Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [BULK] - Websense Filter Bypass

from [Hubbard, Dan] Network Security [Permanent Link]
Subject: RE: [BULK] - Websense Filter Bypass
Date: Fri, 21 Apr 2006 10:11:42 -0700 
All;

We have received this report and are investigating. Our preliminary
tests show that this only works when customers block the uncategorized
URL category and allow the dynamic content category.

If you do not block uncategorized you should not be affected. 





-----Original Message-----
From: qex@bsdmail.org [mailto:qex@bsdmail.org] 
Sent: Thursday, April 20, 2006 5:04 AM
To: bugtraq@securityfocus.com
Subject: [BULK] - Websense Filter Bypass

#!/usr/bin/perl -w
#
# Websense Filter Bypass
#
# ====================
# Discovered by: Qex
# Date: 19 April 2006
# ====================
#
# Bypass any website that is in the "Uncategorized" Websense Category #
simply by adding a question mark (?) at the end of the URL.

print q(
Websense Filter Bypass

====================
Discovered by: Qex
Date: 19 April 2006
====================
)

print "Enter URL:\n";

$url = <STDIN>;

chomp $url;

$bypass = "$url/?";


print "\nURL: \n$bypass\n";
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  bloggage Remote SQL Injection, omnipresent
Next by Date:  Re: Mini-NUKE v2.3<<--- SQL Injection, nukedx
Previous by Thread:  bloggage Remote SQL Injection, omnipresent
Next by Thread:  RE: [BULK] - Websense Filter Bypass, John E. Fleming
Indexes:  [Date] [Thread] [Top] [All Lists]