[OWASP-wiki-editors] "Out-of-band Resource Load"

Jim Manico jim.manico at owasp.org
Fri Jun 19 17:52:23 UTC 2015


also SQL injection that launches as a background process out of band...

surely... Go for it!

--
Jim Manico
@Manicode
(808) 652-3805

> On Jun 19, 2015, at 3:29 AM, Andrew Smith <andrew.smith at owasp.org> wrote:
> 
> List,
> 
> I am catching up on the recent burp suite release that introduces the concept of "super blind" injection vulnerabilities. They mentions a vulnerability class that they call "Out-of-band Resource Load" that sounds very interesting to me, as it is like RFI/Path traversal, but is more generic allowing for the inclusion of non-standard protocols such as SMB, DNS, etc. What do you guys think about me adding a wiki article on this type of bug?
> 
> http://blog.portswigger.net/2015/04/introducing-burp-collaborator.html
> 
> Thanks,
> Andrew
> _______________________________________________
> OWASP-wiki-editors mailing list
> OWASP-wiki-editors at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-wiki-editors/attachments/20150619/ab539840/attachment.html>


More information about the OWASP-wiki-editors mailing list