lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJfrXvbT5otSUrzVLyq4ncb4sgj41oZd2CgxZ5s0iUfoON6SWQ@mail.gmail.com>
Date: Fri, 18 May 2012 15:14:38 +0100
From: Dermot Blair <webvulscan@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: New Open Source Web Application Vulnerability
 Scanner Available

Hi Laurent,

Thanks for the feedback. I will be making another release shortly and I
will fix those issues.

Regards,

Dermot Blair


On Thu, May 17, 2012 at 3:41 PM, laurent gaffie <laurent.gaffie@...il.com>wrote:

> There's more ...
>
> File : display_register_form.php :
>
>             $username = $_POST['regusername'];
>             $password = $_POST['regpassword'];
>             $email = $_POST['email'];
>
>             if(connectToDb($db))
>             {
>                 $query = "SELECT * FROM users WHERE username =
> '$username'";
>                 $result = $db->query($query);
>                 if($result)
>                 .... more injection below this query, no vars are filtered.
>
>
>
> 2012/5/17 laurent gaffie <laurent.gaffie@...il.com>
>
>> Hi Dermot,
>>
>> You have an injection SQL in the begin_crawl file;
>>
>> isset($_POST['specifiedUrl']) ? $urlToScan = $_POST['specifiedUrl'] :
>> $urlToScan = '';
>> isset($_POST['testId']) ? $testId = $_POST['testId'] : $testId = 0;
>>
>> if(empty($urlToScan))
>> {
>>     echo 'urlToScan is empty';
>>     $log->lfile('urlToScan is empty');
>>     return;
>> }
>>
>> $log->lwrite("URL to scan: $urlToScan");
>>
>> $query = "UPDATE tests SET status = 'Preparing Crawl for $urlToScan'
>> WHERE id = $testId;";
>> $db->query($query);
>>
>> Regards,
>> Laurent
>>
>> 2012/5/16 Dermot Blair <webvulscan@...il.com>
>>
>>> Hi All,
>>>
>>>
>>>
>>> There is a new web application vulnerability scanner available. It is
>>> called WebVulScan and it is open source. Here is the link for it if you
>>> want to check it out: http://code.google.com/p/webvulscan/
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>>> Dermot Blair
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ