[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: xml over https

To: "Mads Rasmussen" <mads@xxxxxxxxxxxxx>, <vuln-dev@xxxxxxxxxxxxxxxxx>
Subject: RE: xml over https
From: "Burke, Charles" <Charles_Burke@xxxxxxxxxxxxx>
Date: Mon, 7 Feb 2005 09:08:19 -0500
Delivered-to: mailing list vuln-dev@xxxxxxxxxxxxxxxxx
Delivered-to: moderator for vuln-dev@xxxxxxxxxxxxxxxxx
List-help: <mailto:vuln-dev-help@securityfocus.com>
List-id: <vuln-dev.list-id.securityfocus.com>
List-post: <mailto:vuln-dev@securityfocus.com>
List-subscribe: <mailto:vuln-dev-subscribe@securityfocus.com>
List-unsubscribe: <mailto:vuln-dev-unsubscribe@securityfocus.com>
Mailing-list: contact vuln-dev-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AcULWffsxXfp5Ci7QmaijFyw2/01rQBxFvbQ
Thread-topic: xml over https

This web services was not using WS Security was it?
I am assuming the xml encryption was custom or was it provided by WSE?

-----Original Message-----
From: Mads Rasmussen [mailto:mads@xxxxxxxxxxxxx] 
Sent: Friday, February 04, 2005 7:33 AM
To: vuln-dev@xxxxxxxxxxxxxxxxx
Subject: Re: xml over https

Actually it turned out to be way much simpler than I thought, the 
application sends text files between server and client, formatted in
XML. Some of the fields are encrypted with 3des but the key was
hardcoded and 
I managed to write a tiny program to decrypt the xml fields using their 
own dll without specifying the key ;-)

The application communicates through https with a portal vulnerable to 
sql injection. I haven't been able to find a login that suits but I have

mapped almost the whole DB using different queries.
If anyone know a nice guide to sql injection for SQL server (MS) I would

appreciate it

Regards,

Mads

Follow-Ups:
- Re: xml over https
  - From: Mads Rasmussen

Prev by Date: Re: xml over https
Next by Date: win2k, XP deletes somename_files when somename.html deleted
Previous by thread: Re: xml over https
Next by thread: Re: xml over https
Index(es):
- Date
- Thread