RE: Product activation is exploitable

["Eduardo Reis" <eduardo.reis () corp vodafone pt>]

Just one question about this, why didn't anyone made a server (software) that would accept product activations and 
processed them as a MS server? Is that hard to do such an attack?

I don't have the resources or the knowledge to do such a thing but I think is easier to do than to patch the windows 
itself.

As anyone tried to do this? know anyone who tried? have any info on the protocol used?

------------------------------------------
This message may contain confidential information or privileged material, 
and is intended only for the individual(s) named. If you are not in the 
named addressee you should not disseminate, distribute or copy this e-mail. 
Please notify the sender immediately by e-mail if you have received this 
e-mail by mistake and delete this e-mail from your system.

E-mail transmission cannot be guaranteed to be secure or error-free as 
information could be intercepted, corrupted, lost, destroyed, arrive late 
or incomplete, or contain viruses. The sender therefore does not accept 
liability for any errors or omissions in the contents of this message 
which arise as a result of e-mail transmission. If verification is 
required please request a hard-copy version.

Vodafone (Portugal)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html