/ iwsp

IWSP Week 17

Continue working on #6QT0T6 this week. Also went on site to client's office for #MPmfm.

Found a critical vulnerability for #6QT0T6 where the archive for the entire application source code was downloadable. It was a disaster, through it, was able to probe all the hidden directories and files as well as test files/scripts. #6QT0T6 also exposes crontab and logs.

Project #MPmfm was the first time that I went down to the client's office with a senior colleague to test their intranet application. It was interesting to experience something new, but boring because there is no internet available. This is an on-going project for a few weeks so I may or may not be called down for it again.