > Thanks in advance > -N > > --------------------------------------------------------------------------- > ---------------------------------------------------------------------------- > --------------------------------------------------------------------- Web mail provided by NuNet, Inc. The Premier National provider. http://www.nni.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
