1)Thick client and server using HTTP to communicate
2)Thick client and server using HTTP over SSL to communicate
3)Thick client and server using a proprietary
4)TCP protocol to communicate (without any encryption)
5)Thick client and server using a proprietary
6)TCP protocol over SSL to communicate
7)Thick client and server using a proprietary
8)TCP protocol and shared key / custom cryptography to communicate
Tools To Test Thick Client Server Communications
Fiddler HTTP Proxy - http://www.fiddler2.com/fiddler2/
EchoMirage - http://www.bindshell.net/tools/echomirage
Microsoft Detours - http://research.microsoft.com/enus/projects/detours/
Keytool command - http://java.sun.com/j2se/1.4.2/docs/tooldocs/solaris/keytool.html
Openssl command - http://www.openssl.org/docs/apps/req.html#EXAMPLES
Reference:
https://www.owasp.org/images/e/e7/Thick_Client_(In)Security_-_Neelay_S_Shah_-_Mar_24.pdf
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment