Penetration Testing mailing list archives
testing email based e-commerce system with .xdp extension - looking for input
From: spammailme () gmail com
Date: 7 Dec 2006 23:59:27 -0000
Hi - I have come across a commerce based system which is based on Adobe pdf technology. It appearently encrypts traffic (over SMTP) with AES 256. There is a web pdf viewer if you do not have one and you follow the purchase path as if you were on a web based app. I ran a proxy on my browser and only captured the first request and subsequent requests did not show up? Also once I was done making my selections, filling out the checkout data, it automatically generated an email with a pdf attachment yet the extension is file.xdp. I assume this is encrypted. Anyone had expirence testing a system such as this? Any suggestions for testing? Thanks - Don ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- testing email based e-commerce system with .xdp extension - looking for input spammailme (Dec 10)