exploit in COMODO Internet Security

[u][b]Hello every body …

i discovered a big exploit in comodo and bypass it… ex: run any malware or trojan without detected…

who should know about it ? and is there a reward ?

skype link removed

Written by Jay2007tech

Statement by me is reversed

Youtube video is back
Bypass COMODO Internet Security 2014 تخطي الدفاع الاستباقي والجدار الناري للكومودو - YouTube

Please PM me a description of the exploit, and any relevant files, and I will pass these on to Comodo. Note that to do this you should upload any relevant files to a file sharing site, as it’s not possible to attach files to a PM.

By the way, I am not an employee of Comodo. I am a volunteer Moderator, but I can forward these to the developers.

Thank you.

The “reward” is to help all COMODO community to keep them protected. :wink:

COMODO gives a superior product FOR FREE, while other PAID products are not as good as they say they are.
It’s all about win/win. COMODO provides for free to any users, and we collaborate for free to COMODO when we find bugs, exploits, etc. This make the product stronger and we are also helping to protect OURSELVES even better.

Good job by the way! :slight_smile: :-TU

i want to sell it if u can…
how much u want?please accept me my skype is like my name
best Regards

I unbolded your text. Eric

This Comodo’s point of view as per the head developer:

If you want Comodo to consider buying your exploit. There going to want a detailed description especially since most of the people that claim “big exploit” are not really a big exploit and in some cases their fake. Using the search feature in the comodo forums will show you some of that

One of the things there going to want to know is what configurations are you referring to and Which windows is it (32 or 64x) (XP, Vista, 7,8 8.1)

some examples: Will it only work under default only. Do you have to infect the computer first before installing comodo. Can you make a video showing what your talking about

Will it work with proactive settings?
Will it work with Hips set as “paranoid mode”
Can it breakout of the sandbox, if so how far (Partily Limited, Limited, Restricted, Untrusted and or Fully Virtualized
You get the idea

P.S. Some ransomware can bypass the sand box only “partially limited” but not limited. They are aware of this situation

Hope this helps you :slight_smile:

[u][b]ok jay2007tech … u can see the show here :wink:

youtube link removed due to lack of proof**

working on (32 or 64x) (XP, Vista, 7,8 8.1)

until now no one know about it …

Best regards …[/b][/u]

Thnx for the vid.

So this, at least in part, relies on your EXE being on the system first?

How does it go if you enable HIPS on a clean system and then try getting the EXE in the clean systems file system before executing it?

Ewen :slight_smile:

please try enable HIPS and change the sandbox setting to untrusted

Yes, please test this with Untrusted. Also, please test it with the BB set to Fully Virtualized.


Interesting video.
However why is the needs attention showing in the widget?

Another useless video sadly.

+1 :-TU

We also don’t know if the file has been whitelisted before. :wink:

who should know about it ? and is there a reward ?
First, at the video it pauses around 1:14. Screen shows 2 block intrusions. Then in a blink there gone. Would that be from dns changes? <---but that the least of the issue Why did you disabled HIPS?? Comodo is geared more business security. Business use Hips. As For Customer software, most people have CIS in default settings. Why strip down the settings. Think of it from the other way around, most people leave there setting at default or the tweak it (tweak it as it increase security) As for on blocking online cloud analysis, I fully understand why blocking online cloud scanning :-La

The only thing I see is a RAT thats been recrypted, maybe new binder, whatever. That’s just so it doesn’t get flagged by an AV.

I’m all for you making money on this, but you haven’t showed anything. If its because its a public forum, then you PM me your exploit also your going to need someone to vouch for you. I will vouch for you when you prove it (). (Theres no way you can possibly be considered getting paid, if your work cant be verified, It’s just like the underground hacking scene.

Also If it comes down to you not going to prove it, Im going to assume your a ripper and this thread will get locked.


You given plenty of time. Your thread is locked. Pm a reason why it should be open. Either its fake or your a ripper.

[u][b]Also, Opening up multiple account here is very suspicious.[/b][/u]
***************[s]Thread Closed[/s]**************

Edited to add this,

Youtube video is back

Thread reopened to due to response back from author. If you havent read the whole thing from the begining, I put the youtube video link back

I would strongly recommending giving a PM to “Egemen” to discuss. I believe it would be licenses for CIS Complete and/or Trustconnect. I would PM Egemen as what can actually be done though

Ok lets see what this issue is about.

However in the future, the ethical way to follow would be reporting the vulnerability to us in private, let us fix the issue and issue the update before you disclose the vulnerability.

This way we will be able to protect the customers before they are exploited. And in the updates, we will officially thank and credit you.

This is an unwritten rule in the security industry and its the best path to follow. You can PM me on these any time.


[b]ok,thnx for unlock my thread cuz i was busy and couldn’t open forum …

i’ll PM egemen …and if u want a new video with ur conditions i’m ready …[/b]

IDK if it is correct to write here. I just wanna say that Malwarebytes Anti-Exploit BETA has “mbae-test.exe” (at least beta had it) which is kinda “eicar” for checking antiexploits. EMET detects it as “EAF”. CIS even in paranoid doesn’t detect it. Maybe it help.