SecurityFocus

Pentesting of Thick client and client-server applications Jun 07 2011 03:53AM
Balaji Vasanth (balaji_vasanth14 yahoo com) (2 replies)

Re: Pentesting of Thick client and client-server applications Jun 07 2011 01:15PM
Security Auditor (auditor sec gmail com)

Re: Pentesting of Thick client and client-server applications Jun 07 2011 11:40AM
Irene Abezgauz (irene abezgauz gmail com) (1 replies)

Re: Pentesting of Thick client and client-server applications Jun 08 2011 01:05AM
AK (platsakos gmail com)

If the application is not tamper resistant, you can hook functions.
While this is not trivial in a lot of cases, hooks might be able to gain
access to data pre-encryption and analyze/modify at will.
HTH

On 06/07/2011 02:40 PM, Irene Abezgauz wrote:
> Hi Balaji,
>
> It depends on what protocol the app uses - cleartext or binary/encrypted etc.
>
> If it's cleartext in most cases you can make do with wireshark, netcat and a hex editor. Then you throw in some fuzzers etc. and you're good.
>
> If not cleartext you will need olly or similar to tamper in memory, unless it's class serialization in which case might be easier to deserialize than to touch memory.
>
> Bottom line - it depends.
>
> There also can be a variety of other app-dependent things like configuration files that hold permissions on the client side, admin interfaces and various other surprises you could use - take a good look.
>
> Irene
>
>
>
> On 7 ×?×?×?× 2011, at 06:53, Balaji Vasanth <balaji_vasanth14 (at) yahoo (dot) com [email concealed]> wrote:
>
>> Hi,
>>
>> Are there any specific set of methodologies/approaches, tools for the vulnerability testing of client-server applications and standalone apps developed in different languages?
>>
>> I could just think of using some TCP proxies (Echomirage, TCP Catcher etc) to intercept the client-server traffic and go ahead, debuggers like Ollydbug, WinDbg, GNU to understand the calls at client-side and some disassemblers & fuzzers (not sure on which to choose). For some thick clients communicating on Port 80/443 with the server, i am using the Fiddler plugin "Watcher". Is that good enough...?
>>
>> Thanks in advance
>>
>> Regards
>>
>> M. Balaji Swaminathan
>>
>>
>>
>> This list is sponsored by Cenzic
>> --------------------------------------
>> Let Us Hack You. Before Hackers Do!
>> It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> Request Yours Now!
>> http://www.cenzic.com/2009HClaunch_Securityfocus
>> --------------------------------------
>>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>

--
What is the air-speed velocity of an unladen swallow?

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]