ОС для хакера | автор: admin | 27 сентября 2015
Категория: Security
Наш сайт недавно подвергся взлому, были украдены базы данных с паролями и угнаны аккаунты на форуме. Возможно это сдувшиеся оппоненты решили таким образом доказать свою правоту.
Чтобы найти уязвимость, по которой могли взломать сайт, давайте просто введём в поиске "сканнеры sql linux"
Гугл нам выведет: sqlmap, nikto, w3af, owaswp zap и mysqloit. Mysqloit мы трогать не будем, он не обновлялся шесть лет.
SQLMAP - консоль, куча букв и никакой конкретики.
NIKTO
То же самое, куча букв и ни одного намёка на лаконичность.
OWASWP ZAP - тормозящее java-приложение, которое за 3 часа поиска так и ничего не нашло
W3AF
Установка:
aptitude install w3af
Без шуток:
Acunetix Web Vulnerability Scanner
Так какая ОС больше подойдёт хакеру ?
Прочитано 25972 раз и оставлено 6 комментариев.
Наш сайт недавно подвергся взлому, были украдены базы данных с паролями и угнаны аккаунты на форуме. Возможно это сдувшиеся оппоненты решили таким образом доказать свою правоту.
Чтобы найти уязвимость, по которой могли взломать сайт, давайте просто введём в поиске "сканнеры sql linux"
Гугл нам выведет: sqlmap, nikto, w3af, owaswp zap и mysqloit. Mysqloit мы трогать не будем, он не обновлялся шесть лет.
SQLMAP - консоль, куча букв и никакой конкретики.
Раскрыть
_
___ ___| |_____ ___ ___ {1.0-dev-nongit-20150920}
|_ -| . | | | .'| . |
|___|_ |_|_|_|_|__,| _|
|_| |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 14:55:38
[14:55:38] [WARNING] you've provided target URL without any GET parameters (e.g. www.site.com/article.php?id=1) and without providing any POST parameters through --data option
do you want to try URI injections in the target URL itself? [Y/n/q] y
[14:55:40] [INFO] testing connection to the target URL
sqlmap got a 301 redirect to '/forum/'. Do you want to follow? [Y/n] y
[14:55:42] [INFO] testing if the target URL is stable
[14:55:42] [WARNING] URI parameter '#1*' does not appear dynamic
[14:55:47] [WARNING] heuristic (basic) test shows that URI parameter '#1*' might not be injectable
[14:55:47] [INFO] testing for SQL injection on URI parameter '#1*'
[14:55:48] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[14:55:48] [WARNING] reflective value(s) found and filtering out
[14:56:02] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause'
[14:56:04] [INFO] URI parameter '#1*' seems to be 'OR boolean-based blind - WHERE or HAVING clause' injectable
[14:56:04] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[14:56:04] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[14:56:05] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[14:56:05] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[14:56:05] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[14:56:05] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[14:56:05] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[14:56:05] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE, HAVING clause (EXP)'
[14:56:05] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[14:56:06] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE, HAVING clause (BIGINT UNSIGNED)'
[14:56:06] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause'
[14:56:06] [INFO] testing 'MySQL >= 4.1 OR error-based - WHERE, HAVING clause'
[14:56:06] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause'
[14:56:06] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[14:56:06] [INFO] testing 'PostgreSQL OR error-based - WHERE or HAVING clause'
[14:56:06] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'
[14:56:07] [INFO] testing 'Microsoft SQL Server/Sybase OR error-based - WHERE or HAVING clause'
[14:56:07] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause (IN)'
[14:56:07] [INFO] testing 'Microsoft SQL Server/Sybase OR error-based - WHERE or HAVING clause (IN)'
[14:56:07] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'
[14:56:07] [INFO] testing 'Oracle OR error-based - WHERE or HAVING clause (XMLType)'
[14:56:07] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (UTL_INADDR.GET_HOST_ADDRESS)'
[14:56:08] [INFO] testing 'Oracle OR error-based - WHERE or HAVING clause (UTL_INADDR.GET_HOST_ADDRESS)'
[14:56:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (CTXSYS.DRITHSX.SN)'
[14:56:08] [INFO] testing 'Oracle OR error-based - WHERE or HAVING clause (CTXSYS.DRITHSX.SN)'
[14:56:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (DBMS_UTILITY.SQLID_TO_SQLHASH)'
[14:56:08] [INFO] testing 'Oracle OR error-based - WHERE or HAVING clause (DBMS_UTILITY.SQLID_TO_SQLHASH)'
[14:56:09] [INFO] testing 'Firebird AND error-based - WHERE or HAVING clause'
[14:56:09] [INFO] testing 'Firebird OR error-based - WHERE or HAVING clause'
[14:56:09] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
[14:56:09] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace'
[14:56:09] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
[14:56:09] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
[14:56:09] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)'
[14:56:09] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
[14:56:09] [INFO] testing 'PostgreSQL error-based - Parameter replace'
[14:56:09] [INFO] testing 'PostgreSQL error-based - Parameter replace (GENERATE_SERIES)'
[14:56:09] [INFO] testing 'Microsoft SQL Server/Sybase error-based - Parameter replace'
[14:56:09] [INFO] testing 'Microsoft SQL Server/Sybase error-based - Parameter replace (integer column)'
[14:56:09] [INFO] testing 'Oracle error-based - Parameter replace'
[14:56:09] [INFO] testing 'Firebird error-based - Parameter replace'
[14:56:09] [INFO] testing 'MySQL inline queries'
[14:56:09] [INFO] testing 'PostgreSQL inline queries'
[14:56:10] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[14:56:10] [INFO] testing 'Oracle inline queries'
[14:56:10] [INFO] testing 'SQLite inline queries'
[14:56:10] [INFO] testing 'Firebird inline queries'
[14:56:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT - comment)'
[14:56:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (SELECT)'
[14:56:10] [INFO] testing 'MySQL > 5.0.11 stacked queries (comment)'
[14:56:11] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[14:56:11] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query - comment)'
[14:56:11] [INFO] testing 'MySQL < 5.0.12 stacked queries (heavy query)'
[14:56:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries (comment)'
[14:56:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries'
[14:56:11] [INFO] testing 'PostgreSQL stacked queries (heavy query - comment)'
[14:56:11] [INFO] testing 'PostgreSQL stacked queries (heavy query)'
[14:56:11] [INFO] testing 'PostgreSQL < 8.2 stacked queries (Glibc - comment)'
[14:56:11] [INFO] testing 'PostgreSQL < 8.2 stacked queries (Glibc)'
[14:56:12] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries (comment)'
[14:56:12] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
[14:56:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE - comment)'
[14:56:12] [INFO] testing 'Oracle stacked queries (DBMS_PIPE.RECEIVE_MESSAGE)'
[14:56:12] [INFO] testing 'Oracle stacked queries (heavy query - comment)'
[14:56:12] [INFO] testing 'Oracle stacked queries (heavy query)'
[14:56:12] [INFO] testing 'Oracle stacked queries (DBMS_LOCK.SLEEP - comment)'
[14:56:12] [INFO] testing 'Oracle stacked queries (DBMS_LOCK.SLEEP)'
[14:56:12] [INFO] testing 'Oracle stacked queries (USER_LOCK.SLEEP - comment)'
[14:56:13] [INFO] testing 'Oracle stacked queries (USER_LOCK.SLEEP)'
[14:56:13] [INFO] testing 'IBM DB2 stacked queries (heavy query - comment)'
[14:56:13] [INFO] testing 'IBM DB2 stacked queries (heavy query)'
[14:56:13] [INFO] testing 'SQLite > 2.0 stacked queries (heavy query - comment)'
[14:56:13] [INFO] testing 'SQLite > 2.0 stacked queries (heavy query)'
[14:56:13] [INFO] testing 'Firebird stacked queries (heavy query - comment)'
[14:56:13] [INFO] testing 'Firebird stacked queries (heavy query)'
[14:56:13] [INFO] testing 'SAP MaxDB stacked queries (heavy query - comment)'
[14:56:13] [INFO] testing 'SAP MaxDB stacked queries (heavy query)'
[14:56:14] [INFO] testing 'HSQLDB >= 1.7.2 stacked queries (heavy query - comment)'
[14:56:14] [INFO] testing 'HSQLDB >= 1.7.2 stacked queries (heavy query)'
[14:56:14] [INFO] testing 'HSQLDB >= 2.0 stacked queries (heavy query - comment)'
[14:56:14] [INFO] testing 'HSQLDB >= 2.0 stacked queries (heavy query)'
[14:56:14] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT)'
[14:56:14] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT)'
[14:56:14] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SELECT - comment)'
[14:56:14] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SELECT - comment)'
[14:56:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind'
[14:56:15] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind'
[14:56:15] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (comment)'
[14:56:15] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (comment)'
[14:56:15] [INFO] testing 'MySQL <= 5.0.11 AND time-based blind (heavy query)'
[14:56:15] [INFO] testing 'MySQL <= 5.0.11 OR time-based blind (heavy query)'
[14:56:15] [INFO] testing 'MySQL <= 5.0.11 AND time-based blind (heavy query - comment)'
[14:56:15] [INFO] testing 'MySQL <= 5.0.11 OR time-based blind (heavy query - comment)'
[14:56:16] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (SELECT)'
[14:56:16] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (SELECT - comment)'
[14:56:16] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind'
[14:56:16] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (comment)'
[14:56:16] [INFO] testing 'MySQL AND time-based blind (ELT)'
[14:56:16] [INFO] testing 'MySQL OR time-based blind (ELT)'
[14:56:16] [INFO] testing 'MySQL AND time-based blind (ELT - comment)'
[14:56:16] [INFO] testing 'MySQL OR time-based blind (ELT - comment)'
[14:56:17] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'
[14:56:17] [INFO] testing 'PostgreSQL > 8.1 OR time-based blind'
[14:56:17] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind (comment)'
[14:56:17] [INFO] testing 'PostgreSQL > 8.1 OR time-based blind (comment)'
[14:56:17] [INFO] testing 'PostgreSQL AND time-based blind (heavy query)'
[14:56:17] [INFO] testing 'PostgreSQL OR time-based blind (heavy query)'
[14:56:17] [INFO] testing 'PostgreSQL AND time-based blind (heavy query - comment)'
[14:56:17] [INFO] testing 'PostgreSQL OR time-based blind (heavy query - comment)'
[14:56:18] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'
[14:56:18] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind (comment)'
[14:56:18] [INFO] testing 'Microsoft SQL Server/Sybase AND time-based blind (heavy query)'
[14:56:18] [INFO] testing 'Microsoft SQL Server/Sybase OR time-based blind (heavy query)'
[14:56:18] [INFO] testing 'Microsoft SQL Server/Sybase AND time-based blind (heavy query - comment)'
[14:56:18] [INFO] testing 'Microsoft SQL Server/Sybase OR time-based blind (heavy query - comment)'
[14:56:18] [INFO] testing 'Oracle AND time-based blind'
[14:56:19] [INFO] testing 'Oracle OR time-based blind'
[14:56:19] [INFO] testing 'Oracle AND time-based blind (comment)'
[14:56:19] [INFO] testing 'Oracle OR time-based blind (comment)'
[14:56:19] [INFO] testing 'Oracle AND time-based blind (heavy query)'
[14:56:19] [INFO] testing 'Oracle OR time-based blind (heavy query)'
[14:56:19] [INFO] testing 'Oracle AND time-based blind (heavy query - comment)'
[14:56:19] [INFO] testing 'Oracle OR time-based blind (heavy query - comment)'
[14:56:19] [INFO] testing 'IBM DB2 AND time-based blind (heavy query)'
[14:56:20] [INFO] testing 'IBM DB2 OR time-based blind (heavy query)'
[14:56:20] [INFO] testing 'IBM DB2 AND time-based blind (heavy query - comment)'
[14:56:20] [INFO] testing 'IBM DB2 OR time-based blind (heavy query - comment)'
[14:56:20] [INFO] testing 'SQLite > 2.0 AND time-based blind (heavy query)'
[14:56:20] [INFO] testing 'SQLite > 2.0 OR time-based blind (heavy query)'
[14:56:20] [INFO] testing 'SQLite > 2.0 AND time-based blind (heavy query - comment)'
[14:56:20] [INFO] testing 'SQLite > 2.0 OR time-based blind (heavy query - comment)'
[14:56:20] [INFO] testing 'Firebird >= 2.0 AND time-based blind (heavy query)'
[14:56:20] [INFO] testing 'Firebird >= 2.0 OR time-based blind (heavy query)'
[14:56:20] [INFO] testing 'Firebird >= 2.0 AND time-based blind (heavy query - comment)'
[14:56:20] [INFO] testing 'Firebird >= 2.0 OR time-based blind (heavy query - comment)'
[14:56:20] [INFO] testing 'SAP MaxDB AND time-based blind (heavy query)'
[14:56:21] [INFO] testing 'SAP MaxDB OR time-based blind (heavy query)'
[14:56:21] [INFO] testing 'SAP MaxDB AND time-based blind (heavy query - comment)'
[14:56:21] [INFO] testing 'SAP MaxDB OR time-based blind (heavy query - comment)'
[14:56:21] [INFO] testing 'HSQLDB >= 1.7.2 AND time-based blind (heavy query)'
[14:56:21] [INFO] testing 'HSQLDB >= 1.7.2 OR time-based blind (heavy query)'
[14:56:21] [INFO] testing 'HSQLDB >= 1.7.2 AND time-based blind (heavy query - comment)'
[14:56:21] [INFO] testing 'HSQLDB >= 1.7.2 OR time-based blind (heavy query - comment)'
[14:56:21] [INFO] testing 'HSQLDB > 2.0 AND time-based blind (heavy query)'
[14:56:22] [INFO] testing 'HSQLDB > 2.0 OR time-based blind (heavy query)'
[14:56:22] [INFO] testing 'HSQLDB > 2.0 AND time-based blind (heavy query - comment)'
[14:56:22] [INFO] testing 'HSQLDB > 2.0 OR time-based blind (heavy query - comment)'
[14:56:22] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[14:56:22] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query - comment) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[14:56:22] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace'
[14:56:22] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace (SELECT)'
[14:56:22] [INFO] testing 'MySQL <= 5.0.11 time-based blind - Parameter replace (heavy queries)'
[14:56:22] [INFO] testing 'MySQL time-based blind - Parameter replace (bool)'
[14:56:22] [INFO] testing 'MySQL time-based blind - Parameter replace (ELT)'
[14:56:22] [INFO] testing 'MySQL time-based blind - Parameter replace (MAKE_SET)'
[14:56:22] [INFO] testing 'PostgreSQL > 8.1 time-based blind - Parameter replace'
[14:56:22] [INFO] testing 'PostgreSQL time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind - Parameter replace'
[14:56:22] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind - Parameter replace (heavy queries)'
[14:56:22] [INFO] testing 'Oracle time-based blind - Parameter replace (DBMS_LOCK.SLEEP)'
[14:56:22] [INFO] testing 'Oracle time-based blind - Parameter replace (DBMS_PIPE.RECEIVE_MESSAGE)'
[14:56:22] [INFO] testing 'Oracle time-based blind - Parameter replace (heavy queries)'
[14:56:22] [INFO] testing 'SQLite > 2.0 time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'Firebird time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'SAP MaxDB time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'IBM DB2 time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'HSQLDB >= 1.7.2 time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'HSQLDB > 2.0 time-based blind - Parameter replace (heavy query)'
[14:56:22] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[14:56:22] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[14:56:22] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[14:56:26] [INFO] testing 'Generic UNION query (random number) - 1 to 20 columns'
[14:56:27] [INFO] ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[14:56:28] [INFO] target URL appears to have 28 columns in query
[14:56:28] [WARNING] applying generic concatenation with double pipes ('||')
[14:56:37] [WARNING] if UNION based SQL injection is not detected, please consider and/or try to force the back-end DBMS (e.g. '--dbms=mysql')
[14:56:37] [INFO] testing 'Generic UNION query (NULL) - 22 to 40 columns'
[14:56:40] [INFO] testing 'Generic UNION query (random number) - 22 to 40 columns'
[14:56:45] [INFO] testing 'Generic UNION query (NULL) - 42 to 60 columns'
[14:56:46] [INFO] testing 'Generic UNION query (random number) - 42 to 60 columns'
[14:56:48] [INFO] testing 'Generic UNION query (NULL) - 62 to 80 columns'
[14:56:48] [INFO] testing 'Generic UNION query (random number) - 62 to 80 columns'
[14:56:49] [INFO] testing 'Generic UNION query (NULL) - 82 to 100 columns'
[14:56:49] [INFO] testing 'Generic UNION query (random number) - 82 to 100 columns'
[14:56:50] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
injection not exploitable with NULL values. Do you want to try with a random integer value for option '--union-char'? [Y/n] y
[14:57:16] [WARNING] if UNION based SQL injection is not detected, please consider forcing the back-end DBMS (e.g. '--dbms=mysql')
[14:57:16] [INFO] testing 'MySQL UNION query (32) - 22 to 40 columns'
[14:57:20] [INFO] testing 'MySQL UNION query (32) - 42 to 60 columns'
[14:57:24] [WARNING] user aborted during detection phase
how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit] q
NIKTO
То же самое, куча букв и ни одного намёка на лаконичность.
Раскрыть
perl nikto.pl -h /forum
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 127.0.0.1
+ Target Hostname: stoplinux.org.ru
+ Target Port: 80
+ Start Time: 2015-09-27 15:07:14 (GMT3)
---------------------------------------------------------------------------
+ Server: Apache/2.4.10 (Debian)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Cookie PHPSESSID created without the httponly flag
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server leaks inodes via ETags, header found with file /forum/robots.txt, fields: 0xbb 0x51bddbad81900
+ "robots.txt" contains 12 entries which should be manually viewed.
+ Apache/2.4.10 appears to be outdated (current is at least Apache/2.4.16). Apache 2.2.31 is also current for the 2.x branch.
+ Web Server returns a valid response with junk HTTP methods, this may cause false positives.
+ DEBUG HTTP verb may show server debugging information. See http://msdn.microsoft.com/en-us/library/e8z01xdh%28VS.80%29.aspx for details.
+ /forum/servlet/webacc?User.html=noexist: Netware web access may reveal full path of the web server. Apply vendor patch or upgrade.
+ Uncommon header 'union all select filetoclob('/etc/passwd','server')' found, with contents: :html,0 FROM sysusers WHERE username=USER --/.html HTTP/1.1 404 Not Found
+ OSVDB-7501: /forum/themes/mambosimple.php?detection=detected&sitename=</title><script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7505: /forum/emailfriend/emailnews.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7504: /forum/emailfriend/emailfaq.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7503: /forum/emailfriend/emailarticle.php?id=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/administrator/upload.php?newbanner=1&choice=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7495: /forum/administrator/popups/sectionswindow.php?type=web&link=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7498: /forum/administrator/gallery/view.php?path=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7499: /forum/administrator/gallery/uploadimage.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7497: /forum/administrator/gallery/navigation.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7496: /forum/administrator/gallery/gallery.php?directory=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/https-admserv/bin/index?/<script>alert(document.cookie)</script>: Sun ONE Web Server 6.1 administration control is vulnerable to XSS attacks.
+ OSVDB-2876: /forum/clusterframe.jsp?cluster=<script>alert(document.cookie)</script>: Macromedia JRun 4.x JMC Interface, clusterframe.jsp file is vulnerable to a XSS attack.
+ /forum/upload.php?type=\"<script>alert(document.cookie)</script>: Mambo PHP Portal/Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4619: /forum/soinfo.php?\"><script>alert('Vulnerable')</script>: The PHP script soinfo.php is vulnerable to Cross Site Scripting. Set expose_php = Off in php.ini.
+ /forum/servlet/MsgPage?action=test&msg=<script>alert('Vulnerable')</script>: NetDetector 3.0 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/servlet/org.apache.catalina.ContainerServlet/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/servlet/org.apache.catalina.Context/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/servlet/org.apache.catalina.Globals/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/servlet/org.apache.catalina.servlets.WebdavStatus/<script>alert('Vulnerable')</script>: Apache-Tomcat is vulnerable to Cross Site Scripting (XSS) by invoking java classes. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/servlets/MsgPage?action=badlogin&msg=<script>alert('Vulnerable')</script>: The NetDetector install is vulnerable to Cross Site Scripting (XSS) in its invalid login message. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/admin/sh_taskframes.asp?Title=Configuraci%C3%B3n%20de%20registro%20Web&URL=MasterSettings/Web_LogSettings.asp?tab1=TabsWebServer%26tab2=TabsWebLogSettings%26__SAPageKey=5742D5874845934A134CD05F39C63240&ReturnURL=\"><script>alert(document.cookie)</script>: IIS 6 on Windows 2003 is vulnerable to Cross Site Scripting (XSS) in certain error messages. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-17665: /forum/SiteServer/Knowledge/Default.asp?ctr=\"><script>alert('Vulnerable')</script>: Site Server is vulnerable to Cross Site Scripting
+ OSVDB-17666: /forum/_mem_bin/formslogin.asp?\"><script>alert('Vulnerable')</script>: Site Server is vulnerable to Cross Site Scripting
+ /forum/nosuchurl/><script>alert('Vulnerable')</script>: JEUS is vulnerable to Cross Site Scripting (XSS) when requesting non-existing JSP pages. http://securitytracker.com/alerts/2003/Jun/1007004.html
+ OSVDB-3624: /forum/webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>: Webcalendar 0.9.42 and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/~/<script>alert('Vulnerable')</script>.aspx?aspxerrorpath=null: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
+ /forum/~/<script>alert('Vulnerable')</script>.aspx: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
+ /forum/~/<script>alert('Vulnerable')</script>.asp: Cross site scripting (XSS) is allowed with .asp file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html
+ /forum/catinfo?<u><b>TESTING: The Interscan Viruswall catinfo script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/user.php?op=userinfo&uname=<script>alert('hi');</script>: The PHP-Nuke installation is vulnerable to Cross Site Scripting (XSS). Update to versions above 5.3.1. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-41361: /forum/templates/form_header.php?noticemsg=<script>javascript:alert(document.cookie)</script>: MyMarket 1.71 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-9238: /forum/supporter/index.php?t=updateticketlog&id=<script><script>alert('Vulnerable')</script></script>: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-9238: /forum/supporter/index.php?t=tickettime&id=<script><script>alert('Vulnerable')</script></script>: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-9238: /forum/supporter/index.php?t=ticketfiles&id=<script><script>alert('Vulnerable')</script></script>: MyHelpdesk from http://myhelpdesk.sourceforge.net/ versions v20020509 and older are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/sunshop.index.php?action=storenew&username=<script>alert('Vulnerable')</script>: SunShop is vulnerable to Cross Site Scripting (XSS) in the signup page. CA-200-02.
+ OSVDB-20232: /forum/submit.php?subject=<script>alert('Vulnerable')</script>&story=<script>alert('Vulnerable')</script>&storyext=<script>alert('Vulnerable')</script>&op=Preview: This install of PHP-Nuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-27097: /forum/ss000007.pl?PRODREF=<script>alert('Vulnerable')</script>: Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5049: /forum/setup.exe?<script>alert('Vulnerable')</script>&page=list_users&user=P: CiscoSecure ACS v3.0(1) Build 40 allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2689: /forum/servlet/ContentServer?pagename=<script>alert('Vulnerable')</script>: Open Market Inc. ContentServer is vulnerable to Cross Site Scripting (XSS) in the login-error page. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/search.asp?term=<%00script>alert('Vulnerable')</script>: ASP.Net 1.1 may allow Cross Site Scripting (XSS) in error pages (only some browsers will render this). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/samples/search.dll?query=<script>alert(document.cookie)</script>&logic=AND: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/replymsg.php?send=1&destin=<script>alert('Vulnerable')</script>: This version of PHP-Nuke's replymsg.php is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4599: /forum/pm_buddy_list.asp?name=A&desc=B%22%3E<script>alert('Vulnerable')</script>%3Ca%20s=%22&code=1: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/phpwebsite/index.php?module=search&SEA_search_op=continue&PDA_limit=10\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/phpwebsite/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=10\"><script>alert('Vulnerable')</script>&MMN_position=[X:X]: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/phpwebsite/index.php?module=fatcat&fatcat[user]=viewCategory&fatcat_id=1%00+\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/phpwebsite/index.php?module=calendar&calendar[view]=day&month=2&year=2003&day=1+%00\"><script>alert('Vulnerable')</script>: phpWebSite 0.9.x and below are vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-59093: /forum/phptonuke.php?filnavn=<script>alert('Vulnerable')</script>: PHP-Nuke add-on PHPToNuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-32774: /forum/phpinfo.php?VARIABLE=<script>alert('Vulnerable')</script>: Contains PHP configuration information and is vulnerable to Cross Site Scripting (XSS).
+ OSVDB-32774: /forum/phpinfo.php3?VARIABLE=<script>alert('Vulnerable')</script>: Contains PHP configuration information and is vulnerable to Cross Site Scripting (XSS).
+ OSVDB-2193: /forum/phpBB/viewtopic.php?topic_id=<script>alert('Vulnerable')</script>: phpBB is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4297: /forum/phpBB/viewtopic.php?t=17071&highlight=\">\"<script>javascript:alert(document.cookie)</script>: phpBB is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-11145: /forum/phorum/admin/header.php?GLOBALS[message]=<script>alert('Vulnerable')</script>: Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-11144: /forum/phorum/admin/footer.php?GLOBALS[message]=<script>alert('Vulnerable')</script>: Phorum 3.3.2a and below from phorum.org is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/Page/1,10966,,00.html?var=<script>alert('Vulnerable')</script>: Vignette server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html. Upgrade to the latest version.
+ /forum/node/view/666\"><script>alert(document.domain)</script>: Drupal 4.2.0 RC is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5106: /forum/netutils/whodata.stm?sitename=<script>alert(document.cookie)</script>: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/nav/cList.php?root=</script><script>alert('Vulnerable')/<script>: RaQ3 server script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/myhome.php?action=messages&box=<script>alert('Vulnerable')</script>: OpenBB 1.0.0 RC3 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/msadm/user/login.php3?account_name=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site User login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/msadm/site/index.php3?authid=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site Administrator Login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/msadm/domain/index.php3?account_name=\"><script>alert('Vulnerable')</script>: The Sendmail Server Site Domain Administrator login is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-50539: /forum/modules/Submit/index.php?op=pre&title=<script>alert(document.cookie);</script>: Basit cms 1.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules/Forums/bb_smilies.php?site_font=}--></style><script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules/Forums/bb_smilies.php?name=<script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules/Forums/bb_smilies.php?Default_Theme=<script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules/Forums/bb_smilies.php?bgcolor1=\"><script>alert('Vulnerable')</script>: PHP-Nuke 6.0 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?op=modload&name=Xforum&file=member&action=viewpro&member=<script>alert('Vulnerable')</script>: The XForum (PHP-Nuke Add-on module) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?op=modload&name=Xforum&file=<script>alert('Vulnerable')</script>&fid=2: The XForum (PHP-Nuke Add-on module) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5498: /forum/modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert('Vulnerable')</script>: Wiki PostNuke Module is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?op=modload&name=WebChat&file=index&roomid=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?op=modload&name=Members_List&file=index&letter=<script>alert('Vulnerable')</script>: This install of PHP-Nuke's modules.php is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?op=modload&name=Guestbook&file=index&entry=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-20235: /forum/modules.php?op=modload&name=DMOZGateway&file=index&topic=<script>alert('Vulnerable')</script>: The DMOZGateway (PHP-Nuke Add-on module) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?name=Your_Account&op=userinfo&username=bla<script>alert(document.cookie)</script>: Francisco Burzi PHP-Nuke 5.6, 6.0, 6.5 RC1/RC2/RC3, 6.5 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?name=Your_Account&op=userinfo&uname=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?name=Surveys&pollID=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-6226: /forum/modules.php?name=Stories_Archive&sa=show_month&year=<script>alert('Vulnerable')</script>&month=3&month_l=test: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-6226: /forum/modules.php?name=Stories_Archive&sa=show_month&year=2002&month=03&month_l=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5914: /forum/modules.php?name=Downloads&d_op=viewdownloaddetails&lid=02&ttitle=<script>alert('Vulnerable')</script>: This install of PHP-Nuke is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/modules.php?name=Classifieds&op=ViewAds&id_subcatg=75&id_catg=<script>alert('Vulnerable')</script>: The PHP-Nuke forum is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-3201: /forum/megabook/admin.cgi?login=<script>alert('Vulnerable')</script>: Megabook guestbook is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/mailman/listinfo/<script>alert('Vulnerable')</script>: Mailman is vulnerable to Cross Site Scripting (XSS). Upgrade to version 2.0.8 to fix. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-9256: /forum/launch.jsp?NFuse_Application=<script>alert('Vulnerable')</script>: NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-9257: /forum/launch.asp?NFuse_Application=<script>alert('Vulnerable')</script>: NFuse is vulnerable to cross site scripting (XSS) in the GetLastError function. Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-5803: /forum/isapi/testisa.dll?check1=<script>alert(document.cookie)</script>: Sambar Server default script is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>: myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script>: myphpnuke version 1.8.8_final_7 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/html/cgi-bin/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2322: /forum/gallery/search.php?searchstring=<script>alert(document.cookie)</script>: Gallery 1.3.4 and below is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.securityfocus.com/bid/8288.
+ OSVDB-20234: /forum/friend.php?op=SiteSent&fname=<script>alert('Vulnerable')</script>: This version of PHP-Nuke's friend.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-31694: /forum/forums/index.php?board=;action=login2&user=USERNAME&cookielength=120&passwrd=PASSWORD<script>alert('Vulnerable')</script>: YaBB is vulnerable to Cross Site Scripting (XSS) in the password field of the login page. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-9231: /forum/error/500error.jsp?et=1<script>alert('Vulnerable')</script>;: Macromedia Sitespring 1.2.0(277.1) on Windows 2000 is vulnerable to Cross Site Scripting (XSS) in the error pages. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/download.php?sortby=&dcategory=<script>alert('Vulnerable')</script>: This version of PHP-Nuke's download.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/comments.php?subject=<script>alert('Vulnerable')</script>&comment=<script>alert('Vulnerable')</script>&pid=0&sid=0&mode=&order=&thold=op=Preview: This version of PHP-Nuke's comments.php is vulnerable to Cross Site Scripting (XSS). Upgrade to the latest version. http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-50619: /forum/cleartrust/ct_logon.asp?CTLoginErrorMsg=<script>alert(1)</script>: RSA ClearTrust allows Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-651: /forum/cgi-local/cgiemail-1.6/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-651: /forum/cgi-local/cgiemail-1.4/cgicso?query=<script>alert('Vulnerable')</script>: This CGI is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-7022: /forum/calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05: DCP-Portal v5.3.1 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-27096: /forum/ca000007.pl?ACTION=SHOWCART&REFPAGE=\"><script>alert('Vulnerable')</script>: Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-27097: /forum/ca000001.pl?ACTION=SHOWCART&hop=\"><script>alert('Vulnerable')</script>&PATH=acatalog%2f: Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-27095: /forum/bb000001.pl<script>alert('Vulnerable')</script>: Actinic E-Commerce services is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ Uncommon header 'src=javascript' found, with contents: alert('Vulnerable')><Img Src=\" HTTP/1.1 404 Not Found
+ /forum/article.cfm?id=1'<script>alert(document.cookie);</script>: With malformed URLs, ColdFusion is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-4765: /forum/apps/web/vs_diag.cgi?server=<script>alert('Vulnerable')</script>: Zeus 4.2r2 (webadmin-4.2r2) is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2243: /forum/addressbook/index.php?surname=<script>alert('Vulnerable')</script>: Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ OSVDB-2243: /forum/addressbook/index.php?name=<script>alert('Vulnerable')</script>: Phpgroupware 0.9.14.003 is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/add.php3?url=ja&adurl=javascript:<script>alert('Vulnerable')</script>: 1.1 http://www.sugarfreenet.com/ is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/a?<script>alert('Vulnerable')</script>: Server is vulnerable to Cross Site Scripting (XSS) in the error message if code is passed in the query-string. This may be a Null HTTPd server.
+ OSVDB-54589: /forum/a.jsp/<script>alert('Vulnerable')</script>: JServ is vulnerable to Cross Site Scripting (XSS) when a non-existent JSP file is requested. Upgrade to the latest version of JServ. http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/<script>alert('Vulnerable')</script>.thtml: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/<script>alert('Vulnerable')</script>.shtml: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/<script>alert('Vulnerable')</script>.jsp: Server is vulnerable to Cross Site Scripting (XSS). http://www.cert.org/advisories/CA-2000-02.html.
+ /forum/<script>alert('Vulnerable')</script>.aspx: Cross site scripting (XSS) is allowed with .aspx file requests (may be Microsoft .net). http://www.cert.org/advisories/CA-2000-02.html.
OWASWP ZAP - тормозящее java-приложение, которое за 3 часа поиска так и ничего не нашло
W3AF
Установка:
aptitude install w3af
Без шуток:
А теперь поищем подобные программы под Win.
Acunetix Web Vulnerability Scanner
Так какая ОС больше подойдёт хакеру ?
ВНИМАНИЕ !
Возможно что-то уже неактуально. Обращайте внимание на даты !
Эта статья опубликована 27 сентября 2015-го года !
Прочитано 25972 раз и оставлено 6 комментариев.
#1.