Bypassing Comodo Firewall

I have found the following strange issue. Actually I am not Adobe Acrobat user but I was reported about the issue and investigated it.

  1. Install Adobe Acrobat Pro XI.
  2. Try to start Acrobat. When it asks about serial number for licensing - try to enter some pirated one, number removed by moderator for instance.

After that Acrobat will check s/n via internet and report it is blacklisted.

The problem is it is reported even with blocked network in Comodo firewall.

The above mentioned s/n is not hardcoded in Acrobat. Just to be sure you can try to enter it with physically disabled network - the program will take it.

So it looks like Adobe experts know the way how to bypass Comodo firewall :slight_smile:

Posting illegal keys on forums is not good idea.

■■■■, I know that! But to reproduce the issue one should know how to do it.

I have a similar problem that I mentioned in another post, when I block Adobe Reader XI from checking for updates it still tells me if an update is available or not. Maybe Comodo has a problem with Adobe products.

I removed the license number for the obvious reason.

Since you did not try it yourself I am sceptical as we have to trust hearsay. On top of that if you cannot reproduce it I am not going to take the effort of trying.

Staying critical and sceptical; may be it is not CIS that gets bypassed but it may be coded in Acrobat Pro XI to say a key is not valid when it cannot call home. Did you check with a packet sniffer there is actually traffic flowing from your computer to Adobe?

I don’t know why you think I didn’t try it. I told you I am not a user of Adobe Acrobat - so I was informed about the issue. And sure I did try it after that. I never post something I didn’t observe by myself.

And it looks like you read my post and found illegal key only, because I wrote: it cannot be coded in Acrobat because with disabled network everything is OK. So it looks like Comodo has a leak in network blockage.

Please be attentive in the whole post, not only serial numbers :slight_smile:

By the way - did you try what I have mentioned? Because it is very good to be critical and sceptical basing on facts, not thoughts only.

Sorry for overreading; you actually did try. That’s my mistake.

By the way I only removed the serial number. I did not edit more in your post.

Do I need to use a pirated version of Adobe Pro XI or can I use the trial version? For the trial version I need to sign up with Adobe first.

I don’t know. Looks like you can try to obtain trial version using Adobe account (it’s free for registration). But I don’t know does it require network connection at all.

I can state only what I observed. Dumper1 has informed about some other issues related with Adobe - maybe he can help in the case you don’t want try with pirated numbers.

But anyway- we are not talking about way to ■■■■■ Adobe products. We are talking about why Comodo passes network connections even for legal software?

I have used physical machine in my test but it looks like the similar results could be obtained on VM also.

I hope moderators can pass the deleted number to developer for testing if the issue be confirmed.

That’s too vague for testing.

I can state only what I observed. Dumper1 has informed about some other issues related with Adobe - maybe he can help in the case you don't want try with pirated numbers.
It's not that in principle I would not use a pirated version for testing but that I don't know what exact version you are using. That is a problem for testing.
But anyway- we are not talking about way to ■■■■■ Adobe products. We are talking about why Comodo passes network connections even for legal software?
This is not about now wanting to use a pirated version in the first place. To test I need to use the same version as you have. If it is a pirated version I need to know which version because God only knows what adaptations are made with that particular pirated version you are using for this test... etc..etc...

See, that’s the problem for me with this test case. I need to run after you to get the necessary details only to find inconclusive references to the used software. Then you muddle things further by making unclear reference to posts by another member. That is not how test cases are to be presented. If you have a case present it completely so others can easily test it.

That being said if there is problem with CIS then there may be other (non pirated) applications making the same but easier test case.

Adobe Acrobat Pro XI v.11.0.0. I have tested Russian one, it can be obtained here:

But I almost sure it will be the same on English and all other versions.

OS is Windows 7 x32 Ultimate. And this is important because I was reported (but didn’t tested by myself yet - will report tomorrow) that WinXPx32 is free of this problem.

I go the same downloader but then in English. This downloader can also download a blacklist of serials that are pirated.

In short we don’t how if the network connection is the only way for Adobe to determine whether the key is an illegal one. For all I know the application is using a local blacklist as well.

We don’t know exactly how the Adobe program works making it an insufficient test case.

If the same thing can be shown with the updater of a well known program like CCleaner then that would be a strong test case.

Please do as follows.

  1. Download the downloader in VM. It will bring installation files to your system.
  2. Start installation. Do not register Acrobat at this stage.
  3. Make a snapshot in your VM.
  4. Disable the network for VM physically (using your VM settings). Try to register Acrobat using provided pirated number. It will be registered.
  5. Revert to snapshot.
  6. Block all network connections using Comodo.
  7. Enable network for VM.
  8. Try to register Acrobat. See the difference :slight_smile:

Yes, I can confirm - there is no problem in blocking at WinXPSP3x32.

The firewall stopped working when I’ve updated to version 5.12 on win7 x86.
I’ve reverted to 5.10 and it works like a charm.

At gjf. What version of CIS are you running? 5.12, 5.10 or other?

I tried the Acrobat Pro XI on my Win 8 with the CIS v6 mod’s version (.2666). I let Comodo block the internet connection and Acrobat Pro could not reach the Adobe servers to verify the provided serial code.

Latest: 5.12.256249.2599

I tried with my Win 7 in VM Ware running 5.12 and CIS blocked the connection to the Adobe server as well as the updaters of VLC Media Player and Malwarebytes Antimalware.

Have you tried “block all” or you have blocked all processes separately?

I used the block all function as can be found in the main screen.