WPAD

Posted on April 1st, 2007 in Security by LogicX

Insecurity at its best — At Shmoocon I saw a presentation on WPAD, which is essentially a means of dispensing new proxy settings to browsers. Of course this was implemented by Microsoft, with no forms of security in mind. Over the next few months I intend to use WPAD at clients to dispense rogue proxy servers, and see what sensitive information can be gathered.

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Post a comment