WebApp Sec mailing list archives

java app question

From: learn lids <learnlids () yahoo com>
Date: Thu, 22 Apr 2010 20:56:23 -0700 (PDT)

hi all, 

i am looking to pen test an app which is not a webapp :) . on browsing to the url it launches a java application using 
jnlp. 

i used a network traffic sniffer to see the traffic, and it is making post requests to several different urls (e.g. 
webapp.com/generatereport etc.), and the response is of type x-serialize object. 

any suggestions on what could be things to look at for such a pentest? 

thanks


      



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Current thread:

java app question learn lids (Apr 23)
- Re: java app question Luca Carettoni (Apr 24)
- Re: java app question Rogan Dawes (Apr 24)
  - Re: java app question ¨˜”°º•C0D3w (Apr 27)
- RE: java app question Paul Melson (Apr 27)
- Re: java app question Jonathan Cran (Apr 27)