WebApp Sec mailing list archives
Re: Pentesting of Thick client and client-server applications
From: AK <platsakos () gmail com>
Date: Wed, 08 Jun 2011 04:05:01 +0300
If the application is not tamper resistant, you can hook functions. While this is not trivial in a lot of cases, hooks might be able to gain access to data pre-encryption and analyze/modify at will. HTH On 06/07/2011 02:40 PM, Irene Abezgauz wrote:
Hi Balaji, It depends on what protocol the app uses - cleartext or binary/encrypted etc. If it's cleartext in most cases you can make do with wireshark, netcat and a hex editor. Then you throw in some fuzzers etc. and you're good. If not cleartext you will need olly or similar to tamper in memory, unless it's class serialization in which case might be easier to deserialize than to touch memory. Bottom line - it depends. There also can be a variety of other app-dependent things like configuration files that hold permissions on the client side, admin interfaces and various other surprises you could use - take a good look. Irene On 7 ביונ 2011, at 06:53, Balaji Vasanth <balaji_vasanth14 () yahoo com> wrote:Hi, Are there any specific set of methodologies/approaches, tools for the vulnerability testing of client-server applications and standalone apps developed in different languages? I could just think of using some TCP proxies (Echomirage, TCP Catcher etc) to intercept the client-server traffic and go ahead, debuggers like Ollydbug, WinDbg, GNU to understand the calls at client-side and some disassemblers & fuzzers (not sure on which to choose). For some thick clients communicating on Port 80/443 with the server, i am using the Fiddler plugin "Watcher". Is that good enough...? Thanks in advance Regards M. Balaji Swaminathan This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
-- What is the air-speed velocity of an unladen swallow? This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- Pentesting of Thick client and client-server applications Balaji Vasanth (Jun 07)
- Re: Pentesting of Thick client and client-server applications Irene Abezgauz (Jun 07)
- Re: Pentesting of Thick client and client-server applications AK (Jun 07)
- Re: Pentesting of Thick client and client-server applications Security Auditor (Jun 07)
- Re: Pentesting of Thick client and client-server applications Irene Abezgauz (Jun 07)