RE: HTTPS Web site testing

From: Michael Tsentsarevsky (Michael.Tsentsarevsky_at_ness.com)
Date: 05/18/03

  • Next message: Bugsy: "Pen testing a CVS server"
    To: 'Robert Smith' <smithr@IAFACILITY.com>, "'Pen-Test@securityfocus.com'" <Pen-Test@securityfocus.com>
    Date: Sun, 18 May 2003 17:11:20 +0200
    
    

    And you can use ssl proxy (found at http://www.csnc.ch) and use any of the
    web vouln testers you use.

    -----Original Message-----
    From: Gilbert, Austin [mailto:AGILBERT@sjmc.org]
    Sent: ו 16 מאי 2003 6:21
    To: 'Robert Smith'; 'Pen-Test@securityfocus.com'
    Subject: RE: HTTPS Web site testing

    You could also use curl push the data through Achilles.
    A "curl -d" will POST info and display the results.

    --ag

    -----Original Message-----
    From: Robert Smith [mailto:smithr@IAFACILITY.com]
    Sent: Thursday, May 15, 2003 12:31 PM
    To: 'Pen-Test@securityfocus.com'
    Subject: HTTPS Web site testing

    I apologize if this is a simple question.
    I am testing a HTTPS web site for a vulnerability and need to do a "POST
    /blah.html /etc...." command and get the results back.
    I have tried using IE with Achilles, but IE prepends a GET before the POST
    which invalidates the result. Opera works the same. Is there a way to do
    this through Achilles or another proxy or any other method so I can examine
    the web page output?

    R Smith

    ----------------------------------------------------------------------
    -----
    *** Wireless LAN Policies for Security & Management - NEW White Paper
    ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats.
    Learn to design, implement and enforce WLAN security policies to lockdown
    enterprise WLANs.

    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-pen-test
    ----------------------------------------------------------------------
    ------

    IMPORTANT NOTICE:

    This message is intended only for the use of the individual or entity to
    which it is addressed and may contain information that is privileged,
    confidential and exempt from disclosure under applicable law. If you have
    received this message in error, you are hereby notified that we do not
    consent to any reading, dissemination, distribution or copying of this
    message. If you have received this communication in error, please notify
    the sender immediately and destroy the transmitted information.

    ---------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats.
    Learn to design, implement and enforce WLAN security policies to lockdown
    enterprise WLANs.

    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-pen-test
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats.
    Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-pen-test
    ----------------------------------------------------------------------------


  • Next message: Bugsy: "Pen testing a CVS server"

    Relevant Pages

    • RE: A question for the list...
      ... >> evolution of the network ... implement and enforce WLAN security policies ... >> enterprise WLANs. ... implement and enforce WLAN security policies to ...
      (Incidents)
    • Re: [ANNOUNCE] protocol watcher
      ... attack, which is known to be a SYN attack! ... wireless LANs require network security policies ... > that are enforced to protect WLANs from known vulnerabilities and threats. ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
      (Incidents)
    • RE: HTTPS Web site testing
      ... You could also use curl push the data through Achilles. ... Subject: HTTPS Web site testing ... lockdown enterprise WLANs. ... wireless LANs require network security policies ...
      (Pen-Test)
    • Re: A question for the list...
      ... Just like wired networks, wireless LANs require network security policies ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
      (Incidents)
    • RE: [ANNOUNCE] protocol watcher
      ... wireless LANs require network security policies ... that are enforced to protect WLANs from known vulnerabilities and threats. ... implement and enforce WLAN security policies to lockdown enterprise WLANs. ...
      (Incidents)