[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [WEB SECURITY] Db2 hacking
- From: Steve Pinkham <steve.pinkham@xxxxxxxxx>
- Subject: Re: [WEB SECURITY] Db2 hacking
- Date: Tue, 29 Jul 2008 15:05:45 -0400
Sharevane wrote:
> Hello all
>
>
>
> I have to perform penetration testing on webapplication .
>
>
>
> Backend is Db2 v8.0 database and application server in webspehere server 6.0
>
>
>
> I want to know how to hack the db2 database and WAS server through web
> application
>
>
>
> thanks in advance
>
>
Read the OWASP testing guide here:
http://www.owasp.org/images/e/e0/OWASP_Testing_Guide_v2_pdf.zip
Or get PORTSWIGGER's excellent book, "The Web Application Hacker's
Handbook".
http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778
You might find a DB specific security book useful, especially if you can
get direct access.
http://www.amazon.com/Database-Hackers-Handbook-Defending-Servers/dp/0764578014
If you have more specific questions we can help you, but we can't do
your pentest for you. Sorry.
If instead you want to hire someone else to do your pentest, you'll find
plenty of help with that here I bet. :-)
--
| Steven E. Pinkham |
| Security Researcher, Maven Security |
| steve.pinkham@xxxxxxxxxxxxxxxxx |
| GPG public key ID CD31CAFB |
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
Brought to you by http://www.webappsec.org
Search this site
|