[Dailydave] Immunity Certified Network Offense Professional
Thomas Ptacek
tqbf at matasano.com
Sun Jul 13 20:11:53 EDT 2008
NB: I'm not talking because I think Dave is evil. I already knew Dave
was evil. I'm talking because this is an interesting topic.
I agree: being able to bust into enterprise applications is a great
way to ace an internal pentest. But even then, the best findings are
often not memory corruption vulnerabilities. When we talk about the
terribly insecure apps across enterprises, we should be thinking about
shell metacharacters.
> Second, I see terribly insecure apps across enterprises all the time.
> They're niche products or internally developed that often sit on key
> systems. They usually don't have public vulns because they're internal or
> niche but if you sit down with them they're generally easy enough to break.
> So doing so is reasonable way to get into a fully patched system. It also
> makes you look good and reinforces security best practices like
> compartmentalization, defense in depth, etc.
--
---
Thomas H. Ptacek // matasano security
read us on the web: http://www.matasano.com/log
More information about the Dailydave
mailing list