Lamez Posted August 18, 2008 Share Posted August 18, 2008 I have just made a internal link checker, and I do not think there is much you can do with it, but please see what you can do. Here is a link: http://links.krazypicks.com/?url=google.com at the end where it says ?url=google.com, you can change it to yahoo.com and it will check yahoo.com. Thanks Guys! Also take a look at http://krazypicks.com/register.php Link to comment Share on other sites More sharing options...
darkfreaks Posted August 18, 2008 Share Posted August 18, 2008 Input Type Password Autocomplete Enabled Password type input named pass from unnamed form has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache. The impact of this vulnerability Possible sensitive information disclosure How to fix this vulnerability The password autocomplete should be disabled in sensitive applications. To disable autocomplete, you may use a code similar to: < INPUT TYPE="password" AUTOCOMPLETE="off" > HTTP TRACE method is enabled on this web server. In the presence of other cross-domain vulnerabilities in web browsers, sensitive header information could be read from any domains that support the HTTP TRACE method. This vulnerability affects Web Server. The impact of this vulnerability Attackers may abuse HTTP TRACE functionality to gain access to information in HTTP headers such as cookies and authentication data. How to fix this vulnerability Disable TRACE Method on the web server. User credentials are sent in clear text The impact of this vulnerability A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection. How to fix this vulnerability Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection. Link to comment Share on other sites More sharing options...
darkfreaks Posted August 18, 2008 Share Posted August 18, 2008 This script is vulnerable to PHPSESSID session fixation attacks. By injecting a custom PHPSESSID is possible to alter the PHP session cookie. Attackers will normally manipulate cookie values to fraudulently authenticate themselves on a web site. The impact of this vulnerability By exploiting this vulnerability, an attacker may conduct a session fixation attack. In a session fixation attack, the attacker fixes the user's session ID before the user even logs into the target server, thereby eliminating the need to obtain the user's session ID afterwards. How to fix this vulnerability Set session.use_only_cookies = 1 from php.ini. This option enables administrators to make their users invulnerable to attacks which involve passing session ids in URLs; defaults to 0. Link to comment Share on other sites More sharing options...
Lamez Posted August 18, 2008 Author Share Posted August 18, 2008 are you guys talking about the pass gate, or the internal link checker? Link to comment Share on other sites More sharing options...
darkfreaks Posted August 18, 2008 Share Posted August 18, 2008 pass gate? Link to comment Share on other sites More sharing options...
Lamez Posted August 19, 2008 Author Share Posted August 19, 2008 Registration Page. it takes you to a password gate, where you have to enter a password, correct? Link to comment Share on other sites More sharing options...
Recommended Posts