<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

WebApp Sec: RE: Evading Client-Certificate Authentication

RE: Evading Client-Certificate Authentication

From: Rob Shein <shoten_at_starpower.net>
Date: Thu, 1 Apr 2004 15:04:17 -0500

Might you be able to find a copy of the certificate on another system? I
don't know what the scope of work includes as fair game in the test, but if
you could get at a laptop and pull the cert, you'd be in. Outside of that,
or social engineering to accomplish the same end objective, I don't see a
way past this.

> whilst in the middle of a Penetration Test I stumbled on a
> web server only serving SSL and demanding the client to
> present a certificate to identify himself. I tried to nikto
> it with sslproxy and browse the site thru paros both with a
> temporary Verisign personal certificate. No such luck, the
> server keeps bouncing me off. Even vulnerability scanners
> like Nessus and Retina don't get passed the port-scan portion.
Received on Apr 01 2004

This message: [ Message body ]
Next message: Mark Curphey: "Fwd: [SC-L] DHS report"
Previous message: Michael Ströder: "Re: improvements in session management?"
Next in thread: email lists: "RE: Evading Client-Certificate Authentication"
Maybe reply: email lists: "RE: Evading Client-Certificate Authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]