Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Adobe liveCycle PT / Hacking

from [spammailme] Network Security [Permanent Link]
Subject: Adobe liveCycle PT / Hacking
Date: 13 Dec 2006 16:58:20 -0000 
All -

Has anyone expirence in testing the Adobe liveCycle solution. In a nutshell, 
customers are emailed a pdf doc which has forms controls embeded, they click 
through a shopping path and a resulting (encrypted) *.xdp file is attached to 
an email. It really is an xml doc and can be viewed by changing the ext. 

Proxies will not work here as HTTP is not used. Basically it is (enc) XML over 
SMTP. Maybe tcpdump can provide insight. 

In looking at the .xdp file it does enc key fields and I believe has an embeded 
hash yet not sure.

Any one tested this tech.? Any suggestions?

Thanks
Don W. 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Adobe liveCycle PT / Hacking, spammailme <=
Previous by Date:  Re: Pen-testing - pricing model, Davide Carnevali
Next by Date:  [Full-disclosure] Fuzzers and brute forcers, Joxean Koret
Previous by Thread:  Blind SQL Injection Techniques, One2
Next by Thread:  [Full-disclosure] Fuzzers and brute forcers, Joxean Koret
Indexes:  [Date] [Thread] [Top] [All Lists]