ANGUI 0 Posted August 1, 2020 Author Share Posted August 1, 2020 On 7/31/2020 at 10:20 PM, itman said: First at the end of the video, it appears real-time protection is still disabled. Next, there was no attempt to update to latest ver. 13 release. My best guess is that would have failed. The crack version did do a product update, but it only received the lastest ver. 12 release it appears. I said it was a version 12 hack. But I'm working on hacking into all of ESET's products In the latest versions On 7/31/2020 at 8:36 PM, peteyt said: Firstly this isn't really a hack just a crack. Problem is that using cracks is a dangerous game as you never know what extra stuff might be secretley included and also how long it will work. Also is their a reason all your evidence uses version 12 when version 13 has been around for sometime. Just find it odd that it is not showing the latest version. But as eset has said they aren't going to pay for this It does not put me in any malicious code, because I built the hack. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 387 Posted August 1, 2020 Most Valued Members Share Posted August 1, 2020 29 minutes ago, ANGUI said: I said it was a version 12 hack. But I'm working on hacking into all of ESET's products In the latest versions It does not put me in any malicious code, because I built the hack. You said Quote This is also for the latest versionsAt 32, this is version 12In Endofint this is version 7.1 Reading this seemed to suggest you were suggesting 12 was the latest version when it isn't. As stated though eset won't pay for this, and as you have already mentioned yourself, putting online would be illegal. You also said in a separate post this is nothing related to your license leak issue but it would seem strange that you have that problem now you've found a hack, as if your hack may have caused more issues. It could be just a big coincidence though. Link to comment Share on other sites More sharing options...
ertooso 0 Posted September 22, 2020 Share Posted September 22, 2020 Hello I found a full breakTo the business versionsAnd the home versionsThe breach is being updatedWhich is a relatively recent hackI will say for a fee Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 387 Posted September 22, 2020 Most Valued Members Share Posted September 22, 2020 2 hours ago, ertooso said: Hello I found a full breakTo the business versionsAnd the home versionsThe breach is being updatedWhich is a relatively recent hackI will say for a fee I probably shouldn't answer this and I don't work for eset but as the above posts stated eset will not pay for this information Link to comment Share on other sites More sharing options...
itman 1,629 Posted September 22, 2020 Share Posted September 22, 2020 To supplement @peteyt reply, no commercial concern with pay up front for a "supposed" bypass. First the concern must have a policy in place that they will pay a bug bounty. Eset does not. Next, this policy will state what conditions under which a bounty will be paid and what the bug submission requirements are; i.e. P.O.C. format, findings, and the like. All bounty payments are further made at the full discretion of the vendor as to whether the bug submission meets the bypass criteria established by the vendor. I will further add that public disclosure of security flaws is not illegal but certainly unethical w/o private disclosure to the vendor first. However, active deployment of any like bypasses are illegal. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 387 Posted September 22, 2020 Most Valued Members Share Posted September 22, 2020 5 hours ago, itman said: To supplement @peteyt reply, no commercial concern with pay up front for a "supposed" bypass. First the concern must have a policy in place that they will pay a bug bounty. Eset does not. Next, this policy will state what conditions under which a bounty will be paid and what the bug submission requirements are; i.e. P.O.C. format, findings, and the like. All bounty payments are further made at the full discretion of the vendor as to whether the bug submission meets the bypass criteria established by the vendor. I will further add that public disclosure of security flaws is not illegal but certainly unethical w/o private disclosure to the vendor first. However, active deployment of any like bypasses are illegal. Some other strange thing. The user above has actually said exactly the same as the other user said in the post word for word. Weirdly this tends to happen with brand new accounts with no other posts. They post something irrelevant or often exactly what someone else has said to apparently seem normal and then the post gets edited a day or so later to add spam links in the hope they go unnoticed. This account has made a couple of posts but maybe this could be to make it seem active Link to comment Share on other sites More sharing options...
ertooso 0 Posted September 23, 2020 Share Posted September 23, 2020 (edited) I do not think you are going to be paid anything for publishing or spreading this breech. You have to decide what to do with it but this information will not bring much harm to the company. It is obvious as you have been clearly advised of it. I am from the UK, and where are you from? Even if you spent time working on it, this time looks to be simply wasted. Edited September 24, 2020 by TomasP Removed unnecessary link Link to comment Share on other sites More sharing options...
Recommended Posts