Penetration Testing mailing list archives
RE: BlackBoard Academic Suite ?
From: "M. Shirk" <shirkdog_list () hotmail com>
Date: Thu, 28 Sep 2006 20:03:02 -0400
Just run the gullet as you would for any Web Application test.Just poking around, there is at least some forms of XSS in some of the file name fields when you would be uploading a file.
Hope that helps, as I was a user of the software, not a pen-tester :-) Shirkdog http://www.shirkdog.us
From: 09sparky () gmail com To: pen-test () securityfocus com Subject: BlackBoard Academic Suite ? Date: 28 Sep 2006 22:07:01 -0000I will be trying to bypass Blackboard Academic Suite security for an upcoming Penetration Test and was wondering if anyone has had resent sucess with the later versions of Blackboard Academic Suite. I haven't been able to probe for an exact versoin #, but my guess is that it is a recent version. I have seen the posts on this site about CSS, but my guess is they won't work for this client. Any suggestions , or links to exploits in the wild?Thanks, Sparky ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
_________________________________________________________________Be seen and heard with Windows Live Messenger and Microsoft LifeCams http://clk.atdmt.com/MSN/go/msnnkwme0020000001msn/direct/01/?href=http://www.microsoft.com/hardware/digitalcommunication/default.mspx?locale=en-us&source=hmtagline
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- BlackBoard Academic Suite ? 09sparky (Sep 28)
- RE: BlackBoard Academic Suite ? M. Shirk (Sep 28)
- Re: BlackBoard Academic Suite ? C. Hamby (Sep 29)
- <Possible follow-ups>
- Re: BlackBoard Academic Suite ? 09sparky (Sep 28)
- RE: BlackBoard Academic Suite ? M. Shirk (Sep 28)