Jump to content

Recommended Posts



I was wondering if anyone out there has some free time and could attack my site for me, it is not anywhere near 100% yet ( maybe closer to 10% ) and only 2 scripts have any access to the database, the login in the top corner (when your not logged in) and the registration page.


I would like to know about any possible exploits that you can come up with, and feel free to do anything short of deleting the database (if possible)


there are only 3 empty tables anyway  :P


link: http://www.gravityws.com



Link to comment
Share on other sites

Cross Site Scripting:

There is Cross Site Scripting if the Expect header contains code.


Cross Site Scripting:

There is Cross Site Scripting when you register if the fields contain ">code.


Full Path Disclosure:

There is Full Path Disclosure if the PHPSESSID cookie is set to an invalid value.

Warning: session_start() [function.session-start]: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in /home/www/gravityws.com/admin/config.php on line 15


Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/www/gravityws.com/admin/config.php:15) in /home/www/gravityws.com/admin/config.php on line 15


Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/www/gravityws.com/admin/config.php:15) in /home/www/gravityws.com/admin/config.php on line 15


Warning: Unknown: The session id contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,' in Unknown on line 0


Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0


Null User:

You can register a null password.


Null User:

You can register a null username.

Link to comment
Share on other sites

I fixed the index pages in the directories

the login script is what i get for trying to make something while dead tired, but that no longer allows blank logins


the full path thing i think i took care of, but now it wont connect to the database... let me try and figure this one out...

Link to comment
Share on other sites


I tried registering, but it said that there was a database problem.


Sorry, it is back now  ;D



For the directory indexes, you can still tell if it's a real directory by checking on the page status. Have you tried sending a 404 status in the header?


no, i hadn't thought of that  :P

Link to comment
Share on other sites

I logged in, or at least it said it thought I logged in, and the only thing that really changed was the header (the login section disappeared). After that, I couldn't figure what else had changed (though I know that's not the point of all this at the moment).


I couldn't figure out how to log out, so I used another browser to screw around some. The login gives different messages for different passwords that I try, so I'm not sure what could be causing that. I'm not that much of a hacker in the sense of network security, so I'm not sure what else to try.

Link to comment
Share on other sites

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.