So, my friend asked me to test his login/register system, well I don't know to SQL Inject so just try and out and see if you guys can get inside.
[url]https://vladstudio.biz/panel/[/url]
(There's nothing in there, just the login system. Really.)
there's no point of having
formhash(this.form[B], this.form.password[/B]);
all you need to do is send the password
Also don't hash it front-end wtf
you can just access it by doing
[code]function formhash(form) { var password = form.password.value; }[/code]
seeing that the id of password input is password. Are you sure it's ur friend and not you?
Other than that, did you found vulnerabilities on his system?
I told him about the front-end coding and he said, MEH-Whatevs... u.u
Yeah it is my friend but he lost his account passwd
So, yeah thanks Seenko_ for posting this. Yeah I'm open to suggestions. I want to make a secure login.
[QUOTE=Seenko_;45511470]Yeah it is my friend but he lost his account passwd[/QUOTE]
[QUOTE=jung3o;45511498][/QUOTE]
lol. I didn't loose my password ;-;
[QUOTE=jung3o;45511458]there's no point of having
formhash(this.form[B], this.form.password[/B]);
all you need to do is send the password
Also don't hash it front-end wtf
you can just access it by doing
[code]function formhash(form) { var password = form.password.value; }[/code]
seeing that the id of password input is password. Are you sure it's ur friend and not you?[/QUOTE]
hashing on the client is a theoretical security benefit, as long as you're doing some other hashing on the server to increase the time needed to process (which is a good thing). it stops people intercepting the packet with your login information in plaintext, even https doesn't supply the same protection if the attacker is spoofing certificates.
actually, all vb forums use clientside hashing. look at facepunch:
[t]http://up.nlan.org/b.png[/t]
I guess SSL is preventing my tools from completing a handshake with your server? Either way I'm getting this when I connect:
[img]http://puu.sh/asWuA/8acace3862.png[/img]
[QUOTE=Seenko_;45511358][url]https://vladstudio.biz/panel/[/url]
(There's nothing in there, just the login system. Really.)[/QUOTE]
Oh, really?
[URL]https://vladstudio.biz/stuff/[/URL]
take a look at this [url]https://detectify.com/[/url]
Just a heads up, that URL is [url=http://www.vladstudio.com/]a tad unfortunate[/url]
[QUOTE=WitheredGryphon;45512843]I guess SSL is preventing my tools from completing a handshake with your server? Either way I'm getting this when I connect:
[img]http://puu.sh/asWuA/8acace3862.png[/img][/QUOTE]
I'm a little confused because when I connect its completely fine, verified and yeah.
[IMG]http://puu.sh/atqbu/7206c90534.png[/IMG]
[editline]27th July 2014[/editline]
[QUOTE=DrTaxi;45514900]Just a heads up, that URL is [url=http://www.vladstudio.com/]a tad unfortunate[/url][/QUOTE]
Haha, yeah I know about it. I use this domain for my testing purposes and just fun. Didn't really care about the domain thus I bought this one.
It might be me but the .biz at the end of vladstudio.biz fits in very well. :)
[QUOTE=WitheredGryphon;45512843]I guess SSL is preventing my tools from completing a handshake with your server? Either way I'm getting this when I connect:
[img]http://puu.sh/asWuA/8acace3862.png[/img][/QUOTE]
Uhm, so, click the lock and see what's wrong with the certificate?
I did, just couldn't get a picture of it. It basically said "although your connection is encrypted some of the things used on the website are not secure."
[QUOTE=WitheredGryphon;45520634]I did, just couldn't get a picture of it. It basically said "although your connection is encrypted some of the things used on the website are not secure."[/QUOTE]
Dude, simply do CTRL + F5 and everything will be fine. If not something is wrong on your end.
[IMG]http://puu.sh/aukFz/fba2af6fc3.png[/IMG]
[QUOTE=WitheredGryphon;45520634]I did, just couldn't get a picture of it. It basically said "although your connection is encrypted some of the things used on the website are not secure."[/QUOTE]
The page or an extension may be including something like a javascript library using http rather than https.
[QUOTE=CBastard;45522312]The page or an extension may be including something like a javascript library using http rather than https.[/QUOTE]
Yeah it's working now. No idea why it wasn't working yesterday. Currently running tests on it.
[editline]Edited:[/editline]
I didn't pick up anything after a few thousand HTTP requests, I'll try through the provided POST data later.
Going to be a shill and recommend that you use [URL="http://laravel.com/"]laravel[/URL] with it's built in auth system or [URL="https://github.com/cartalyst/sentry"]Caralyst Sentry.[/URL] It's a lot less trouble than writing your own.
[QUOTE=Bushmaster030;45590817]Going to be a shill and recommend that you use [URL="http://laravel.com/"]laravel[/URL] with it's built in auth system or [URL="https://github.com/cartalyst/sentry"]Caralyst Sentry.[/URL] It's a lot less trouble than writing your own.[/QUOTE]
Wheres the fun in that?
[QUOTE=vladka24;45591762]Wheres the fun in that?[/QUOTE]
[I]Possibly[/I] not getting all your tables dropped.
[QUOTE=Bushmaster030;45594960][I]Possibly[/I] not getting all your tables dropped.[/QUOTE]
lolwut. There are user permissions to databases. You can disable from tables being dropped in the first place.
[QUOTE=vladka24;45604031]lolwut. There are user permissions to databases. You can disable from tables being dropped in the first place.[/QUOTE]
So you're saying SQL injections are okay as long as the drop permission is disabled?
I doubt you'll be handling user authentication without privileges such as insert, select, update, ect.
wait
why are you using xampp in production?
[url]https://vladstudio.biz/security[/url]
[QUOTE=Silentfood;45605929]wait
why are you using xampp in production?
[url]https://vladstudio.biz/security[/url][/QUOTE]
It's not in production?
Lol the things you see on my site are experimental.
[QUOTE=vladka24;45605982]It's not in production?
Lol the things you see on my site are experimental.[/QUOTE]
[url]https://vladstudio.biz/billing/[/url]
this is a live system, you have whmcs installed and you have an established ssl protocol running on it
[url]https://secure.vladstudio.biz/[/url]
and you are running it all under xampp which has a really bad track record for vulnerabilities. fuck, it even has a php file that executes code given in a get parameter. why you would remotely consider using it outside of development on lan is beyond me.
just install nginx, apache or [b]something other than xampp[/b]
[code]Warning: mysql_connect(): Access denied for user 'drpdeve_chat'@'localhost' (using password: YES) in /opt/lampp/htdocs/stuff/chat/includes/database/connect.db.php on line 9
SELECT command denied to user ''@'localhost' for table 'chat'
Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in /opt/lampp/htdocs/stuff/chat/includes/functions/chat.func.php on line [/code]
Dunno if I'm supposed to be able to see that.
Why inject when the details are given so freely.
[editline]6th August 2014[/editline]
Just use prepared statements and you don't even need to bother about people trying to inject, still need to be warey for xss and stuff though.
[QUOTE=mdeceiver79;45607683][code]Warning: [B]mysql_connect()[/B]: Access denied for user 'drpdeve_chat'@'localhost' (using password: YES) in /opt/lampp/htdocs/stuff/chat/includes/database/connect.db.php on line 9
SELECT command denied to user ''@'localhost' for table 'chat'
Warning: [B]mysql_fetch_assoc()[/B] expects parameter 1 to be resource, boolean given in /opt/lampp/htdocs/stuff/chat/includes/functions/chat.func.php on line [/code]
Dunno if I'm supposed to be able to see that.
Why inject when the details are given so freely.
[editline]6th August 2014[/editline]
Just use prepared statements and you don't even need to bother about people trying to inject, still need to be warey for xss and stuff though.[/QUOTE]
He can't really use prepared statements. He'd have to start using a non-deprecated way to connect, like mysqli or pdo.
[QUOTE=Coment;45607741]He can't really use prepared statements. He'd have to start using a non-deprecated way to connect, like mysqli or pdo.[/QUOTE]
Faster to learn and use pdo than write a bunch of stuff, then test for injection, then fix the mess someone makes when they find an exploit he couldn't.
[QUOTE=mdeceiver79;45607683][code]Warning: mysql_connect(): Access denied for user 'drpdeve_chat'@'localhost' (using password: YES) in /opt/lampp/htdocs/stuff/chat/includes/database/connect.db.php on line 9
SELECT command denied to user ''@'localhost' for table 'chat'
Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in /opt/lampp/htdocs/stuff/chat/includes/functions/chat.func.php on line [/code]
Dunno if I'm supposed to be able to see that.
Why inject when the details are given so freely.
[editline]6th August 2014[/editline]
Just use prepared statements and you don't even need to bother about people trying to inject, still need to be warey for xss and stuff though.[/QUOTE]
Oh, lol. Again in the stuff folder there are experimental scripts like the chat script. It's already broke, nothing to inject or to impress.
Plus it's so broken that table doesn't even exist. Also can't comment at least on my main concern the login system how secure it is?
[editline]6th August 2014[/editline]
[QUOTE=Silentfood;45607573][url]https://vladstudio.biz/billing/[/url]
this is a live system, you have whmcs installed and you have an established ssl protocol running on it
[url]https://secure.vladstudio.biz/[/url]
and you are running it all under xampp which has a really bad track record for vulnerabilities. fuck, it even has a php file that executes code given in a get parameter. why you would remotely consider using it outside of development on lan is beyond me.
just install nginx, apache or [b]something other than xampp[/b][/QUOTE]
Again I'm still playing around with how it WHMCS works. I couldn't get WHMCS to work on LAN so I'm testing it on my vps, it was too much a pain installing apache, php, etc and since xampp is perfect for testing that's why I choose it.
[QUOTE=vladka24;45609779]Oh, lol. Again in the stuff folder there are experimental scripts like the chat script. It's already broke, nothing to inject or to impress.
Plus it's so broken that table doesn't even exist. Also can't comment at least on my main concern the login system how secure it is?
[editline]6th August 2014[/editline]
Again I'm still playing around with how it WHMCS works. I couldn't get WHMCS to work on LAN so I'm testing it on my vps, it was too much a pain installing apache, php, etc and since xampp is perfect for testing that's why I choose it.[/QUOTE]
Don't construct a skyscraper on wooden foundation, because there will always be consequences.
- gandhi
It isn't hard to install Apache or nginx, you'll learn a lot from it too.
Sorry, you need to Log In to post a reply to this thread.
