APPLICATION PENETRATION TEST SUPER VEDA
APPLICATION PENETRATION TEST SUPER VEDA
APPLICATION PENETRATION TEST SUPER VEDA
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Application Penetration Test for Super Veda- Sample Report -APPENDIX B - UNAUTHORIZED ACCESS TOACCOUNTSThe attacker reaches the login.asp page while trying to access any of therestricted pages. Since the application checks, on any of the restrictedpages, whether the client is authenticated, and finds out that he isn't, itsends him to the login page that looks like this:Access to the SiteThe attacker then inserts the following SQL bits into the username/passwordfields:And get in using the first name in the returned record set ('Mickey'):ImpervaPage53 of73