Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Pentesting a Web Applicaton
From: "Jamie Riden" <jamie.riden () gmail com>
Date: Fri, 1 Jun 2007 18:10:49 +0100

On 01/06/07, Stong, Ian C CTR DISA GIG-CS <Ian.Stong.ctr () disa mil> wrote:
Because I have years of configuration and tweaks on it and various
services would be down while reconfiguring it.  Looking for little to no
downtime.  As an example I run VOIP through it with specific source
destination pairs and specific port/protocol filters.  Multiply that by
30 and you have the configuration that I would have to redo on the
device. Meanwhile downtime while configuring and sniffing each
application to determine exact ports to allow through, VPN peers to
establish, applications to NAT, port remappings for public to private
ports.....

Hi Ian,

Are we talking about a strong password here? Because there is no
feasible way to guess an 8 character password with upper and lower
case and digits, such as 'FhsfaS2!'. There are more than 62**8 such
passwords which is far too many to brute force.

Otherwise, here's two tools I've seen - been a while though so I can't
offer an opinion:
http://www.darknet.org.uk/2007/02/thc-hydra-the-fast-and-flexible-network-login-hacking-tool/
http://www.darknet.org.uk/2006/12/wwwhack-19-download-wwwhack19zip-web-hacking-tool/

Barnaby Jack has done some interesting stuff recently with JTAG,
exploits and ARM-based stuff, but this is probably further than you
want to go:

https://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-Jack.pdf
http://cansecwest.com/slides07/Vector-Rewrite-Attack.pdf
http://cansecwest.com/slides07/csw07-jack.pdf

cheers,
Jamie
--
Jamie Riden, CISSP / jamesr () europe com / jamie () honeynet org uk
UK Honeynet Project: http://www.ukhoneynet.org/

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault