The Ethical Hacker Network - Latest posts of: XgggX

Latest Additions

EH-Net Login

Welcome Guest.

No account yet? Register

Who's Online
We have 47 guests and 4 members online

You are here: Home

EH-Net

May 20, 2013, 01:53:59 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Go back to The Ethical Hacker Network Online Magazine Home Page

Home

Help

Calendar

Show Posts
Pages: [1]

1	Ethical Hacking Discussions and Related Certifications / Web Applications / Audit Flex Web Application	on: October 21, 2009, 04:31:31 PM
Hi, I need help, I´m still working in a black box pentest and I found a Flex WebApp(jboss, coyote 1.1). Flex webapp consist in Web Server(https/ssl) and Flash Media Server(RTMPS that use TLS in TCP port 2099 for flash serialization/deserialization,in other server and with other Cert). I´ll tried to intercept/see web request with proxy´s (webscarab, charles, paros...), tamper plugins(service capture and httpsFox don´t intercept flex methods and services) and sniffers (Wireshark with appropiate ssl cert) and I failed to intercept or manipulate text parameters (captured data is illegible because it´s encryped and proxys don´t intercept web response/request and flex communication) Thanks.