I'm working on adding a few more server side resources as well as dropping in some more test cases for WBTS. I currently can't provided a number of them due to them being active vulnerabilities in BlackBerry. One of the server side resources will allow you to save and retrieve requests. This will be useful for tests which you want to make a request to say, victim.com but be able to see the request from attacker.com. This is achieved by creating a new temporary database, and mapping two new resources. /saveRequest?id=
Sunday, November 14, 2010
Updated version coming soon...
Hello all,
I'm working on adding a few more server side resources as well as dropping in some more test cases for WBTS. I currently can't provided a number of them due to them being active vulnerabilities in BlackBerry. One of the server side resources will allow you to save and retrieve requests. This will be useful for tests which you want to make a request to say, victim.com but be able to see the request from attacker.com. This is achieved by creating a new temporary database, and mapping two new resources. /saveRequest?id=&data= and /getRequest?id=&mode. When saving, you can pass in optional data, but the primary purpose is to log the full request so we can save the request line, headers and body data. When retrieving, you can retrieve the data from any WBTS domain provided you know the ID. You can return data in one of three types: XML, JSON or HTML. I hope to have this latest version out by the end of November.
I'm working on adding a few more server side resources as well as dropping in some more test cases for WBTS. I currently can't provided a number of them due to them being active vulnerabilities in BlackBerry. One of the server side resources will allow you to save and retrieve requests. This will be useful for tests which you want to make a request to say, victim.com but be able to see the request from attacker.com. This is achieved by creating a new temporary database, and mapping two new resources. /saveRequest?id=
Sunday, November 7, 2010
Speaking at PacSec.jp 2010
Just a quick update,
I'll be speaking on WBTS at PacSec this Thursday which is located at Aoyama Diamond Hall near the Omote-sando stop on Ginza-sen: http://pacsec.jp/travel.html.
I'll be speaking on WBTS at PacSec this Thursday which is located at Aoyama Diamond Hall near the Omote-sando stop on Ginza-sen: http://pacsec.jp/travel.html.
Friday, October 8, 2010
SyScan Slides Uploaded!
I just uploaded my slides for the SyScan conference hosted in Ho Chi Minh City for 2010 up to the project page. You can get them from the WBTS Project Downloads..
Friday, September 24, 2010
WBTS Has Been Released
I have published both WBTS and WBTS Runner beta to google code! I've also put up an Architecture Guide if you are interested in how everything works. I will continue to push out new testcases and updates as it progresses, so download and submit any bugs you find!
URLs: WBTS and... WBTS Runner
URLs: WBTS and... WBTS Runner
Saturday, September 18, 2010
Release Date Set!
Hello Everyone,
Just wanted to let you know the release date for WBTS and WBTS Runner have been set for September 24th, 2010. This coincides with the talk I'll be giving to demonstrate it at SyScan 2010 Ho Chi Minh! For more details on SyScan please see: http://syscan.org/hcm/program2.php#hcmd2003. Please note that not all test cases will be for immediate release as some browser vendors are still in the process of fixing the issues I've identified. But stay tuned!
Just wanted to let you know the release date for WBTS and WBTS Runner have been set for September 24th, 2010. This coincides with the talk I'll be giving to demonstrate it at SyScan 2010 Ho Chi Minh! For more details on SyScan please see: http://syscan.org/hcm/program2.php#hcmd2003. Please note that not all test cases will be for immediate release as some browser vendors are still in the process of fixing the issues I've identified. But stay tuned!
Thursday, September 9, 2010
The WBTS Project - Nearing Release
The release of WBTS Beta is nearing. Stay tuned for more information and status updates to the WBTS project!
Subscribe to:
Posts (Atom)