Tuesday, March 22, 2016

Method Enumeration in GWT

Hello All, I've heard it is possible to enumerate all available methods in client side. Below are some links about this:

https://github.com/GDSSecurity/GWT-Penetration-Testing-Toolset
https://blog.gdssecurity.com/labs/2010/7/20/gwtenum-enumerating-gwt-rpc-method-calls.html

My question is, is it still possible or methods are secure in client-side by default. If not, is there any way to block it.

Thanks in Advance.

Regards,
Vathsa. 

--
You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To post to this group, send email to google-web-toolkit@googlegroups.com.
Visit this group at https://groups.google.com/group/google-web-toolkit.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment