Test This Site

[magebash]

I am currently hosting this site on a free server until I get all the bugs out so I know it will be secure on a paid one.  Could you please help me find some vulnerabilities and inform me about them.  I know there are many still.  Thanks.  Here is the link:  Click Here

 

Username: demo

Password: demo

[dannyb785]

I added a link <a href='javascript:alert(document.cookie);'>Click here</a> and when I clicked it, it gave me all sorts of neat information. With that knowledge, a hacker could do all sorts of mean things. Filter out javascript in links(and for that matter, in all posted data).

 

 

Also, is there a way to edit my post?

[darkfreaks]

Vulnerability description

By this form input is possible to upload a file to the server.

This vulnerability affects /.

The impact of this vulnerability

User may upload malicious files to server.

 

How to fix this vulnerability

Check if the script inputs are properly validated.

 

Password type input with autocomplete enabled

The impact of this vulnerability

Possible sensitive information disclosure

 

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

 

User credentials are sent in clear text

The impact of this vulnerability

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

How to fix this vulnerability

Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection.

 

 

 

[magebash]

Edit post for?

[magebash]

You created 2000 rows with the <script> somehow.

[dannyb785]

sorry, edit the thing i created

[magebash]

Go to http://possal.freehostia.com/members.  From there login and go to view posts.  You will see an edit option

[magebash]

i deleted everything in the table.

[magebash]

Should I just not allow links?

[darkfreaks]

Cross Site Scripting

 

The impact of this vulnerability

Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. Because a browser cannot know if the script should be trusted or not, it will execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.

 

Attack details

The GET variable dest has been set to >"><ScRiPt%20%0a%0d>alert(44514.6172421643)%3B</ScRiPt>.

 

 

How to fix this vulnerability

Your script should filter metacharacters from user input

 

[magebash]

Should I use the htmlentities() function to do so?

[darkfreaks]

that will work or strip_tags 

[magebash]

on all $_GET things?  Because I used it on $_POST

[darkfreaks]

just use it on the $_POST then. it shouldnt pick it up.

[magebash]

could you test it again? I think i fixed it.

[darkfreaks]

im scanning again it will be awhile but i will let you know, also make sure your upload script is validated as i said above it is not checking for malicious files.

[magebash]

how?  How can i block the alerts?

[darkfreaks]

the alerts? you mean what danny boy did? if you changed it it shouldn't even be a problem.

[darkfreaks]

also here is a neat XSS function that should filter it.

 

 

http://quickwired.com/smallprojects/php_xss_filter_function.php

 

try using that on all $_GET and $_POST variables

 

also you still have exploits this issue is not fixed yet 

[magebash]

Oh i see the problem.

[darkfreaks]

let me know when your ready to scan again

[magebash]

why not htmlentities()?

[darkfreaks]

thats to convert html only you can still execute PHP and Javascript 

 

 

use strip_tags() 

[magebash]

OK

[magebash]

i added strip tags to the rest of it.  Try it now.