Re: Level of Exploitation
- From: "Adriel T. Desautels" <ad_lists@xxxxxxxxxxxxx>
- Date: Wed, 3 Dec 2008 14:59:07 -0500
What level of access were you able to gain with SQL Injection?
On Dec 2, 2008, at 11:14 PM, pentestr wrote:
Hi list,
I have come across a situation where I need to specify the "Level of Exploitation" to the client ( a govt. agency). I was able to do SQL Injection, Cross Site Scripting attacks against the web application. Could you share your ideas about level of exploitation. What level we can give for SQL Injection, Cross site scripting, buffer overflow, TCP stack exploit,etc
thanks in advance
Pen Testr
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Adriel T. Desautels
ad_lists@xxxxxxxxxxxxx
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
- Follow-Ups:
- Re: Level of Exploitation
- From: Matthew Zimmerman
- Re: Level of Exploitation
- References:
- Level of Exploitation
- From: pentestr
- Level of Exploitation
- Prev by Date: Re: Level of Exploitation
- Next by Date: RE: Exploiting XSS
- Previous by thread: Re: Rogue Access Point Alerting
- Next by thread: Re: Level of Exploitation
- Index(es):
Relevant Pages
|
