taultunleashed Posted November 3, 2008 Share Posted November 3, 2008 Someone managed to find a way to add some java script into our site that lead to malicious items. We have removed them and added some extra security. Can people please test the site http://www.taultunleashed.com to see if you can find any vulnerabilities so we may make sure its working 100%. As you can see google already listed it saying it had the file microsoftst.com on it. We have removed the errors that produced that and the site will be listed normally in the next 24 hours. Thanks for the scan. I appreciate. Also does anyone know a good place where you can get sites professionally scanned for vulnerabilities? Link to comment Share on other sites More sharing options...
darkfreaks Posted November 3, 2008 Share Posted November 3, 2008 Heads up but your site is listed as a malware attack site on WOT firefox addon might wanna have them remove it, if this has been fixed. Input Type Password Autocomplete Enabled Password type input named pass from unnamed form with action ./process.php has autocomplete enabled. An attacker with local access could obtain the cleartext password from the browser cache. The impact of this vulnerability Possible sensitive information disclosure How to fix this vulnerability The password autocomplete should be disabled in sensitive applications. To disable autocomplete, you may use a code similar to: For non compliant WC3 sites: < INPUT TYPE="password" AUTOCOMPLETE="off" > User credentials are sent in clear text The impact of this vulnerability A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection. How to fix this vulnerability Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection. Link to comment Share on other sites More sharing options...
darkfreaks Posted November 3, 2008 Share Posted November 3, 2008 File inputs accepted By this form input is possible to upload a file to the server. The impact of this vulnerability User may upload malicious files to server. Solution Edit the source code to ensure that input is properly verified. Link to comment Share on other sites More sharing options...
darkfreaks Posted November 3, 2008 Share Posted November 3, 2008 Vulnerability description This script is possibly vulnerable to SQL/XPath Injection attacks. SQL injection is a vulnerability that allows an attacker to alter backend SQL statements by manipulating the user input. An SQL injection occurs when web applications accept user input that is directly placed into a SQL statement and doesn't properly filter out dangerous characters. This is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against, there is a large number of web applications vulnerable. XPath Injection is an attack technique used to exploit web sites that construct XPath queries from user-supplied input. The impact of this vulnerability An unauthenticated attacker may execute arbitrary SQL/XPath statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. Attack details The POST variable comment_id is vulnerable./The POST variable iden is vulnerable. How to fix this vulnerability Your script should filter metacharacters from user input. Check detailed information for more information about fixing this vulnerability. Link to comment Share on other sites More sharing options...
taultunleashed Posted November 4, 2008 Author Share Posted November 4, 2008 Thanks for all the replies im going thru them as we speak. Also do you have any suggestions for a place i should go thru to do a detailed scan of my site as well. IE a site that tests it from time to time. Dont want to keep bothering you guys. As well what do you recommend to help us software wise in keeping the site extra protected? Once again thanks for the reply i really do appreciate your help. Also as for the malware thing it has already been taken care of just takes google a day or 2 i heard to shown its clean which is stupid since they already said my site is clean but its not showing. Link to comment Share on other sites More sharing options...
darkfreaks Posted November 4, 2008 Share Posted November 4, 2008 i am scanning with a 6,000 dollar scanner as we speak and pasting the threats to your site. you will be well secured after this. Link to comment Share on other sites More sharing options...
corbin Posted November 4, 2008 Share Posted November 4, 2008 Heads up but your site is listed as a malware attack site on WOT firefox addon might wanna have them remove it, if this has been fixed. Comes up on Chrome too. Could use the same site DB for all I know.... But... Wait.... Darkfreaks your scanner was 6k?!?!?! WTF?!?!?! Link to comment Share on other sites More sharing options...
darkfreaks Posted November 4, 2008 Share Posted November 4, 2008 lol no i didnt pay for it my mentor gave it to me with her serial number. but it does cost that much WOT and Chrome are both made by google so it goes into there DB and has to be cleared Link to comment Share on other sites More sharing options...
darkfreaks Posted November 4, 2008 Share Posted November 4, 2008 GHDB: FCKEditor script The description for this alert is contributed by the GHDB community, it may contain inappropriate language. Category : Advisories and Vulnerabilities "index of" intext:fckeditor inurl:fckeditor this dork is for FCKEditor script through editor/filemanager/browser/default/connectors/connector.php script a user can upload malicious contempt on target machine including php code and launch commands... however if you do not succeed to execute the shell, FCKEditor is integrated in a lot of applications, you can check for a local inclusion issue inside of them... this tool make the dirty work for 2.0 - 2.2 versions: http://retrogod.altervista.org/fckeditor_22_xpl.html GHDB: Xerox DocuShare The description for this alert is contributed by the GHDB community, it may contain inappropriate language. Category : Files containing juicy info Affordable Web-based document and content management application lets businesses of every size rapidly deploy a world-class Enterprise Content Management (ECM) solution to help reduce costs, optimize information flow, and reduce risk Attack details We found inurl:ds.py GHDB: Mp3 file The description for this alert is contributed by the GHDB community, it may contain inappropriate language. Category : Sensitive Directories Yes! I probably have should have told you guys earlier, but this is how ive been getting 100% of my mp3s. It fricken rocks, use it and abuse it. Downfalls to it... a)sometimes you shouldnt include mp3 in the query and getting what you want takes several different methods of searching b)a lot of the time google gives you results and they are not there thanks to good old friend 404 c)finding stuff takes a lot of practice. Goods... a)ive found whole albums b)ive mass downloaded directories of hundreds of songs that i have intrest in c)its exciting seeing the results, like fining treasure. Vulnerability description The description for this alert is contributed by the GHDB community, it may contain inappropriate language. Category : Sensitive Directories The search reveals server upload portals. An attacker can use server space for his own benefit. Link to comment Share on other sites More sharing options...
Recommended Posts