Re: Cross Site Tracing examples?

From: morning_wood (se_cur_ity@hotmail.com)
Date: Fri Jun 20 2003 - 18:36:17 EDT


or my windows port Wnikto32 avail at http://exploitlabs.com

morning_wood

----- Original Message -----
From: "Toby Miller" <toby_miller@adelphia.net>
To: "Todd A. Jacobs" <nospam@codegnome.org>;
<pen-test@securityfocus.com>
Sent: Wednesday, June 18, 2003 5:55 PM
Subject: RE: Cross Site Tracing examples?

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I have some...I will have to dig them up. Until then run Nikto,that
> will show you what xss looks like. Hope this helps.
> Toby
>
> - -----Original Message-----
> From: Todd A. Jacobs [mailto:nospam@codegnome.org]
> Sent: Wednesday, June 18, 2003 6:29 PM
> To: pen-test@securityfocus.com
> Subject: Cross Site Tracing examples?
>
>
> I'm looking for some detailed examples of XST. Google didn't turn up
> much
> except tons of press releases that the vulnerability exists, but I
> couldn't find any examples or exploit code to go along with it. In
> fact, I
> couldn't even find XST in the CVE database.
>
> Can anyone point me in the right direction here?
>
> - --
> The DMCA is anti-consumer. The RIAA has no right to rewrite
copyright
> laws to suit themselves.
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use
<http://www.pgp.com>
>
> iQA/AwUBPvEKClLhpjRJgUE5EQJj3gCeK2d2UZNCIL2GNnnVsUf9KQY0DWcAoIuv
> rX/PNf2csmHMv41HOErqhaf5
> =G9qL
> -----END PGP SIGNATURE-----
>
>
>
>
> --------------------------------------------------------------------
-------
> Latest attack techniques.
>
> You're a pen tester, but is google.com still your R&D team? Now you
can get
> trustworthy commercial-grade exploits and the latest techniques from
a
> world-class research group.
>
> Visit us at: www.coresecurity.com/promos/sf_ept1
> or call 617-399-6980
> --------------------------------------------------------------------
--------
>
>

---------------------------------------------------------------------------
Latest attack techniques.

You're a pen tester, but is google.com still your R&D team? Now you can get
trustworthy commercial-grade exploits and the latest techniques from a
world-class research group.

Visit us at: www.coresecurity.com/promos/sf_ept1
or call 617-399-6980
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:35 EDT