diff options
| author | Alexander Pickering <alex@cogarr.net> | 2020-01-01 22:37:37 -0500 |
|---|---|---|
| committer | Alexander Pickering <alex@cogarr.net> | 2020-01-01 22:37:37 -0500 |
| commit | 9fae5d516012e2c0802105e67c79e2587a22b9dc (patch) | |
| tree | 1c782ad2cd08bd1ecc4f0b42bd042778b4f34c2e /hw7/index.php@page=show-log.php.15 | |
| download | infsci2620-master.tar.gz infsci2620-master.tar.bz2 infsci2620-master.zip | |
Diffstat (limited to 'hw7/index.php@page=show-log.php.15')
| -rw-r--r-- | hw7/index.php@page=show-log.php.15 | 578 |
1 files changed, 578 insertions, 0 deletions
diff --git a/hw7/index.php@page=show-log.php.15 b/hw7/index.php@page=show-log.php.15 new file mode 100644 index 0000000..ec87307 --- /dev/null +++ b/hw7/index.php@page=show-log.php.15 @@ -0,0 +1,578 @@ + + <!-- I think the database password is set to blank or perhaps samurai. + It depends on whether you installed this web app from irongeeks site or + are using it inside Kevin Johnsons Samurai web testing framework. + It is ok to put the password in HTML comments because no user will ever see + this comment. I remember that security instructor saying we should use the + framework comment symbols (ASP.NET, JAVA, PHP, Etc.) + rather than HTML comments, but we all know those + security instructors are just making all this up. --> +<!-- Bubble hints code --> + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd"> +<html> +<head> + <meta content="text/html; charset=us-ascii" http-equiv="content-type"> + + <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" /> + <link rel="stylesheet" type="text/css" href="./styles/global-styles.css" /> + <link rel="stylesheet" type="text/css" href="./styles/ddsmoothmenu/ddsmoothmenu.css" /> + <link rel="stylesheet" type="text/css" href="./styles/ddsmoothmenu/ddsmoothmenu-v.css" /> + + <script type="text/javascript" src="./javascript/bookmark-site.js"></script> + <script type="text/javascript" src="./javascript/ddsmoothmenu/ddsmoothmenu.js"></script> + <script type="text/javascript" src="./javascript/ddsmoothmenu/jquery.min.js"> + /*********************************************** + * Smooth Navigational Menu- (c) Dynamic Drive DHTML code library (www.dynamicdrive.com) + * This notice MUST stay intact for legal use + * Visit Dynamic Drive at http://www.dynamicdrive.com/ for full source code + ***********************************************/ + </script> + <script type="text/javascript"> + ddsmoothmenu.init({ + mainmenuid: "smoothmenu1", //menu DIV id + orientation: 'v', //Horizontal or vertical menu: Set to "h" or "v" + classname: 'ddsmoothmenu', //class added to menu's outer DIV + //customtheme: ["#cccc44", "#cccccc"], + contentsource: "markup" //"markup" or ["container_id", "path_to_menu_file"] + }); + </script> + <script type="text/javascript"> + $(function() { + $('[ReflectedXSSExecutionPoint]').attr("title", "This location contains dynamic output"); + $('[ReflectedXSSExecutionPoint]').balloon(); + $('[CookieTamperingAffectedArea]').attr("title", "Cookies may store system state information"); + $('[CookieTamperingAffectedArea]').balloon(); + }); + </script> +</head> +<body onload="onLoadOfBody(this);"> +<table class="main-table-frame" border="1px" cellspacing="0px" cellpadding="0px"> + <tr> + <td bgcolor="#ccccff" align="center" colspan="7"> + <table width="100%"> + <tr> + <td style="text-align:center;"> + <span style="text-align:center; font-weight: bold; font-size:30px; text-align: center;"> + <img style="vertical-align: middle; margin-right: 10px;" border="0px" width="50px" height="40px" align="top" src="./images/coykillericon.png"/> + NOWASP (Mutillidae): Hack Like You Mean It + </span> + </td> + </tr> + </table> + </td> + </tr> + <tr> + <td bgcolor="#ccccff" align="center" colspan="7"> + <span class="version-header">Version: 2.3.10</span> + <span id="idSecurityLevelHeading" class="version-header" style="margin-left: 40px;">Security Level: 0 (Hosed)</span> + <span id="idHintsStatusHeading" CookieTamperingAffectedArea="1" class="version-header" style="margin-left: 40px;">Hints: Disabled (0 - I try harder)</span> + <span id="idSystemInformationHeading" ReflectedXSSExecutionPoint="1" class="version-header" style="margin-left: 40px;">Not Logged In</span> + </td> + </tr> + <tr> + <td colspan="2" class="header-menu-table"> + <table class="header-menu-table"> + <tr> + <td><a href="index.php?page=home.php">Home</a></td> + <td>|</td> + <td> + <a href="./index.php?page=login.php">Login/Register</a> + </td> + <td>|</td> + <td><a href="./index.php?do=toggle-hints&page=show-log.php">Toggle Hints</a></td><td>|</td> <td><a href="./index.php?do=toggle-security&page=show-log.php">Toggle Security</a></td> + <td>|</td> + <td><a href="set-up-database.php">Reset DB</a></td> + <td>|</td> + <td><a href="./index.php?page=show-log.php">View Log</a></td> + <td>|</td> + <td><a href="./index.php?page=captured-data.php">View Captured Data</a></td> + <td>|</td> + <td><a href="./index.php?do=toggle-bubble-hints&page=show-log.php">Hide Popup Hints</a></td> + </tr> + </table> + </td> + </tr> + <tr> + <td style="vertical-align:top;text-align:left;background-color:#ccccff;width:10%"> + <div id="smoothmenu1" class="ddsmoothmenu"> + <ul> + <li style="border-color: #ffffff;border-style: solid;border-width: 1px"> + <a href="#">Core Controls</a> + <ul> + <li><a href="index.php?page=home.php">Home</a></li> + <li> + <a href="./index.php?page=login.php">Login/Register</a> </li> + <li><a href="./index.php?do=toggle-hints&page=show-log.php">Toggle Hints</a></li> <li><a href="./index.php?do=toggle-security&page=show-log.php">Toggle Security</a></li> + <li><a href="set-up-database.php">Setup/Reset the DB</a></li> + <li><a href="./index.php?page=show-log.php">Show Log</a></li> + <li><a href="./index.php?page=credits.php">Credits</a></li> + <li><a href="./index.php?do=toggle-bubble-hints&page=show-log.php">Hide Popup Hints</a></li> + </ul> + </li> + <li style="border-color: #ffffff;border-style: solid;border-width: 1px"> + <a href="#">OWASP Top 10</a> + <ul> + <li> + <a href="">A1 - SQL Injection</a> + <ul> + <li> + <a href="">SQLi - Extract Data</a> + <ul> + <li><a href="./index.php?page=user-info.php">User Info</a></li> + </ul> + </li> + <li> + <a href="">SQLi - Bypass Authentication</a> + <ul> + <li><a href="./index.php?page=login.php">Login</a></li> + </ul> + </li> + <li> + <a href="">SQLi - Insert Injection</a> + <ul> + <li><a href="./index.php?page=register.php">Register</a></li> + </ul> + </li> + <li> + <a href="">Blind SQL via Timing</a> + <ul> + <li><a href="./index.php?page=login.php">Login</a></li> + <li><a href="./index.php?page=user-info.php">User Info</a></li> + </ul> + </li> + <li> + <a href="">SQLMAP Practice Target</a> + <ul> + <li><a href="./index.php?page=view-someones-blog.php">View Someones Blog</a></li> + <li><a href="./index.php?page=user-info.php">User Info</a></li> + </ul> + </li> + <li> + <a href="">Via JavaScript Object Notation (JSON)</a> + <ul> + <li><a href="./index.php?page=pen-test-tool-lookup.php">Pen Test Tool Lookup</a></li> + <li><a href="./index.php?page=pen-test-tool-lookup-ajax.php">Pen Test Tool Lookup (AJAX)</a></li> + </ul> + </li> + </ul> + </li> + <li> + <a href="">A1 - Other Injection</a> + <ul> + <li> + <a href="">HTML Injection (HTMLi)</a> + <ul> + <li><a href="?page=add-to-your-blog.php">Add to your blog</a></li> + </ul> + </li> + <li> + <a href="">HTMLi via HTTP Headers</a> + <ul> + <li><a href="./index.php?page=site-footer-xss-discussion.php">Site Footer</a><li> + <li><a href="">HTTP Response Splitting (Hint: Difficult)</a></li> + </ul> + </li> + <li> + <a href="">HTMLi Via DOM Injection</a> + <ul> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="">HTMLi Via Cookie Injection</a> + <ul> + <li><a href="index.php?page=capture-data.php">Capture Data Page</a></li> + </ul> + </li> + <li> + <a href="">Frame Source Injection</a> + <ul> + <li><a href="index.php?page=document-viewer.php&PathToDocument=documentation/vulnerabilities.php">Document Viewer</a></li> + </ul> + </li> + <li> + <a href="">JavaScript Injection</a> + <ul> + <li><a href="./index.php">Those "Back" Buttons</a></li> + <li> + <a href="./index.php?page=password-generator.php&username=anonymous"> + Password Generator + </a> + </li> + <li><a href="./index.php?page=browser-info.php">Browser Info</a></li> + </ul> + </li> + <li> + <a href="">HTTP Parameter Pollution</a> + <ul> + <li><a href="./index.php?page=user-poll.php">Poll Question</a></li> + <li><a href="index.php?page=document-viewer.php&PathToDocument=documentation/vulnerabilities.php">Document Viewer</a></li> + </ul> + </li> + <li> + <a href="">Cascading Style Injection</a> + <ul> + <li><a href="./index.php?page=set-background-color.php">Set Background Color</a></li> + </ul> + </li> + <li> + <a href="">JavaScript Object Notation (JSON) Injection</a> + <ul> + <li><a href="./index.php?page=pen-test-tool-lookup.php">Pen Test Tool Lookup</a></li> + <li><a href="./index.php?page=pen-test-tool-lookup-ajax.php">Pen Test Tool Lookup (AJAX)</a></li> + </ul> + </li> + <li> + <a href="">Buffer Overflow</a> + <ul> + <li><a href="./index.php?page=repeater.php">Repeater</a></li> + </ul> + </li> + <li> + <a href="">Parameter Addition</a> + <ul> + <li><a href="./index.php?page=repeater.php">Repeater</a></li> + </ul> + </li> + </ul> + </li> + <li> + <a href="">A2 - Cross Site Scripting (XSS)</a> + <ul> + <li> + <a href="">Reflected (First Order)</a> + <ul> + <li><a href="./index.php?page=pen-test-tool-lookup.php">Pen Test Tool Lookup</a></li> + <li><a href="./index.php?page=user-info.php">User Info</a></li> + <li><a href="./index.php?page=set-background-color.php">Set Background Color</a></li> + <li><a href="./index.php?page=html5-storage.php">HTML5 Storage</a></li> + <li><a href="./index.php?page=capture-data.php">Capture Data Page</a></li> + <li><a href="index.php?page=document-viewer.php&PathToDocument=documentation/vulnerabilities.php">Document Viewer</a></li> + </ul> + </li> + <li> + <a href="">Persistent (Second Order)</a> + <ul> + <li><a href="?page=add-to-your-blog.php">Add to your blog</a></li> + <li><a href="?page=view-someones-blog.php">View someone's blog</a></li> + <li><a href="?page=show-log.php">Show Log</a><li> + </ul> + </li> + <li> + <a href="">DOM Injection</a> + <ul> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="">Via "Input" (GET/POST)</a> + <ul> + <li><a href="?page=add-to-your-blog.php">Add to your blog</a></li> + <li><a href="?page=view-someones-blog.php">View someone's blog</a></li> + <li><a href="?page=show-log.php">Show Log</a><li> + <li><a href="?page=user-info.php">User Info</a></li> + <li><a href="./index.php">Missing HTTPOnly Attribute</a></li> + <li><a href="./index.php?page=set-background-color.php">Set Background Color</a></li> + <li><a href="./index.php?page=pen-test-tool-lookup.php">Pen Test Tool Lookup</a></li> + </ul> + </li> + <li> + <a href="">Via HTTP Headers</a> + <ul> + <li><a href="./index.php?page=browser-info.php">Browser Info</a></li> + <li><a href="./index.php?page=show-log.php">Show Log</a><li> + <li><a href="./index.php?page=site-footer-xss-discussion.php">Site Footer</a><li> + <li><a href="./index.php?page=html5-storage.php">Those "BACK" Buttons</a></li> + </ul> + </li> + <li> + <a href="">Via Misconfiguration</a> + <ul> + <li><a href="./index.php">Missing HTTPOnly Attribute</a></li> + </ul> + </li> + <li> + <a href="">Against HTML 5 Storage</a> + <ul> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="">Against JSON</a> + <ul> + <li><a href="./index.php?page=pen-test-tool-lookup.php">Pen Test Tool Lookup</a></li> + </ul> + </li> + <li> + <a href="">Via Cookie Injection</a> + <ul> + <li><a href="index.php?page=capture-data.php">Capture Data Page</a></li> + </ul> + </li> + </ul> + </li> + <li> + <a href=""> + A3 - Broken Authentication and Session Management + </a> + <ul> + <li><a href="index.php">Cookies</a></li> + <li><a href="index.php?page=login.php">Login</a></li> + <li><a href="index.php?page=view-user-privilege-level.php&iv=6bc24fc1ab650b25b4114e93a98f1eba">View User Privileges</a></li> + </ul> + </li> + <li> + <a href="">A4 - Insecure Direct Object References</a> + <ul> + <li><a href="index.php?page=source-viewer.php">Source Viewer</a></li> + <li><a href="index.php?page=credits.php">Credits</a></li> + <li><a href="index.php">Cookies</a></li> + <li><a href="index.php?page=arbitrary-file-inclusion.php">Arbitrary File Inclusion</a></li> + </ul> + </li> + <li> + <a href="">A5 - Cross Site Request Forgery (CSRF)</a> + <ul> + <li><a href="index.php?page=add-to-your-blog.php">Add to your blog</a></li> + <li><a href="./index.php?page=register.php">Register User</a></li> + </ul> + </li> + <li> + <a href="">A6 - Security Misconfiguration</a> + <ul> + <li><a href="index.php?page=directory-browsing.php">Directory Browsing</a></li> + <li><a href="./index.php?page=user-info.php">Method Tampering (GET for POST)</a></li> + </ul> + </li> + <li> + <a href="">A7 - Insecure Cryptographic Storage</a> + <ul> + <li><a href="index.php?page=user-info.php">User Info</a></li> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="">A8 - Failure to Restrict URL Access</a> + <ul> + <li><a href="index.php?page=source-viewer.php">Source Viewer</a></li> + <li><a href="index.php?page=secret-administrative-pages.php">"Secret" Administrative Pages</a></li> + <li><a href="index.php?page=robots-txt.php">Robots.txt</a></li> + </ul> + </li> + <li> + <a href="">A9 - Insufficient Transport Layer Protection</a> + <ul> + <li><a href="index.php?page=login.php">Login</a></li> + <li><a href="index.php?page=user-info.php">User Info</a></li> + </ul> + </li> + <li> + <a href="">A10 - Unvalidated Redirects and Forwards</a> + <ul> + <li><a href="?page=credits.php">Credits</a></li> + <a href="#">Setup/reset the DB (Disabled: Not Admin)</a></li> + + </ul> + </li> + </ul> + </li> + <li style="border-color: #ffffff; border-style: solid;border-width: 1px"> + <a href="#">HTML 5</a> + <ul> + <li> + <a href="">HTML 5 Web Storage</a> + <ul> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="">JavaScript Object Notation (JSON)</a> + <ul> + <li><a href="./index.php?page=pen-test-tool-lookup.php">Pen Test Tool Lookup</a></li> + <li><a href="./index.php?page=pen-test-tool-lookup-ajax.php">Pen Test Tool Lookup (AJAX)</a></li> + </ul> + </li> + <li> + <a href="">Asyncronous JavaScript and XML (AJAX)</a> + <ul> + <li><a href="./index.php?page=pen-test-tool-lookup-ajax.php">Pen Test Tool Lookup (AJAX)</a></li> + </ul> + </li> + </ul> + </li> + <li style="border-color: #ffffff; border-style: solid;border-width: 1px"> + <a href="#">Others</a> + <ul> + <li> + <a href="">OWASP 2007 A3 - Malicious File Execution</a> + <ul> + <li><a href="?page=source-viewer.php">Source Viewer</a></li> + </ul> + </li> + <li> + <a href="">OWASP 2007 A6 - Information Leakage and Improper Error Handling</a> + <ul> + <li><a href="index.php">Cache Control</a></li> + <li><a href="index.php">X-Powered-By HTTP Header</a></li> + <li><a href="index.php">HTML/JavaScript Comments</a></li> + <li><a href="index.php?page=framing.php">Click-Jacking</a></li> + <li><a href="framer.html">Cross-Site Framing (Third-Party Framing)</a></li> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="">Denial of Service</a> + <ul> + <li><a href="?page=show-log.php">Show Web Log</a><li> + </ul> + </li> + <li> + <a href="">JavaScript "Security"</a> + <ul> + <li><a href="index.php?page=login.php">Login</a></li> + <li><a href="index.php?page=user-info.php">User Info</a></li> + <li><a href="index.php?page=add-to-your-blog.php">Add to your blog</a></li> + <li><a href="index.php?page=html5-storage.php">HTML5 Storage</a></li> + </ul> + </li> + <li> + <a href="index.php?page=user-agent-impersonation.php">User-Agent Impersonation</a> + </li> + <li> + <a href="">Data Capture Pages</a> + <ul> + <li><a href="index.php?page=capture-data.php">Data Capture</a></li> + <li><a href="index.php?page=captured-data.php">View Captured Data</a></li> + </ul> + </li> + + </ul> + </li> + <li style="border-color: #ffffff;border-style: solid;border-width: 1px"> + <a href="#">Documentation</a> + <ul> + <li><a href="index.php?page=documentation/vulnerabilities.php">Listing of Vulnerabilities</a></li> + </ul> + </li> + </ul> + <br style="clear: left" /> + </div> + + <div class="label" style="text-align: center;">Developed by Adrian "Irongeek" Crenshaw and Jeremy Druin</div> + </td> + +<td valign="top"> + <blockquote> + <!-- Begin Content --> + + +<!-- Bubble hints code --> + +<script type="text/javascript"> + $(function() { + $('[ReflectedXSSExecutionPoint]').attr("title", "This location contains dynamic output"); + $('[ReflectedXSSExecutionPoint]').balloon(); + }); +</script> + +<div class="page-title">Log</div> + + + +<script type="text/javascript"> + $(function() { + $('[HTMLEventReflectedXSSExecutionPoint]').attr("title", "This location contains dynamic output"); + $('[HTMLEventReflectedXSSExecutionPoint]').balloon(); + }); +</script> + +<div style="margin: 5px;"> + <span style="font-weight: bold;" HTMLEventReflectedXSSExecutionPoint="1"> + <a onclick="document.location.href='';" + style="cursor:pointer;"> + <img src="./images/back-button-128px-by-128px.png" + alt="Back" + width="64px" + height="64px" + align="middle" + /> + + Back + </a> + </span> +</div> +<table border="1px" width="100%" class="main-table-frame"><tr class="report-header"> <td colspan="10"> <span><img width="32px" height="32px" src="./images/information-icon-64-64.png" style="vertical-align:middle;" />6 log records found<span> <span title="Click to refresh log file" onclick="document.location.reload(true);" style="cursor: pointer;margin-left:35px;margin-right:35px;white-space:nowrap;font-weight:bold;"> <img width="32px" height="32px" src="./images/refresh-button-48px-by-48px.png" style="vertical-align:middle;" /> Refresh Logs </span> <span title="Click to delete log file" onclick="document.location='./index.php?page=show-log.php&deleteLogs=deleteLogs';" style="cursor: pointer;white-space:nowrap;font-weight:bold;"> <img width="32px" height="32px" src="./images/delete-icon-256-256.png" style="vertical-align:middle;" /> Delete Logs </span> </td></tr><tr class="report-header"> + <td style="font-weight:bold;">Hostname</td> + <td style="font-weight:bold;">IP</td> + <td style="font-weight:bold;">Browser Agent</td> + <td style="font-weight:bold;">Page Viewed</td> + <td style="font-weight:bold;">Date/Time</td> + </tr><tr> + <td>150.212.127.34</td> + <td>150.212.127.34</td> + <td ReflectedXSSExecutionPoint="1">Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0</td> + <td ReflectedXSSExecutionPoint="1">User visited: show-log.php</td> + <td>2019-10-23 12:46:59</td> + </tr> +<tr> + <td>150.212.127.34</td> + <td>150.212.127.34</td> + <td ReflectedXSSExecutionPoint="1">Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0</td> + <td ReflectedXSSExecutionPoint="1">User visited: show-log.php</td> + <td>2019-10-23 12:46:37</td> + </tr> +<tr> + <td>150.212.127.34</td> + <td>150.212.127.34</td> + <td ReflectedXSSExecutionPoint="1">Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0</td> + <td ReflectedXSSExecutionPoint="1">User visited: show-log.php</td> + <td>2019-10-23 12:46:29</td> + </tr> +<tr> + <td>150.212.127.34</td> + <td>150.212.127.34</td> + <td ReflectedXSSExecutionPoint="1">Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0</td> + <td ReflectedXSSExecutionPoint="1">User visited: show-log.php</td> + <td>2019-10-23 12:46:28</td> + </tr> +<tr> + <td>150.212.127.34</td> + <td>150.212.127.34</td> + <td ReflectedXSSExecutionPoint="1">Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0</td> + <td ReflectedXSSExecutionPoint="1">User visited: show-log.php</td> + <td>2019-10-23 12:46:25</td> + </tr> +<tr> + <td>150.212.127.34</td> + <td>150.212.127.34</td> + <td ReflectedXSSExecutionPoint="1">Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0</td> + <td ReflectedXSSExecutionPoint="1">User visited: show-log.php</td> + <td>2019-10-23 12:46:21</td> + </tr> +</table> + <!-- End Content --> + </blockquote> + </td> + </tr> + </table> + + +<!-- Bubble hints code --> + +<script type="text/javascript"> + $(function() { + $('[ReflectedXSSExecutionPoint]').attr("title", "This location contains dynamic output"); + $('[ReflectedXSSExecutionPoint]').balloon(); + }); +</script> + +<div ReflectedXSSExecutionPoint=\"1\" class="footer">Browser: blah</div><div class="footer">PHP Version: 5.3.28</div></body> +</html><script type="text/javascript"> + try{ + window.localStorage.setItem("LocalStorageTarget","This is set by the index.php page"); + window.sessionStorage.setItem("SessionStorageTarget","This is set by the index.php page"); + }catch(e){ + alert(e); + }; + </script><script type="text/javascript" src="./javascript/jQuery/jquery-1.7.2.js"></script><script type="text/javascript" src="./javascript/jQuery/jquery.balloon.js"></script>
\ No newline at end of file |