Archive for the ‘Information’ Tag

Subversion a security risk?

Subversion allows users to keep track of changes made to source code. It’s very handy and many developers use it everyday, like me.

Some websites have a svn checkout in their public web folder to make faster updates if code change.

Letting the cat out of the bag right now: If the webserver has directory listening on, it’s easy to spy parts of your website.
If you take a closer look to the structure of Subversion you will notice that Subversion creates on every folder a subfolder called “.svn” with some files.

A example is a webshop which uses Subversion on the web server.

The start site of the webshop

Continue reading

Advertisements

Pixy: XSS and SQLI Scanner for PHP Programs

Pixy is a free Java program that performs automatic scans of PHP 4 source code, aimed at the detection of Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities. Pixy takes a PHP program as input, and creates a report that lists possible vulnerable points in the program, together with additional information for understanding the vulnerability.

There is also a easy to use webinterface where you can upload your files or paste the code to analyse it.

http://pixybox.seclab.tuwien.ac.at/pixy/webinterface.php

Is this application written in php or not?

Some sites use mod-rewrite or change .php extensions to .html extensions with .htaccess to hide the information that the application is written with php.

But it’s really easy to find out if it’s written with php, because there is an Easter egg in php. If you send a special string to any php site, the browser generates a php logo or a dog as image.

Continue reading

Keep sensitive data out of your web tree

A web server’s document structure resembles this:

/htdocs
    /include
        config.inc
    index.php

If you store sensitive data like configuration files, everyone can point
the browser to http://example.com/include/config.inc and read it.

Continue reading