From: Jerry Shenk (jshenk@decommunications.com)
Date: Fri Apr 23 2004 - 12:39:57 EDT
Nikto's helpful, I know there are problem....but none of them are
'standard' problems that I have a 'ready exploit' for ....like a
double-unicode or something like that.
Like this deal of 'screwing up the button press' and getting an error
with the full path...I stumbled across that 'cuz Opera sent the page on
hitting ENTER but no other browser does. They only send the page when
the "GO button" is pressed. I can however duplicate the issue in any
browser if I modify the outgoing request (after clicking on the GO
button) to change "Go" to anything else.
-----Original Message-----
From: OBrien, Brennan [mailto:BOBrien@columbia.com]
Sent: Friday, April 23, 2004 12:32 PM
To: Jerry Shenk
Subject: RE: Web site testing
Nikto. It rocks.
-----Original Message-----
From: Jerry Shenk [mailto:jshenk@decommunications.com]
Sent: Thursday, April 22, 2004 1:09 PM
To: pen-test@securityfocus.com
Subject: Web site testing
I've got a web site that I'm pretty sure has some holes and I've
reported the problems I've seen but the developer doesn't seem to be
getting things fixed...seems that they need a little more evidence to
prove that there's a problem and I'm supposed to find that.
It's a financial web site that uses session IDs that are a mix of the
user id and the seconds since midnight to the thousandth of a second
(ie. Very predictable). The server (IIS5) will also readily give up the
current time. A predictable session ID is a bad thing but I'm not sure
quite how to prove that.
The server is also installed on the C: drive. If I mess up some of the
form data correctly, and submit the page, it will respond with a
directory where the file doesn't exist. This new SSL vulnerability will
probably give a chance to prove that installing a web server on the C:
drive is a bad idea 'cuz something will eventually come up.
What are some good web server auditing tools.
------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of
in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:52 EDT