From: Eyal Udassin (eyal@swiftcoders.com)
Date: Sat Jan 21 2006 - 12:51:04 EST
Hello Dhruv,
I recently encountered a similar situation. A Chinese client of ours wanted
a penetration test on his mobile application and site.
Needless to say it was all in Chinese, and we're hardly fluent in it...
We finally managed to complete this project by using the following
techniques:
1. Most of the site page names and parameters were in English. Simply ignore
the GUI presented by the browser and look at the HTML code directly. Same
goes for function names in Java or .NET assemblies.
2. Google translate and Babylon are a lot of help.
3. For the very few things you still couldn't figure out - hire a student
for the translation or contact the person you're working with from that
company for a translation.
Gokouun o inorimasu :-)
Eyal Udassin - Swift Coders
POB 1596, Ramat Hasharon, Israel
eyal@swiftcoders.com / www.swiftcoders.com
+972-547-684989
-----Original Message-----
From: Dhruv Soi [mailto:dhruv_ymca@yahoo.com]
Sent: Saturday, January 21, 2006 8:18 AM
To: webappsec@securityfocus.com; pen-test@securityfocus.com
Subject: Pen-Testing a japanese site...
Hi Group,
I got an assignment to pen-test a japanese site.
I don't know japanese language so can't even browse the site properly and
not able to judge anything. Has anyone on the list encountered a situation
where a tester has to pen-test a site which is in different language? Can
anyone suggest me how should I handle such situation?
If I ask the client for a translated version to english thats looking
foolish. And if I try to translate the site using various language
translation tools then thats time consuming. Any pointers?
Many Thanks
Dhruv
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:23 EDT