The Mental File

Friday, June 19, 2015

Poodle Up

The long road to walking a Poodle on a vulnerable server.

1. The Old Vuln

http://www.acunetix.com/blog/news/check-application-vulnerable-asp-net-padding-oracle-vulnerability/

http://blogs.microsoft.co.il/linqed/2010/09/19/padding-oracle-aspnet-vulnerability-explanation/

http://blog.gdssecurity.com/labs/2010/9/14/automated-padding-oracle-attacks-with-padbuster.html

2. The Test To See If Anyone Is Paying Attention

http://weblogs.asp.net/scottgu/important-asp-net-security-vulnerability

https://blog.skullsecurity.org/2013/padding-oracle-attacks-in-depth

3. Come here Charlie! (Steinbeck Reference)

http://www.guidepointsecurity.com/1023/vulnerability-management/poodle-ssl-3-0-fallback-vulnerability/

http://dunnesec.com/2014/10/20/poodle-sslv3-vulnerability/

And other unknowns that are now known


http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd

https://en.wikipedia.org/wiki/NTLM#Vulnerabilities


Posted by Unknown at 6:55 PM
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

About Me

Unknown
View my complete profile

Blog Archive

  • ▼  2015 (23)
    • ►  November (3)
    • ►  August (4)
    • ►  July (14)
    • ▼  June (2)
      • Poodle Up
      • Installing JBoss and Fixing
Awesome Inc. theme. Powered by Blogger.