[OWASP-wiki-editors] "Out-of-band Resource Load"
jim.manico at owasp.org
Fri Jun 19 18:59:57 UTC 2015
Is there a way to tie these all together so they have the same category?
> On Jun 19, 2015, at 8:18 AM, Andrew Smith <andrew.smith at owasp.org> wrote:
> Yep. Awesome. Just wanted to get some feedback before I start cranking away.
>> On Fri, Jun 19, 2015 at 1:52 PM, Jim Manico <jim.manico at owasp.org> wrote:
>> also SQL injection that launches as a background process out of band...
>> surely... Go for it!
>> Jim Manico
>> (808) 652-3805
>>> On Jun 19, 2015, at 3:29 AM, Andrew Smith <andrew.smith at owasp.org> wrote:
>>> I am catching up on the recent burp suite release that introduces the concept of "super blind" injection vulnerabilities. They mentions a vulnerability class that they call "Out-of-band Resource Load" that sounds very interesting to me, as it is like RFI/Path traversal, but is more generic allowing for the inclusion of non-standard protocols such as SMB, DNS, etc. What do you guys think about me adding a wiki article on this type of bug?
>>> OWASP-wiki-editors mailing list
>>> OWASP-wiki-editors at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-wiki-editors