Penetration Testing mailing list archives
RE: Strange server test tool
From: "Debasis Mohanty" <mail () hackingspirits com>
Date: Mon, 20 Feb 2006 09:28:22 +0530
Just to make life easy, try 'fiddler' or any MITM proxy and manipulate the the "Host:" key in the request header with the IP address of your choice. However, the "Host:" key modification method can only fool the webservers and webapps but not the firewall or IDS. Another thought - How about using open proxies?? - D -----Original Message----- From: Luchino - Samel [mailto:samelinux () gmail com] Sent: Monday, February 20, 2006 5:58 AM To: pen-test () securityfocus com Subject: Strange server test tool I think that Christophe Vandeplas have understand me ... and i agree with him. I need a test tool that request a web page with a spoofed ip and that's not possible, but i'll look at the tool all of you have write about. -- Samel alias Luca "Close the world,txen eht nepo!" "You will never break my mind!" http://s1.bitefight.it/c.php?uid=23270 LinuxUser:410006 eversor:316704 cortana:316705 PGP KeyID: B4234B4B FingerPrint: 46C477C939B3D0366275DB5EAFA77638B4234B4B ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Strange server test tool Luchino - Samel (Feb 18)
- Re: Strange server test tool Christophe Vandeplas (Feb 19)
- Re: Strange server test tool pagvac (Feb 19)
- Re: Strange server test tool Zlotan (Feb 19)
- Re: Strange server test tool Fabien Degouet (Feb 19)
- Re: Strange server test tool Volker Tanger (Feb 19)
- <Possible follow-ups>
- Strange server test tool Luchino - Samel (Feb 19)
- RE: Strange server test tool Debasis Mohanty (Feb 20)
- Re: Strange server test tool Xman Security (Feb 22)
- RE: Strange server test tool Anders Thulin (Feb 20)
- Re: Strange server test tool Hariharan (Feb 21)
- Re: Re: Strange server test tool cswift300 (Feb 21)