Hack My Site!

Discuss the many weaknesses of browser security and ways to mitigate the threat

Re: Hack My Site!

Post by 3vilp4wn on Sun Mar 10, 2013 11:42 am
([msg=74439]see Re: Hack My Site![/msg])

WallShadow wrote:1. article name doesn't filter out <>()''""; , that's why the articles are messed up right now bad. i couldn't figure out how to perform XSS with it, but someone more skilled probably could.


Fixed, it filters the string to alphanumeric-underscore-minus.

WallShadow wrote:2. server doesn't reply when sending an article with a hex encoded null byte in the name. it actually took me a while to realize this because when sending it, FF manually filtered %00 to %2500 for whatever reason.


Fixed, it filters the string to alphanumeric-underscore-minus.

WallShadow wrote:3. directory listing isn't disabled on the /articles/ directory, i'm guessing that it's not disabled at all anywhere, change it for future purposes.


That wasn't a problem, but I fixed it anyways! It redirects to "all articles" now.

WallShadow wrote:4. errors shown in viewarticle.php when an invalid article name is entered. there shouldn't be any php errors shown, just 'sorry, we had an error' and an error code, then store the real error in a log file, or simply check if the file exists first and say 'file does not exist'. the error also reveals the path to some stuff, don't do that.


Hrrrm, I'm not quite sure how to fix that, but I'll look into it. EDIT: Fixed.

WallShadow wrote:5. articles should have word break enabled inside them so that a long word doesn't go out of the box just like my ugly XSS attempt.


Hrrrm, I'm not quite sure how to fix that, but I'll look into it.

WallShadow wrote:6. finally, the chat box is waaaaaaaaaaaaaaaaaay too easy to spam.


I'll add a server-side timeout before it processes the chat request. EDIT: Fixed. Edit: Fixed better. Now it has a delay, and if the text you submit is empty, it doesn't post it.


Thanks for the help! :D
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Re: Hack My Site!

Post by WallShadow on Sun Mar 10, 2013 12:43 pm
([msg=74440]see Re: Hack My Site![/msg])

3vilp4wn wrote:
WallShadow wrote:5. articles should have word break enabled inside them so that a long word doesn't go out of the box just like my ugly XSS attempt.


Hrrrm, I'm not quite sure how to fix that, but I'll look into it.


because i've already dealt with this before, this was easy to find; you'll need to insert this into your CSS

Code: Select all
p {
    word-wrap: break-word;
}


apply it to whatever elements you want, i'm pretty sure <div> tags accept just as well as <p> tags. what it does is it converts an overly long word which goes out of bounds from

LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOONG

to

LOOOOOOOOOOOOO-
OOOOOOOOOOOOOO-
OOOOOOOOOONG

though browser support as i understand isn't perfect, it's the simplest solution for most browsers. other solutions are more complex requiring string parsing.
User avatar
WallShadow
Contributor
Contributor
 
Posts: 612
Joined: Tue Mar 06, 2012 9:37 pm
Blog: View Blog (0)


Re: Hack My Site!

Post by 3vilp4wn on Sun Mar 10, 2013 1:17 pm
([msg=74444]see Re: Hack My Site![/msg])

I'll try that, thanks!
Do not mistake understanding for realization, and do not mistake realization for liberation
Evil Ninja Hackers
???
٩(͡๏̯͡๏)۶

1A4EAMboaXpgvUSmtRbVRqbfJrbyuGhyoo
User avatar
3vilp4wn
Poster
Poster
 
Posts: 144
Joined: Sun Feb 10, 2013 2:05 am
Location: The darkness.
Blog: View Blog (0)


Previous

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests