newb Posted December 29, 2008 Share Posted December 29, 2008 ok so i just put together a site and i need some guys to test its security. let me know if anyone finds any vulnerabilities/exploits in the php, sql injections, or xss etc. its coded in php using the latest version of punbb and grabs information from the forums SQL database. (not too complex) thanks. http://www.chapterblack.com/ Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/ Share on other sites More sharing options...
DarkWater Posted December 29, 2008 Share Posted December 29, 2008 Please don't make obnoxious titles in all caps. And don't post the same link 3 times. It's just annoying. Anyway, your Registration form passed injection tests, and that's all I got around to testing. I'll test more later. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725778 Share on other sites More sharing options...
darkfreaks Posted December 30, 2008 Share Posted December 30, 2008 please refer to the new rule before posting a topic. http://www.phpfreaks.com/forums/index.php/topic,231599.0.html Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725794 Share on other sites More sharing options...
newb Posted December 30, 2008 Author Share Posted December 30, 2008 what about it? its my site i dont have to prove anything rofl. stupid rule imo. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725799 Share on other sites More sharing options...
newb Posted December 30, 2008 Author Share Posted December 30, 2008 Please don't make obnoxious titles in all caps. And don't post the same link 3 times. It's just annoying. Anyway, your Registration form passed injection tests, and that's all I got around to testing. I'll test more later. how is it annoying? its just a link loser lol. id hope so, if it could get sql injected so easily id switch to phpbb3 or smf asap! good to know punbb is secure is good looking. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725801 Share on other sites More sharing options...
darkfreaks Posted December 30, 2008 Share Posted December 30, 2008 admin have gotten strict about it if you dont prove it this thread can be locked. simple as. i agree with the rule it prevents stupid idiots from trying to break other peoples code. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725808 Share on other sites More sharing options...
newb Posted December 30, 2008 Author Share Posted December 30, 2008 SIGH FINE HOWS THIS http://www.chapterblack.com/phpfreak.txt Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725812 Share on other sites More sharing options...
darkfreaks Posted December 30, 2008 Share Posted December 30, 2008 404 error Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725813 Share on other sites More sharing options...
newb Posted December 30, 2008 Author Share Posted December 30, 2008 404 error must be on your end. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725814 Share on other sites More sharing options...
darkfreaks Posted December 30, 2008 Share Posted December 30, 2008 it looks good to me Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-725892 Share on other sites More sharing options...
newb Posted December 30, 2008 Author Share Posted December 30, 2008 i love you. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-726036 Share on other sites More sharing options...
rajivgonsalves Posted December 30, 2008 Share Posted December 30, 2008 enter this into your browser http://www.chapterblack.com/index.php/ click on the links above they don't work that just a small thing Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-726095 Share on other sites More sharing options...
newb Posted December 31, 2008 Author Share Posted December 31, 2008 enter this into your browser http://www.chapterblack.com/index.php/ click on the links above they don't work that just a small thing hmm they appear to work to me, but the only page thats online is the support page. if you try clicking on the other pages (ie: media, faq) it'll display the home page's content instead anyway. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-726665 Share on other sites More sharing options...
448191 Posted January 3, 2009 Share Posted January 3, 2009 how is it annoying? its just a link loser lol. If you want to have a long and productive stay at this forum, I would tone down. If you think calling someone a "loser" is fun, go play somewhere else. There are limits to our hospitality. And for the record, all caps sentences and titles are not allowed. Please use proper formatting. I fixed it for you this time, next time I'll just lock your thread. Thank you very much for your cooperation. Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-728500 Share on other sites More sharing options...
darkfreaks Posted January 3, 2009 Share Posted January 3, 2009 XSS ME: Registration.php =Secure XSS Me: registration.php =unencoded fields XSS ME: login.php =Secure XSS Me: login.php =unencoded fields afocus::req_username: = , \ , / , ; afocus::req_password: = , \ , / , ; Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-728506 Share on other sites More sharing options...
newb Posted January 8, 2009 Author Share Posted January 8, 2009 hmm interesting, ill have to take a look thanks., Link to comment https://forums.phpfreaks.com/topic/138798-try-to-break-my-site/#findComment-732238 Share on other sites More sharing options...
Recommended Posts