Jump to content

Hack my site(or try)!

dannyb785

By dannyb785
in Beta Test Your Stuff!

 Share

Recommended Posts

dannyb785 Member

dannyb785

Posted
  • Author
Posted

File Input Accepted

 

 

The impact of this vulnerability

User may upload malicious files to server.

How to fix this vulnerability

Check if the script inputs are properly validated from uploading .exe/.js and .php extensions

 

 

can you tell me where file input was accepted? or do you mean that there was a folder found with permissions that allow an upload?

Link to comment
Share on other sites
  • Replies 64
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

dannyb785 Member

dannyb785

Posted
  • Author
Posted

!!

You MUST use mysql_real_escape_string() if you are logging IPs. VERY dangerous. The remote address part of an http socket connection is just as "spoofable" as the user agent or any part of the HTTP request.

 

duuude!!! I never thought about that! Very good point. and fixed now.

 

quick question... would addslashes be okay?

Link to comment
Share on other sites
darkfreaks Advanced Member

darkfreaks

Posted
Posted

i would have to rescan but on your server go into the php.ini file and turn HTTP_TRACE method off like third said this is dangerous ;)

 

 

I check my php.ini file and didn't see a http trace. closest I saw was mysql trace

 

 

you can disable http_trace through .htacess file

 

write this in it:

# disable TRACE in the main scope of httpd.conf
RewriteEngine On 
RewriteCond %{REQUEST_METHOD} ^TRACE 
RewriteRule .* - [F]

Link to comment
Share on other sites
dannyb785 Member

dannyb785

Posted
  • Author
Posted

i would have to rescan but on your server go into the php.ini file and turn HTTP_TRACE method off like third said this is dangerous ;)

 

 

I check my php.ini file and didn't see a http trace. closest I saw was mysql trace

 

 

you can disable http_trace through .htacess file

 

write this in it:

# disable TRACE in the main scope of httpd.conf
RewriteEngine On 
RewriteCond %{REQUEST_METHOD} ^TRACE 
RewriteRule .* - [F]

 

 

does disabling it make it so you cant spoof the ip and other variables? Or what exactly? I dont remember anyone saying anything about http trace before you mentioned it.

Link to comment
Share on other sites
activeserver Newbie

activeserver

Posted
Posted

[1]

If you have the time for it, could you publish anonymized versions of logs of the results of these tests. Those would be a great help for everyone, including me ;)

Lots of people learning PHP (it takes much more than one paying project, trust me) out there don't have the resources to repeat-test their own sites by paying for hosting and asking testers here to test the same things.

These reports would be very helpful to the community here at phpfreaks and if done correctly would also give a little more weight to your "portfolio" or "skillset" section on your personal business site.

 

Just my thoughts, be free to ignore or correct :)

 

In fact, may I suggest anyone who has such data and a little time to spare (without taking risks, of course) to publish such reports.

Security researchers do a lot of this stuff, but a set of real, hand-edited, not-so-polished, plainspeak data has its uses and target audience.

 

Again, feel free to ignore or correct :)

 

[2]

I am no designer, and you did not ask for design ideas, but IMO, a 2-column layout inside the main part, would probably get across more info to your users on the first page itself.

(Please ignore if it conflicts any of your decisions...)

A look at http://www.1234.info/webtemplates/ will explain what i'm trying to say.

Since you're not making money on ads, and your visitors are on broadband, your site might be that much more helpful to users in finding information.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.