Re: Cross Site Tracing examples?

From: morning_wood (se_cur_ityat_private)
Date: Fri Jun 20 2003 - 15:36:17 PDT

Next message: Dragos Ruiu: "Re: Honeypot detection and countermeasures"

Previous message: Andrea Barisani: "Firewall Tester 0.9"
In reply to: Toby Miller: "RE: Cross Site Tracing examples?"
Next in thread: Bill Pennington: "Re: Cross Site Tracing examples?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

or my windows port Wnikto32 avail at http://exploitlabs.com

morning_wood

----- Original Message ----- 
From: "Toby Miller" <toby_millerat_private>
To: "Todd A. Jacobs" <nospamat_private>;
<pen-testat_private>
Sent: Wednesday, June 18, 2003 5:55 PM
Subject: RE: Cross Site Tracing examples?


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I have some...I will have to dig them up. Until then run Nikto,that
> will show you what xss looks like. Hope this helps.
> Toby
>
> - -----Original Message-----
> From: Todd A. Jacobs [mailto:nospamat_private]
> Sent: Wednesday, June 18, 2003 6:29 PM
> To: pen-testat_private
> Subject: Cross Site Tracing examples?
>
>
> I'm looking for some detailed examples of XST. Google didn't turn up
> much
> except tons of press releases that the vulnerability exists, but I
> couldn't find any examples or exploit code to go along with it. In
> fact, I
> couldn't even find XST in the CVE database.
>
> Can anyone point me in the right direction here?
>
> - --
> The DMCA is anti-consumer. The RIAA has no right to rewrite
copyright
> laws to suit themselves.
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use
<http://www.pgp.com>
>
> iQA/AwUBPvEKClLhpjRJgUE5EQJj3gCeK2d2UZNCIL2GNnnVsUf9KQY0DWcAoIuv
> rX/PNf2csmHMv41HOErqhaf5
> =G9qL
> -----END PGP SIGNATURE-----
>
>
>
>
> --------------------------------------------------------------------
-------
> Latest attack techniques.
>
> You're a pen tester, but is google.com still your R&D team? Now you
can get
> trustworthy commercial-grade exploits and the latest techniques from
a
> world-class research group.
>
> Visit us at: www.coresecurity.com/promos/sf_ept1
> or call 617-399-6980
> --------------------------------------------------------------------
--------
>
>

---------------------------------------------------------------------------
Latest attack techniques.

You're a pen tester, but is google.com still your R&D team? Now you can get 
trustworthy commercial-grade exploits and the latest techniques from a 
world-class research group.

Visit us at: www.coresecurity.com/promos/sf_ept1 
or call 617-399-6980
----------------------------------------------------------------------------

Next message: Dragos Ruiu: "Re: Honeypot detection and countermeasures"
Previous message: Andrea Barisani: "Firewall Tester 0.9"
In reply to: Toby Miller: "RE: Cross Site Tracing examples?"
Next in thread: Bill Pennington: "Re: Cross Site Tracing examples?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 23 2003 - 13:56:46 PDT