tibberous Posted January 14, 2008 Share Posted January 14, 2008 http://www.trenttompkins.com/Board.php Made it myself. Link to comment Share on other sites More sharing options...
dooper3 Posted January 14, 2008 Share Posted January 14, 2008 Well, first thing that stands out and is pretty major... You can't reply to people's posts!!! Even when logged in! But looks nice Link to comment Share on other sites More sharing options...
tibberous Posted January 14, 2008 Author Share Posted January 14, 2008 Yeah - reply is the next feature planned. Link to comment Share on other sites More sharing options...
agentsteal Posted January 14, 2008 Share Posted January 14, 2008 Cross Site Scripting: There is Cross Site Scripting when you log in if your username contains '>code. Insecure Cookie: You shouldn't put the username in the cookie. User Enumeration: http://www.trenttompkins.com/~nobody User Enumeration: http://www.trenttompkins.com/~root User Enumeration: http://www.trenttompkins.com/~trenttom Link to comment Share on other sites More sharing options...
Coreye Posted January 15, 2008 Share Posted January 15, 2008 Full Path Disclosure: http://www.trenttompkins.com/cap/ Warning: imagecolorallocate(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 6 Warning: imagecolortransparent(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 7 Warning: imagecolorallocate(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 9 Warning: imagestring(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 15 Warning: Cannot modify header information - headers already sent by (output started at /home/trenttom/public_html/cap/index.php:6) in /home/trenttom/public_html/cap/index.php on line 217 Warning: Cannot modify header information - headers already sent by (output started at /home/trenttom/public_html/cap/index.php:6) in /home/trenttom/public_html/cap/index.php on line 231 Warning: imagepng(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 232 Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 237 Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 238 Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/trenttom/public_html/cap/index.php on line 239 Use wordwrap so long single line posts don't stretch your pages. Link to comment Share on other sites More sharing options...
tibberous Posted January 15, 2008 Author Share Posted January 15, 2008 Ack, completely forgot about word wrapping! Fixed the full path discloser. How come you shouldn't put the user name in the cookie? Link to comment Share on other sites More sharing options...
BRUm Posted January 15, 2008 Share Posted January 15, 2008 Because it gives people a clue when using SQL Injection, or people can just replicate a cookie with anyone's username in it and post as them. If you want to use cookies, at least hash the username and use a personal salt. Oh, make sure the cookies are relative to the domain too. Link to comment Share on other sites More sharing options...
tibberous Posted January 15, 2008 Author Share Posted January 15, 2008 ...or people can just replicate a cookie with anyone's username in it and post as them... Nope, it does a login check on every page. The user name is stored with a hashed version of the password, if you change the name you'll just be logged out. Link to comment Share on other sites More sharing options...
Recommended Posts