Results 1 to 10 of 10

Thread: Web Site Security

  1. #1
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422

    Web Site Security

    Hey everyone! A friend of mine has been working on a website that uses databases and utilizes php to access those databases. He recently asked me if I could try to exploit the website in search of vulnerabilities. Chances are there are many, as he is no security expert. I am doing this simply as a favor, and was wondering if anyone was interested in helping me. The objective is NOT to gain unauthorized access to anything, but to show vulnerabilities and fix the code. I personally do not have very much time to look through the website with the current workload of schoolwork. If anyone is interested in helping me, feel free to PM me. Thanks.

  2. #2
    Banned
    Join Date
    Jan 2008
    Posts
    605
    That I do. Post the link.

  3. #3
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    Remember spec, no defacement! You got that? haha

  4. #4
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    hahaha... A good way of testing it for common vulnerabilities might be to use an automated tool such as W3AF. It is integrated in the Samurai live cd. Run a scan against it, and it will look for common XSS and CSRF attacks among others.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  5. #5
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Remember that many vulnerabilities in code depend on the server configuration to be exploited (remote file inclusion, etc). Changing from a development to a production environment needs to take these things into account.


    There are numerous heuristic XSS and SQL injection attacks that can tell you if something is vulnerable without neccessarily being able to exploit it. If you can sneak ' through input sanitization, even though it doesn't accomplish anything on it's own, it means you're vulnerable.

    I've got some time coming up and I'd be happy to give a once over, although I doubt I am up to Spec's standards.
    Real security doesn't come with an installer.

  6. #6
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    Thanks guys, I'll list the website once I get the OK from my friend to start "pwning some n00bs ". Haha, I just couldn't help myself.

  7. #7
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    Hey guys, don't forget to check your PMs.

  8. #8
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,253
    Here is a good cheat sheet I use to test to see if there may be a vuln.

    http://ha.ckers.org/xss.html
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  9. #9
    Banned
    Join Date
    Jan 2008
    Posts
    605
    The login page adds slashes to prevent sql injection. But there is no use for it. You can completely skip the login and move onto the welcome page. The other scripts don't actually check if your logged in at all.

    The really vulnerable stuff was removed. He had other scripts there used to maintain the actual site. Apache and the kernel in itself hasn't been touched since '04.

    This site looks like it was built by a tea party member... in other words its epic FAIL.
    Last edited by The-Spec; September 23rd, 2010 at 08:34 AM.

  10. #10
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    Yeah, I would agree. I was able to bypass the login with no trouble at all. [In fact, the first time I did, it was by accident] The whole thing is riddled with XSS vulns.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

Similar Threads

  1. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  2. CISSP Notes: Security Models: Access Control Models
    By MrLinus in forum The Security Tutorials Forum
    Replies: 4
    Last Post: October 11th, 2003, 03:22 AM
  3. NEWS: This weeks Security News 10/30/02
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 5
    Last Post: October 31st, 2002, 01:59 AM
  4. NEWS: This weeks security news
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 1
    Last Post: September 6th, 2002, 11:48 PM
  5. NEWS: This weeks security news.
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: July 25th, 2002, 03:05 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •