RE: Cross Site Tracing examples?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have some...I will have to dig them up. Until then run Nikto,that will show you what xss looks like. Hope this helps.

                                                                Toby

• -----Original Message----- From: Todd A. Jacobs [mailto:nospam@codegnome.org] Sent: Wednesday, June 18, 2003 6:29 PM To: pen-test@securityfocus.com Subject: Cross Site Tracing examples?

I'm looking for some detailed examples of XST. Google didn't turn up much
except tons of press releases that the vulnerability exists, but I couldn't find any examples or exploit code to go along with it. In fact, I
couldn't even find XST in the CVE database.

Can anyone point me in the right direction here?

• -- The DMCA is anti-consumer. The RIAA has no right to rewrite copyright laws to suit themselves.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPvEKClLhpjRJgUE5EQJj3gCeK2d2UZNCIL2GNnnVsUf9KQY0DWcAoIuv rX/PNf2csmHMv41HOErqhaf5
=G9qL
-----END PGP SIGNATURE-----

You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits and the latest techniques from a world-class research group.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Visit us at: www.coresecurity.com/promos/sf_ept1 or call 617-399-6980