Ticket System / To-Do Management

[darkfreaks]

did you get those expolits worked out black ???

[blackcell]

Gotta work tonight on it man. I have got a bunch of stuff to work on today at work. I will let you know asap. Thanks for your feedback brother.

[Andy-H]

if (!empty($_POST)){

array_map("strip_tags", "$_POST");

array_map("addslashes", "$_POST");

array_map("mysql_real_escape_string", "$_POST");

}

 

if (!empty($_GET)){

array_map("strip_tags", "$_GET");

array_map("addslashes", "$_GET");

array_map("mysql_real_escape_string", "$_GET");

}

 

[blackcell]

So I should use array_maps at the beginning of pages where form data will be retrieved or within the submit set?

 

Edit: Stupid question I answered myself.

[Maldian]

sowens at seltel dot com is my email address

[olie122333]

I built this using Firefox and have no desire to make this 100% compatible with IE. I consider IE a plague that preys on the ignorant, therefore I will leave it to one of those to make it compatible.

 

 

Aggreed.  ^^

 

 

Im using firefox now, i use it all the time 

 

 

 

 

 

And it is really nice site 

 

 

I like the GUI 

[blackcell]

Thanks man.

[darkfreaks]

you ever going to patch those server exploits?

[blackcell]

Eventually, what do you use to detect that kind of stuff?

[darkfreaks]

Acunetix

[darkfreaks]

Let me know when you patched up mod_ssl and have disabled Trace METHOD on your server

[blackcell]

New update, I should have taken care of most of the password autocomplete stuff. Still looking for a good method to process/display form data.

 

I don't have access to how my server performs, I don't think. ??? I am leasing the resources from someone.

[darkfreaks]

if your leasing out servers might want to ask them to update there SSL 

 

everything looks good. a few broken links although i can paste the exact ones but no solutions are offered.

[darkfreaks]

also if you want to send stuff over a secure  http connection check out md5() or crypt() 

 

make sure it is md5() or crypt() before you send it in a link 

[blackcell]

There is no way to decode md5 if it is varying data right? So if you don't know what your looking for on the other side that is not feasible. ALso, the broken links may be because of the use of iframes. I can't see any other broken links.

[darkfreaks]

Tips:

Session IDs in URL (and hijacking) - if you’re using session IDs in the URL (as opposed to a session cookie), make sure offsite links do not contain the session ID (or the remote site will be able to hijack) - PHP should take care of this. Also your visitors may give away the session ID in the referrer field - ideally pass off site links through a redirect page, to elimate the referrer (although, unfortunately, some browsers keep the last 3 pages viewed I believe - unsure of facts).

 

Ideally, don’t pass session ids in the URL - require users to accept a cookie if they need to “log in”.

Session Fixation (pre-hijacking) (see http://www.acros.si/papers/session_fixation.pdf).

 

If you assign a session to a visitor to your site, before they are logged in (for example for clickpath analysis), make sure that you assign them a new session id when they do login, so that if someone pre-generated the initial session id for them, they won’t get the new ID.

 

For PHP 4.2.0+, see session_regenerate_id() (in particular the user submitted comments). For PHP < 4.2.0, you'll have to destroy the session and re-create it when the user logs in, carrying any stored data between the two. The session_id() function may also be useful (haven’t explored it in this context myself).

[darkfreaks]

also you may want to restrict acess (chmod) theo following files so they have read properties but not write or executable.

/css

/admin/logfile

/install

[darkfreaks]

and the advice was valid look at this:

 

 

Vulnerability description

This script is vulnerable to PHPSESSID session fixation attacks.

 

By injecting a custom PHPSESSID is possible to alter the PHP session cookie. Attackers will normally manipulate cookie values to fraudulently authenticate themselves on a web site.

This vulnerability affects /Tickets.  and/tickets/admin

How to fix this vulnerability

Set session.use_only_cookies = 1 from php.ini. This option enables administrators to make their users invulnerable to attacks which involve passing session ids in URLs; defaults to 0.

 

 

 

 

[darkfreaks]

Vulnerability description

The description for this alert is contributed by the GHDB community, it may contain inappropriate language.

 

Category : Files containing juicy info

 

This is a very basic string found on directory listing pages which show the version of the Apache web server. Hackers can use this information to find vulnerable targets without querying the servers.

This vulnerability affects /Tickets/assistwindows.

[darkfreaks]

the above google hacking exploit can also be found in the install file and logfile and your SQL backups

 

the google hacking exploit can be avoiding by making it non writable/executable. 

[Maldian]

Hey Blackcell... I havent forgotten about calling bro. It has been mahem and chaos around here. I will try to call today.

[blackcell]

No problem man, Anytime after 4:30 central should be good. Dark, I will work on the exploits soon, the work on this comes in spurts because of school/work/family.

[blackcell]

May have fixed the vulnerability for xss. Found a few spots that needed the font size standardized also. Updated the in-program update log.

[darkfreaks]

i am scanning now Black i will let you know if it is fixed 100 percent

[darkfreaks]

Black seems like everything is fixed except the PHPSESSID exploit please fix this