| || |
Well - unstructured brain dump
You can look for opportunities to gain access by either inserting script info into available fields that will execute when processed or clicked upon or for buffer overruns which may allow people to execute code.
Start by trying for buffer overruns in any available areas
If you are doing a form submit, spoof the form to see if you can inject characters which are normally encoded by windows browsers - like < | / and similar. If you can send these, unencoded and unfiltered, to your server, you have a good chance at hacking in.
Not very structured but maybe it will give you some ideas....
Re: Well - unstructured brain dump
DOH - I'm too tired to even be allowed online, obviously. Sorry - this is a reply to an earlier post and has been copied there....