Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Doubt in Application Audit

from [Jeffory Atkinson] Network Security [Permanent Link]
Subject: RE: Doubt in Application Audit
Date: Thu, 24 Feb 2005 19:04:40 -0500 
I would agree with Vincent, looks like a configuration of Null. Of
course I am not aware if the application that you are testing is in a
production or development environment.  90% of the time development and
newly deployed environments are left with a null setting engaged.  

-----Original Message-----
From: Alfred Hitchcock [mailto:alfredhitchcock_007@yahoo.com] 
Sent: Wednesday, February 23, 2005 6:25 AM
To: webappsec@securityfocus.com
Subject: Doubt in Application Audit



Hi All,
I am doing a security audit of an application (sorry i cannot name it).
This application connects to the database server and gets some relevant
information. In order to see the communication channel I am using
ethereal.
The interesting fact is in ethereal the protocol that the application is
using with the database server is shown as ESP.
If ESP is being used then the data that is being exchanged in the
communication channel should be encrypted right? But ethereal shows the
data that is being passed in clear text. This is the sample proof

0200  09 3c 6d 79 3a 49 73 73  75 65 53 74 61 74 75 73   .<my:Iss
ueStatus
0210  44 69 73 70 6c 61 79 3e  3c 2f 6d 79 3a 49 73 73   Display>
</my:Iss
0220  75 65 53 74 61 74 75 73  44 69 73 70 6c 61 79 3e   ueStatus
Display>
0230  0d 0a 09 09 3c 6d 79 3a  45 6d 61 69 6c 4c 69 73   ....<my:
EmailLis
0240  74 3e 3c 2f 6d 79 3a 45  6d 61 69 6c 4c 69 73 74   t></my:E
mailList
0250  3e 0d 0a 09 09 3c 6d 79  3a 45 72 72 6f 72 44 65   >....<my
:ErrorDe
0260  73 63 72 69 70 74 69 6f  6e 3e 3c 2f 6d 79 3a 45   scriptio
n></my:E
0270  72 72 6f 72 44 65 73 63  72 69 70 74 69 6f 6e 3e   rrorDesc
ription>
0280  0d 0a 09 09 3c 6d 79 3a  52 65 71 75 65 73 74 6f   ....<my:
Requesto
0290  72 3e 0d 0a 09 09 09 3c  6d 79 3a 41 6c 69 61 73   r>.....<
my:Alias
02a0  3e 76 2d 6e 69 6d 6f 68  6f 3c 2f 6d 79 3a 41 6c   >XXXXXXX</my:Al
02b0  69 61 73 3e 0d 0a 09 09  09 3c 6d 79 3a 4e 61 6d   ias>....
.<my:Nam
02c0  65 3e 4e 69 73 68 61 6e  74 20 4d 6f 68 6f 72 69   e>XXXXXX
02d0  6b 61 72 20 28 48 65 77  6c 65 74 74 2d 50 61 63   XXXX
02e0  6b 61 72 64 29 3c 2f 6d  79 3a 4e 61 6d 65 3e 0d   XXXX</m
y:Name>.
02f0  0a 09 09 09 3c 6d 79 3a  4d 61 6e 61 67 65 72 4e   ....<my:
ManagerN
0300  61 6d 65 3e 41 6e 6d 6f  6c 20 4d 61 6c 68 6f 74   ame>XXXXX
0310  72 61 20 28 48 65 77 6c  65 74 74 2d 50 61 63 6b   XXXXXXX
0320  61 72 64 29 3c 2f 6d 79  3a 4d 61 6e 61 67 65 72   XXXX</my
:Manager
0330  4e 61 6d 65 3e 0d 0a 09  09 3c 2f 6d 79 3a 52 65   Name>...
.</my:Re


So could you kindly let me know the exact reason for this. What is the
exact problem...
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Copying files from one server to another., MAGNY David
Next by Date:  Re: Filtering by client IP address for Web App Sessions, Steve Shah
Previous by Thread:  Doubt in Application Audit, Alfred Hitchcock
Next by Thread:  RE: Doubt in Application Audit, Shan, Xuning V (Vincent)
Indexes:  [Date] [Thread] [Top] [All Lists]