Home page logo

webappsec logo WebApp Sec mailing list archives

RE: Evading Client-Certificate Authentication
From: "Rob Shein" <shoten () starpower net>
Date: Thu, 1 Apr 2004 15:04:17 -0500

Might you be able to find a copy of the certificate on another system?  I
don't know what the scope of work includes as fair game in the test, but if
you could get at a laptop and pull the cert, you'd be in.  Outside of that,
or social engineering to accomplish the same end objective, I don't see a
way past this.

whilst in the middle of a Penetration Test I stumbled on a 
web server only serving SSL and demanding the client to 
present a certificate to identify himself. I tried to nikto 
it with sslproxy and browse the site thru paros both with a 
temporary Verisign personal certificate. No such luck, the 
server keeps bouncing me off. Even vulnerability scanners 
like Nessus and Retina don't get passed the port-scan portion.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]