Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it? 

Current Page: 1 of 1
Results 1 - 4 of 4
5 years ago
rma88
Hey thanks for the info on trapper, i downloaded it and will give it a try tomorrow. The only thing about dsniff is it performs a MITM attack, and thats cool and all... but that's noisy. A completely passive tool would be cool, unfortunately that kills switched network sniffing, except for wireless I guess. I want to play with trapper, it looks like it is passive unless you specify it to arp
Forum: Networking
5 years ago
rma88
Okay, so I lied, I'm going to ask another question. I don't feel guilty since no one has posted in this section of the forums for 2 days now. Would it make sense to have a passive network sniffer than just sniffed http headers and if an authorization header was found that has "Basic" in it, to base64 decode it and log it, along with site or ip... whatever else was desired? A quick
Forum: Networking
5 years ago
rma88
Reiners Wrote: ------------------------------------------------------- > basic auth can always be sniffed if you are on the > network because the credentials are only base64 > encoded (which is not encrypted). > so yes, it is that easy ;) Wow, thanks so much for the response, thats just funny. So how do you know what type of authentication a site/server is using/requiring?
Forum: Networking
5 years ago
rma88
Hey everyone. I have recently started going through the WebGoat web application security CD, and the latest thing to do was find out the name for the authorization header and what the base64 encoded value was being sent between the server and me. Now, having logged in as guest/guest its no surprise when thats what it decodes to, but my question is does that mean if an .htaccess file is used for au
Forum: Networking
Current Page: 1 of 1