Jump to content

Recommended Posts

Same issues from last time.

 

Should also set it up so users can't see admin links.

 

Full Path Disclosure:

http://one.team-who.co.uk/CaptchaSecurityImages.php?width

Warning: imagecreate(): Invalid image dimensions in /home/www/teamoywho/CaptchaSecurityImages.php on line 27

 

Full Path Disclosure:

http://one.team-who.co.uk/CaptchaSecurityImages.php?width=1p

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 34

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 38

 

Warning: mt_rand() expects parameter 2 to be long, string given in /home/www/teamoywho/CaptchaSecurityImages.php on line 38

 

Warning: Cannot modify header information - headers already sent by (output started at /home/www/teamoywho/CaptchaSecurityImages.php:34) in /home/www/teamoywho/CaptchaSecurityImages.php on line 46

ÿØÿà�JFIF������ÿþ�>CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality ÿÛ�C� $.' ",#(7),01444'9=82<.342ÿÛ�C 2!!22222222222222222222222222222222222222222222222222ÿÀ��(�"�ÿÄ����������� ÿÄ�µ���}�!1AQa"q2‘¡#B±ÁRÑð$3br‚ %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚáâãäåæçèéêñòóôõö÷øùúÿÄ�������� ÿÄ�µ��w�!1AQaq"2B‘¡±Á #3RðbrÑ $4á%ñ&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz‚ƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚâãäåæçèéêòóôõö÷øùúÿÚ���?�ùþŠ( iÿ�…øßôµÿ�¿Kþ4Qÿ�3á¯ý _÷ôñTP‹QEÿÙ

Link to comment
https://forums.phpfreaks.com/topic/94556-2nd-beta-test/#findComment-484259
Share on other sites

Thanks corey,

 

How do i fix it please?

<?php


session_start();


class CaptchaSecurityImages {

   var $font = 'arial.ttf';

   function generateCode($characters) {
      /* list all possible characters, similar looking characters and vowels have been removed */
      $possible = '23456789AaBbCDdEeFfGgHhJjKLMmNnPQqRrSTtUVWXYyZ';
      $code = '';
      $i = 0;
      while ($i < $characters) { 
         $code .= substr($possible, mt_rand(0, strlen($possible)-1), 1);
         $i++;
      }
      return $code;
   }

   function CaptchaSecurityImages($width='120',$height='40',$characters='6') {
      $code = $this->generateCode($characters);
      /* font size will be 50% of the image height */
      $font_size = $height * 0.50;
      $image = imagecreate($width, $height) or die('Cannot initialize new GD image stream');
      /* set the colours */
      $background_color = imagecolorallocate($image, 000, 000, 000);
      $text_color = imagecolorallocate($image, 250, 250, 250);
      $noise_color = imagecolorallocate($image, 000, 000, 000);
      /* generate random dots in background */
      for( $i=0; $i<($width*$height)/3; $i++ ) {
         imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color);
      }
      /* generate random lines in background */
      for( $i=0; $i<($width*$height)/150; $i++ ) {
         imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), $noise_color);
      }
      /* create textbox and add text */
      $textbox = imagettfbbox($font_size, 0, $this->font, $code) or die('Error in imagettfbbox function');
      $x = ($width - $textbox[4])/2;
      $y = ($height - $textbox[5])/2;
      imagettftext($image, $font_size, 0, $x, $y, $text_color, $this->font , $code) or die('Error in imagettftext function');
      /* output captcha image to browser */
      header('Content-Type: image/jpeg');
      imagejpeg($image);
      imagedestroy($image);
      $_SESSION['security_code'] = $code;
   }

}

$width = isset($_GET['width']) && $_GET['height'] < 600 ? $_GET['width'] : '120';
$height = isset($_GET['height']) && $_GET['height'] < 200 ? $_GET['height'] : '40';
$characters = isset($_GET['characters']) && $_GET['characters'] > 2 ? $_GET['characters'] : '6';

$captcha = new CaptchaSecurityImages($width,$height,$characters);

?>

Link to comment
https://forums.phpfreaks.com/topic/94556-2nd-beta-test/#findComment-484324
Share on other sites

$width = isset($_GET['width']) && $_GET['height'] < 600 ? $_GET['width'] : '120';
$height = isset($_GET['height']) && $_GET['height'] < 200 ? $_GET['height'] : '40';

 

To:

 

$width = isset($_GET['width']) && intval($_GET['height']) < 600 ? intval($_GET['width']) : 120;
$height = isset($_GET['height']) && intval($_GET['height']) < 200 ? intval($_GET['height']) : 40;

 

Putting quotes around things makes them into strings, when dealing with numbers leave off the quotes and use intval() http://php.net/intval

Link to comment
https://forums.phpfreaks.com/topic/94556-2nd-beta-test/#findComment-484355
Share on other sites

  • 4 months later...

User credentials are sent in clear text

The impact of this vulnerability

A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.

How to fix this vulnerability

Because user credentials usually are considered sensitive information, it is recommended to be sent to the server over an encrypted connection.

 

Password type input with autocomplete

 

The impact of this vulnerability

Possible sensitive information disclosure

 

How to fix this vulnerability

The password autocomplete should be disabled in sensitive applications.

To disable autocomplete, you may use a code similar to:

<INPUT TYPE="password" AUTOCOMPLETE="off">

 

 

Link to comment
https://forums.phpfreaks.com/topic/94556-2nd-beta-test/#findComment-585596
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.