Penetration Testing mailing list archives
RE: Pen-Testing a japanese site...
From: "Eyal Udassin" <eyal () swiftcoders com>
Date: Sat, 21 Jan 2006 19:51:04 +0200
Hello Dhruv, I recently encountered a similar situation. A Chinese client of ours wanted a penetration test on his mobile application and site. Needless to say it was all in Chinese, and we're hardly fluent in it... We finally managed to complete this project by using the following techniques: 1. Most of the site page names and parameters were in English. Simply ignore the GUI presented by the browser and look at the HTML code directly. Same goes for function names in Java or .NET assemblies. 2. Google translate and Babylon are a lot of help. 3. For the very few things you still couldn't figure out - hire a student for the translation or contact the person you're working with from that company for a translation. Gokouun o inorimasu :-) Eyal Udassin - Swift Coders POB 1596, Ramat Hasharon, Israel eyal () swiftcoders com / www.swiftcoders.com +972-547-684989 -----Original Message----- From: Dhruv Soi [mailto:dhruv_ymca () yahoo com] Sent: Saturday, January 21, 2006 8:18 AM To: webappsec () securityfocus com; pen-test () securityfocus com Subject: Pen-Testing a japanese site... Hi Group, I got an assignment to pen-test a japanese site. I don't know japanese language so can't even browse the site properly and not able to judge anything. Has anyone on the list encountered a situation where a tester has to pen-test a site which is in different language? Can anyone suggest me how should I handle such situation? If I ask the client for a translated version to english thats looking foolish. And if I try to translate the site using various language translation tools then thats time consuming. Any pointers? Many Thanks Dhruv __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Pen-Testing a japanese site... Dhruv Soi (Jan 21)
- RE: Pen-Testing a japanese site... Eyal Udassin (Jan 21)