Please Test For Security Vulnerabilites - NON Destructive-

[skiingguru1611]

I have been working on this site for my neighbors lacrosse camp and have gotten this far.  I need to check for any security holes before I go any further.

 

I'm sure there will be alot, and might need help figuring out how to fix them.

 

http://www.skiingguru1611.com

 

**Right now I'm hosting the site under my personal domain name**

[darkfreaks]

Vulnerability description

PHPinfo page has been found on this directory. The PHPinfo page outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License.

This vulnerability affects /phpinfo.php.

The impact of this vulnerability

This file may expose sensitive information that may help an malicious user to prepare more advanced attacks.

 

How to fix this vulnerability

Remove the file from production systems.

Vulnerability description

HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method.

This vulnerability affects Web Server.

The impact of this vulnerability

Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data.

 

How to fix this vulnerability

Disable TRACE Method on the web server

 

Vulnerability description

Looks like the source code for this script is available. This check is using pattern matching to determine if server side tags are found in the file. In some cases this may generate false positives.

This vulnerability affects /.

The impact of this vulnerability

An attacker can gather sensitive information (database connection strings, application logic) by analysing the source code. This information can be used to conduct further attacks.

 

Attack details

We found

<?php include("../calendar/minical.php"); ?>

How to fix this vulnerability

Remove this file from your website or change permissions in order to remove access.

 

Vulnerability description

One or more email addresses have been found on this page. The majority of spam comes from email addresses harvested off the internet. The spam-bots (also known as email harvesters and email extractors) are programs that scour the internet looking for email addresses on any website they come across. Spambot programs look for strings like myname@mydomain.com and then record any addresses found.

This vulnerability affects /contact.html.

The impact of this vulnerability

Email addresses posted on Web sites may attract spam.

Attack details

We found

aalaxcamp@twcny.rr.com

 

How to fix this vulnerability

http://evolt.org/article/Spam_Proofing_Your_Website/20/41849/

[skiingguru1611]

That's all?

 

I was expecting alot of XSS and SQL injections.

 

Did this check ALL the PHP pages and stuff??

[darkfreaks]

keep looking i am updating i am not done

[skiingguru1611]

Okay, I was sure there was no way that was all?

[darkfreaks]

nope i keep finding more

[darkfreaks]

Vulnerability description

By this form input is possible to upload a file to the server.

This vulnerability affects /webmail/themes/clean/upload.php

/webmail/themes/express/upload.php.

/webmail/themes/senti/upload.php.

The impact of this vulnerability

User may upload malicious files to server.

How to fix this vulnerability

Check if the script inputs are properly validated.

 

[skiingguru1611]

Thats all?

 

No XSS or SQL injection anywhere?

[darkfreaks]

scanning now for XSS and SQL  now

 

 

you really need to fix all those exploits man :-\ :-X

 

[darkfreaks]

your good no XSS or SQL injection was detected

 

but fix those other exploits

[skiingguru1611]

I'm not home right now, but when I get home I'll fix all of them.

 

Thank you, very much.

[darkfreaks]

on second thought you might want to remove the phpinfo.php file restricting it wont help :-X

[skiingguru1611]

I was going to completely remove it, I just had it on there so I could check some things for my server when I was testing some software.

[darkfreaks]

ok let me know when it is so i can rescan cheers

[blufish]

Instead of having a link to email you, how about just telling them your address like

aalaxcamp@twcny.rr.com

Which will come out as an email address and is hard for email collector bots to find.

 

Not really security, but would be useful.

 

[darkfreaks]

Actually it still is security, but it is not as important.

 

however doing it in javascript  is just about as effective