Jump to content

Archived

This topic is now archived and is closed to further replies.

doddsey_65

Tutalicious - Tutorial Repository

Recommended Posts

Hi,

 

I am currently working on a new project called Tutalicious. This will be a huge tutorial repository with a broad range of categories ranging from things such as Web Development, 3D modelling to things like how to change a car headlight.

 

Users can submit their own tutorials via a youtube embed link, or can create their own text tutorials.

You can also rate tutorials and view user information.

 

The site is currently in it's Beta stage and I would like you to test it and make sure there are no bugs however big or small. And if you have any crits about the layout then I am open to them too.

 

More features will be coming once the site is deemed stable enough to move on.

 

http://beta.tutalicious.com/php_freaks.txt

http://beta.tutalicious.com

 

Thanks.

Share this post


Link to post
Share on other sites

You have an XSS vulnerability with your search.

 

In Firefox version 13.0.1 the Sign in with Facebook button is a bit above the login and register buttons.

 

I would rather not create an account, especially without any clear indication what my errors in registering are. Do you have a test account?

Share this post


Link to post
Share on other sites

Hi,

 

The problems with the search are only when you type, all html is escaped properly on the actual pages.

 

As for the template, I have a new design in the works which I will be showcasing soon.

 

Thanks

Share this post


Link to post
Share on other sites

Taking a more in-depth look, I seem to have stumbled upon a test account testing sql injection

:psychic:

Anyways, I broke the submit by disabling javascript.

 

When you use firebug (in my case) to change the option value of the selection when submitting, it gives you a different page as to what it would be normally. What I'm talking about is, instead of a textbox for the link, it shows a content textarea.

Edit: I guess it defaults to a text-type submit, but it will continue even if you select "Choose a type"

 

The text-type submit does not work at all, and will continue to provide an error to provide an iframe link. Also when the error is given, the layout gets messed up.

 

Also when submitted, you aren't checking the extension of the file uploaded, I just uploaded two (two tests) "evil.php" files (blank) to your server. Also you should check if there are any vulnerabilities created from the submitting I did on your end other than the uploading. You should also be checking the iframe content, you say it must be youtube or vimeo on the home page, but a google iframe passed validation

Share this post


Link to post
Share on other sites

Hi,

 

iframe validation is done when they enter the approval queue, that's why there is an approval queue :)

 

I just tried uploading php and a JS file as the thumbnail and those did not work. I am checking the extension of the uploaded file. Your uploads did not go through as there is no directory associated with you.

You also say you used SQL injection to gain access to a user account. You registered a username called " ' " (single quote). How is this sql injection? I realise though i should add a min length to usernames :P

 

Also the manipulation of select elements isn't important to me. If a user decided to manipulate the HTML then it is their fault if it breaks their experience.

Share this post


Link to post
Share on other sites

You have XSS problem with your tags, eg:

http://beta.tutalicious.com/app/ph%3Cimg%20src=%22.%22%20onerror=%22alert('hi');%22%3Ep.  Chrome saves you by detecting it and striping it.  Other browsers may not.

 

You have an XSS problem with your signup form.  For example enter: "> <img src="." onerror="alert('Hi!');"><b id=" for the username and mis-matching passwords to cause an error.  The same issue is present if for the email field.

 

The same XSS problem exists with your login form as well.

 

 

 

Share this post


Link to post
Share on other sites

Thanks for they reply,

 

Errors such as that will only ever be visible to the user who does them, I will however fixx the issue.

 

Thanks

Share this post


Link to post
Share on other sites

You might want to read up on what XSS is.

Share this post


Link to post
Share on other sites

Errors such as that will only ever be visible to the user who does them.

 

Wrong.  All someone has to do is craft a special URL then send it out to people.  Anyone who clicks that URL will then have that XSS problem. Someone can do quite a bit using XSS such as steal cookies, login information, personal details, etc.

 

http://bit.ly/XD0BVC <- click there for a sample (edit: in a browser that won't save you, such as firefox).

Share this post


Link to post
Share on other sites

You also say you used SQL injection to gain access to a user account.

Testing sql injection...and if I registered it then your registration doesn't work properly as it always showed an error.

 

Back on topic, another XSS vulnerability on the profile page with their website

Share this post


Link to post
Share on other sites

Ok, thanks for the advice and bug testing.

 

I have removed all bugs mentioned and uploaded the new site design too.

 

If you find any more bugs please let me know.

 

Thanks

Share this post


Link to post
Share on other sites

I have removed all bugs mentioned and uploaded the new site design too.

 

Your XSS vulnerability is still there.

 

Share this post


Link to post
Share on other sites

The one I linked to up above:

 

http://bit.ly/XD0BVC <- click there for a sample (edit: in a browser that won't save you, such as firefox).

Share this post


Link to post
Share on other sites

There is a broken link for the current avatar in settings. At least once you first register.

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.