Many of my company's clients use our data acquisition software in a research basis. Due to the nature of research in general, some of the clients ask that data is encrypted to prevent tampering -- there could be serious ramifications if their data was shown to be falsified. Some of our binary software encrypts output files with a passw...
I'm writing a web testing script with python (2.6) and mechanize (0.1.11). The page I'm working with has an html form with a select field like this: <select name="field1" size="1"> <option value="A" selected>A</option> <option value="B">B</option> <option value="C">C</option> <option value="D">D</option> </select> In ...
Hi everyone, Long time listener, first time caller. 'Say you have a database table that is responsible for logging user activity. The integrity of this log is important, so you want to be able to detect if someone has modified any data from the table. To make things more interesting, also consider the fact that your system may be opera...
I am looking forward for a method to pass data from page to page safely and avoid as It's possible the tampering. The best way to solve it, is to save the sensitive data on db server. Or using session persist on db server. Or whatever method that persists data on db server. The fact is because of performance I wouldn't like to use ...
Hi folks: We meet a testing scenario which needs to tamper with source IP address of a Http request to simulate clients coming from different countries. Do you know any tool help on this? Last but not least, our web site is built with ASP.NET. Thanks. ...
I tried creating a temporary certificate using makecert and creating a spc from the certificate using cert2spc. I signed some exe with the generated spc. I then use the binary editor in VS 2008 to flip some bits (tampered it) in the exe. To my surprise I was able to execute the application. I was expecting that the system will detect th...
I'm not sure whether this question belongs on StackOverflow or SuperUser, but here goes nothing... I'm trying to test out some basic security problems on my personal ASP.NET website to see exactly how the custom validators, etc. work when tampering with the data. I've been looking at the Firefox extension TamperData which seems to do th...
I want to change first line of header, modifying the method and/or URL. The (excellent) Tamperdata firefox plugin allows a developer to modify the headers of a request, but not the URL itself. This latter part is what I want to be able to do. So something like... GET http://foo.com/?foo=foo HTTP/1.1 ... could become ... GET http://b...
Hello, I feel sorry, if this post isn't related here. If you feel this post is useless act according to your wish My question is why don't we save the visitors(subscribers) cookie information in DB rather than setting a file on user's machine.Yeah, I know I might sound silly for following reasons 1) Maintaining DB for every single ...
This is a test engine application with 5 papers set by me..as 5 php pages Flow of the application Login.html check.php // to check whether credentials r right if correct then main.php //user clicks on "take test" in this page which displays him 1 of the 5 papers... but once i am logged in i can just change the url to the url o...