Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Adobe liveCycle PT / Hacking

From: spammailme () gmail com
Date: 13 Dec 2006 16:58:20 -0000
All -

Has anyone expirence in testing the Adobe liveCycle solution. In a nutshell, customers are emailed a pdf doc which has 
forms controls embeded, they click through a shopping path and a resulting (encrypted) *.xdp file is attached to an 
email. It really is an xml doc and can be viewed by changing the ext. 

Proxies will not work here as HTTP is not used. Basically it is (enc) XML over SMTP. Maybe tcpdump can provide insight. 

In looking at the .xdp file it does enc key fields and I believe has an embeded hash yet not sure.

Any one tested this tech.? Any suggestions?

Thanks
Don W. 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: