Help me to HACK MY SITE !!!
Help me to HACK MY SITE !!!
Hey guys wazup. I coded a little php site n i am not sure if its safe agains php exploits ect. So i have a beta version running ryt now to let you guys have a crack on it.
So if u skilled at tht please try n help me a lil wht i could do to keep it more secure. Thanks
Ps: its running on a old local machine so server security is on low. Do me a favour n dont b to mean if u break in
www.taneu.de is the page and beta testing is till 14th then the local server will shut down so help me out guys. Thanks
So if u skilled at tht please try n help me a lil wht i could do to keep it more secure. Thanks
Ps: its running on a old local machine so server security is on low. Do me a favour n dont b to mean if u break in
www.taneu.de is the page and beta testing is till 14th then the local server will shut down so help me out guys. Thanks
- Still_Learning
- Fame ! Where are the chicks?!
- Posts: 1040
- Joined: 11 Jun 2008, 16:00
- 15
- Location: Trigger City
https://my.controlscan.com/threats/details.cgi?id=33477
i see u must have disabled telnet cos i had problems telnet'ing into it on port 80
anyways
Code: Select all
Not Found
The requested URL /FNFNFNFNF was not found on this server.
Apache/2.2.9 (Debian) Server at www.taneu.de Port 80
anyways
-
- cyber messiah
- Posts: 1201
- Joined: 30 Apr 2006, 16:00
- 17
- Location: 127.0.0.1
-
- cyber messiah
- Posts: 1201
- Joined: 30 Apr 2006, 16:00
- 17
- Location: 127.0.0.1
@sonic
i just had a quick look, the script seems fine, i havent checked the forms inputs yet,
still i got to extract a mysql error, probably harmless, but i may think of a way to exploit it later.. anyway
you can always post the code which might be able to help us find any flaws, quickly
i just had a quick look, the script seems fine, i havent checked the forms inputs yet,
still i got to extract a mysql error, probably harmless, but i may think of a way to exploit it later.. anyway
Code: Select all
http://www.taneu.de/index.php?page=search&search=adfasdg&cat=%27&num=9999999999999
That is interessting, nice im not sure if u could use it to exploit it though otherwisepseudo_opcode wrote:@sonic
i just had a quick look, the script seems fine, i havent checked the forms inputs yet,
still i got to extract a mysql error, probably harmless, but i may think of a way to exploit it later.. anyway
you can always post the code which might be able to help us find any flaws, quicklyCode: Select all
http://www.taneu.de/index.php?page=search&search=adfasdg&cat=%27&num=9999999999999
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '3.0E+14, 30' at line 1
still scarry
@_Sonic_
Besides bad_brain suggestion about pixy, you could also try basic test using things like acunetix or nstalker.
Also, ratproxy can give very interesting data about get/post requests
I've tested a few forms and it seems that sanitize is being done, didn't check every possible attack though
One thing that you might want to check is validation of get values, for instance, to view pages this is normally used:
index.php?page=view&id=1
There, we'll be seeing the page where ID number equals 1, so far so good, however, it doesn't seem that id is actually validated to see if it is a number, for instance, you can access this:
index.php?page=view&id=asdc
That won't do much but it will show the common template to see the pages, what it should be doing is sending a message that such an ID doesn't exists or redirect somewhere or anything like it. Right now the problem is that you can actually add data even though there's no page with an ID of "asdc", to understand what I mean just go that the url above and you should see data appended from a form test.
That sort of things are to keep an eye on because can be heavily abused by perl bots and the like
If an ID should be a number then you need to validated like wise
Besides bad_brain suggestion about pixy, you could also try basic test using things like acunetix or nstalker.
Also, ratproxy can give very interesting data about get/post requests
I've tested a few forms and it seems that sanitize is being done, didn't check every possible attack though
One thing that you might want to check is validation of get values, for instance, to view pages this is normally used:
index.php?page=view&id=1
There, we'll be seeing the page where ID number equals 1, so far so good, however, it doesn't seem that id is actually validated to see if it is a number, for instance, you can access this:
index.php?page=view&id=asdc
That won't do much but it will show the common template to see the pages, what it should be doing is sending a message that such an ID doesn't exists or redirect somewhere or anything like it. Right now the problem is that you can actually add data even though there's no page with an ID of "asdc", to understand what I mean just go that the url above and you should see data appended from a form test.
That sort of things are to keep an eye on because can be heavily abused by perl bots and the like
If an ID should be a number then you need to validated like wise
Code: Select all
C:\Documents and Settings\rhys.YOUR-D84FAEB5F5>telnet taneu.de 80
Connecting To taneu.de...Could not open connection to the host, on port 80: Conn
ect failed
anyways
i just have a habbit of using telnet for finding the version of the webserver as i often work in public libraries etc and right click or view source is disabled
so i use telnet which is not
anyways i know you can just use a 40* error to show its apache version or w/e so i did in this case
anyways i also know you can connect on many different port using telnet,though i usually use netcat
i dnt know where u get this idea that im stupid enough not to know what a port is,heck it used to be fun,and still is to port scan ppl for vnc and rdp etc
Ya i know what you mean but for ryt now i jus wanted to know if someone is able to exploit it.I know its not the higest standard of php code im still learning. Well i shut the server down now im a bit happy tht the site is still there thanks for your help i try web scanners now like bb said. C ya and thanks again