[Owasp-singapore] (no subject)

Christian Heinrich christian.heinrich at owasp.org
Tue Sep 1 01:59:56 EDT 2009


Ruel,

Internal Web Apps would be exploited by internal staff then :)

Their robustness would depend on if they were developed in house or
purchased from a vendor who has multiple deployments of the same web app
(based on say LAMP infrastructure for example).

2009/9/1 spawn of soul calibur <ruel555 at hotmail.com>

>  Hi Guys,
>
> A novice-question again.
>
> What are the ways to exploit internal web application? I know web
> applications which are external facing can be exploited by XSS, SQL
> injection etc. But if attackers cant even see the web application because
> its only available internally, then how can they be exploited?
>
> Basically, I am trying to justify the need to review our web application
> development practices. Thanks!
>
> Regards,
> Ruel
>
> ------------------------------
> Share your memories online with anyone you want anyone you want.<http://www.microsoft.com/singapore/windows/windowslive/products/photos-share.aspx?tab=1>
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>
>


-- 
Regards,
Christian Heinrich - http://sn.im/cmlh_linkedin_profile
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
Speaking Schedule at http://sn.im/cmlh_speaking_schedule
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090901/33f86171/attachment.html 


More information about the Owasp-singapore mailing list