Of course it's boring, the days when one said I've just found another 50
holes in MS's network stack are all gone.
The thing is, you are either a security professional *testing products* or
you're just talking about security thinking you are one.
In the past all it took to become a 'hacker' was
Wait, did you even try and replay them yet?
On Fri, May 28, 2010 at 7:22 PM, Justin Chang ktriv...@msn.com wrote:
What are the encoded_pw and encoded_pw_unicode cookies in blackboard?
These are passed clear text with username and I am trying to see if I can
get the password from this
discovered by mrhinkydink
PRODUCT: Websense Enterprise v6.3.3
EXPOSURE: Trivial Web Policy Bypass
SYNOPSIS
By adding a Via: header to an HTTP request it is possible for a user
to completely bypass filtering and monitoring in a Websense Enterprise
6.3.3/Microsoft ISA Server (2004 or