![]() ![]() One of the first things I like to do when I begin a thick client application test is see what’s actually happening on the network. ![]() There can be more than three tiers, but the same methods and tools outlined below will apply. One-tier architecture also exists, but it’s not applicable to this blog post because the client, business logic, and data storage are all on the same system. Tier 2: A database server handles business logic and performs data queries and modifications for the client.Tier 3: A database server modifies and retrieves data for the application server.īeta Bank is written with a two-tier architecture.Tier 2: Web requests are sent to a server where business logic is handled.Tier 1: The client displays and collects data.BetaFast is written with a three-tier architecture. In this post, we’ll cover network testing in thick client applications and how it’s performed on different architectures. ![]() A brief overview is covered in a previous blog post. Many examples in this series will be taken directly from these applications, which can be downloaded from the BetaFast GitHub repo. ![]() In conjunction with these posts, NetSPI has released two vulnerable thick clients: BetaFast, a premier Betamax movie rental service, and Beta Bank, a premier finance application for the elite. Introduction to Hacking Thick Clients is a series of blog posts that will outline many of the tools and methodologies used when performing thick client security assessments. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |