[WEB SECURITY] Db2 hacking
Steve Pinkham
steve.pinkham at gmail.com
Tue Jul 29 15:05:45 EDT 2008
Sharevane wrote:
> Hello all
>
>
>
> I have to perform penetration testing on webapplication .
>
>
>
> Backend is Db2 v8.0 database and application server in webspehere server 6.0
>
>
>
> I want to know how to hack the db2 database and WAS server through web
> application
>
>
>
> thanks in advance
>
>
Read the OWASP testing guide here:
http://www.owasp.org/images/e/e0/OWASP_Testing_Guide_v2_pdf.zip
Or get PORTSWIGGER's excellent book, "The Web Application Hacker's
Handbook".
http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778
You might find a DB specific security book useful, especially if you can
get direct access.
http://www.amazon.com/Database-Hackers-Handbook-Defending-Servers/dp/0764578014
If you have more specific questions we can help you, but we can't do
your pentest for you. Sorry.
If instead you want to hire someone else to do your pentest, you'll find
plenty of help with that here I bet. :-)
--
| Steven E. Pinkham |
| Security Researcher, Maven Security |
| steve.pinkham at mavensecurity.com |
| GPG public key ID CD31CAFB |
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
More information about the websecurity
mailing list