Penetration Testing mailing list archives
Re: lotus notes default objects(.nsf files) and actions
From: Marco Ivaldi <raptor () mediaservice net>
Date: Tue, 31 Mar 2009 14:13:51 +0200 (ora solare Europa occidentale)
Hey, On Mon, 30 Mar 2009, lister () lihim org wrote:
In reading through the Blackhat presentation called 'Falling Dominos' there is mention of default .nsf databases and actions (slide 50). Is there a resource that provides the default list of .nsf databases? I am also interested in any default actions/methods. Not sure if any automated scanners have built-in support for checking default lotus notes databases and actions/methods.
Take a look at these old pen-test list threads: http://seclists.org/pen-test/2007/Jul/0154.html http://seclists.org/pen-test/2008/May/0064.html Hope this helps, -- Marco Ivaldi, OPST Lead Security Analyst Data Security Division @ Mediaservice.net Srl http://mediaservice.net/ ------------------------------------------------------------------------ This list is sponsored by: InfoSec InstituteNo time or budget for traveling to a training course in this fiscal year? Check out the online penetration testing courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need as well: CEH, CPT, CEPT, ECSA, LPT.
http://www.infosecinstitute.com/request_online_training.html ------------------------------------------------------------------------
Current thread:
- Re: lotus notes default objects(.nsf files) and actions Marco Ivaldi (Apr 03)
- <Possible follow-ups>
- Re: lotus notes default objects(.nsf files) and actions Nikhil Wagholikar (Apr 03)