websecurity December 2007 archive
Main Archive Page > Month Archives  > websecurity archives
websecurity: [WEB SECURITY] Performing Distributed Brute Forcing

[WEB SECURITY] Performing Distributed Brute Forcing of CSRF vulnerable login pages

From: <bugtraq_at_nospam>
Date: Mon Dec 10 2007 - 17:45:19 GMT
To: websecurity@webappsec.org


Hello List,

I have posted the following rant that discusses how CSRF/timing attack vulnerable login pages could be mass brute forced.

Performing Distributed Brute Forcing of CSRF Vulnerable Login Pages http://www.cgisecurity.com/2007/12/08

Regards,
- Robert
http://www.cgisecurity.com/



Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]