Lodius2000 Posted January 24, 2009 Share Posted January 24, 2009 please attack away (injection, CSS, anything else), just please dont do anything malicious to the database. If you get any php errors or sql errors let me know how http://testing.scriptingsource.com/admin/index.php a few notes: -on the index.php, If you enter a bad username or password it will specify which you entered incorrectly, this will be fixed to be ambiguous as to which was wrong when this system goes live - UN admin, PW password is already created. please login so you can see what a valid login lookslike. -I have temporarily disabled 1 account/email address so that you can make new accounts and repeatedly attack the activation link sent by email, since you cannot activate an account more than once -I use a salted sha512 encryption, and am satisfied with its security, so dont worry about a brute force attack -also I created an account (UN blocked, PW blocked that I have currently blocked (upon an attempted login you will recieve an error of 'Please enter a valid username.'), please try unblock it, you can use this link to get you in the right direction, but please also try to just login using injection or some other method and see if you can get past the block that way 'http://testing.scriptingsource.com/admin/active.php?user=blocked&check=' do what you can to try to spoof the check variable other than that create as many accounts as you would like and have fun... I hope to hear that you were unsuccessful Link to comment Share on other sites More sharing options...
Coreye Posted January 24, 2009 Share Posted January 24, 2009 Full Path Disclosure: http://testing.scriptingsource.com/admin/active.php?user[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /hsphere/local/home/maddenbain/testing.scriptingsource.com/admin/active.php on line 12 Full Path Disclosure: http://testing.scriptingsource.com/admin/active.php?user=blocked&check[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /hsphere/local/home/maddenbain/testing.scriptingsource.com/admin/active.php on line 13 Link to comment Share on other sites More sharing options...
Lodius2000 Posted January 25, 2009 Author Share Posted January 25, 2009 Thanks coreye... so what is the fix for that, I tried putting a if (is_string($user)){ around the whole thing but that doesnt solve the fact that you are sending it an invalid variable name (which is what I interpret to be the problem [] are not valid in variable names) Link to comment Share on other sites More sharing options...
Lodius2000 Posted January 26, 2009 Author Share Posted January 26, 2009 Coreye's exploit is fixed... are there any more... thanks for all your help Link to comment Share on other sites More sharing options...
Rushyo Posted January 26, 2009 Share Posted January 26, 2009 active.php is always returning "There was an error in the activation of your account. Please email the site admin and describe your problem" even with valid credentials. Link to comment Share on other sites More sharing options...
Lodius2000 Posted January 27, 2009 Author Share Posted January 27, 2009 my bad should be fixed now... when I 'corrected' coreye's exploit, what I really mean was that I forgot to redefine the GET variables anything else thanks again for the input Link to comment Share on other sites More sharing options...
Recommended Posts