Jump to content

Endpoint Breakout ESET information


Recommended Posts

On 7/31/2020 at 10:20 PM, itman said:

First at the end of the video, it appears real-time protection is still disabled.

Next, there was no attempt to update to latest ver. 13 release. My best guess is that would have failed. The crack version did do a product update, but it only received the lastest ver. 12 release it appears.

I said it was a version 12 hack.
But I'm working on hacking into all of ESET's products
In the latest versions

 

On 7/31/2020 at 8:36 PM, peteyt said:

Firstly this isn't really a hack just a crack. Problem is that using cracks is a dangerous game as you never know what extra stuff might be secretley included and also how long it will work. 

Also is their a reason all your evidence uses version 12 when version 13 has been around for sometime. Just find it odd that it is not showing the latest version.

But as eset has said they aren't going to pay for this

It does not put me in any malicious code, because I built the hack.

Link to post
Share on other sites
  • Most Valued Members
29 minutes ago, ANGUI said:

I said it was a version 12 hack.
But I'm working on hacking into all of ESET's products
In the latest versions

 

It does not put me in any malicious code, because I built the hack.

You said 

Quote

This is also for the latest versions
At 32, this is version 12
In Endofint this is version 7.1

Reading this seemed to suggest you were suggesting 12 was the latest version when it isn't. 

As stated though eset won't pay for this, and as you have already mentioned yourself, putting online would be illegal. You also said in a separate post this is nothing related to your license leak issue but it would seem strange that you have that problem now you've found a hack, as if your hack may have caused more issues. It could be just a big coincidence though. 

Link to post
Share on other sites
  • 1 month later...
  • Most Valued Members
2 hours ago, ertooso said:

Hello I found a full break
To the business versions
And the home versions
The breach is being updated
Which is a relatively recent hack
I will say for a fee

I probably shouldn't answer this and I don't work for eset but as the above posts stated eset will not pay for this information

Link to post
Share on other sites

To supplement @peteyt reply, no commercial concern with pay up front for a "supposed" bypass. First the concern must have a policy in place that they will pay a bug bounty. Eset does not.

Next, this policy will state what conditions under which a bounty will be paid and what the bug submission requirements are; i.e. P.O.C. format, findings, and the like. All bounty payments are further made at the full discretion of the vendor as to whether the bug submission meets the bypass criteria established by the vendor.

I will further add that public disclosure of security flaws is not illegal but certainly unethical w/o private disclosure to the vendor first. However, active deployment of any like bypasses are illegal.

Link to post
Share on other sites
  • Most Valued Members
5 hours ago, itman said:

To supplement @peteyt reply, no commercial concern with pay up front for a "supposed" bypass. First the concern must have a policy in place that they will pay a bug bounty. Eset does not.

Next, this policy will state what conditions under which a bounty will be paid and what the bug submission requirements are; i.e. P.O.C. format, findings, and the like. All bounty payments are further made at the full discretion of the vendor as to whether the bug submission meets the bypass criteria established by the vendor.

I will further add that public disclosure of security flaws is not illegal but certainly unethical w/o private disclosure to the vendor first. However, active deployment of any like bypasses are illegal.

Some other strange thing. The user above has actually said exactly the same as the other user said in the post word for word.

Weirdly this tends to happen with brand new accounts with no other posts. They post something irrelevant or often exactly what someone else has said to apparently seem normal and then the post gets edited a day or so later to add spam links in the hope they go unnoticed. This account has made a couple of posts but maybe this could be to make it seem active

Link to post
Share on other sites

I do not think you are going to be paid anything for publishing or spreading this breech. You have to decide what to do with it but this information will not bring much harm to the company. It is obvious as you have been clearly advised of it. I am from the UK, and where are you from? Even if you spent time working on it, this time looks to be simply wasted.

Edited by TomasP
Removed unnecessary link
Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...