Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Platform specific error codes.

from [Zapotek] Network Security [Permanent Link]
Subject: Re: Platform specific error codes.
Date: Wed, 4 Oct 2006 13:57:45 +0300 
Hi Eoin,

Thanks for replying.
If you meant this part :
http://www.owasp.org/index.php/Analysis_about_error_codes
it is indeed a small piece and I'd love to contribute once I have a
decent error database. :)

Regards,
Zapotek.

On 10/4/06, Eoin <eoinkeary@gmail.com> wrote: 
Hello,
The OWASP testing guide has a small piece on error codes which may
help but more needs to be added. If you would like to contribute
please contact myself via the OWASP site.
regards,
Eoin

On 03/10/06, Zapotek <zapotekzsp@gmail.com> wrote:
> Hello list,
>
> I'm kinda developing a web application security vulnerability scanner.
> It's going to be open source with a metasploit-like interface.
>
> I have finished the interactive shell interface but I want the system to
> be modularized,
> so new recon techniques can be added using simple XML files.
>
> BUT, in order to identify vulnerabilities I need some error codes
> generated by different platforms like Python/Perl/ASP/etc. during attacks.
>
> For example, if a PHP application has a file inclusion vulnerability
> and the vulnerable variable is "file" the parameter:
> "file=some_non_existent_file.foo"
> Would trigger the error:
>
> *Warning*:  include(some_non_existent_file.foo) [function.include 
<http://localhost/%7Ezapotek/fis/function.include>]: failed to open stream: No 
such file or directory in */home/zapotek/public_html/pen_test/vuln.php* on line *13
>
> *I think you got what I'm saying. :)
>
> Regards,
> Zapotek.*
> *
>
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
>
> Watchfire has new programs available for pen testers and consultants to
> use AppScan in client engagements. AppScan is the leading Web application
> assessment tool. Want to see it for yourself? Take a look today!
>
> https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008YSz
> --------------------------------------------------------------------------
>
>


--
Eoin Keary OWASP - Ireland
http://www.owasp.org/local/ireland.html



--
__________________________________________________________
http://www.segfault.gr

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire has new programs available for pen testers and consultants to use AppScan in client engagements. AppScan is the leading Web application assessment tool. Want to see it for yourself? Take a look today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008YSz
--------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Platform specific error codes., Eoin
Next by Date:  RE: Netscape 8 inherits firefox, explorer vulnerabilities, Benjamin Tomhave
Previous by Thread:  Re: Platform specific error codes., Eoin
Next by Thread:  Netscape 8 inherits firefox, explorer vulnerabilities, Emanuel Marufo
Indexes:  [Date] [Thread] [Top] [All Lists]