thewooleymammoth Posted December 22, 2007 Share Posted December 22, 2007 test it out for me please www.vghunter.net Link to comment https://forums.phpfreaks.com/topic/82787-solved-my-site-secure-doubt-it/ Share on other sites More sharing options...
agentsteal Posted December 23, 2007 Share Posted December 23, 2007 Array: http://www.vghunter.net/comment.php?gn[] Array: http://www.vghunter.net/game.php?gn[] Cross Site Scripting: http://www.vghunter.net/game.php?gn='><marquee>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting if the Expect header contains code. Directory Transversal: You can make txt files in any directory by posting comments with the gn field set to ../filename. Directory Transversal: http://www.vghunter.net/game.php?gn=../../agentsteal You can make txt files in http://www.vghunter.net/games/ by posting comments with the gn field set to the filename. Link to comment https://forums.phpfreaks.com/topic/82787-solved-my-site-secure-doubt-it/#findComment-421444 Share on other sites More sharing options...
thewooleymammoth Posted December 23, 2007 Author Share Posted December 23, 2007 would you mind telling me how to fix that cause i dont know how you did that... thanks for testing though Link to comment https://forums.phpfreaks.com/topic/82787-solved-my-site-secure-doubt-it/#findComment-421486 Share on other sites More sharing options...
thewooleymammoth Posted December 24, 2007 Author Share Posted December 24, 2007 Cross Site Scripting: http://www.vghunter.net/game.php?gn='><marquee>vulnerable</marquee> Array: http://www.vghunter.net/game.php?gn[] Array: http://www.vghunter.net/comment.php?gn[] There is Cross Site Scripting through the Expect header. You can make txt files in http://www.vghunter.net/games/ by posting comments. The txt's filename can be set through the gn parameter. POC: http://www.vghunter.net/games/agentsteal.txt Directory Transversal: You can make txt files in any directory by posting comments with ../filename as the gn parameter. POC: http://www.vghunter.net/agentsteal.txt Directory Transversal: http://www.vghunter.net/game.php?gn=../../agentsteal oh i get it, your right i need to change the gn parameter to stay server side so you cant change it, thanks i cant believe im so retarded i didnt think of that Link to comment https://forums.phpfreaks.com/topic/82787-solved-my-site-secure-doubt-it/#findComment-422245 Share on other sites More sharing options...
thewooleymammoth Posted December 24, 2007 Author Share Posted December 24, 2007 can you figure out a way to do it now? Link to comment https://forums.phpfreaks.com/topic/82787-solved-my-site-secure-doubt-it/#findComment-422552 Share on other sites More sharing options...
Recommended Posts