Security audit needed

[Eiolon]

I am finishing up my admin panel for my site and wanted a security audit.  It's very barebones with only user and groups management.  Some things I'd like tested:

 

1. SQL injections

 

2. Try and bypass the login to get into the admin center.

 

If you manage to get in, please try and do the following:

 

3. Try and delete the administrator account, or change its values (you should be able to reset the password but that's it).

 

4. Try and delete the administrators group, or change its values.

 

I will setup a user account that people can login with to test the inside security if no one can break in.

 

Thanks!

 

 

http://www.intravising.com

 

Profile link: http://www.intravising.com/profile.txt

[darkfreaks]

XSS: login.php

 

The following  variables are left not filtered and unsanitized:

 

• PHP_SELF
  
• REQUEST_URI
  
• SCRIPT_URL
  

Deprecated SSL 2.0 Protocol:

 

an attacker could remotely  exploit vunerabilities to execute man in the middle scripts or decrypt communications between service and clients.

 

 

Fix: Disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead.

 

Outdated Apache Mod SSL:

 

DDOS exploits possible.

Fix: Upgrade to latest Apche SSL version greater than 2.8.17

Outdated Apache mod Frontpage Module:

 

The Module is older than 1.61 and vunerable to buffer overflow which may allow an attacker root access.

 

Fix: this may also be a false positive manually check version if older than 1.61 dont worry if it is not, please upgrade.

[Eiolon]

Thank you.

 

In login.php, I only find PHP_SELF but not the other two variables listed.

 

And for the SSL, would that be something that is controlled by me or by the company that is hosting my server?  I am on a shared server at the moment.

[darkfreaks]

i would bring that to there attention def. if its an exploit on the server. also you need to filter PHP_SELF.

 

 

 

[Eiolon]

Thanks again.  I have notified my host and I have also filtered PHP_SELF.