|
Penetration Testing
mailing list archives
Re: RE: Pentesting a Web Applicaton
From: "Jamie Riden" <jamie.riden () gmail com>
Date: Fri, 1 Jun 2007 20:38:57 +0100
In that case the easiest attack might be against the config file. (Eek
- my Netgear router stores the password in clear in its backup file!)
cheers,
Jamie
On 01/06/07, Stong, Ian C CTR DISA GIG-CS <Ian.Stong.ctr () disa mil> wrote:
Just for clarification - I have backups of the configs and could reset
the device and reload the config but as soon as you do that it also
restores the password. In addition you can't change the password without
knowing the old password.
--
Jamie Riden, CISSP / jamesr () europe com / jamie () honeynet org uk
UK Honeynet Project: http://www.ukhoneynet.org/
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: Pentesting a Web Applicaton, (continued)
Re: Pentesting a Web Applicaton Jamie Riden (Jun 01)
Re: Pentesting a Web Applicaton sherwyn . williams (Jun 01)
Re: RE: Pentesting a Web Applicaton ebk_lists (Jun 01)
Re: Pentesting a Web Applicaton Hylton Conacher (ZR1HPC) (Jun 04)
| 
Intro
