Penetration Testing mailing list archives
Re: Cross Site Tracing examples?
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Fri, 20 Jun 2003 15:36:17 -0700
or my windows port Wnikto32 avail at http://exploitlabs.com morning_wood ----- Original Message ----- From: "Toby Miller" <toby_miller () adelphia net> To: "Todd A. Jacobs" <nospam () codegnome org>; <pen-test () securityfocus com> Sent: Wednesday, June 18, 2003 5:55 PM Subject: RE: Cross Site Tracing examples?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have some...I will have to dig them up. Until then run Nikto,that will show you what xss looks like. Hope this helps. Toby - -----Original Message----- From: Todd A. Jacobs [mailto:nospam () codegnome org] Sent: Wednesday, June 18, 2003 6:29 PM To: pen-test () securityfocus com Subject: Cross Site Tracing examples? I'm looking for some detailed examples of XST. Google didn't turn up much except tons of press releases that the vulnerability exists, but I couldn't find any examples or exploit code to go along with it. In fact, I couldn't even find XST in the CVE database. Can anyone point me in the right direction here? - -- The DMCA is anti-consumer. The RIAA has no right to rewrite
copyright
laws to suit themselves. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use
<http://www.pgp.com>
iQA/AwUBPvEKClLhpjRJgUE5EQJj3gCeK2d2UZNCIL2GNnnVsUf9KQY0DWcAoIuv rX/PNf2csmHMv41HOErqhaf5 =G9qL -----END PGP SIGNATURE----- --------------------------------------------------------------------
-------
Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you
can get
trustworthy commercial-grade exploits and the latest techniques from
a
world-class research group. Visit us at: www.coresecurity.com/promos/sf_ept1 or call 617-399-6980 --------------------------------------------------------------------
--------
--------------------------------------------------------------------------- Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits and the latest techniques from a world-class research group. Visit us at: www.coresecurity.com/promos/sf_ept1 or call 617-399-6980 ----------------------------------------------------------------------------
Current thread:
- Cross Site Tracing examples? Todd A. Jacobs (Jun 18)
- RE: Cross Site Tracing examples? Toby Miller (Jun 19)
- Re: Cross Site Tracing examples? morning_wood (Jun 23)
- Re: Cross Site Tracing examples? Bill Pennington (Jun 19)
- Re: Cross Site Tracing examples? tim (Jun 19)
- Re: Cross Site Tracing examples? Martin Mačok (Jun 19)
- Advanced Port Scanner for Windows viv3kr (Jun 19)
- <Possible follow-ups>
- Fwd: Cross Site Tracing examples? Peter Wood (Jun 19)
- RE: Cross Site Tracing examples? Toby Miller (Jun 19)