[Owasp-testing] Question about testing web mail functionality.

Pavol Luptak pavol.luptak at nethemba.com
Fri Aug 14 07:24:11 EDT 2009


On Fri, Aug 14, 2009 at 11:21:34AM +0100, Vishal Garg wrote:
>    Does anyone know if this sort of attack has been mentioned anywhere on
>    OWASP web site (within Testing Guide or anywhere else). I'll really
>    appreciate if someone could point me in the right direction.

Exactly this kind of the attack is part of WebGoat, see
http://www.owasp.org/index.php/Lesson_Plans - How to Exploit Unchecked Email 

[Pavol Luptak, Nethemba s.r.o.] [http://www.nethemba.com] [tel: +421905400542]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : https://lists.owasp.org/pipermail/owasp-testing/attachments/20090814/65e9b85f/attachment.bin 

More information about the Owasp-testing mailing list