-
September 16th, 2010, 02:47 AM
#1
Web Site Security
Hey everyone! A friend of mine has been working on a website that uses databases and utilizes php to access those databases. He recently asked me if I could try to exploit the website in search of vulnerabilities. Chances are there are many, as he is no security expert. I am doing this simply as a favor, and was wondering if anyone was interested in helping me. The objective is NOT to gain unauthorized access to anything, but to show vulnerabilities and fix the code. I personally do not have very much time to look through the website with the current workload of schoolwork. If anyone is interested in helping me, feel free to PM me. Thanks.
-
September 16th, 2010, 04:00 PM
#2
That I do. Post the link.
-
September 17th, 2010, 12:25 AM
#3
Remember spec, no defacement! You got that? haha
-
September 17th, 2010, 01:04 AM
#4
hahaha... A good way of testing it for common vulnerabilities might be to use an automated tool such as W3AF. It is integrated in the Samurai live cd. Run a scan against it, and it will look for common XSS and CSRF attacks among others.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
September 17th, 2010, 01:44 PM
#5
Remember that many vulnerabilities in code depend on the server configuration to be exploited (remote file inclusion, etc). Changing from a development to a production environment needs to take these things into account.
There are numerous heuristic XSS and SQL injection attacks that can tell you if something is vulnerable without neccessarily being able to exploit it. If you can sneak ' through input sanitization, even though it doesn't accomplish anything on it's own, it means you're vulnerable.
I've got some time coming up and I'd be happy to give a once over, although I doubt I am up to Spec's standards.
Real security doesn't come with an installer.
-
September 17th, 2010, 02:23 PM
#6
-
September 22nd, 2010, 03:54 AM
#7
Hey guys, don't forget to check your PMs.
-
September 22nd, 2010, 06:13 PM
#8
Here is a good cheat sheet I use to test to see if there may be a vuln.
http://ha.ckers.org/xss.html
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
September 23rd, 2010, 05:12 AM
#9
The login page adds slashes to prevent sql injection. But there is no use for it. You can completely skip the login and move onto the welcome page. The other scripts don't actually check if your logged in at all.
The really vulnerable stuff was removed. He had other scripts there used to maintain the actual site. Apache and the kernel in itself hasn't been touched since '04.
This site looks like it was built by a tea party member... in other words its epic FAIL.
Last edited by The-Spec; September 23rd, 2010 at 08:34 AM.
-
September 23rd, 2010, 05:48 AM
#10
Yeah, I would agree. I was able to bypass the login with no trouble at all. [In fact, the first time I did, it was by accident] The whole thing is riddled with XSS vulns.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
Similar Threads
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By MrLinus in forum The Security Tutorials Forum
Replies: 4
Last Post: October 11th, 2003, 03:22 AM
-
By xmaddness in forum Miscellaneous Security Discussions
Replies: 5
Last Post: October 31st, 2002, 01:59 AM
-
By xmaddness in forum Miscellaneous Security Discussions
Replies: 1
Last Post: September 6th, 2002, 11:48 PM
-
By xmaddness in forum Miscellaneous Security Discussions
Replies: 0
Last Post: July 25th, 2002, 03:05 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|