Home page logo

pen-test logo Penetration Testing mailing list archives

RE: Firewalls & SSL
From: Paul Midian <paul.midian () insight co uk>
Date: Wed, 10 Oct 2001 19:58:28 +0100

3)   How can I exploit secured (SSL) web server?

I would think the same way you would do a not secure one. For example,
you can still attempt unicode exploits, wether it is https or not, just
replace http by https. Unless they use authentication as well...

or use stunnel

------------Insight Consulting Limited--------------------------------
Insight Consulting Limited is a leading specialist provider of independent services in all aspects of information and 
communications security, business continuity and risk management from consultancy, implementation, testing and training 
to recruitment, research and outsourcing.
Internet communications are not secure and therefore Insight Consulting Limited does not accept legal responsibility 
for the contents of this message.  Any views or opinions presented are solely those of the author and do not 
necessarily represent those of Insight Consulting Limited unless otherwise specifically stated. If this message is 
received by anyone other than the addressee, please notify the sender and then delete the message and any attachments 
from your computer.

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]