Penetration Testing mailing list archives
AW: Forms D2K Application Testing
From: Martin Muench <mmuench () it-sec de>
Date: Fri, 18 Apr 2008 09:01:52 +0200
What do you mean with "doesn't make any sense"? Can't you see the requests that you send or do you have Problems when you intercept the response from the server. It the last cast you might have zip compression enabled in your browser. You can check this if you remove the line "Accept-Encoding" from your requests. Regards Hans-Martin Münch -----Ursprüngliche Nachricht----- Von: iyer.anant.r () gmail com [mailto:iyer.anant.r () gmail com] Gesendet: Donnerstag, 17. April 2008 16:14 An: pen-test () securityfocus com Betreff: Forms D2K Application Testing Hello, I need some in carrying out an application penetration testing of a Forms & D2K applications which are web-enabled. How does on intercept the traffic (like any HTTP Proxy)? Even though the application is web-enabled, the proxy I am using (WebScarab) does capture the data, but it does not make any sense ( Am I missing out on some trick here?) Any help will be deeply appreciated. Regards, Anant Iyer ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- AW: Forms D2K Application Testing Martin Muench (Apr 18)