Home  •  Downloads  •  Software  •  Public Services  •  Contact Us  •  Search  •  Global WebTraffic
 Give us feedback

Untitled Document

WSFuzzer

These videos are based on a pen testing project completed in Q1 2007. The target team had created, and opened up a, SOAP interface to a VAX based DB system. The service gathered acct numbers for a given user (passed in as a param) and returned a string of all such numbers. Each acct number was separated by a ":".

I recreated their situation simply based on work with their software development and this is strictly provided as an example of WSFuzzer successfully in action on a pen testing endeavor.

 

Part 1

Part 2

Part 3

Part 4

 

SSHA Attack

A simple showcasing of SSHA Attack in action.

 

Brute forcing using a custom alphabet

Brute forcing using a pre-constructed alphabet

 
 Counter
User*count is developed by MusS (http://www.foreach.fr/)
260234 Visit260234 Visit260234 Visit260234 Visit260234 Visit260234 Visit


 

andres [at] neurofuzz dot com