|
Penetration Testing
mailing list archives
Re: Level of Exploitation
From: "Adriel T. Desautels" <ad_lists () netragard com>
Date: Wed, 3 Dec 2008 14:59:07 -0500
What level of access were you able to gain with SQL Injection?
On Dec 2, 2008, at 11:14 PM, pentestr wrote:
Hi list,
I have come across a situation where I need to specify the "Level of
Exploitation" to the client ( a govt. agency). I was able to do SQL
Injection, Cross Site Scripting attacks against the web
application. Could you share your ideas about level of
exploitation. What level we can give for SQL Injection, Cross site
scripting, buffer overflow, TCP stack exploit,etc
thanks in advance
Pen Testr
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Adriel T. Desautels
ad_lists () netragard com
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now
www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Re: Level of Exploitation, (continued)
|
Intro
