Penetration Testing mailing list archives
RE: stupid IE7 question
From: "Debasis Mohanty" <d3basis.m0hanty () gmail com>
Date: Tue, 12 Dec 2006 23:57:18 -0800
Don't waste your time finding ways & means to hide an URL in any form. They are useless and doesn't help in anyway. The basic thing an attacker will do is to use a mitm proxy to find out all those GET POST request and retrieve those *relatively* hidden url. Rather be concerned about what goes as parameter via GET or POST. I like the idea of tamperproof _VIEWSTATE implemented in ASP.NET. Most of the issues of parameters sent insecurely are well taken care with appropriate encryption and CRC check . -d -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of jas1 () hotmail com Sent: Tuesday, December 12, 2006 3:19 AM To: pen-test () securityfocus com Subject: stupid IE7 question Hi. I am currently testing a proprietary (supposedly) secure web based application. The application was built around users with IE6.0 and above, one of the instances of this is that the URL is hidden from the end user when browsing the application. Of course you can ctrl-N or save the page locally to gain the URL, but most end users would not be looking for the URL. I advised a while back that the application should not be passing sensitive info via the URL in the first place. On a recent test I thought I would use IE7 and found that 'for security' reasons the URL is always displayed, greyed out. The issue here is that some internal/external proprietary applications will now display sensitive info via the URL that could cause 'serious' information disclosure - apart from relaying to the vendor to code their apps more securely, does anyone have any more suggestions please? ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 0008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- stupid IE7 question jas1 (Dec 12)
- Re: stupid IE7 question dork (Dec 12)
- Re: stupid IE7 question Tim (Dec 13)
- Re: stupid IE7 question Schanulleke (Dec 12)
- RE: stupid IE7 question Debasis Mohanty (Dec 12)
- Re: stupid IE7 question dork (Dec 12)