hawkenterprises Posted February 29, 2008 Share Posted February 29, 2008 Hello All, Hawk Enterprises has just released it's latest version of PHP Search Pro PHP Search Pro is a open source (free) script written in PHP that works off of keywords entered into it to pull up search terms. It's similar in the way google creates there indexes. This is the second iteration of this project so I'm hoping you won't find too many problems just be able to tell me what new features I should ad or what I should do to improve it. PHP Search Pro Link to comment https://forums.phpfreaks.com/topic/93628-php-search-pro/ Share on other sites More sharing options...
Coreye Posted February 29, 2008 Share Posted February 29, 2008 Array: http://www.hawkenterprises.org/dev/phpsearchpro/admin/?search_text[] Cross Site Scripting: You can submit ">code when adding a new site. SQL and Table Information: INSERT INTO `search_data` VALUES (NULL,"\\\'","\\\'","\\\'","\\\'",0,CURRENT_TIMESTAMP(),0,0)Link successfully stored. Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/admin/editlisting.php on line 15 Link to comment https://forums.phpfreaks.com/topic/93628-php-search-pro/#findComment-479754 Share on other sites More sharing options...
hawkenterprises Posted February 29, 2008 Author Share Posted February 29, 2008 I appreciate the information, I fixed the problems. Array: http://www.hawkenterprises.org/dev/phpsearchpro/admin/?search_text[] I attempted to figure out a way that is exploitable, to say the least I didn't find a way. I couldn't backtick in, semi-colon break out, or javascript my way to freedom. I do find it horribly interesting that the parser actually converts [] to an array like that via get_string. Thank you for your security audit Link to comment https://forums.phpfreaks.com/topic/93628-php-search-pro/#findComment-480287 Share on other sites More sharing options...
agentsteal Posted March 2, 2008 Share Posted March 2, 2008 Array: http://www.hawkenterprises.org/dev/phpsearchpro/admin/index.php?search_text[] Cross Site Scripting: There is Cross Site Scripting on http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php if the fields contain code. Cross Site Scripting: There is Cross Site Scripting on http://www.hawkenterprises.org/dev/phpsearchpro/entryform.php if the fields contain code. Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/generatedata.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'gerra0'@'localhost' (using password: NO) in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/generatedata.php on line 28 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/generatedata.php on line 28 Access denied for user 'gerra0'@'localhost' (using password: NO)INSERT INTO `search_data` VALUES (null,"neat","http://www.hawkenterprises.com","http://www.hawkenterprises.com","this is generated test data, testing load, functionality, etc.",0,CURRENT_TIMESTAMP(),0,0) Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/index.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'gerra0'@'localhost' (using password: NO) in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/search.php on line 3 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/search.php on line 3 Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/search.php on line 3 Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/admin/editlisting.php on line 15 Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/search.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'gerra0'@'localhost' (using password: NO) in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/search.php on line 3 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/search.php on line 3 Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/search.php on line 3 Full Path Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/search.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'gerra0'@'localhost' (using password: NO) in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/admin/search.php on line 3 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/admin/search.php on line 3 Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /home/gerra0/public_html/hawkenterprises/dev/phpsearchpro/admin/search.php on line 3 PHP Source Code Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/phpsearchpro.zip PHP Source Code Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/results_stub.tpl PHP Source Code Disclosure: http://www.hawkenterprises.org/dev/phpsearchpro/admin/results.tpl SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/database.sql SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/admin/search.php define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/phpsearchpro.zip SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/results.php?search_text define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/search.php define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: There is an SQL Dump on http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php if you submit the form. UPDATE `search_data` set keyword = "",title= "",link="",description="" WHERE id=Link successfully stored. SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/index.php define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/admin/editlisting.php define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/dbcreds.php define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: http://www.hawkenterprises.org/dev/phpsearchpro/generatedata.php define('DBUSER','\''); define('DBPASS','\''); define('DBNAME','\''); define('DBHOST','\''); mysql_connect(DBHOST,DBUSER,DBPASS) or die(mysql_error()); if(!mysql_select_db(DBNAME)){ echo 'Unable to select database.'.mysql_error(); exit; } SQL Dump: There is an SQL Dump on http://www.hawkenterprises.org/dev/phpsearchpro/entryform.php if you submit the form. INSERT INTO `search_data` VALUES (NULL,"\\\'","\\\'","\\\'","\\\'",0,CURRENT_TIMESTAMP(),0,0)Link successfully stored. User Enumeration: http://www.hawkenterprises.org/~gerra0 User Enumeration: http://www.hawkenterprises.org/~nobody Link to comment https://forums.phpfreaks.com/topic/93628-php-search-pro/#findComment-481737 Share on other sites More sharing options...
phpSensei Posted March 2, 2008 Share Posted March 2, 2008 hahaha, sorry for laughing but everytime someone says 'pro' in there topic title, it actually isnt. So many bugs.. Link to comment https://forums.phpfreaks.com/topic/93628-php-search-pro/#findComment-481965 Share on other sites More sharing options...
Recommended Posts