creata.physics Posted October 18, 2011 Share Posted October 18, 2011 As my cms system grows more stable, my feelings of uncertainty do the same. I can only test so much myself. This cms is a whole lot bigger than you would think, there is a huge backend and there is so much to debug and test, I can't do it alone. Basically, I just need any number of people to visit the site and check for security errors to see if people should be registering and posting sensitive data, reporting bugs is most definitely a plus. Here is a a phpfreaks.txt link with my profile url within to prove this is legitimate: http://dev.zext.org/phpfreaks.txt The website that needs test would obviously be: http://dev.zext.org/index.php Please do not confuse http://zext.org with http://dev.zext.org ! They are completely identical, all I did was make a backup and transfer it to another database in a new directory, this is to refrain from breaking the main site. So please make sure if you notice you aren't on the dev site to go on back. Like I said, I just need anybody to report as many security flaws as possible, with the additional bonus of bugs in the milestone section of the website. You can try to create as many user accounts as you want, although there is already an account for php freaks users. Username: phpfreaks Password: phpfreaks Also, you may have issues trying to directly view http://dev.zext.org because it was just set up, you may have to view http://dev.zext.org/index.php to actually view the cms. I think that about covers everything. I'm looking forward to what you guys discover. .Matt Link to comment Share on other sites More sharing options...
ZulfadlyAshBurn Posted October 18, 2011 Share Posted October 18, 2011 cant log in? Link to comment Share on other sites More sharing options...
Coreye Posted October 19, 2011 Share Posted October 19, 2011 Sent you a file upload security issue via PM. Full Path Disclosure: http://dev.zext.org/index.php?app=forums&fid[] Zext WARNING [2] Illegal offset type (Line: 177 of /applications/forums/modules/forums/forums.php) Full Path Disclosure when uploading an attachment: Zext WARNING [2] Invalid argument supplied for foreach() (Line: 171 of /applications/forums/modules/post/topic.php) Invalid File Extension You also don't state what extensions are valid. PHP Error: http://dev.zext.org/index.php?app=admin Zext WARNING [2] Invalid argument supplied for foreach() (Line: 610 of /includes/zext.php) PHP Error: http://dev.zext.org/index.php?app=forums&module=post&action=reply&tid="e= Fatal error: Call to undefined method public_forums_post_reply::run_me() in /home/zextorg1/public_html/dev/index.php on line 266 Quoting code messes up: http://dev.zext.org/index.php?app=forums&module=post&tid=36 I'm receiving the below error message on http://dev.zext.org/index.php?app=forums&module=post&tid=36. I think it's because of the PHP code I added to the post. Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Quoting doesn't seem to be working. Try to quote this post: http://dev.zext.org/index.php?app=forums&module=post&action=topic&reply=35"e=74. Commenting on profiles doesn't work. Nothing happens when you press "Submit". Link to comment Share on other sites More sharing options...
creata.physics Posted October 19, 2011 Author Share Posted October 19, 2011 Thanks for checking it out. I'm glad there hasn't been any XSS issues, that is my main concern. The only thing you've found I'm worried about is the internal server error you were able to produce. I'd definitely like to find out how to replicate that so I can fix it for good. Everything else is expected and can be easily fixed so that's another good thing. I appreciate you taking your time to look around. @ZulfadlyAshBurn - You should be able to, make sure you typed in phpfreaks in both fields correctly. If that doesn't work you can make your own account. Thanks guys. .Matt Link to comment Share on other sites More sharing options...
Coreye Posted October 21, 2011 Share Posted October 21, 2011 I'm glad there hasn't been any XSS issues, that is my main concern. Everything else is expected and can be easily fixed so that's another good thing. .Matt Your main concern should be the exploit I sent to you via PM. It makes it possible to view every file on your server, including database credentials. With that you could easily upload a file with a query to drop the DB. Link to comment Share on other sites More sharing options...
creata.physics Posted October 21, 2011 Author Share Posted October 21, 2011 I was already aware of that which should be included with the next update, i just hadn't disabled file uploads. Once all of these fixes have been applied I'll post once more so you can check for yourself to see if these have been fixed or not. Thanks Link to comment Share on other sites More sharing options...
Recommended Posts