Hi Anant,
Any chance this is a JAVA Applet? If yes then there's probably
encryption built in by the developers and you see just junk in the
proxy editor. Is it web based or is it a thick client? Try and
identify when encryption happens and how the application is doing it.
Maybe decompile Java class files? If its not an applet then its
probably a thick client with custom encryption built in. Try and
identify what encryption it is.
Cheers
Arvind
On Thu, Apr 17, 2008 at 10:19 AM, <iyer.anant.r@gmail.com> wrote:
Hello,
I need some in carrying out an application penetration testing of a Forms &
D2K applications which are web-enabled. How does on intercept the traffic
(like any HTTP Proxy)? Even though the application is web-enabled, the proxy
I am using (WebScarab) does capture the data, but it does not make any sense
( Am I missing out on some trick here?)
Any help will be deeply appreciated.
Regards,
Anant Iyer
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
