RE: Web site testing

From: Jerry Shenk (jshenk_at_decommunications.com)
Date: 04/23/04

  • Next message: Inode: "x25 bruteforcer" 
    To: "'OBrien, Brennan'" <BOBrien@columbia.com>, <pen-test@securityfocus.com>
Date: Fri, 23 Apr 2004 12:39:57 -0400

    Nikto's helpful, I know there are problem....but none of them are
    'standard' problems that I have a 'ready exploit' for ....like a
    double-unicode or something like that.

    Like this deal of 'screwing up the button press' and getting an error
    with the full path...I stumbled across that 'cuz Opera sent the page on
    hitting ENTER but no other browser does. They only send the page when
    the "GO button" is pressed. I can however duplicate the issue in any
    browser if I modify the outgoing request (after clicking on the GO
    button) to change "Go" to anything else.

    -----Original Message-----
    From: OBrien, Brennan [mailto:BOBrien@columbia.com]
    Sent: Friday, April 23, 2004 12:32 PM
    To: Jerry Shenk
    Subject: RE: Web site testing

    Nikto. It rocks.

    -----Original Message-----
    From: Jerry Shenk [mailto:jshenk@decommunications.com]
    Sent: Thursday, April 22, 2004 1:09 PM
    To: pen-test@securityfocus.com
    Subject: Web site testing

    I've got a web site that I'm pretty sure has some holes and I've
    reported the problems I've seen but the developer doesn't seem to be
    getting things fixed...seems that they need a little more evidence to
    prove that there's a problem and I'm supposed to find that.

    It's a financial web site that uses session IDs that are a mix of the
    user id and the seconds since midnight to the thousandth of a second
    (ie. Very predictable). The server (IIS5) will also readily give up the
    current time. A predictable session ID is a bad thing but I'm not sure
    quite how to prove that.

    The server is also installed on the C: drive. If I mess up some of the
    form data correctly, and submit the page, it will respond with a
    directory where the file doesn't exist. This new SSL vulnerability will
    probably give a chance to prove that installing a web server on the C:
    drive is a bad idea 'cuz something will eventually come up.

    What are some good web server auditing tools.

    ------------------------------------------------------------------------
    ------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
    off
    any course! All of our class sizes are guaranteed to be 10 students or
    less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of
    in-the-field
    pen testing experience in our state of the art hacking lab. Master the
    skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ------------------------------------------------------------------------
    -------

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------

  • Next message: Inode: "x25 bruteforcer"
    • Quantcast