[OWASP-wiki-editors] "Out-of-band Resource Load"

Andrew Smith andrew.smith at owasp.org
Fri Jun 19 18:18:05 UTC 2015


Yep. Awesome. Just wanted to get some feedback before I start cranking away.

Thanks.

On Fri, Jun 19, 2015 at 1:52 PM, Jim Manico <jim.manico at owasp.org> wrote:

> also SQL injection that launches as a background process out of band...
>
> surely... Go for it!
>
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> On Jun 19, 2015, at 3:29 AM, Andrew Smith <andrew.smith at owasp.org> wrote:
>
> List,
>
> I am catching up on the recent burp suite release that introduces the
> concept of "super blind" injection vulnerabilities. They mentions a
> vulnerability class that they call "Out-of-band Resource Load" that sounds
> very interesting to me, as it is like RFI/Path traversal, but is more
> generic allowing for the inclusion of non-standard protocols such as SMB,
> DNS, etc. What do you guys think about me adding a wiki article on this
> type of bug?
>
> http://blog.portswigger.net/2015/04/introducing-burp-collaborator.html
>
> Thanks,
> Andrew
>
> _______________________________________________
> OWASP-wiki-editors mailing list
> OWASP-wiki-editors at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-wiki-editors
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-wiki-editors/attachments/20150619/c330e4cf/attachment.html>


More information about the OWASP-wiki-editors mailing list