Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Cross Site Tracing examples?
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Fri, 20 Jun 2003 15:36:17 -0700

or my windows port Wnikto32 avail at http://exploitlabs.com

morning_wood

----- Original Message ----- 
From: "Toby Miller" <toby_miller () adelphia net>
To: "Todd A. Jacobs" <nospam () codegnome org>;
<pen-test () securityfocus com>
Sent: Wednesday, June 18, 2003 5:55 PM
Subject: RE: Cross Site Tracing examples?


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have some...I will have to dig them up. Until then run Nikto,that
will show you what xss looks like. Hope this helps.
Toby

- -----Original Message-----
From: Todd A. Jacobs [mailto:nospam () codegnome org]
Sent: Wednesday, June 18, 2003 6:29 PM
To: pen-test () securityfocus com
Subject: Cross Site Tracing examples?


I'm looking for some detailed examples of XST. Google didn't turn up
much
except tons of press releases that the vulnerability exists, but I
couldn't find any examples or exploit code to go along with it. In
fact, I
couldn't even find XST in the CVE database.

Can anyone point me in the right direction here?

- --
The DMCA is anti-consumer. The RIAA has no right to rewrite
copyright
laws to suit themselves.



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use
<http://www.pgp.com>

iQA/AwUBPvEKClLhpjRJgUE5EQJj3gCeK2d2UZNCIL2GNnnVsUf9KQY0DWcAoIuv
rX/PNf2csmHMv41HOErqhaf5
=G9qL
-----END PGP SIGNATURE-----




--------------------------------------------------------------------
-------
Latest attack techniques.

You're a pen tester, but is google.com still your R&D team? Now you
can get
trustworthy commercial-grade exploits and the latest techniques from
a
world-class research group.

Visit us at: www.coresecurity.com/promos/sf_ept1
or call 617-399-6980
--------------------------------------------------------------------
--------



---------------------------------------------------------------------------
Latest attack techniques.

You're a pen tester, but is google.com still your R&D team? Now you can get 
trustworthy commercial-grade exploits and the latest techniques from a 
world-class research group.

Visit us at: www.coresecurity.com/promos/sf_ept1 
or call 617-399-6980
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault